ASIDENTIFIERS_NEW(3) Library Functions Manual ASIDENTIFIERS_NEW(3)
NAME
ASIdentifiers_new, ASIdentifiers_free, d2i_ASIdentifiers, i2d_ASIdentifiers — RFC 3779 autonomous system identifier delegation extensions
SYNOPSIS
#include <openssl/x509v3.h>
ASIdentifiers *
ASIdentifiers_new(void);
void
ASIdentifiers_free(ASIdentifiers *asid);
ASIdentifiers *
d2i_ASIdentifiers(ASIdentifiers **asid, const unsigned char **in, long len);
int
i2d_ASIdentifiers(ASIdentifiers *asid, unsigned char **out);
DESCRIPTION
RFC 3779 defines two X.509v3 certificate extensions that allow the delegation of IP addresses and autonomous system (AS) identifiers from the issuer to the subject of the certificate. An ASIdentifiers object contains collections of individual AS numbers and ranges of AS numbers to be delegated.
ASIdentifiers_new() allocates and initializes a new, empty ASIdentifiers object that can be populated with X509v3_asid_add_id_or_range(3). See ASRange_new(3) for implementation details.
ASIdentifiers_free() frees asid including any data contained in it. If asid is NULL, no action occurs.
d2i_ASIdentifiers() and i2d_ASIdentifiers() decode and encode ASN.1 ASIdentifiers objects as defined in RFC 3779, section 3.2.3.1. For details about the semantics, examples, caveats, and bugs, see ASN1_item_d2i(3). In order for the encoding produced by i2d_ASIdentifiers() to conform to RFC 3779, asid must be in “canonical form”, see X509v3_asid_canonize(3).
RETURN VALUES
ASIdentifiers_new() returns a new ASIdentifiers object or NULL if an error occurs.
d2i_ASIdentifiers() returns an ASIdentifiers object or NULL if a decoding or memory allocation error occurs.
i2d_ASIdentifiers() returns the number of bytes successfully encoded or a value <= 0 if an error occurs.
SEE ALSO
ASRange_new(3), crypto(3), IPAddressRange_new(3), X509_new(3), X509v3_addr_add_inherit(3), X509v3_addr_get_range(3), X509v3_addr_inherits(3), X509v3_addr_subset(3), X509v3_addr_validate_path(3), X509v3_asid_add_id_or_range(3)
STANDARDS
RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers:
−
section 3: Autonomous System Identifier Delegation Extension
RFC 7020: The Internet Numbers Registry System
RFC 7249: Internet Numbers Registries
HISTORY
These functions first appeared in OpenSSL 0.9.8e and have been available since OpenBSD 7.1.
BUGS
There are no corresponding functions for the RFC 3779 IP address delegation extension represented by IPAddrBlocks. GNU September 30, 2023 ASIDENTIFIERS_NEW(3)