OpenBSD manual page server

NAME

X509_get_pubkey_parameters — copy public key parameters from a chain

SYNOPSIS

#include <openssl/x509.h>

int
X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);

DESCRIPTION

X509_get_pubkey_parameters() copies public key parameters from the first appropriate certificate in the chain.

If pkey is not NULL and already contains complete public key parameters or uses an algorithm that does not use any parameters, no action occurs and the function indicates success without inspecting the existing parameters, without inspecting the chain, and without comparing any parameters.

Otherwise, all public key parameters are copied from the first certificate in the chain that contains complete public key parameters to each certificate preceding it in the chain. Unless pkey is a NULL pointer, the same parameters are also copied to pkey.

RETURN VALUES

X509_get_pubkey_parameters() returns 1 for success or 0 for failure.

ERRORS

The following diagnostics can be retrieved with ERR_get_error(3), ERR_GET_REASON(3), and ERR_reason_error_string(3):

X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY "unable to get certs public key"

Retrieving the public key from a certificate in the chain failed before a certificate containing complete public key parameters could be found.

X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN "unable to find parameters in chain"

None of the certificates in the chain contain complete public key parameters.

SEE ALSO

EVP_PKEY_copy_parameters(3), EVP_PKEY_new(3), X509_get_pubkey(3), X509_new(3)

HISTORY

X509_get_pubkey_parameters() first appeared in SSLeay 0.8.0 and has been available since OpenBSD 2.4.

CAVEATS

If X509_get_pubkey_parameters() fails and returns 0, a part of the parameters may or may not have been copied before the failure was detected, whereas other parts of pkey and chain may remain unchanged. So in case of failure, the state of the arguments may change and possibly become inconsistent.