1=pod 2 3=head1 NAME 4 5X509_PUBKEY_new_ex, X509_PUBKEY_new, X509_PUBKEY_free, X509_PUBKEY_dup, 6X509_PUBKEY_set, X509_PUBKEY_get0, X509_PUBKEY_get, 7d2i_PUBKEY_ex, d2i_PUBKEY, i2d_PUBKEY, d2i_PUBKEY_ex_bio, d2i_PUBKEY_bio, 8d2i_PUBKEY_ex_fp, d2i_PUBKEY_fp, i2d_PUBKEY_fp, i2d_PUBKEY_bio, 9X509_PUBKEY_set0_public_key, X509_PUBKEY_set0_param, X509_PUBKEY_get0_param, 10X509_PUBKEY_eq - SubjectPublicKeyInfo public key functions 11 12=head1 SYNOPSIS 13 14 #include <openssl/x509.h> 15 16 X509_PUBKEY *X509_PUBKEY_new_ex(OSSL_LIB_CTX *libctx, const char *propq); 17 X509_PUBKEY *X509_PUBKEY_new(void); 18 void X509_PUBKEY_free(X509_PUBKEY *a); 19 X509_PUBKEY *X509_PUBKEY_dup(const X509_PUBKEY *a); 20 21 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); 22 EVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key); 23 EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key); 24 25 EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length, 26 OSSL_LIB_CTX *libctx, const char *propq); 27 EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length); 28 int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp); 29 30 EVP_PKEY *d2i_PUBKEY_ex_bio(BIO *bp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, 31 const char *propq); 32 EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); 33 34 EVP_PKEY *d2i_PUBKEY_ex_fp(FILE *fp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, 35 const char *propq); 36 EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); 37 38 int i2d_PUBKEY_fp(const FILE *fp, EVP_PKEY *pkey); 39 int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey); 40 41 void X509_PUBKEY_set0_public_key(X509_PUBKEY *pub, 42 unsigned char *penc, int penclen); 43 int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, 44 int ptype, void *pval, 45 unsigned char *penc, int penclen); 46 int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, 47 const unsigned char **pk, int *ppklen, 48 X509_ALGOR **pa, const X509_PUBKEY *pub); 49 int X509_PUBKEY_eq(X509_PUBKEY *a, X509_PUBKEY *b); 50 51=head1 DESCRIPTION 52 53The B<X509_PUBKEY> structure represents the ASN.1 B<SubjectPublicKeyInfo> 54structure defined in RFC5280 and used in certificates and certificate requests. 55 56X509_PUBKEY_new_ex() allocates and initializes an B<X509_PUBKEY> structure 57associated with the given B<OSSL_LIB_CTX> in the I<libctx> parameter. Any 58algorithm fetches associated with using the B<X509_PUBKEY> object will use 59the property query string I<propq>. See L<crypto(7)/ALGORITHM FETCHING> for 60further information about algorithm fetching. 61 62X509_PUBKEY_new() is the same as X509_PUBKEY_new_ex() except that the default 63(NULL) B<OSSL_LIB_CTX> and a NULL property query string are used. 64 65X509_PUBKEY_dup() creates a duplicate copy of the B<X509_PUBKEY> object 66specified by I<a>. 67 68X509_PUBKEY_free() frees up B<X509_PUBKEY> structure I<a>. If I<a> is NULL 69nothing is done. 70 71X509_PUBKEY_set() sets the public key in I<*x> to the public key contained 72in the B<EVP_PKEY> structure I<pkey>. If I<*x> is not NULL any existing 73public key structure will be freed. 74 75X509_PUBKEY_get0() returns the public key contained in I<key>. The returned 76value is an internal pointer which B<MUST NOT> be freed after use. 77 78X509_PUBKEY_get() is similar to X509_PUBKEY_get0() except the reference 79count on the returned key is incremented so it B<MUST> be freed using 80EVP_PKEY_free() after use. 81 82d2i_PUBKEY_ex() decodes an B<EVP_PKEY> structure using B<SubjectPublicKeyInfo> 83format. Some public key decoding implementations may use cryptographic 84algorithms. In this case the supplied library context I<libctx> and property 85query string I<propq> are used. 86d2i_PUBKEY() does the same as d2i_PUBKEY_ex() except that the default 87library context and property query string are used. 88 89i2d_PUBKEY() encodes an B<EVP_PKEY> structure using B<SubjectPublicKeyInfo> 90format. 