1 .\" $OpenBSD: X509_OBJECT_get0_X509.3,v 1.8 2018/08/24 19:23:07 tb Exp $
2 .\" Copyright (c) 2018 Ingo Schwarze <schwarze@openbsd.org>
4 .\" Permission to use, copy, modify, and distribute this software for any
5 .\" purpose with or without fee is hereby granted, provided that the above
6 .\" copyright notice and this permission notice appear in all copies.
8 .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 .Dd $Mdocdate: August 24 2018 $
17 .Dt X509_OBJECT_GET0_X509 3
20 .Nm X509_OBJECT_get_type ,
21 .Nm X509_OBJECT_up_ref_count ,
22 .Nm X509_OBJECT_free_contents ,
23 .Nm X509_OBJECT_get0_X509 ,
24 .Nm X509_OBJECT_get0_X509_CRL ,
25 .Nm X509_OBJECT_idx_by_subject ,
26 .Nm X509_OBJECT_retrieve_by_subject ,
27 .Nm X509_OBJECT_retrieve_match
28 .Nd certificate, CRL, private key, and string wrapper for certificate stores
30 .In openssl/x509_vfy.h
32 .Fo X509_OBJECT_get_type
33 .Fa "const X509_OBJECT *obj"
36 .Fo X509_OBJECT_up_ref_count
37 .Fa "X509_OBJECT *obj"
40 .Fo X509_OBJECT_free_contents
41 .Fa "X509_OBJECT *obj"
44 .Fo X509_OBJECT_get0_X509
45 .Fa "const X509_OBJECT *obj"
48 .Fo X509_OBJECT_get0_X509_CRL
49 .Fa "X509_OBJECT *obj"
52 .Fo X509_OBJECT_idx_by_subject
53 .Fa "STACK_OF(X509_OBJECT) *stack"
58 .Fo X509_OBJECT_retrieve_by_subject
59 .Fa "STACK_OF(X509_OBJECT) *stack"
64 .Fo X509_OBJECT_retrieve_match
65 .Fa "STACK_OF(X509_OBJECT) *stack"
66 .Fa "X509_OBJECT *obj"
71 structure is a shallow wrapper around one
73 certificate object, one
75 certificate revocation list object, one
77 private key object, or one
80 The type of object stored at any given time can be inspected with
81 .Fn X509_OBJECT_get_type .
85 object uses one stack of
87 structures as its main storage area.
95 certificate revocation list,
96 .Fn X509_OBJECT_up_ref_count
97 increments the reference count of that inner object by 1.
98 Otherwise, no action occurs.
105 .Fn X509_OBJECT_free_contents
108 on that inner object.
113 certificate revocation list, it calls
116 Otherwise, no action occurs.
117 .Fn X509_OBJECT_free_contents
126 .Fn X509_OBJECT_idx_by_subject
128 .Fn X509_OBJECT_retrieve_by_subject
131 for a certificate with the subject
137 they search for a certificate revocation list with the issuer
143 contains a certificate,
144 .Fn X509_OBJECT_retrieve_match
147 for a certificate with a matching subject name;
148 if it contains a certificate revocation list, it searches for a
149 certificate revocation list with a matching issuer name instead;
150 otherwise, it searches for an
152 with a matching type.
154 .Fn X509_OBJECT_get_type
159 contains a certificate,
161 if it contains a certificate revocation list,
162 or 0 if an error occurs.
164 .Fn X509_OBJECT_up_ref_count
165 returns 1 on success and 0 on failure.
167 .Fn X509_OBJECT_get0_X509
168 returns an internal pointer to the certificate contained in
176 or contains no certificate.
178 .Fn X509_OBJECT_get0_X509_CRL
179 returns an internal pointer to the certificate revocation list contained in
187 or contains no certificate revocation list.
189 .Fn X509_OBJECT_idx_by_subject
190 returns the zero-based index of the first matching certificate
191 or revocation list in the
199 or if no match is found.
201 .Fn X509_OBJECT_retrieve_by_subject
202 returns the first matching certificate or revocation list in the
212 or if no match is found.
214 .Fn X509_OBJECT_retrieve_match
215 returns the first mathching
225 or no match is found.
227 .Xr X509_STORE_get0_objects 3 ,
228 .Xr X509_STORE_load_locations 3 ,
230 .\" The type X509_OBJECT is also used
231 .\" by the following undocumented public functions:
232 .\" X509_STORE_get_by_subject
233 .\" X509_LOOKUP_by_subject
234 .\" X509_LOOKUP_by_issuer_serial
235 .\" X509_LOOKUP_by_fingerprint
236 .\" X509_LOOKUP_by_alias
238 .Fn X509_OBJECT_up_ref_count
240 .Fn X509_OBJECT_free_contents
241 first appeared in SSLeay 0.8.0 and have been available since
244 .Fn X509_OBJECT_idx_by_subject ,
245 .Fn X509_OBJECT_retrieve_by_subject ,
247 .Fn X509_OBJECT_retrieve_match
248 first appeared in OpenSSL 0.9.6 and have been available since
251 .Fn X509_OBJECT_get_type ,
252 .Fn X509_OBJECT_get0_X509 ,
254 .Fn X509_OBJECT_get0_X509_CRL
255 first appeared in OpenSSL 1.1.0 and have been available since