OpenBSD manual page server

Manual Page Search Parameters

X509_GET1_EMAIL(3) Library Functions Manual X509_GET1_EMAIL(3)

X509_get1_email, X509_get1_ocsp, X509_email_freeutilities for stacks of strings

#include <openssl/x509v3.h>

typedef char *OPENSSL_STRING;

STACK_OF(OPENSSL_STRING) *
X509_get1_email(X509 *certificate);

STACK_OF(OPENSSL_STRING) *
X509_get1_ocsp(X509 *certificate);

void
X509_email_free(STACK_OF(OPENSSL_STRING) *stack);

() retrieves all email addresses from the subject field and from any Subject Alternative Name extension of the certificate.

() retrieves all uniform resource identifiers from all AccessDescription objects having an accessMethod of OCSP which are contained in the Authority Information Access extension of the certificate.

() frees all strings stored in the stack as well as the stack itself. If stack is a NULL pointer, no action occurs.

X509_REQ_get1_email() and X509_get1_ocsp() return newly allocated stacks of char * containing copies of the addresses in question, or NULL if there are no addresses or if an error occurs.

OCSP_sendreq_new(3), OCSP_SERVICELOC_new(3), OPENSSL_sk_new(3), STACK_OF(3), X509_check_email(3), X509_get_ext_d2i(3), X509_get_subject_name(3), X509_new(3), x509v3.cnf(5)

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

RFC 2985: PKCS #9: Selected Object Classes and Attribute Types

X509_get1_email() and X509_email_free() first appeared in OpenSSL 0.9.6 and have been available since OpenBSD 2.9.

X509_get1_ocsp() first appeared in OpenSSL 0.9.8h and has been available since OpenBSD 4.5.

X509_email_free() is utterly misnamed. It does not operate on any X509 object, nor is it in any way restricted to email addresses; instead, it simply frees a stack of strings.

August 23, 2019 OpenBSD-7.4