Scroll to navigation

X509V3_EXTENSIONS_PRINT(3) Library Functions Manual X509V3_EXTENSIONS_PRINT(3)

NAME

X509V3_extensions_printpretty-print an array of X.509 extensions

SYNOPSIS

#include <openssl/x509v3.h>

int
X509V3_extensions_print(BIO *bio, char *title, const STACK_OF(X509_EXTENSION) *sk, unsigned long flags, int indent);

DESCRIPTION

For each member of the variable sized array sk, () prints the following information to bio in the following order:

  • The extension type as printed by i2a_ASN1_OBJECT(3).
  • If the extension is critical, the fixed string "critical".
  • A human-readable representation of the data contained in the extension as printed by X509V3_EXT_print(3), passing through the flags. If that function indicates failure, the BER-encoded data of the extension is dumped with ASN1_STRING_print(3) without decoding it first. In both cases, an indent incremented by 4 space characters is used.

If sk is a NULL pointer or empty, () prints nothing and indicates success.

Unless title is NULL, it is printed on its own output line before the rest of the output, and indent is increased by 4 space characters. This additional global indentation is cumulative to the one applied to individual extensions mentioned above.

RETURN VALUES

X509V3_extensions_print() is intended to return 1 on success or 0 if an error occurs.

SEE ALSO

BIO_new(3), STACK_OF(3), X509_EXTENSION_get_critical(3), X509_get0_extensions(3), X509_get_ext(3), X509V3_EXT_print(3)

HISTORY

X509V3_extensions_print() first appeared in OpenSSL 0.9.7 and has been available since OpenBSD 3.2.

BUGS

Many parsing and printing errors are silently ignored, and the function may return indicating success even though sk contains invalid data. Even if all the data is valid, success may be indicated even when the information printed is incomplete for various reasons, for example due to memory allocation failures or I/O errors.

November 26, 2021 Linux 6.4.0-150600.23.25-default