Sortix 1.1dev ports manual
This manual documents Sortix 1.1dev ports. You can instead view this document in the latest official manual.
D2I_X509(3) | Library Functions Manual | D2I_X509(3) |
NAME
d2i_X509, i2d_X509, d2i_X509_bio, d2i_X509_fp, i2d_X509_bio, i2d_X509_fp, d2i_X509_AUX, i2d_X509_AUX, d2i_X509_CERT_AUX, i2d_X509_CERT_AUX, d2i_X509_CINF, i2d_X509_CINF, d2i_X509_VAL, i2d_X509_VAL — decode and encode X.509 certificatesSYNOPSIS
#include <openssl/x509.h> X509 *d2i_X509(X509 **val_out, const unsigned char **der_in, long length); int
i2d_X509(X509 *val_in, unsigned char **der_out); X509 *
d2i_X509_bio(BIO *in_bio, X509 **val_out); X509 *
d2i_X509_fp(FILE *in_fp, X509 **val_out); int
i2d_X509_bio(BIO *out_bio, X509 *val_in); int
i2d_X509_fp(FILE *out_fp, X509 *val_in); X509 *
d2i_X509_AUX(X509 **val_out, const unsigned char **der_in, long length); int
i2d_X509_AUX(X509 *val_in, unsigned char **der_out); X509_CERT_AUX *
d2i_X509_CERT_AUX(X509_CERT_AUX **val_out, const unsigned char **der_in, long length); int
i2d_X509_CERT_AUX(X509_CERT_AUX *val_in, unsigned char **der_out); X509_CINF *
d2i_X509_CINF(X509_CINF **val_out, const unsigned char **der_in, long length); int
i2d_X509_CINF(X509_CINF *val_in, unsigned char **der_out); X509_VAL *
d2i_X509_VAL(X509_VAL **val_out, const unsigned char **der_in, long length); int
i2d_X509_VAL(X509_VAL *val_in, unsigned char **der_out);
DESCRIPTION
These functions decode and encode X.509 certificates and some of their substructures. For details about the semantics, examples, caveats, and bugs, see ASN1_item_d2i(3). d2i_X509() and i2d_X509() decode and encode an ASN.1 Certificate structure defined in RFC 5280 section 4.1. d2i_X509_bio(), d2i_X509_fp(), i2d_X509_bio(), and i2d_X509_fp() are similar except that they decode or encode using a BIO or FILE pointer. d2i_X509_AUX() is similar to d2i_X509(), but the input is expected to consist of an X.509 certificate followed by auxiliary trust information. This is used by the PEM routines to read TRUSTED CERTIFICATE objects. This function should not be called on untrusted input. i2d_X509_AUX() is similar to i2d_X509(), but the encoded output contains both the certificate and any auxiliary trust information. This is used by the PEM routines to write TRUSTED CERTIFICATE objects. Note that this is a non-standard OpenSSL-specific data format. d2i_X509_CERT_AUX() and i2d_X509_CERT_AUX() decode and encode optional non-standard auxiliary data appended to a certificate, for example friendly alias names and trust data. d2i_X509_CINF() and i2d_X509_CINF() decode and encode an ASN.1 TBSCertificate structure defined in RFC 5280 section 4.1. d2i_X509_VAL() and i2d_X509_VAL() decode and encode an ASN.1 Validity structure defined in RFC 5280 section 4.1.RETURN VALUES
d2i_X509(), d2i_X509_bio(), d2i_X509_fp(), and d2i_X509_AUX() return a valid X509 structure orNULL
if an error occurs.
d2i_X509_CERT_AUX(),
d2i_X509_CINF(), and
d2i_X509_VAL() return an
X509_CERT_AUX,
X509_CINF, or
X509_VAL object, respectively, or
NULL
if an error occurs.
i2d_X509(),
i2d_X509_AUX(),
i2d_X509_CERT_AUX(),
i2d_X509_CINF(), and
i2d_X509_VAL() return the number of bytes
successfully encoded or a negative value if an error occurs.
i2d_X509_bio() and
i2d_X509_fp() return 1 for success or 0 if an
error occurs.
For all functions, the error code can be obtained by
ERR_get_error(3).
SEE ALSO
ASN1_item_d2i(3), X509_CINF_new(3), X509_new(3)STANDARDS
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) ProfileHISTORY
d2i_X509(), i2d_X509(), d2i_X509_fp(), i2d_X509_fp(), d2i_X509_CINF(), i2d_X509_CINF(), d2i_X509_VAL(), and i2d_X509_VAL() first appeared in SSLeay 0.5.1. d2i_X509_bio() and i2d_X509_bio() first appeared in SSLeay 0.6.0. These functions have been available since OpenBSD 2.4. d2i_X509_AUX(), i2d_X509_AUX(), d2i_X509_CERT_AUX(), and i2d_X509_CERT_AUX() first appeared in OpenSSL 0.9.5 and have been available since OpenBSD 2.7.March 27, 2018 | Debian |