Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
X509_ADD1_TRUST_OBJ... FreeBSD Library Functions Manual	X509_ADD1_TRUST_OBJ...

NAME
     X509_add1_trust_object, X509_trust_clear, X509_add1_reject_object,
     X509_reject_clear -- mark an X.509	certificate as intended	for a specific
     purpose

SYNOPSIS
     #include <openssl/x509.h>

     int
     X509_add1_trust_object(X509 *x, const ASN1_OBJECT *purpose);

     void
     X509_trust_clear(X509 *x);

     int
     X509_add1_reject_object(X509 *x, const ASN1_OBJECT	*purpose);

     void
     X509_reject_clear(X509 *x);

DESCRIPTION
     X509_add1_trust_object() appends a	deep copy of the purpose object	to the
     set of intended purposes that x contains as non-standard auxiliary	data.
     The function OBJ_nid2obj(3) can be	used to	create appropriate purpose ob-
     jects from	the NID_* constants mentioned in X509_check_purpose(3),	even
     though the	X509_PURPOSE_* constants listed	in that	manual page are	not
     intended for use with X509_add1_trust_object().

     X509_trust_clear()	frees and removes all purpose objects from the set of
     intended purposes in the non-standard auxiliary data of x.

     X509_add1_reject_object() and X509_reject_clear() are similar except that
     they operate on a set of unintended purposes.

     As	an alternative to using	the functions documented in the	present	manual
     page, X.509 certificate extensions	can be used.  At the price of higher
     complexity, those allow storing the purpose inside	the certificate	itself
     in	a standard-conforming way rather than merely in	non-standard auxiliary
     data associated with the certificate.  See	EXTENDED_KEY_USAGE_new(3) for
     details.

RETURN VALUES
     X509_add1_trust_object() and X509_add1_reject_object() return the new
     number of purposes	in the respective set or 0 if an error occurs, in par-
     ticular if	memory allocation fails	or if x	does not contain a sub-object
     that can hold non-standard	auxiliary data.

SEE ALSO
     ASN1_OBJECT_new(3), EXTENDED_KEY_USAGE_new(3), OBJ_nid2obj(3),
     X509_CERT_AUX_new(3), X509_check_trust(3),	X509_new(3)

HISTORY
     These functions first appeared in OpenSSL 0.9.4 and have been available
     since OpenBSD 2.7.

FreeBSD	13.0			 July 24, 2021			  FreeBSD 13.0
NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | SEE ALSO | HISTORY

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=X509_add1_trust_object&sektion=3&manpath=FreeBSD+13.1-RELEASE+and+Ports>

home | help