Home Explore Help
Sign In
dream
/
Android_verify
1
1
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: af1c26ddb5
Branches Tags
Android_verify
/
lib
/
openssl
/
share
/
man
/
man3
/
X509V3_set_ctx.3ossl

X509V3_set_ctx.3ossl 4.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123 
  1. .\" -*- mode: troff; coding: utf-8 -*-
    2. 

  2. .\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
    3. 

  3. .\"
    4. 

  4. .\" Standard preamble:
    5. 

  5. .\" ========================================================================
    6. 

  6. .de Sp \" Vertical space (when we can't use .PP)
    7. 

  7. .if t .sp .5v
    8. 

  8. .if n .sp
    9. 

  9. ..
    10. 

  10. .de Vb \" Begin verbatim text
    11. 

  11. .ft CW
    12. 

  12. .nf
    13. 

  13. .ne \\$1
    14. 

  14. ..
    15. 

  15. .de Ve \" End verbatim text
    16. 

  16. .ft R
    17. 

  17. .fi
    18. 

  18. ..
    19. 

  19. .\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
    20. 

  20. .ie n \{\
    21. 

  21. .    ds C` ""
    22. 

  22. .    ds C' ""
    23. 

  23. 'br\}
    24. 

  24. .el\{\
    25. 

  25. .    ds C`
    26. 

  26. .    ds C'
    27. 

  27. 'br\}
    28. 

  28. .\"
    29. 

  29. .\" Escape single quotes in literal strings from groff's Unicode transform.
    30. 

  30. .ie \n(.g .ds Aq \(aq
    31. 

  31. .el       .ds Aq '
    32. 

  32. .\"
    33. 

  33. .\" If the F register is >0, we'll generate index entries on stderr for
    34. 

  34. .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
    35. 

  35. .\" entries marked with X<> in POD.  Of course, you'll have to process the
    36. 

  36. .\" output yourself in some meaningful fashion.
    37. 

  37. .\"
    38. 

  38. .\" Avoid warning from groff about undefined register 'F'.
    39. 

  39. .de IX
    40. 

  40. ..
    41. 

  41. .nr rF 0
    42. 

  42. .if \n(.g .if rF .nr rF 1
    43. 

  43. .if (\n(rF:(\n(.g==0)) \{\
    44. 

  44. .    if \nF \{\
    45. 

  45. .        de IX
    46. 

  46. .        tm Index:\\$1\t\\n%\t"\\$2"
    47. 

  47. ..
    48. 

  48. .        if !\nF==2 \{\
    49. 

  49. .            nr % 0
    50. 

  50. .            nr F 2
    51. 

  51. .        \}
    52. 

  52. .    \}
    53. 

  53. .\}
    54. 

  54. .rr rF
    55. 

  55. .\" ========================================================================
    56. 

  56. .\"
    57. 

  57. .IX Title "X509V3_SET_CTX 3ossl"
    58. 

  58. .TH X509V3_SET_CTX 3ossl 2025-01-17 3.4.0 OpenSSL
    59. 

  59. .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
    60. 

  60. .\" way too many mistakes in technical documents.
    61. 

  61. .if n .ad l
    62. 

  62. .nh
    63. 

  63. .SH NAME
    64. 

  64. X509V3_set_ctx,
    65. 

  65. X509V3_set_issuer_pkey \- X.509 v3 extension generation utilities
    66. 

  66. .SH SYNOPSIS
    67. 

  67. .IX Header "SYNOPSIS"
    68. 

  68. .Vb 1
    69. 

  69. \& #include <openssl/x509v3.h>
    70. 

  70. \&
    71. 

  71. \& void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
    72. 

  72. \&                     X509_REQ *req, X509_CRL *crl, int flags);
    73. 

  73. \& int X509V3_set_issuer_pkey(X509V3_CTX *ctx, EVP_PKEY *pkey);
    74. 

