]>
Commit | Line | Data |
---|---|---|
e989e54f DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | X509v3_get_ext_count, X509v3_get_ext, X509v3_get_ext_by_NID, | |
6 | X509v3_get_ext_by_OBJ, X509v3_get_ext_by_critical, X509v3_delete_ext, | |
c952780c | 7 | X509v3_add_ext, X509_get_ext_count, X509_get_ext, |
e989e54f DSH |
8 | X509_get_ext_by_NID, X509_get_ext_by_OBJ, X509_get_ext_by_critical, |
9 | X509_delete_ext, X509_add_ext, X509_CRL_get_ext_count, X509_CRL_get_ext, | |
10 | X509_CRL_get_ext_by_NID, X509_CRL_get_ext_by_OBJ, X509_CRL_get_ext_by_critical, | |
11 | X509_CRL_delete_ext, X509_CRL_add_ext, X509_REVOKED_get_ext_count, | |
12 | X509_REVOKED_get_ext, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, | |
13 | X509_REVOKED_get_ext_by_critical, X509_REVOKED_delete_ext, | |
bb9ad09e | 14 | X509_REVOKED_add_ext - extension stack utility functions |
e989e54f DSH |
15 | |
16 | =head1 SYNOPSIS | |
17 | ||
18 | #include <openssl/x509.h> | |
19 | ||
20 | int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); | |
21 | X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); | |
22 | ||
23 | int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, | |
24 | int nid, int lastpos); | |
25 | int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, | |
c47ba4e9 | 26 | const ASN1_OBJECT *obj, int lastpos); |
e989e54f DSH |
27 | int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, |
28 | int crit, int lastpos); | |
29 | X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); | |
30 | STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, | |
31 | X509_EXTENSION *ex, int loc); | |
32 | ||
7569362e | 33 | int X509_get_ext_count(const X509 *x); |
c7d13c13 | 34 | X509_EXTENSION *X509_get_ext(const X509 *x, int loc); |
7569362e | 35 | int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos); |
c47ba4e9 | 36 | int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos); |
7569362e | 37 | int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos); |
e989e54f DSH |
38 | X509_EXTENSION *X509_delete_ext(X509 *x, int loc); |
39 | int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); | |
40 | ||
7569362e | 41 | int X509_CRL_get_ext_count(const X509_CRL *x); |
c7d13c13 | 42 | X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc); |
7569362e | 43 | int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos); |
c47ba4e9 | 44 | int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos); |
7569362e | 45 | int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos); |
e989e54f DSH |
46 | X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); |
47 | int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); | |
48 | ||
7569362e | 49 | int X509_REVOKED_get_ext_count(const X509_REVOKED *x); |
c7d13c13 | 50 | X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc); |
7569362e | 51 | int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos); |
c47ba4e9 | 52 | int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj, |
e9b77246 | 53 | int lastpos); |
7569362e | 54 | int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos); |
e989e54f DSH |
55 | X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); |
56 | int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); | |
57 | ||
58 | =head1 DESCRIPTION | |
59 | ||
60 | X509v3_get_ext_count() retrieves the number of extensions in B<x>. | |
61 | ||
62 | X509v3_get_ext() retrieves extension B<loc> from B<x>. The index B<loc> | |
63 | can take any value from B<0> to X509_get_ext_count(x) - 1. The returned | |
64 | extension is an internal pointer which B<must not> be freed up by the | |
65 | application. | |
66 | ||
67 | X509v3_get_ext_by_NID() and X509v3_get_ext_by_OBJ() look for an extension | |
68 | with B<nid> or B<obj> from extension stack B<x>. The search starts from the | |
