table of contents
| AUTHORITY_KEYID_NEW(3) | Library Functions Manual | AUTHORITY_KEYID_NEW(3) |
NAME¶
AUTHORITY_KEYID_new,
AUTHORITY_KEYID_free — X.509
authority key identifier extension
SYNOPSIS¶
#include
<openssl/x509v3.h>
AUTHORITY_KEYID *
AUTHORITY_KEYID_new(void);
void
AUTHORITY_KEYID_free(AUTHORITY_KEYID
*id);
DESCRIPTION¶
Using the authority key identifier extension, an X.509 certificate or certificate revocation list can specify which key pair was used for signing it.
AUTHORITY_KEYID_new()
allocates and initializes an empty AUTHORITY_KEYID
object, representing an ASN.1 AuthorityKeyIdentifier
structure defined in RFC 5280 section 4.2.1.1. It can hold an issuer name, a
serial number, and a key identifier.
AUTHORITY_KEYID_free()
frees id.
RETURN VALUES¶
AUTHORITY_KEYID_new() returns the new
AUTHORITY_KEYID object or NULL
if an error occurs.
SEE ALSO¶
d2i_AUTHORITY_KEYID(3), GENERAL_NAMES_new(3), X509_CRL_new(3), X509_EXTENSION_new(3), X509_new(3)
STANDARDS¶
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile:
- section 4.2.1.1: Certificate Extensions: Authority Key Identifier
- section 5.2.1: CRL Extensions: Authority Key Identifier
HISTORY¶
AUTHORITY_KEYID_new() and
AUTHORITY_KEYID_free() first appeared in OpenSSL
0.9.2b and have been available since OpenBSD
2.6.
| June 6, 2019 | Linux 6.4.0-150600.23.25-default |