.\" $OpenBSD: X509_get1_email.3,v 1.1 2019/08/23 12:23:39 schwarze Exp $ .\" .\" Copyright (c) 2019 Ingo Schwarze .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" .Dd $Mdocdate: August 23 2019 $ .Dt X509_GET1_EMAIL 3 .Os .Sh NAME .Nm X509_get1_email , .Nm X509_get1_ocsp , .Nm X509_email_free .Nd utilities for stacks of strings .Sh SYNOPSIS .In openssl/x509v3.h .Vt typedef char *OPENSSL_STRING ; .Ft STACK_OF(OPENSSL_STRING) * .Fo X509_get1_email .Fa "X509 *certificate" .Fc .Ft STACK_OF(OPENSSL_STRING) * .Fo X509_get1_ocsp .Fa "X509 *certificate" .Fc .Ft void .Fo X509_email_free .Fa "STACK_OF(OPENSSL_STRING) *stack" .Fc .Sh DESCRIPTION .Fn X509_get1_email retrieves all email addresses from the .Fa subject field and from any Subject Alternative Name extension of the .Fa certificate . .Pp .Fn X509_get1_ocsp retrieves all uniform resource identifiers from all .Vt AccessDescription objects having an .Fa accessMethod of OCSP which are contained in the Authority Information Access extension of the .Fa certificate . .Pp .Fn X509_email_free frees all strings stored in the .Fa stack as well as the stack itself. If .Fa stack is a .Dv NULL pointer, no action occurs. .Sh RETURN VALUES .Fn X509_REQ_get1_email and .Fn X509_get1_ocsp return newly allocated stacks of .Vt char * containing copies of the addresses in question, or .Dv NULL if there are no addresses or if an error occurs. .Sh SEE ALSO .Xr OCSP_sendreq_new 3 , .Xr OCSP_SERVICELOC_new 3 , .Xr OPENSSL_sk_new 3 , .Xr STACK_OF 3 , .Xr X509_check_email 3 , .Xr X509_get_ext_d2i 3 , .Xr X509_get_subject_name 3 , .Xr X509_new 3 , .Xr x509v3.cnf 5 .Sh STANDARDS RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile .Bl -dash -offset indent -compact .It section 4.1: Basic Certificate Fields .It section 4.1.2.6: Subject .It section 4.2.1.6: Subject Alternative Name .It section 4.2.2.1: Authority Information Access .El .Pp RFC 2985: PKCS #9: Selected Object Classes and Attribute Types .Bl -dash -offset indent -compact .It section 5.2.1: Electronic-mail address .It appendix B.3.5: emailAddress .El .Sh HISTORY .Fn X509_get1_email and .Fn X509_email_free first appeared in OpenSSL 0.9.6 and have been available since .Ox 2.9 . .Pp .Fn X509_get1_ocsp first appeared in OpenSSL 0.9.8h and has been available since .Ox 4.5 . .Sh BUGS .Fn X509_email_free is utterly misnamed. It does not operate on any .Vt X509 object, nor is it in any way restricted to email addresses; instead, it simply frees a stack of strings.