1I2D_RE_X509_TBS(3ossl)              OpenSSL             I2D_RE_X509_TBS(3ossl)
2
3
4

NAME

6       d2i_X509_AUX, i2d_X509_AUX, i2d_re_X509_tbs, i2d_re_X509_CRL_tbs,
7       i2d_re_X509_REQ_tbs - X509 encode and decode functions
8

SYNOPSIS

10        #include <openssl/x509.h>
11
12        X509 *d2i_X509_AUX(X509 **px, const unsigned char **in, long len);
13        int i2d_X509_AUX(const X509 *x, unsigned char **out);
14        int i2d_re_X509_tbs(X509 *x, unsigned char **out);
15        int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp);
16        int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);
17

DESCRIPTION

19       The X509 encode and decode routines encode and parse an X509 structure,
20       which represents an X509 certificate.
21
22       d2i_X509_AUX() is similar to d2i_X509(3) but the input is expected to
23       consist of an X509 certificate followed by auxiliary trust information.
24       This is used by the PEM routines to read "TRUSTED CERTIFICATE" objects.
25       This function should not be called on untrusted input.
26
27       i2d_X509_AUX() is similar to i2d_X509(3), but the encoded output
28       contains both the certificate and any auxiliary trust information.
29       This is used by the PEM routines to write "TRUSTED CERTIFICATE"
30       objects.  Note that this is a non-standard OpenSSL-specific data
31       format.
32
33       i2d_re_X509_tbs() is similar to i2d_X509(3) except it encodes only the
34       TBSCertificate portion of the certificate.  i2d_re_X509_CRL_tbs() and
35       i2d_re_X509_REQ_tbs() are analogous for CRL and certificate request,
36       respectively.  The "re" in i2d_re_X509_tbs stands for "re-encode", and
37       ensures that a fresh encoding is generated in case the object has been
38       modified after creation (see the BUGS section).
39
40       The encoding of the TBSCertificate portion of a certificate is cached
41       in the X509 structure internally to improve encoding performance and to
42       ensure certificate signatures are verified correctly in some
43       certificates with broken (non-DER) encodings.
44
45       If, after modification, the X509 object is re-signed with X509_sign(),
46       the encoding is automatically renewed. Otherwise, the encoding of the
47       TBSCertificate portion of the X509 can be manually renewed by calling
48       i2d_re_X509_tbs().
49

RETURN VALUES

51       d2i_X509_AUX() returns a valid X509 structure or NULL if an error
52       occurred.
53
54       i2d_X509_AUX() returns the length of encoded data or -1 on error.
55
56       i2d_re_X509_tbs(), i2d_re_X509_CRL_tbs() and i2d_re_X509_REQ_tbs()
57       return the length of encoded data or 0 on error.
58

SEE ALSO

60       ERR_get_error(3) X509_CRL_get0_by_serial(3), X509_get0_signature(3),
61       X509_get_ext_d2i(3), X509_get_extension_flags(3), X509_get_pubkey(3),
62       X509_get_subject_name(3), X509_get_version(3),
63       X509_NAME_add_entry_by_txt(3), X509_NAME_ENTRY_get_object(3),
64       X509_NAME_get_index_by_NID(3), X509_NAME_print_ex(3), X509_new(3),
65       X509_sign(3), X509V3_get_d2i(3), X509_verify_cert(3)
66
68       Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
69
70       Licensed under the Apache License 2.0 (the "License").  You may not use
71       this file except in compliance with the License.  You can obtain a copy
72       in the file LICENSE in the source distribution or at
73       <https://www.openssl.org/source/license.html>.
74
75
76
773.0.5                             2022-07-05            I2D_RE_X509_TBS(3ossl)
Impressum