NAME
X509_new
,
X509_free
, X509_up_ref
— X.509 certificate
object
SYNOPSIS
#include
<openssl/x509.h>
X509 *
X509_new
(void);
void
X509_free
(X509 *a);
int
X509_up_ref
(X509 *a);
DESCRIPTION
X509_new
()
allocates and initializes an empty X509 object with
reference count 1. It represents an ASN.1 Certificate
structure defined in RFC 5280 section 4.1. It can hold a public key together
with information about the person, organization, device, or function the
associated private key belongs to.
X509_free
()
decrements the reference count of the X509 structure
a and frees it up if the reference count reaches 0. If
a is a NULL
pointer, no action
occurs.
X509_up_ref
()
increments the reference count of a. This function is
useful if a certificate structure is being used by several different
operations each of which will free it up after use: this avoids the need to
duplicate the entire certificate structure.
The object X509_INFO, which can hold a certificate, the corresponding private key, and a certificate revocation list, is not yet documented.
RETURN VALUES
If the allocation fails, X509_new
()
returns NULL
and sets an error code that can be
obtained by
ERR_get_error(3). Otherwise it returns a pointer to the newly
allocated structure.
X509_up_ref
() returns 1 for success or 0
for failure.
SEE ALSO
AUTHORITY_KEYID_new(3), BASIC_CONSTRAINTS_new(3), crypto(3), d2i_X509(3), ERR_get_error(3), X509_ALGOR_new(3), X509_CRL_new(3), X509_EXTENSION_new(3), X509_NAME_new(3), X509_REQ_new(3), X509_SIG_new(3)
STANDARDS
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
HISTORY
X509_new
() and
X509_free
() are available in all versions of SSLeay
and OpenSSL.
BUGS
The X.509 public key infrastructure and its data types contain too many design bugs to list them. For lots of examples, see the classic X.509 Style Guide that Peter Gutmann published in 2000.