]>
Commit | Line | Data |
---|---|---|
f1f0731d | 1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | X509_REQ_get_attr_count, | |
6 | X509_REQ_get_attr_by_NID, X509_REQ_get_attr_by_OBJ, X509_REQ_get_attr, | |
7 | X509_REQ_delete_attr, | |
8 | X509_REQ_add1_attr, X509_REQ_add1_attr_by_OBJ, X509_REQ_add1_attr_by_NID, | |
9 | X509_REQ_add1_attr_by_txt | |
10 | - B<X509_ATTRIBUTE> support for signed certificate requests | |
11 | ||
12 | =head1 SYNOPSIS | |
13 | ||
14 | #include <openssl/x509.h> | |
15 | ||
16 | int X509_REQ_get_attr_count(const X509_REQ *req); | |
17 | int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos); | |
18 | int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, const ASN1_OBJECT *obj, | |
19 | int lastpos); | |
20 | X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); | |
21 | X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); | |
22 | int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); | |
23 | int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, | |
24 | const ASN1_OBJECT *obj, int type, | |
25 | const unsigned char *bytes, int len); | |
26 | int X509_REQ_add1_attr_by_NID(X509_REQ *req, | |
27 | int nid, int type, | |
28 | const unsigned char *bytes, int len); | |
29 | int X509_REQ_add1_attr_by_txt(X509_REQ *req, | |
30 | const char *attrname, int type, | |
31 | const unsigned char *bytes, int len); | |
32 | ||
33 | =head1 DESCRIPTION | |
34 | ||
35 | X509_REQ_get_attr_by_OBJ() finds the location of the first matching object I<obj> | |
36 | in the I<req> attribute list. The search starts at the position after I<lastpos>. | |
37 | If the returned value is positive then it can be used on the next call to | |
38 | X509_REQ_get_attr_by_OBJ() as the value of I<lastpos> in order to iterate through | |
39 | the remaining attributes. I<lastpos> can be set to any negative value on the | |
40 | first call, in order to start searching from the start of the attribute list. | |
41 | ||
42 | X509_REQ_get_attr_by_NID() is similar to X509_REQ_get_attr_by_OBJ() except that | |
43 | it passes the numerical identifier (NID) I<nid> associated with the object. | |
44 | See <openssl/obj_mac.h> for a list of NID_*. | |
45 | ||
46 | X509_REQ_get_attr() returns the B<X509_ATTRIBUTE> object at index I<loc> in the | |
47 | I<req> attribute list. I<loc> should be in the range from 0 to | |
48 | X509_REQ_get_attr_count() - 1. | |
49 | ||
50 | X509_REQ_delete_attr() removes the B<X509_ATTRIBUTE> object at index I<loc> in | |
51 | the I<req> objects list of attributes. An error occurs if I<req> is NULL. | |
52 | ||
53 | X509_REQ_add1_attr() pushes a copy of the passed in B<X509_ATTRIBUTE> I<>attr> | |
54 | to the I<req> object's attribute list. An error will occur if either the | |
55 | attribute list is NULL or the attribute already exists. | |
56 | ||
57 | X509_REQ_add1_attr_by_OBJ() creates a new B<X509_ATTRIBUTE> using | |
58 | X509_ATTRIBUTE_set1_object() and X509_ATTRIBUTE_set1_data() to assign a new | |
59 | I<obj> with type I<type> and data I<bytes> of length I<len> and then pushes it | |
60 | to the I<req> object's attribute list. I<req> must be non NULL or an error | |
61 | will occur. If I<obj> already exists in the attribute list then an error occurs. | |
62 | ||
63 | X509_REQ_add1_attr_by_NID() is similar to X509_REQ_add1_attr_by_OBJ() except | |
64 | that it passes the numerical identifier (NID) I<nid> associated with the object. | |
65 | See <openssl/obj_mac.h> for a list of NID_*. | |
66 | ||
67 | X509_REQ_add1_attr_by_txt() is similar to X509_REQ_add1_attr_by_OBJ() except | |
68 | that it passes a name I<attrname> associated with the object. | |
69 | See <openssl/obj_mac.h> for a list of SN_* names. | |
70 | ||
71 | Refer to L<X509_ATTRIBUTE(3)> for information related to attributes. | |
72 | ||
73 | =head1 RETURN VALUES | |
74 | ||
75 | X509_REQ_get_attr_count() returns the number of attributes in the I<req> object | |
76 | attribute list or -1 if the attribute list is NULL. | |
77 | ||
78 | X509_REQ_get_attr_by_OBJ() returns -1 if either the I<req> object's attribute | |
79 | list is empty OR I<obj> is not found, otherwise it returns the location of the | |
80 | I<obj> in the attribute list. | |
81 | ||
82 | X509_REQ_get_attr_by_NID() is similar to X509_REQ_get_attr_by_OBJ(), except that | |
83 | it returns -2 if the I<nid> is not known by OpenSSL. | |
84 | ||
85 | X509_REQ_get_attr() returns either an B<X509_ATTRIBUTE> or NULL on error. | |
86 | ||
87 | X509_REQ_delete_attr() returns either the removed B<X509_ATTRIBUTE> or NULL if | |
88 | there is a error. | |
89 | ||
90 | X509_REQ_add1_attr(), X509_REQ_add1_attr_by_OBJ(), X509_REQ_add1_attr_by_NID() | |
91 | and X509_REQ_add1_attr_by_txt() return 1 on success or 0 on error. | |
92 | ||
93 | =head1 NOTES | |
94 | ||
95 | Any functions that modify the attributes (add or delete) internally set a flag | |
96 | to indicate the ASN.1 encoding has been modified. | |
97 | ||
98 | =head1 SEE ALSO | |
99 | ||
100 | L<X509_ATTRIBUTE(3)> | |
101 | ||
102 | =head1 COPYRIGHT | |
103 | ||
b6461792 | 104 | Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved. |
f1f0731d | 105 | |
106 | Licensed under the Apache License 2.0 (the "License"). You may not use | |
107 | this file except in compliance with the License. You can obtain a copy | |
108 | in the file LICENSE in the source distribution or at | |
109 | L<https://www.openssl.org/source/license.html>. | |
110 | ||
111 | =cut |