1.\" $OpenBSD: X509_get_pubkey_parameters.3,v 1.2 2021/11/26 13:35:10 schwarze Exp $ 2.\" 3.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> 4.\" 5.\" Permission to use, copy, modify, and distribute this software for any 6.\" purpose with or without fee is hereby granted, provided that the above 7.\" copyright notice and this permission notice appear in all copies. 8.\" 9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\" 17.Dd $Mdocdate: November 26 2021 $ 18.Dt X509_GET_PUBKEY_PARAMETERS 3 19.Os 20.Sh NAME 21.Nm X509_get_pubkey_parameters 22.Nd copy public key parameters from a chain 23.Sh SYNOPSIS 24.In openssl/x509.h 25.Ft int 26.Fo X509_get_pubkey_parameters 27.Fa "EVP_PKEY *pkey" 28.Fa "STACK_OF(X509) *chain" 29.Fc 30.Sh DESCRIPTION 31.Fn X509_get_pubkey_parameters 32copies public key parameters from the first appropriate certificate in the 33.Fa chain . 34.Pp 35If 36.Fa pkey 37is not 38.Dv NULL 39and already contains complete public key parameters or uses an 40algorithm that does not use any parameters, no action occurs and 41the function indicates success without inspecting the existing 42parameters, without inspecting the 43.Fa chain , 44and without comparing any parameters. 45.Pp 46Otherwise, all public key parameters are copied 47from the first certificate in the 48.Fa chain 49that contains complete public key parameters 50to each certificate preceding it in the 51.Fa chain . 52Unless 53.Fa pkey 54is a 55.Dv NULL 56pointer, the same parameters are also copied to 57.Fa pkey . 58.Sh RETURN VALUES 59.Fn X509_get_pubkey_parameters 60returns 1 for success or 0 for failure. 61.Sh ERRORS 62The following diagnostics can be retrieved with 63.Xr ERR_get_error 3 , 64.Xr ERR_GET_REASON 3 , 65and 66.Xr ERR_reason_error_string 3 : 67.Bl -tag -width Ds 68.It Dv X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY Qq unable to get certs public key 69Retrieving the public key from a certificate in the 70.Fa chain 71failed before a certificate containing complete public key parameters 72could be found. 73.It Xo 74.Dv X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 75.Qq unable to find parameters in chain 76.Xc 77None of the certificates in the chain 78contain complete public key parameters. 79.El 80.Sh SEE ALSO 81.Xr EVP_PKEY_copy_parameters 3 , 82.Xr EVP_PKEY_new 3 , 83.Xr X509_get_pubkey 3 , 84.Xr X509_new 3 85.Sh HISTORY 86.Fn X509_get_pubkey_parameters 87first appeared in SSLeay 0.8.0 and has been available since 88.Ox 2.4 . 89.Sh CAVEATS 90If 91.Fn X509_get_pubkey_parameters 92fails and returns 0, a part of the parameters may or may not have 93been copied before the failure was detected, whereas other parts of 94.Fa pkey 95and 96.Fa chain 97may remain unchanged. 98So in case of failure, the state of the arguments may change 99and possibly become inconsistent. 100