OpenBSD manual page server

Manual Page Search Parameters

X509_GET1_EMAIL(3) Library Functions Manual X509_GET1_EMAIL(3)

X509_get1_email, X509_get1_ocsp, X509_email_freeutilities for stacks of strings

#include <openssl/x509v3.h>

typedef char *OPENSSL_STRING;

X509_get1_email(X509 *certificate);

X509_get1_ocsp(X509 *certificate);

X509_email_free(STACK_OF(OPENSSL_STRING) *stack);

X509_get1_email() retrieves all email addresses from the subject field and from any Subject Alternative Name extension of the certificate.

X509_get1_ocsp() retrieves all uniform resource identifiers from all AccessDescription objects having an accessMethod of OCSP which are contained in the Authority Information Access extension of the certificate.

X509_email_free() frees all strings stored in the stack as well as the stack itself. If stack is a NULL pointer, no action occurs.

X509_REQ_get1_email() and X509_get1_ocsp() return newly allocated stacks of char * containing copies of the addresses in question, or NULL if there are no addresses or if an error occurs.

OCSP_sendreq_new(3), OCSP_SERVICELOC_new(3), OPENSSL_sk_new(3), STACK_OF(3), X509_check_email(3), X509_get_ext_d2i(3), X509_get_subject_name(3), X509_new(3), x509v3.cnf(5)

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

RFC 2985: PKCS #9: Selected Object Classes and Attribute Types

X509_get1_email() and X509_email_free() first appeared in OpenSSL 0.9.6 and have been available since OpenBSD 2.9.

X509_get1_ocsp() first appeared in OpenSSL 0.9.8h and has been available since OpenBSD 4.5.

X509_email_free() is utterly misnamed. It does not operate on any X509 object, nor is it in any way restricted to email addresses; instead, it simply frees a stack of strings.

August 23, 2019 OpenBSD-current