Home Explore Help
Sign In
dream
/
Android_verify
1
1
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 49e71f0845
Branches Tags
Android_verify
/
lib
/
openssl
/
share
/
man
/
man3
/
SSL_get_certificate.3ossl

SSL_get_certificate.3ossl 4.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118 
  1. .\" -*- mode: troff; coding: utf-8 -*-
    2. 

  2. .\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
    3. 

  3. .\"
    4. 

  4. .\" Standard preamble:
    5. 

  5. .\" ========================================================================
    6. 

  6. .de Sp \" Vertical space (when we can't use .PP)
    7. 

  7. .if t .sp .5v
    8. 

  8. .if n .sp
    9. 

  9. ..
    10. 

  10. .de Vb \" Begin verbatim text
    11. 

  11. .ft CW
    12. 

  12. .nf
    13. 

  13. .ne \\$1
    14. 

  14. ..
    15. 

  15. .de Ve \" End verbatim text
    16. 

  16. .ft R
    17. 

  17. .fi
    18. 

  18. ..
    19. 

  19. .\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
    20. 

  20. .ie n \{\
    21. 

  21. .    ds C` ""
    22. 

  22. .    ds C' ""
    23. 

  23. 'br\}
    24. 

  24. .el\{\
    25. 

  25. .    ds C`
    26. 

  26. .    ds C'
    27. 

  27. 'br\}
    28. 

  28. .\"
    29. 

  29. .\" Escape single quotes in literal strings from groff's Unicode transform.
    30. 

  30. .ie \n(.g .ds Aq \(aq
    31. 

  31. .el       .ds Aq '
    32. 

  32. .\"
    33. 

  33. .\" If the F register is >0, we'll generate index entries on stderr for
    34. 

  34. .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
    35. 

  35. .\" entries marked with X<> in POD.  Of course, you'll have to process the
    36. 

  36. .\" output yourself in some meaningful fashion.
    37. 

  37. .\"
    38. 

  38. .\" Avoid warning from groff about undefined register 'F'.
    39. 

  39. .de IX
    40. 

  40. ..
    41. 

  41. .nr rF 0
    42. 

  42. .if \n(.g .if rF .nr rF 1
    43. 

  43. .if (\n(rF:(\n(.g==0)) \{\
    44. 

  44. .    if \nF \{\
    45. 

  45. .        de IX
    46. 

  46. .        tm Index:\\$1\t\\n%\t"\\$2"
    47. 

  47. ..
    48. 

  48. .        if !\nF==2 \{\
    49. 

  49. .            nr % 0
    50. 

  50. .            nr F 2
    51. 

  51. .        \}
    52. 

  52. .    \}
    53. 

  53. .\}
    54. 

  54. .rr rF
    55. 

  55. .\" ========================================================================
    56. 

  56. .\"
    57. 

  57. .IX Title "SSL_GET_CERTIFICATE 3ossl"
    58. 

  58. .TH SSL_GET_CERTIFICATE 3ossl 2025-01-17 3.4.0 OpenSSL
    59. 

  59. .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
    60. 

  60. .\" way too many mistakes in technical documents.
    61. 

  61. .if n .ad l
    62. 

  62. .nh
    63. 

  63. .SH NAME
    64. 

  64. SSL_get_certificate, SSL_get_privatekey \- retrieve TLS/SSL certificate and
    65. 

  65. private key
    66. 

  66. .SH SYNOPSIS
    67. 

  67. .IX Header "SYNOPSIS"
    68. 

  68. .Vb 1
    69. 

  69. \& #include <openssl/ssl.h>
    70. 

  70. \&
    71. 

  71. \& X509 *SSL_get_certificate(const SSL *s);
    72. 

  72. \& EVP_PKEY *SSL_get_privatekey(const SSL *s);
    73. 

  73. .Ve
    74. 

  74. .SH DESCRIPTION
    75. 

  75. .IX Header "DESCRIPTION"
    76. 

  76. \&\fBSSL_get_certificate()\fR returns a pointer to an \fBX509\fR object representing a
    77. 

  77. certificate used as the local peer's identity.
    78. 

  78. .PP
    79. 

  79. Multiple certificates can be configured; for example, a server might have both
    80. 

  80. RSA and ECDSA certificates. The certificate which is returned by
    81. 

  81. \&\fBSSL_get_certificate()\fR is determined as follows:
    82. 

  82. .IP \(bu 4
    83. 

  83. If it is called before certificate selection has occurred, it returns the most
    84. 

  84. recently added certificate, or NULL if no certificate has been added.
    85. 

  85. .IP \(bu 4
    86. 

  86. After certificate selection has occurred, it returns the certificate which was
    87. 

  87. selected during the handshake, or NULL if no certificate was selected (for
    88. 

  88. example, on a client where no client certificate is in use).
    89. 

  89. .PP
    90. 

  90. Certificate selection occurs during the handshake; therefore, the value returned
    91. 

  91. by \fBSSL_get_certificate()\fR during any callback made during the handshake process
    92. 

  92. will depend on whether that callback is made before or after certificate
    93. 

  93. selection occurs.
    94. 

  94. .PP
    95. 

  95. A specific use for \fBSSL_get_certificate()\fR is inside a callback set via a call to
    96. 

  96. \&\fBSSL_CTX_set_tlsext_status_cb\fR\|(3). This callback occurs after certificate
    97. 

  97. selection, where it can be used to examine a server's chosen certificate, for
    98. 

  98. example for the purpose of identifying a certificate's OCSP responder URL so
    99. 

  99. that an OCSP response can be obtained.
    100. 

  100. .PP
    101. 

  101. \&\fBSSL_get_privatekey()\fR returns a pointer to the \fBEVP_PKEY\fR object corresponding
    102. 

  102. to the certificate returned by \fBSSL_get_certificate()\fR, if any.
    103. 

  103. .SH "RETURN VALUES"
    104. 

  104. .IX Header "RETURN VALUES"
    105. 

  105. These functions return pointers to their respective objects, or NULL if no such
    106. 

  106. object is available. Returned objects are owned by the SSL object and should not
    107. 

  107. be freed by users of these functions.
    108. 

  108. .SH "SEE ALSO"
    109. 

  109. .IX Header "SEE ALSO"
    110. 

  110. \&\fBssl\fR\|(7), \fBSSL_CTX_set_tlsext_status_cb\fR\|(3)
    111. 

  111. .SH COPYRIGHT
    112. 

  112. .IX Header "COPYRIGHT"
    113. 

  113. Copyright 2001\-2022 The OpenSSL Project Authors. All Rights Reserved.
    114. 

  114. .PP
    115. 

  115. Licensed under the Apache License 2.0 (the "License").  You may not use
    116. 

  116. this file except in compliance with the License.  You can obtain a copy
    117. 

  117. in the file LICENSE in the source distribution or at
    118. 

  118. <https://www.openssl.org/source/license.html>.
    119.