NAME¶

X509_get1_email, X509_get1_ocsp, X509_email_free — utilities for stacks of strings

SYNOPSIS¶

#include <openssl/x509v3.h>

typedef char *OPENSSL_STRING;

STACK_OF(OPENSSL_STRING) *
X509_get1_email(X509 *certificate);

STACK_OF(OPENSSL_STRING) *
X509_get1_ocsp(X509 *certificate);

void
X509_email_free(STACK_OF(OPENSSL_STRING) *stack);

DESCRIPTION¶

X509_get1_email() retrieves all email addresses from the subject field and from any Subject Alternative Name extension of the certificate.

X509_get1_ocsp() retrieves all uniform resource identifiers from all AccessDescription objects having an accessMethod of OCSP which are contained in the Authority Information Access extension of the certificate.

X509_email_free() frees all strings stored in the stack as well as the stack itself. If stack is a NULL pointer, no action occurs.

RETURN VALUES¶

X509_REQ_get1_email() and X509_get1_ocsp() return newly allocated stacks of char * containing copies of the addresses in question, or NULL if there are no addresses or if an error occurs.

SEE ALSO¶

OCSP_sendreq_new(3), OCSP_SERVICELOC_new(3), OPENSSL_sk_new(3), STACK_OF(3), X509_check_email(3), X509_get_ext_d2i(3), X509_get_subject_name(3), X509_new(3), x509v3.cnf(5)

STANDARDS¶

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

• section 4.1: Basic Certificate Fields
• section 4.1.2.6: Subject
• section 4.2.1.6: Subject Alternative Name
• section 4.2.2.1: Authority Information Access

RFC 2985: PKCS #9: Selected Object Classes and Attribute Types

• section 5.2.1: Electronic-mail address
• appendix B.3.5: emailAddress

HISTORY¶

X509_get1_email() and X509_email_free() first appeared in OpenSSL 0.9.6 and have been available since OpenBSD 2.9.

X509_get1_ocsp() first appeared in OpenSSL 0.9.8h and has been available since OpenBSD 4.5.

BUGS¶

X509_email_free() is utterly misnamed. It does not operate on any X509 object, nor is it in any way restricted to email addresses; instead, it simply frees a stack of strings.