/* Convert a certificate and its issuer to an OCSP_CERTID */
-OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer)
+OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject,
+ const X509 *issuer)
{
X509_NAME *iname;
- ASN1_INTEGER *serial;
+ const ASN1_INTEGER *serial;
ASN1_BIT_STRING *ikey;
if (!dgst)
dgst = EVP_sha1();
if (subject) {
iname = X509_get_issuer_name(subject);
- serial = X509_get_serialNumber(subject);
+ serial = X509_get0_serialNumber(subject);
} else {
iname = X509_get_subject_name(issuer);
serial = NULL;
}
OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
- X509_NAME *issuerName,
- ASN1_BIT_STRING *issuerKey,
- ASN1_INTEGER *serialNumber)
+ const X509_NAME *issuerName,
+ const ASN1_BIT_STRING *issuerKey,
+ const ASN1_INTEGER *serialNumber)
{
int nid;
unsigned int i;
return &a->cert_info.serialNumber;
}
+const ASN1_INTEGER *X509_get0_serialNumber(const X509 *a)
+{
+ return &a->cert_info.serialNumber;
+}
+
unsigned long X509_subject_name_hash(X509 *x)
{
return (X509_NAME_hash(x->cert_info.subject));
=head1 NAME
-X509_get_serialNumber, X509_set_serialNumber - get or set certificate serial
-number
+X509_get_serialNumber,
+X509_get0_serialNumber,
+X509_set_serialNumber
+- get or set certificate serial number
=head1 SYNOPSIS
#include <openssl/x509.h>
ASN1_INTEGER *X509_get_serialNumber(X509 *x);
+ const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x);
int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
=head1 DESCRIPTION
B<ASN1_INTEGER> structure which can be examined or initialised. The value
returned is an internal pointer which B<MUST NOT> be freed up after the call.
+X509_get0_serialNumber() is the same as X509_get_serialNumber() except it
+accepts a const parameter and returns a const result.
+
X509_set_serialNumber() sets the serial number of certificate B<x> to
B<serial>. A copy of the serial number is used internally so B<serial> should
be freed up after use.
=head1 RETURN VALUES
-X509_get_serialNumber() returns an B<ASN1_INTEGER> structure.
+X509_get_serialNumber() and X509_get0_serialNumber() return an B<ASN1_INTEGER>
+structure.
X509_set_serialNumber() returns 1 for success and 0 for failure.
=head1 HISTORY
X509_get_serialNumber() and X509_set_serialNumber() are available in
-all versions of OpenSSL.
+all versions of OpenSSL. X509_get0_serialNumber() was added in OpenSSL 1.1.0.
=head1 COPYRIGHT
int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
const char *name, const char *value);
-OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
+OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject,
+ const X509 *issuer);
OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
- X509_NAME *issuerName,
- ASN1_BIT_STRING *issuerKey,
- ASN1_INTEGER *serialNumber);
+ const X509_NAME *issuerName,
+ const ASN1_BIT_STRING *issuerKey,
+ const ASN1_INTEGER *serialNumber);
OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
int X509_set_version(X509 *x, long version);
int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
ASN1_INTEGER *X509_get_serialNumber(X509 *x);
+const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x);
int X509_set_issuer_name(X509 *x, X509_NAME *name);
X509_NAME *X509_get_issuer_name(const X509 *a);
int X509_set_subject_name(X509 *x, X509_NAME *name);
projects / oweals / openssl.git / commitdiff