Sortix volatile manual
This manual documents Sortix volatile, a development build that has not been officially released. You can instead view this document in the latest official manual.
| X509_PRINT_EX(3) | Library Functions Manual | X509_PRINT_EX(3) | 
NAME
X509_print_ex,
    X509_CERT_AUX_print,
    X509_print_ex_fp,
    X509_print, X509_print_fp
    — pretty-print an X.509 certificate
SYNOPSIS
#include
    <openssl/x509.h>
int
  
  X509_print_ex(BIO *bio,
    X509 *x, unsigned long
    nameflags, unsigned long skipflags);
int
  
  X509_CERT_AUX_print(BIO *bio,
    X509_CERT_AUX *aux, int
  indent);
int
  
  X509_print_ex_fp(FILE *fp,
    X509 *x, unsigned long
    nameflags, unsigned long skipflags);
int
  
  X509_print(BIO *bio,
    X509 *x);
int
  
  X509_print_fp(FILE *fp,
    X509 *x);
DESCRIPTION
X509_print_ex()
    prints information contained in x to
    bio in human-readable form. Printing is aborted as
    soon as any operation fails, with the exception that failures while
    attempting to decode or print the public key, the X.509 version 3
    extensions, or non-standard auxiliary data are not considered as errors.
By default, the following blocks of information are printed in the following order. Each block can be skipped by setting the corresponding bit in skipflags, provided in parentheses after each block description.
- A pair of lines reading "Certificate:" and "Data:"
      containing no information.
    (X509_FLAG_NO_HEADER)
- The certificate version number as defined by the standard, followed in
      parentheses by the value contained in the version field in hexadecimal
      notation. See
      X509_get_version(3)
      for details. (X509_FLAG_NO_VERSION)
- The serial number of the certificate as returned by
      X509_get_serialNumber(3).
      If it is not -1 and converting it to long succeeds,
      it is printed in both decimal and hexadecimal format. If it is -1, too
      wide to fit in long, or conversion fails, it is
      printed byte-by-byte in hexadecimal notation.
      (X509_FLAG_NO_SERIAL)
- The name of the signature algorithm is printed with
      X509_signature_print(3).
      (X509_FLAG_NO_SIGNAME)
- The issuer name returned by
      X509_get_issuer_name(3)
      is printed with
      X509_NAME_print_ex(3).
      (X509_FLAG_NO_ISSUER)
- The validity period from
      X509_get_notBefore(3)
      to
      X509_get_notAfter(3)
      is printed using
      ASN1_TIME_print(3).
      (X509_FLAG_NO_VALIDITY)
- The subject name returned from
      X509_get_subject_name(3)
      is printed with
      X509_NAME_print_ex(3).
      (X509_FLAG_NO_SUBJECT)
- The public key algorithm is printed with
      i2a_ASN1_OBJECT(3),
      and the public key returned from
      X509_get_pubkey(3)
      with
      EVP_PKEY_print_public(3).
      (X509_FLAG_NO_PUBKEY)
- All X.509 extensions contained in the certificate are printed with
      X509V3_extensions_print(3).
      (X509_FLAG_NO_EXTENSIONS)
- The signature is printed with
      X509_signature_print(3).
      (X509_FLAG_NO_SIGDUMP)
- Non-standard auxiliary data associated with the
      certificate is printed using the function
      X509_CERT_AUX_print() documented below. (X509_FLAG_NO_AUX)
The nameflags argument modifies the format
    for printing X.501 Name objects contained in
    x. It is passed through to
    X509_NAME_print_ex(3).
    If nameflags is
    X509_FLAG_COMPAT, the indent
    argument of
    X509_NAME_print_ex(3)
    is set to 16 spaces and the traditional SSLeay format generated by
    X509_NAME_print(3)
    is used. Otherwise, if the only bit set in
    XN_FLAG_SEP_MASK is
    XN_FLAG_SEP_MULTILINE, indent
    is set to 12 spaces. Otherwise, indent is set to
  zero.
X509_CERT_AUX_print()
    prints information contained in aux to
    bio in human-readable form with a left margin of
    indent spaces. If aux is
    NULL, it prints nothing.
Information is printed in the following order:
- Purposes the certificate is intended to be used for as set with X509_add1_trust_object(3), each printed with OBJ_obj2txt(3).
- Purposes the certificate is explicitly not intended to be used for as set with X509_add1_reject_object(3), again each printed with OBJ_obj2txt(3).
- If aux contains data set with X509_alias_set1(3), the raw bytes are printed in unencoded form.
- If aux contains data set with X509_keyid_set1(3), the bytes are printed in hexadecimal notation with colons in between.
X509_print_ex_fp()
    is similar to X509_print_ex() except that it prints
    to fp.
X509_print()
    and
    X509_print_fp()
    are wrapper functions setting the nameflags to
    XN_FLAG_COMPAT and the
    skipflags to
  X509_FLAG_COMPAT.
RETURN VALUES
X509_print_ex(),
    X509_print_ex_fp(),
    X509_print(), and
    X509_print_fp() return 1 if all requested
    information was successfully printed, even if failures occurred while
    attempting to decode or print the public key or X.509 version 3 extensions,
    or 0 if any other operation failed.
X509_CERT_AUX_print() always returns 1 and
    silently ignores write errors.
SEE ALSO
BIO_new(3), X509_CERT_AUX_new(3), X509_CRL_print(3), X509_new(3), X509_REQ_print_ex(3)
HISTORY
X509_print() first appeared in SSLeay
    0.5.1 and was changed to print to a BIO in SSLeay
    0.6.0. X509_print_fp() first appeared in SSLeay
    0.6.0. Both functions have been available since OpenBSD
    2.4.
X509_CERT_AUX_print() first appeared in
    OpenSSL 0.9.5 and has been available since OpenBSD
    2.7.
X509_print_ex() and
    X509_print_ex_fp() first appeared in OpenSSL 0.9.7
    and have been available since OpenBSD 3.2.
BUGS
If arbitrary data was stored into x using X509_alias_set1(3), these functions may print binary data and even NUL bytes.
| October 29, 2021 | Sortix 1.1.0-dev | 
