manpagez: man pages & more
man X509_new(3)
Home | html | info | man
X509_NEW(3ossl)                     OpenSSL                    X509_NEW(3ossl)



NAME

       X509_new, X509_new_ex, X509_free, X509_up_ref, X509_chain_up_ref,
       OSSL_STACK_OF_X509_free - X509 certificate ASN1 allocation and
       deallocation functions


SYNOPSIS

        #include <openssl/x509.h>

        X509 *X509_new(void);
        X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
        void X509_free(X509 *a);
        int X509_up_ref(X509 *a);
        STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x);
        void OSSL_STACK_OF_X509_free(STACK_OF(X509) *certs);


DESCRIPTION

       The X509 ASN1 allocation routines allocate and free an X509 structure,
       which represents an X509 certificate.

       X509_new_ex() allocates and initializes a X509 structure with a library
       context of libctx, property query of propq and a reference count of 1.
       Many X509 functions such as X509_check_purpose(), and X509_verify() use
       this library context to select which providers supply the fetched
       algorithms (SHA1 is used internally). This created X509 object can then
       be used when loading binary data using d2i_X509().

       X509_new(3) is similar to X509_new_ex() but sets the library context and
       property query to NULL. This results in the default (NULL) library
       context being used for any X509 operations requiring algorithm fetches.

       X509_free() decrements the reference count of X509 structure a and
       frees it up if the reference count is zero. If the argument is NULL,
       nothing is done.

       X509_up_ref() increments the reference count of a.

       X509_chain_up_ref() increases the reference count of all certificates
       in chain x and returns a copy of the stack, or an empty stack if a is
       NULL.

       OSSL_STACK_OF_X509_free() deallocates the given list of pointers to
       certificates after calling X509_free() on all its elements.  If the
       argument is NULL, nothing is done.


NOTES

       The function X509_up_ref() if useful if a certificate structure is
       being used by several different operations each of which will free it
       up after use: this avoids the need to duplicate the entire certificate
       structure.

       The function X509_chain_up_ref() doesn't just up the reference count of
       each certificate. It also returns a copy of the stack, using
       sk_X509_dup(), but it serves a similar purpose: the returned chain
       persists after the original has been freed.


RETURN VALUES

       If the allocation fails, X509_new(3) returns NULL and sets an error code
       that can be obtained by ERR_get_error(3).  Otherwise it returns a
       pointer to the newly allocated structure.

       X509_up_ref() returns 1 for success and 0 for failure.

       X509_chain_up_ref() returns a copy of the stack or NULL if an error
       occurred.

       OSSL_STACK_OF_X509_free() has no return value.


SEE ALSO

       d2i_X509(3), ERR_get_error(3), X509_CRL_get0_by_serial(3),
       X509_get0_signature(3), X509_get_ext_d2i(3),
       X509_get_extension_flags(3), X509_get_pubkey(3),
       X509_get_subject_name(3), X509_get_version(3),
       X509_NAME_add_entry_by_txt(3), X509_NAME_ENTRY_get_object(3),
       X509_NAME_get_index_by_NID(3), X509_NAME_print_ex(3), X509_sign(3),
       X509V3_get_d2i(3), X509_verify_cert(3)


HISTORY

       X509_new_ex() was added in OpenSSL 3.0.

       OSSL_STACK_OF_X509_free() was added in OpenSSL 3.2.


COPYRIGHT

       Copyright 2002-2024 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the Apache License 2.0 (the "License").  You may not use
       this file except in compliance with the License.  You can obtain a copy
       in the file LICENSE in the source distribution or at
       <https://www.openssl.org/source/license.html>.

3.3.2                             2024-09-04                   X509_NEW(3ossl)

openssl 3.3.2 - Generated Tue Sep 17 16:12:36 CDT 2024
© manpagez.com 2000-2024
Individual documents may contain additional copyright information.