NAME
X509_get1_email,
X509_get1_ocsp,
X509_email_free —
utilities for stacks of
strings
SYNOPSIS
#include
<openssl/x509v3.h>
typedef char *OPENSSL_STRING;
STACK_OF(OPENSSL_STRING) *
X509_get1_email(X509
*certificate);
STACK_OF(OPENSSL_STRING) *
X509_get1_ocsp(X509
*certificate);
void
X509_email_free(STACK_OF(OPENSSL_STRING)
*stack);
DESCRIPTION
X509_get1_email()
retrieves all email addresses from the subject field
and from any Subject Alternative Name extension of the
certificate.
X509_get1_ocsp()
retrieves all uniform resource identifiers from all
AccessDescription objects having an
accessMethod of OCSP which are contained in the
Authority Information Access extension of the
certificate.
X509_email_free()
frees all strings stored in the stack as well as the
stack itself. If stack is a
NULL pointer, no action occurs.
RETURN VALUES
X509_REQ_get1_email() and
X509_get1_ocsp() return newly allocated stacks of
char * containing copies of the addresses in question,
or NULL if there are no addresses or if an error
occurs.
SEE ALSO
OCSP_sendreq_new(3), OCSP_SERVICELOC_new(3), OPENSSL_sk_new(3), STACK_OF(3), X509_check_email(3), X509_get_ext_d2i(3), X509_get_subject_name(3), X509_new(3), x509v3.cnf(5)
STANDARDS
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
- section 4.1: Basic Certificate Fields
- section 4.1.2.6: Subject
- section 4.2.1.6: Subject Alternative Name
- section 4.2.2.1: Authority Information Access
RFC 2985: PKCS #9: Selected Object Classes and Attribute Types
- section 5.2.1: Electronic-mail address
- appendix B.3.5: emailAddress
HISTORY
X509_get1_email() and
X509_email_free() first appeared in OpenSSL 0.9.6
and have been available since OpenBSD 2.9.
X509_get1_ocsp() first appeared in OpenSSL
0.9.8h and has been available since OpenBSD 4.5.
BUGS
X509_email_free() is utterly misnamed. It
does not operate on any X509 object, nor is it in any
way restricted to email addresses; instead, it simply frees a stack of
strings.