Sortix nightly manual
This manual documents Sortix nightly, a development build that has not been officially released. You can instead view this document in the latest official manual.
X509_GET_PUBKEY(3) | Library Functions Manual | X509_GET_PUBKEY(3) |
NAME
X509_get_pubkey
,
X509_get0_pubkey
,
X509_set_pubkey
,
X509_get_X509_PUBKEY
,
X509_get0_pubkey_bitstr
,
X509_REQ_get_pubkey
,
X509_REQ_get0_pubkey
,
X509_REQ_set_pubkey
,
X509_extract_key
,
X509_REQ_extract_key
—
get or set certificate or certificate request public
key
SYNOPSIS
#include
<openssl/x509.h>
EVP_PKEY *
X509_get_pubkey
(X509
*x);
EVP_PKEY *
X509_get0_pubkey
(const
X509 *x);
int
X509_set_pubkey
(X509
*x, EVP_PKEY *pkey);
X509_PUBKEY *
X509_get_X509_PUBKEY
(const
X509 *x);
ASN1_BIT_STRING *
X509_get0_pubkey_bitstr
(const
X509 *x);
EVP_PKEY *
X509_REQ_get_pubkey
(X509_REQ
*req);
EVP_PKEY *
X509_REQ_get0_pubkey
(X509_REQ
*req);
int
X509_REQ_set_pubkey
(X509_REQ
*x, EVP_PKEY *pkey);
EVP_PKEY *
X509_extract_key
(X509
*x);
EVP_PKEY *
X509_REQ_extract_key
(X509_REQ
*req);
DESCRIPTION
X509_get_pubkey
() attempts to decode the
public key for certificate x. If successful,
it returns the public key as an EVP_PKEY
pointer with its reference count incremented: this means the returned key must
be freed up after use. X509_get0_pubkey
()
is similar except that it does not increment the reference count of the
returned EVP_PKEY, so it must not be freed up
after use.
X509_get_X509_PUBKEY
() returns an internal
pointer to the SubjectPublicKeyInfo structure
contained in x. The returned value must not
be freed up after use.
X509_get0_pubkey_bitstr
() returns an internal
pointer to just the public key contained in this
SubjectPublicKeyInfo structure, without the
information about the algorithm used.
X509_set_pubkey
() attempts to set the public
key for certificate x to
pkey. The key
pkey should be freed up after use.
X509_REQ_get_pubkey
(),
X509_REQ_get0_pubkey
(), and
X509_REQ_set_pubkey
() are similar but
operate on certificate request req.
The first time a public key is decoded, the
EVP_PKEY structure is cached in the
certificate or certificate request itself. Subsequent calls return the cached
structure with its reference count incremented to improve performance.
X509_extract_key
() and
X509_REQ_extract_key
() are deprecated
aliases for X509_get_pubkey
() and
X509_REQ_get_pubkey
(), respectively,
implemented as macros.
RETURN VALUES
X509_get_pubkey
(),
X509_get0_pubkey
(),
X509_get_X509_PUBKEY
(),
X509_get0_pubkey_bitstr
(),
X509_REQ_get_pubkey
(),
X509_REQ_get0_pubkey
(),
X509_extract_key
(), and
X509_REQ_extract_key
() return a public key
or NULL
if an error occurred.
X509_set_pubkey
() and
X509_REQ_set_pubkey
() return 1 for success
or 0 for failure.
In some cases of failure of
X509_get0_pubkey
(),
X509_set_pubkey
(),
X509_REQ_get_pubkey
(),
X509_REQ_get0_pubkey
(), and
X509_REQ_set_pubkey
(), the reason can be
determined with
ERR_get_error(3).
ERRORS
X509_get_pubkey
(),
X509_get0_pubkey
(),
X509_REQ_get_pubkey
(),
X509_extract_key
(), and
X509_REQ_extract_key
() provide diagnostics
as documented for
X509_PUBKEY_get(3).
If x or req
is NULL
or contains no certificate
information, they fail without pushing an error onto the stack.
X509_get_X509_PUBKEY
() provides no
diagnostics and crashes by accessing a NULL
pointer if x is
NULL
or contains no certificate
information,
X509_get0_pubkey_bitstr
() provides no
diagnostics and fails without pushing an error onto the stack if
x is NULL
,
but it crashes by accessing a NULL
pointer
if x contains no certificate information.
SEE ALSO
d2i_X509(3), X509_CRL_get0_by_serial(3), X509_NAME_add_entry_by_txt(3), X509_NAME_ENTRY_get_object(3), X509_NAME_get_index_by_NID(3), X509_NAME_print_ex(3), X509_new(3), X509_PUBKEY_new(3), X509_REQ_new(3), X509_sign(3), X509_verify_cert(3), X509V3_get_d2i(3)STANDARDS
RFC 5280, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, section 4.1 Basic Certificate Fields RFC 2986: PKCS #10: Certification Request Syntax Specification, section 4.1 CertificationRequestInfoHISTORY
X509_extract_key
() and
X509_REQ_extract_key
() first appeared in
SSLeay 0.5.1 but returned a pointer to an RSA
object before SSLeay 0.6.0.
X509_get_pubkey
(),
X509_set_pubkey
(),
X509_REQ_get_pubkey
(), and
X509_REQ_set_pubkey
() first appeared in
SSLeay 0.6.5. X509_get_X509_PUBKEY
() first
appeared in SSLeay 0.8.0. These functions have been available since
OpenBSD 2.4.
X509_get0_pubkey_bitstr
() first appeared in
OpenSSL 0.9.7 and has been available since OpenBSD
3.4.
X509_get0_pubkey
() first appeared in OpenSSL
1.1.0 and has been available since OpenBSD 6.3.
X509_REQ_get0_pubkey
() first appeared in
OpenSSL 1.1.0 and has been available since OpenBSD
7.1.March 31, 2022 | Debian |