Sortix cross-nightly manual
This manual documents Sortix cross-nightly. You can instead view this document in the latest official manual.
NAME
X509_get_extension_flags, X509_get_key_usage, X509_get_extended_key_usage — retrieve certificate extension dataSYNOPSIS
#include <openssl/x509v3.h>X509_get_extension_flags(X509 *x);
X509_get_key_usage(X509 *x);
X509_get_extended_key_usage(X509 *x);
DESCRIPTION
These functions retrieve information related to commonly used certificate extensions.- EXFLAG_V1
- The certificate is an obsolete version 1 certificate.
- EXFLAG_BCONS
- The certificate contains a basic constraints extension.
- EXFLAG_CA
- The certificate contains basic constraints and asserts the CA flag.
- EXFLAG_PROXY
- The certificate is a valid proxy certificate. In LibreSSL this flag is never set.
- EXFLAG_SI
- The certificate is self issued (that is subject and issuer names match).
- EXFLAG_SS
- The subject and issuer names match and extension values imply it is self signed.
- EXFLAG_FRESHEST
- The freshest CRL extension is present in the certificate.
- EXFLAG_CRITICAL
- The certificate contains an unhandled critical extension.
- EXFLAG_INVALID
- Some certificate extension values are invalid or inconsistent. The certificate should be rejected. This bit may also be raised after an out-of-memory error while processing the X509 object, so it may not be related to the processed ASN1 object itself.
- EXFLAG_INVALID_POLICY
- The NID_certificate_policies certificate extension is invalid or inconsistent. The certificate should be rejected. This bit may also be raised after an out-of-memory error while processing the X509 object, so it may not be related to the processed ASN1 object itself.
- EXFLAG_KUSAGE
- The certificate contains a key usage extension. The value can be retrieved using X509_get_key_usage().
- EXFLAG_XKUSAGE
- The certificate contains an extended key usage extension. The value can be retrieved using X509_get_extended_key_usage().