69 | extension after B<lastpos> or from the beginning if <lastpos> is B<-1>. If | |
70 | the extension is found its index is returned otherwise B<-1> is returned. | |
71 | ||
72 | X509v3_get_ext_by_critical() is similar to X509v3_get_ext_by_NID() except it | |
1bc74519 | 73 | looks for an extension of criticality B<crit>. A zero value for B<crit> |
e989e54f DSH |
74 | looks for a non-critical extension a non-zero value looks for a critical |
75 | extension. | |
76 | ||
77 | X509v3_delete_ext() deletes the extension with index B<loc> from B<x>. The | |
78 | deleted extension is returned and must be freed by the caller. If B<loc> | |
79 | is in invalid index value B<NULL> is returned. | |
80 | ||
81 | X509v3_add_ext() adds extension B<ex> to stack B<*x> at position B<loc>. If | |
82 | B<loc> is B<-1> the new extension is added to the end. If B<*x> is B<NULL> | |
83 | a new stack will be allocated. The passed extension B<ex> is duplicated | |
84 | internally so it must be freed after use. | |
85 | ||
e989e54f DSH |
86 | X509_get_ext_count(), X509_get_ext(), X509_get_ext_by_NID(), |
87 | X509_get_ext_by_OBJ(), X509_get_ext_by_critical(), X509_delete_ext() | |
88 | and X509_add_ext() operate on the extensions of certificate B<x> they are | |
89 | otherwise identical to the X509v3 functions. | |
90 | ||
91 | X509_CRL_get_ext_count(), X509_CRL_get_ext(), X509_CRL_get_ext_by_NID(), | |
92 | X509_CRL_get_ext_by_OBJ(), X509_CRL_get_ext_by_critical(), | |
93 | X509_CRL_delete_ext() and X509_CRL_add_ext() operate on the extensions of | |
94 | CRL B<x> they are otherwise identical to the X509v3 functions. | |
95 | ||
96 | X509_REVOKED_get_ext_count(), X509_REVOKED_get_ext(), | |
97 | X509_REVOKED_get_ext_by_NID(), X509_REVOKED_get_ext_by_OBJ(), | |
98 | X509_REVOKED_get_ext_by_critical(), X509_REVOKED_delete_ext() and | |
99 | X509_REVOKED_add_ext() operate on the extensions of CRL entry B<x> | |
100 | they are otherwise identical to the X509v3 functions. | |
101 | ||
102 | =head1 NOTES | |
103 | ||
104 | These functions are used to examine stacks of extensions directly. Many | |
105 | applications will want to parse or encode and add an extension: they should | |
106 | use the extension encode and decode functions instead such as | |
107 | X509_add1_ext_i2d() and X509_get_ext_d2i(). | |
108 | ||
109 | Extension indices start from zero, so a zero index return value is B<not> an | |
110 | error. These search functions start from the extension B<after> the B<lastpos> | |
111 | parameter so it should initially be set to B<-1>, if it is set to zero the | |
112 | initial extension will not be checked. | |
113 | ||
114 | =head1 RETURN VALUES | |
115 | ||
116 | X509v3_get_ext_count() returns the extension count. | |
117 | ||
0df65d82 VD |
118 | X509v3_get_ext(), X509v3_delete_ext() and X509_delete_ext() return an |
119 | B<X509_EXTENSION> pointer or B<NULL> if an error occurs. | |
e989e54f DSH |
120 | |
121 | X509v3_get_ext_by_NID() X509v3_get_ext_by_OBJ() and | |
122 | X509v3_get_ext_by_critical() return the an extension index or B<-1> if an | |
123 | error occurs. | |
124 | ||
125 | X509v3_add_ext() returns a stack of extensions or B<NULL> on error. | |
126 | ||
0df65d82 VD |
127 | X509_add_ext() returns 1 on success and 0 on error. |
128 | ||
e989e54f DSH |
129 | =head1 SEE ALSO |
130 | ||
131 | L<X509V3_get_d2i(3)> | |
99ec4fdb | 132 | |
e2f92610 RS |
133 | =head1 COPYRIGHT |
134 | ||
fd38836b | 135 | Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 136 | |
4746f25a | 137 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
138 | this file except in compliance with the License. You can obtain a copy |
139 | in the file LICENSE in the source distribution or at | |
140 | L<https://www.openssl.org/source/license.html>. | |
141 | ||
142 | =cut |