AUTHORITY_KEYID_NEW(3) Library Functions Manual AUTHORITY_KEYID_NEW(3)
NAME
AUTHORITY_KEYID_new, AUTHORITY_KEYID_free — X.509 authority key identifier extension
SYNOPSIS
#include <openssl/x509v3.h>
AUTHORITY_KEYID *
AUTHORITY_KEYID_new(void);
void
AUTHORITY_KEYID_free(AUTHORITY_KEYID *id);
DESCRIPTION
Using the authority key identifier extension, an X.509 certificate or certificate revocation list can specify which key pair was used for signing it.
AUTHORITY_KEYID_new() allocates and initializes an empty AUTHORITY_KEYID object, representing an ASN.1 AuthorityKeyIdentifier structure defined in RFC 5280 section 4.2.1.1. It can hold an issuer name, a serial number, and a key identifier.
AUTHORITY_KEYID_free() frees id.
RETURN VALUES
AUTHORITY_KEYID_new() returns the new AUTHORITY_KEYID object or NULL if an error occurs.
SEE ALSO
d2i_AUTHORITY_KEYID(3), GENERAL_NAMES_new(3), X509_CRL_new(3), X509_EXTENSION_new(3), X509_new(3)
STANDARDS
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile:
−
section 4.2.1.1: Certificate Extensions: Authority Key Identifier
−
section 5.2.1: CRL Extensions: Authority Key Identifier
HISTORY
AUTHORITY_KEYID_new() and AUTHORITY_KEYID_free() first appeared in OpenSSL 0.9.2b and have been available since OpenBSD 2.6. GNU June 6, 2019 AUTHORITY_KEYID_NEW(3)