91 92d2i_PUBKEY_bio(), d2i_PUBKEY_fp(), i2d_PUBKEY_bio() and i2d_PUBKEY_fp() are 93similar to d2i_PUBKEY() and i2d_PUBKEY() except they decode or encode using a 94B<BIO> or B<FILE> pointer. 95 96d2i_PUBKEY_ex_bio() and d2i_PUBKEY_ex_fp() are similar to d2i_PUBKEY_ex() except 97they decode using a B<BIO> or B<FILE> pointer. 98 99X509_PUBKEY_set0_public_key() sets the public-key encoding of I<pub> 100to the I<penclen> bytes contained in buffer I<penc>. 101Any earlier public-key encoding in I<pub> is freed. 102I<penc> may be NULL to indicate that there is no actual public key data. 103Ownership of the I<penc> argument is passed to I<pub>. 104 105X509_PUBKEY_set0_param() sets the public-key parameters of I<pub>. 106The OID associated with the algorithm is set to I<aobj>. The type of the 107algorithm parameters is set to I<type> using the structure I<pval>. 108If I<penc> is not NULL the encoding of the public key itself is set 109to the I<penclen> bytes contained in buffer I<penc> and 110any earlier public-key encoding in I<pub> is freed. 111On success ownership of all the supplied arguments is passed to I<pub> 112so they must not be freed after the call. 113 114X509_PUBKEY_get0_param() retrieves the public key parameters from I<pub>, 115I<*ppkalg> is set to the associated OID and the encoding consists of 116I<*ppklen> bytes at I<*pk>, I<*pa> is set to the associated 117AlgorithmIdentifier for the public key. If the value of any of these 118parameters is not required it can be set to NULL. All of the 119retrieved pointers are internal and must not be freed after the 120call. 121 122X509_PUBKEY_eq() compares two B<X509_PUBKEY> values. 123 124=head1 NOTES 125 126The B<X509_PUBKEY> functions can be used to encode and decode public keys 127in a standard format. 128 129In many cases applications will not call the B<X509_PUBKEY> functions 130directly: they will instead call wrapper functions such as X509_get0_pubkey(). 131 132=head1 RETURN VALUES 133 134If the allocation fails, X509_PUBKEY_new() and X509_PUBKEY_dup() return 135NULL and set an error code that can be obtained by L<ERR_get_error(3)>. 136Otherwise they return a pointer to the newly allocated structure. 137 138X509_PUBKEY_free() does not return a value. 139 140X509_PUBKEY_get0(), X509_PUBKEY_get(), d2i_PUBKEY_ex(), d2i_PUBKEY(), 141d2i_PUBKEY_ex_bio(), d2i_PUBKEY_bio(), d2i_PUBKEY_ex_fp() and d2i_PUBKEY_fp() 142return a pointer to an B<EVP_PKEY> structure or NULL if an error occurs. 143 144i2d_PUBKEY() returns the number of bytes successfully encoded or a 145negative value if an error occurs. 146 147i2d_PUBKEY_fp() and i2d_PUBKEY_bio() return 1 if successfully 148encoded or 0 if an error occurs. 149 150X509_PUBKEY_set0_public_key() does not return a value. 151 152X509_PUBKEY_set(), X509_PUBKEY_set0_param() and X509_PUBKEY_get0_param() 153return 1 for success and 0 if an error occurred. 154 155X509_PUBKEY_eq() returns 1 for equal, 0 for different, and < 0 on error. 156 157=head1 SEE ALSO 158 159L<d2i_X509(3)>, 160L<ERR_get_error(3)>, 161L<X509_get_pubkey(3)>, 162 163=head1 HISTORY 164 165The X509_PUBKEY_new_ex() and X509_PUBKEY_eq() functions were added in OpenSSL 1663.0. 167 168The X509_PUBKEY_set0_public_key(), d2i_PUBKEY_ex_bio() and d2i_PUBKEY_ex_fp() 169functions were added in OpenSSL 3.2. 170 171=head1 COPYRIGHT 172 173Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. 174 175Licensed under the Apache License 2.0 (the "License"). You may not use 176this file except in compliance with the License. You can obtain a copy 177in the file LICENSE in the source distribution or at 178L<https://www.openssl.org/source/license.html>. 179 180=cut 181
