NAME

X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_bio, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param — X.509 SubjectPublicKeyInfo structure

SYNOPSIS

#include <openssl/x509.h> X509_PUBKEY *
X509_PUBKEY_new(void); void
X509_PUBKEY_free(X509_PUBKEY *a); int
X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); EVP_PKEY *
X509_PUBKEY_get0(X509_PUBKEY *key); EVP_PKEY *
X509_PUBKEY_get(X509_PUBKEY *key); EVP_PKEY *
d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length); int
i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp); EVP_PKEY *
d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); EVP_PKEY *
d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); int
i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); int
i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); int
X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, int ptype, void *pval, unsigned char *penc, int penclen); int
X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub);

DESCRIPTION

The X509_PUBKEY structure represents the ASN.1 SubjectPublicKeyInfo structure defined in RFC 5280 section 4.1 and used in certificates and certificate requests. X509_PUBKEY_new() allocates and initializes an X509_PUBKEY structure. X509_PUBKEY_free() frees up the X509_PUBKEY structure a. If a is a NULL pointer, no action occurs. X509_PUBKEY_set() sets the public key in *x to the public key contained in the EVP_PKEY structure pkey. If *x is not NULL, any existing public key structure will be freed. X509_PUBKEY_get0() returns the public key contained in key. The returned value is an internal pointer which must not be freed after use. X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except that the reference count on the returned key is incremented so it must be freed using EVP_PKEY_free(3) after use. d2i_PUBKEY() and i2d_PUBKEY() decode and encode an EVP_PKEY structure using SubjectPublicKeyInfo format. For details about the semantics, examples, caveats, and bugs, see ASN1_item_d2i(3). d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are similar except they decode or encode using a BIO or FILE pointer. X509_PUBKEY_set0_param() sets the public key parameters of pub. The OID associated with the algorithm is set to aobj. The type of the algorithm parameters is set to ptype using the structure pval. The encoding of the public key itself is set to the penclen bytes contained in buffer penc. On success ownership of all the supplied parameters is passed to pub so they must not be freed after the call. X509_PUBKEY_get0_param() retrieves the public key parameters from pub, *ppkalg is set to the associated OID and the encoding consists of *ppklen bytes at *pk, and *pa is set to the associated AlgorithmIdentifier for the public key. If the value of any of these parameters is not required, it can be set to NULL. All of the retrieved pointers are internal and must not be freed after the call.

RETURN VALUES

If the allocation fails, X509_PUBKEY_new() returns NULL and sets an error code that can be obtained by ERR_get_error(3). Otherwise it returns a pointer to the newly allocated structure. X509_PUBKEY_get0(), X509_PUBKEY_get(), d2i_PUBKEY(), d2i_PUBKEY_bio(), and d2i_PUBKEY_fp() return a pointer to an EVP_PKEY structure or NULL if an error occurs. i2d_PUBKEY() returns the number of bytes successfully encoded or a negative value if an error occurs. X509_PUBKEY_set(), X509_PUBKEY_set0_param(), X509_PUBKEY_get0_param(), i2d_PUBKEY_fp(), and i2d_PUBKEY_bio() return 1 for success and 0 if an error occurred.

ERRORS

After failure of X509_PUBKEY_get0() or X509_PUBKEY_get(), one of the following diagnostics can be retrieved with ERR_get_error(3), ERR_GET_REASON(3), and ERR_reason_error_string(3):

X509_R_UNSUPPORTED_ALGORITHM “unsupported algorithm”

The public key uses an algorithm unsupported by EVP_PKEY_set_type(3).

X509_R_METHOD_NOT_SUPPORTED “method not supported”

While the algorithm is known to EVP_PKEY_set_type(3), using it for decoding is not supported.

X509_R_PUBLIC_KEY_DECODE_ERROR “public key decode error”

Decoding the public key failed.

ERR_R_MALLOC_FAILURE “malloc failure”

Memory was exhausted when trying to allocate the new EVP_PKEY object.

If key is NULL or does not contain a public key, these functions fail but no error is pushed onto the stack.

SEE ALSO

d2i_X509(3), EVP_PKEY_asn1_set_public(3), X509_ALGOR_new(3), X509_get_pubkey(3), X509_new(3)

STANDARDS

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

HISTORY

X509_PUBKEY_new() and X509_PUBKEY_free() appeared in SSLeay 0.4 or earlier. X509_PUBKEY_set() and X509_PUBKEY_get() first appeared in SSLeay 0.8.0. These functions have been available since OpenBSD 2.4. d2i_PUBKEY() and i2d_PUBKEY() first appeared in OpenSSL 0.9.5 and have been available since OpenBSD 2.7. d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_fp(), and i2d_PUBKEY_bio() first appeared in OpenSSL 0.9.6 and have been available since OpenBSD 2.9. X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() first appeared in OpenSSL 1.0.0 and have been available since OpenBSD 4.9. X509_PUBKEY_get0() first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 6.3.