OpenBSD manual page server

Manual Page Search Parameters
V2I_ASN1_BIT_STRING(3) Library Functions Manual V2I_ASN1_BIT_STRING(3)

v2i_ASN1_BIT_STRING, i2v_ASN1_BIT_STRINGASN.1 BIT STRING utility functions for certificate extensions

#include <openssl/x509v3.h>

ASN1_BIT_STRING *
v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);

STACK_OF(CONF_VALUE) *
i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, ASN1_BIT_STRING *bit_string, STACK_OF(CONF_VALUE) *nval);

() allocates a new ASN.1 BIT STRING object and initializes it from a list of bit names. The nval argument is essentially used as the list of the names of the bits to set. Both long names and short names can be used. One name is taken from each element of nval. The ctx argument and any section names or values contained in the elements of nval are ignored. To convert a C string containing a comma-separated list of names to the input format of this function, X509V3_parse_list(3) can be used.

() translates the numbers of the bits that are set in the bit_string to long names. For each bit that is set, one element containing the corresponding long name is added to nval. If a NULL pointer is passed for the nval argument, a new STACK_OF(CONF_VALUE) is allocated.

For both functions, the method argument is only used for the translation of bit names to bit numbers and vice versa. Any names and bit numbers that do not occur in the usr_data translation table in the method are silently ignored.

For the following arguments, X509V3_EXT_get_nid(3) returns static constant method objects supporting these functions:

reason codes, RFC 5280 section 5.3.1
key usage purposes, RFC 5280 section 4.2.1.3
Netscape certificate types (obsolete)

While an application program could theoretically provide its own method object containing a custom translation table, that is unlikely to be useful for any practical purpose.

v2i_ASN1_BIT_STRING() returns the new BIT STRING object and i2v_ASN1_BIT_STRING() the modified or new list of bit names. Both functions return NULL if an error occurs, in particular if memory allocation fails.

ASN1_BIT_STRING_new(3), ASN1_BIT_STRING_set(3), i2s_ASN1_ENUMERATED_TABLE(3), STACK_OF(3), tls_peer_ocsp_crl_reason(3), X509_get_key_usage(3), X509V3_EXT_get_nid(3), X509V3_get_d2i(3), X509V3_parse_list(3)

These functions first appeared in OpenSSL 0.9.8 and have been available since OpenBSD 4.5.

December 24, 2024 OpenBSD-current