Sortix nightly manual
This manual documents Sortix nightly, a development build that has not been officially released. You can instead view this document in the latest official manual.
| X509_GET_PUBKEY(3) | Library Functions Manual | X509_GET_PUBKEY(3) |
NAME
X509_get_pubkey,
X509_get0_pubkey,
X509_set_pubkey,
X509_get_X509_PUBKEY,
X509_get0_pubkey_bitstr,
X509_REQ_get_pubkey,
X509_REQ_get0_pubkey,
X509_REQ_set_pubkey,
X509_extract_key,
X509_REQ_extract_key — get
or set certificate or certificate request public key
SYNOPSIS
#include
<openssl/x509.h>
EVP_PKEY *
X509_get_pubkey(X509 *x);
EVP_PKEY *
X509_get0_pubkey(const X509
*x);
int
X509_set_pubkey(X509 *x,
EVP_PKEY *pkey);
X509_PUBKEY *
X509_get_X509_PUBKEY(const X509
*x);
ASN1_BIT_STRING *
X509_get0_pubkey_bitstr(const X509
*x);
EVP_PKEY *
X509_REQ_get_pubkey(X509_REQ
*req);
EVP_PKEY *
X509_REQ_get0_pubkey(X509_REQ
*req);
int
X509_REQ_set_pubkey(X509_REQ *x,
EVP_PKEY *pkey);
EVP_PKEY *
X509_extract_key(X509 *x);
EVP_PKEY *
X509_REQ_extract_key(X509_REQ
*req);
DESCRIPTION
X509_get_pubkey()
attempts to decode the public key for certificate x.
If successful, it returns the public key as an
EVP_PKEY pointer with its reference count incremented:
this means the returned key must be freed up after use.
X509_get0_pubkey()
is similar except that it does not increment the reference count of the
returned EVP_PKEY, so it must not be freed up after
use.
X509_get_X509_PUBKEY()
returns an internal pointer to the
SubjectPublicKeyInfo structure contained in
x. The returned value must not be freed up after
use.
X509_get0_pubkey_bitstr()
returns an internal pointer to just the public key contained in this
SubjectPublicKeyInfo structure, without the
information about the algorithm used.
X509_set_pubkey()
attempts to set the public key for certificate x to
pkey. The key pkey should be
freed up after use.
X509_REQ_get_pubkey(),
X509_REQ_get0_pubkey(),
and
X509_REQ_set_pubkey()
are similar but operate on certificate request
req.
The first time a public key is decoded, the EVP_PKEY structure is cached in the certificate or certificate request itself. Subsequent calls return the cached structure with its reference count incremented to improve performance.
X509_extract_key()
and
X509_REQ_extract_key()
are deprecated aliases for X509_get_pubkey() and
X509_REQ_get_pubkey(), respectively, implemented as
macros.
RETURN VALUES
X509_get_pubkey(),
X509_get0_pubkey(),
X509_get_X509_PUBKEY(),
X509_get0_pubkey_bitstr(),
X509_REQ_get_pubkey(),
X509_REQ_get0_pubkey(),
X509_extract_key(), and
X509_REQ_extract_key() return a public key or
NULL if an error occurred.
X509_set_pubkey() and
X509_REQ_set_pubkey() return 1 for success or 0 for
failure.
In some cases of failure of
X509_get0_pubkey(),
X509_set_pubkey(),
X509_REQ_get_pubkey(),
X509_REQ_get0_pubkey(), and
X509_REQ_set_pubkey(), the reason can be determined
with
ERR_get_error(3).
ERRORS
X509_get_pubkey(),
X509_get0_pubkey(),
X509_REQ_get_pubkey(),
X509_extract_key(), and
X509_REQ_extract_key() provide diagnostics as
documented for
X509_PUBKEY_get(3).
If x or req is
NULL or contains no certificate information, they
fail without pushing an error onto the stack.
X509_get_X509_PUBKEY() provides no
diagnostics and crashes by accessing a NULL pointer
if x is NULL or contains no
certificate information,
X509_get0_pubkey_bitstr() provides no
diagnostics and fails without pushing an error onto the stack if
x is NULL, but it crashes by
accessing a NULL pointer if x
contains no certificate information.
SEE ALSO
d2i_X509(3), X509_CRL_get0_by_serial(3), X509_NAME_add_entry_by_txt(3), X509_NAME_ENTRY_get_object(3), X509_NAME_get_index_by_NID(3), X509_NAME_print_ex(3), X509_new(3), X509_PUBKEY_new(3), X509_REQ_new(3), X509_sign(3), X509_verify_cert(3), X509V3_get_d2i(3)
STANDARDS
RFC 5280, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, section 4.1 Basic Certificate Fields
RFC 2986: PKCS #10: Certification Request Syntax Specification, section 4.1 CertificationRequestInfo
HISTORY
X509_extract_key() and
X509_REQ_extract_key() first appeared in SSLeay
0.5.1 but returned a pointer to an RSA object before
SSLeay 0.6.0. X509_get_pubkey(),
X509_set_pubkey(),
X509_REQ_get_pubkey(), and
X509_REQ_set_pubkey() first appeared in SSLeay
0.6.5. X509_get_X509_PUBKEY() first appeared in
SSLeay 0.8.0. These functions have been available since
OpenBSD 2.4.
X509_get0_pubkey_bitstr() first appeared
in OpenSSL 0.9.7 and has been available since OpenBSD
3.4.
X509_get0_pubkey() first appeared in
OpenSSL 1.1.0 and has been available since OpenBSD
6.3. X509_REQ_get0_pubkey() first appeared in
OpenSSL 1.1.0 and has been available since OpenBSD
7.1.
| March 31, 2022 | Sortix 1.1.0-dev |