  74. .Ve
    75. 

  75. .SH DESCRIPTION
    76. 

  76. .IX Header "DESCRIPTION"
    77. 

  77. \&\fBX509V3_set_ctx()\fR fills in the basic fields of \fIctx\fR of type \fBX509V3_CTX\fR,
    78. 

  78. providing details potentially needed by functions producing X509 v3 extensions.
    79. 

  79. These may make use of fields of the certificate \fIsubject\fR, the certification
    80. 

  80. request \fIreq\fR, or the certificate revocation list \fIcrl\fR.
    81. 

  81. At most one of these three parameters can be non-NULL.
    82. 

  82. When constructing the subject key identifier of a certificate by computing a
    83. 

  83. hash value of its public key, the public key is taken from \fIsubject\fR or \fIreq\fR.
    84. 

  84. Similarly, when constructing subject alternative names from any email addresses
    85. 

  85. contained in a subject DN, the subject DN is taken from \fIsubject\fR or \fIreq\fR.
    86. 

  86. If \fIsubject\fR or \fIcrl\fR is provided, \fIissuer\fR should point to its issuer, for
    87. 

  87. instance as a reference for generating the authority key identifier extension.
    88. 

  88. \&\fIissuer\fR may be the same pointer value as \fIsubject\fR (which usually is an
    89. 

  89. indication that the \fIsubject\fR certificate is self-issued or even self-signed).
    90. 

  90. In this case the fallback source for generating the authority key identifier
    91. 

  91. extension will be taken from any value provided using \fBX509V3_set_issuer_pkey()\fR.
    92. 

  92. \&\fIflags\fR may be 0
    93. 

  93. or contain \fBX509V3_CTX_TEST\fR, which means that just the syntax of
    94. 

  94. extension definitions is to be checked without actually producing any extension,
    95. 

  95. or \fBX509V3_CTX_REPLACE\fR, which means that each X.509v3 extension added as
    96. 

  96. defined in some configuration section shall replace any already existing
    97. 

  97. extension with the same OID.
    98. 

  98. .PP
    99. 

  99. \&\fBX509V3_set_issuer_pkey()\fR explicitly sets the issuer private key of
    100. 

  100. the subject certificate that has been provided in \fIctx\fR.
    101. 

  101. This should be done in case the \fIissuer\fR and \fIsubject\fR arguments to
    102. 

  102. \&\fBX509V3_set_ctx()\fR have the same pointer value
    103. 

  103. to provide fallback data for the authority key identifier extension.
    104. 

  104. .SH "RETURN VALUES"
    105. 

  105. .IX Header "RETURN VALUES"
    106. 

  106. \&\fBX509V3_set_ctx()\fR and \fBX509V3_set_issuer_pkey()\fR
    107. 

  107. return 1 on success and 0 on error.
    108. 

  108. .SH "SEE ALSO"
    109. 

  109. .IX Header "SEE ALSO"
    110. 

  110. \&\fBX509_add_ext\fR\|(3)
    111. 

  111. .SH HISTORY
    112. 

  112. .IX Header "HISTORY"
    113. 

  113. \&\fBX509V3_set_issuer_pkey()\fR was added in OpenSSL 3.0.
    114. 

  114. .PP
    115. 

  115. CTX_TEST was deprecated in OpenSSL 3.0; use X509V3_CTX_TEST instead.
    116. 

  116. .SH COPYRIGHT
    117. 

  117. .IX Header "COPYRIGHT"
    118. 

  118. Copyright 2015\-2022 The OpenSSL Project Authors. All Rights Reserved.
    119. 

  119. .PP
    120. 

  120. Licensed under the Apache License 2.0 (the "License").  You may not use
    121. 

  121. this file except in compliance with the License.  You can obtain a copy
    122. 

  122. in the file LICENSE in the source distribution or at
    123. 

  123. <https://www.openssl.org/source/license.html>.
    124.