table of contents
X509_REQ_PRINT_EX(3) | Library Functions Manual | X509_REQ_PRINT_EX(3) |
NAME¶
X509_REQ_print_ex
,
X509_REQ_print
,
X509_REQ_print_fp
—
pretty-print a PKCS#10 certification request
SYNOPSIS¶
int
X509_REQ_print_ex
(BIO *bio,
X509_REQ *req, unsigned long
nameflags, unsigned long skipflags);
int
X509_REQ_print
(BIO *bio,
X509_REQ *req);
int
X509_REQ_print_fp
(FILE *fp,
X509_REQ *req);
DESCRIPTION¶
X509_REQ_print_ex
()
prints information contained in req to
bio in human-readable form. Printing is aborted as
soon as any operation fails, with the exception that failures while
attempting to decode or print the public key are not considered as
errors.
By default, the following blocks of information are printed in the following order. Each block can be skipped by setting the corresponding bit in skipflags, provided in parentheses after each block description.
- A pair of lines reading "Certificate Request:" and
"Data:" containing no information.
(
X509_FLAG_NO_HEADER
) - The value contained in the version field in decimal and hexadecimal
notation. (
X509_FLAG_NO_VERSION
) - The subject name is printed with X509_NAME_print_ex(3).
(
X509_FLAG_NO_SUBJECT
) - The public key algorithm is printed with
i2a_ASN1_OBJECT(3), and the public key returned from
X509_REQ_get_pubkey(3) with
EVP_PKEY_print_public(3).
(
X509_FLAG_NO_PUBKEY
) - For each X.501 attribute that is not a requested extension according to
X509_REQ_extension_nid(3), the object identifier is
printed with i2a_ASN1_OBJECT(3), and all values of the
types
V_ASN1_PRINTABLESTRING
,V_ASN1_T61STRING
, andV_ASN1_IA5STRING
are printed with BIO_write(3). (X509_FLAG_NO_ATTRIBUTES
) - The requested extensions are retrieved with
X509_REQ_get_extensions(3) and their types and values
are printed with i2a_ASN1_OBJECT(3) and
X509V3_EXT_print(3), or, if the latter fails, with
ASN1_STRING_print(3).
(
X509_FLAG_NO_EXTENSIONS
) - The signature is printed with X509_signature_print(3).
(
X509_FLAG_NO_SIGDUMP
)
The nameflags argument modifies the format
for printing X.501 Name objects contained in
req. It is passed through to
X509_NAME_print_ex(3). If nameflags
is X509_FLAG_COMPAT
, the
indent argument of
X509_NAME_print_ex(3) is set to 16 spaces and the
traditional SSLeay format generated by X509_NAME_print(3)
is used. Otherwise, if the only bit set in
XN_FLAG_SEP_MASK
is
XN_FLAG_SEP_MULTILINE
, indent
is set to 12 spaces. Otherwise, indent is set to zero.
X509_REQ_print
()
is a wrapper function setting the nameflags to
XN_FLAG_COMPAT
and the
skipflags to
X509_FLAG_COMPAT
.
X509_REQ_print_fp
()
is similar to X509_REQ_print
() except that it prints
to fp.
RETURN VALUES¶
These functions return 1 if all requested information was successfully printed, even if failures occurred while attempting to decode or print the public key, or 0 if any operation fails.
SEE ALSO¶
HISTORY¶
X509_REQ_print
() first appeared in SSLeay
0.4.4 and X509_REQ_print_fp
() in SSLeay 0.6.0. These
functions have been available since OpenBSD 2.4.
X509_REQ_print_ex
() first appeared in
OpenSSL 0.9.7 and has been available since OpenBSD
3.2.
BUGS¶
Some printing failures are silently ignored while printing extensions, which may result in incomplete data being printed.
November 19, 2021 | Linux 6.4.0-150600.23.30-default |