|
Packit |
c4476c |
=pod
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 NAME
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID,
|
|
Packit |
c4476c |
X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext,
|
|
Packit |
c4476c |
X509v3_add_ext, X509_get_ext_count, X509_get_ext,
|
|
Packit |
c4476c |
X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical,
|
|
Packit |
c4476c |
X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext,
|
|
Packit |
c4476c |
X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical,
|
|
Packit |
c4476c |
X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count,
|
|
Packit |
c4476c |
X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ,
|
|
Packit |
c4476c |
X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext,
|
|
Packit |
c4476c |
X509_REVOKED_add_ext - extension stack utility functions
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 SYNOPSIS
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
#include <openssl/x509.h>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
|
|
Packit |
c4476c |
X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
|
|
Packit |
c4476c |
int nid, int lastpos);
|
|
Packit |
c4476c |
int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
|
|
Packit |
c4476c |
const ASN1_OBJECT *obj, int lastpos);
|
|
Packit |
c4476c |
int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
|
|
Packit |
c4476c |
int crit, int lastpos);
|
|
Packit |
c4476c |
X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
|
|
Packit |
c4476c |
STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
|
|
Packit |
c4476c |
X509_EXTENSION *ex, int loc);
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
int X509_get_ext_count(const X509 *x);
|
|
Packit |
c4476c |
X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
|
|
Packit |
c4476c |
int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
|
|
Packit |
c4476c |
int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
|
|
Packit |
c4476c |
int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
|
|
Packit |
c4476c |
X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
|
|
Packit |
c4476c |
int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
int X509_CRL_get_ext_count(const X509_CRL *x);
|
|
Packit |
c4476c |
X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
|
|
Packit |
c4476c |
int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
|
|
Packit |
c4476c |
int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos);
|
|
Packit |
c4476c |
int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
|
|
Packit |
c4476c |
X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
|
|
Packit |
c4476c |
int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
|
|
Packit |
c4476c |
X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
|
|
Packit |
c4476c |
int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
|
|
Packit |
c4476c |
int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
|
|
Packit |
c4476c |
int lastpos);
|
|
Packit |
c4476c |
int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos);
|
|
Packit |
c4476c |
X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
|
|
Packit |
c4476c |
int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 DESCRIPTION
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_get_ext_count() retrieves the number of extensions in B<x>.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_get_ext() retrieves extension B<loc> from B<x>. The index B<loc>
|
|
Packit |
c4476c |
can take any value from B<0> to X509_get_ext_count(x) - 1. The returned
|
|
Packit |
c4476c |
extension is an internal pointer which B<must not> be freed up by the
|
|
Packit |
c4476c |
application.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension
|
|
Packit |
c4476c |
with B<nid> or B<obj> from extension stack B<x>. The search starts from the
|
|
Packit |
c4476c |
extension after B<lastpos> or from the beginning if <lastpos> is B<-1>. If
|
|
Packit |
c4476c |
the extension is found its index is returned otherwise B<-1> is returned.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it
|
|
Packit |
c4476c |
looks for an extension of criticality B<crit>. A zero value for B<crit>
|
|
Packit |
c4476c |
looks for a non-critical extension a non-zero value looks for a critical
|
|
Packit |
c4476c |
extension.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_delete_ext() deletes the extension with index B<loc> from B<x>. The
|
|
Packit |
c4476c |
deleted extension is returned and must be freed by the caller. If B<loc>
|
|
Packit |
c4476c |
is in invalid index value B<NULL> is returned.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_add_ext() adds extension B<ex> to stack B<*x> at position B<loc>. If
|
|
Packit |
c4476c |
B<loc> is B<-1> the new extension is added to the end. If B<*x> is B<NULL>
|
|
Packit |
c4476c |
a new stack will be allocated. The passed extension B<ex> is duplicated
|
|
Packit |
c4476c |
internally so it must be freed after use.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(),
|
|
Packit |
c4476c |
X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext()
|
|
Packit |
c4476c |
and X509_add_ext() operate on the extensions of certificate B<x> they are
|
|
Packit |
c4476c |
otherwise identical to the X509v3 functions.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(),
|
|
Packit |
c4476c |
X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(),
|
|
Packit |
c4476c |
X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of
|
|
Packit |
c4476c |
CRL B<x> they are otherwise identical to the X509v3 functions.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(),
|
|
Packit |
c4476c |
X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(),
|
|
Packit |
c4476c |
X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and
|
|
Packit |
c4476c |
X509_REVOKED_add_ext() operate on the extensions of CRL entry B<x>
|
|
Packit |
c4476c |
they are otherwise identical to the X509v3 functions.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 NOTES
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
These functions are used to examine stacks of extensions directly. Many
|
|
Packit |
c4476c |
applications will want to parse or encode and add an extension: they should
|
|
Packit |
c4476c |
use the extension encode and decode functions instead such as
|
|
Packit |
c4476c |
X509_add1_ext_i2d() and X509_get_ext_d2i().
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Extension indices start from zero, so a zero index return value is B<not> an
|
|
Packit |
c4476c |
error. These search functions start from the extension B<after> the B<lastpos>
|
|
Packit |
c4476c |
parameter so it should initially be set to B<-1>, if it is set to zero the
|
|
Packit |
c4476c |
initial extension will not be checked.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 RETURN VALUES
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_get_ext_count() returns the extension count.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an
|
|
Packit |
c4476c |
B<X509_EXTENSION> pointer or B<NULL> if an error occurs.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and
|
|
Packit |
c4476c |
X509v3_get_ext_by_critical() return the an extension index or B<-1> if an
|
|
Packit |
c4476c |
error occurs.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509v3_add_ext() returns a stack of extensions or B<NULL> on error.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
X509_add_ext() returns 1 on success and 0 on error.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 SEE ALSO
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
L<X509V3_get_d2i(3)>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 COPYRIGHT
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Licensed under the OpenSSL license (the "License"). You may not use
|
|
Packit |
c4476c |
this file except in compliance with the License. You can obtain a copy
|
|
Packit |
c4476c |
in the file LICENSE in the source distribution or at
|
|
Packit |
c4476c |
L<https://www.openssl.org/source/license.html>.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=cut
|