diff options
author | Massimiliano Pala <director@openca.org> | 2018-02-19 15:47:02 -0500 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2018-02-19 15:47:02 -0500 |
commit | b383aa2081467e8d49c3362d295da7bd5cb4e1d8 (patch) | |
tree | 7d0d94682a592749303e41914413cc4ec75a28d7 /doc | |
parent | 5f7470df83cb179f793026a5950c1446866c9cab (diff) |
Add X509_get0_authority_key_id() function
This function makes it easier to retrieve a reference to the
authority key identifier (akid->keyid) inside a certificate.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5271)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/X509_get_extension_flags.pod | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/man3/X509_get_extension_flags.pod b/doc/man3/X509_get_extension_flags.pod index 9aec918f24..fc4ebbb31d 100644 --- a/doc/man3/X509_get_extension_flags.pod +++ b/doc/man3/X509_get_extension_flags.pod @@ -3,6 +3,7 @@ =head1 NAME X509_get0_subject_key_id, +X509_get0_authority_key_id, X509_get_pathlen, X509_get_extension_flags, X509_get_key_usage, @@ -20,6 +21,7 @@ X509_get_proxy_pathlen - retrieve certificate extension data uint32_t X509_get_key_usage(X509 *x); uint32_t X509_get_extended_key_usage(X509 *x); const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x); + const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x); void X509_set_proxy_flag(X509 *x); void X509_set_proxy_pathlen(int l); long X509_get_proxy_pathlen(X509 *x); @@ -109,6 +111,10 @@ X509_get0_subject_key_id() returns an internal pointer to the subject key identifier of B<x> as an B<ASN1_OCTET_STRING> or B<NULL> if the extension is not present or cannot be parsed. +X509_get0_authority_key_id() returns an internal pointer to the authority key +identifier of B<x> as an B<ASN1_OCTET_STRING> or B<NULL> if the extension +is not present or cannot be parsed. + X509_set_proxy_flag() marks the certificate with the B<EXFLAG_PROXY> flag. This is for the users who need to mark non-RFC3820 proxy certificates as such, as OpenSSL only detects RFC3820 compliant ones. |