NAME
AUTHORITY_KEYID_new
,
AUTHORITY_KEYID_free
—
X.509 authority key identifier
extension
SYNOPSIS
#include
<openssl/x509v3.h>
AUTHORITY_KEYID *
AUTHORITY_KEYID_new
(void);
void
AUTHORITY_KEYID_free
(AUTHORITY_KEYID
*id);
DESCRIPTION
Using the authority key identifier extension, an X.509 certificate or certificate revocation list can specify which key pair was used for signing it.
AUTHORITY_KEYID_new
()
allocates and initializes an empty AUTHORITY_KEYID
object, representing an ASN.1 AuthorityKeyIdentifier
structure defined in RFC 5280 section 4.2.1.1. It can hold an issuer name, a
serial number, and a key identifier.
AUTHORITY_KEYID_free
()
frees id.
RETURN VALUES
AUTHORITY_KEYID_new
() returns the new
AUTHORITY_KEYID object or NULL
if an error occurs.
SEE ALSO
GENERAL_NAMES_new(3), X509_CRL_new(3), X509_EXTENSION_new(3), X509_new(3)
STANDARDS
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile:
- section 4.2.1.1: Certificate Extensions: Authority Key Identifier
- section 5.2.1: CRL Extensions: Authority Key Identifier
HISTORY
AUTHORITY_KEYID_new
() and
AUTHORITY_KEYID_free
() first appeared in OpenSSL
0.9.2b and have been available since OpenBSD
2.6.