xref: /openbsd/lib/libcrypto/man/X509_REQ_new.3 (revision d415bd75) 
1.\" $OpenBSD: X509_REQ_new.3,v 1.11 2021/10/29 09:42:07 schwarze Exp $
2.\"
3.\" Copyright (c) 2016, 2021 Ingo Schwarze <schwarze@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: October 29 2021 $
18.Dt X509_REQ_NEW 3
19.Os
20.Sh NAME
21.Nm X509_REQ_new ,
22.Nm X509_REQ_dup ,
23.Nm X509_to_X509_REQ ,
24.Nm X509_REQ_free ,
25.Nm X509_REQ_INFO_new ,
26.Nm X509_REQ_INFO_free
27.Nd PKCS#10 certification requests
28.Sh SYNOPSIS
29.In openssl/x509.h
30.Ft X509_REQ *
31.Fn X509_REQ_new void
32.Ft X509_REQ *
33.Fn X509_REQ_dup "X509_REQ *req"
34.Ft X509_REQ *
35.Fn X509_to_X509_REQ "X509 *x" "EVP_PKEY *pkey" "const EVP_MD *md"
36.Ft void
37.Fn X509_REQ_free "X509_REQ *req"
38.Ft X509_REQ_INFO *
39.Fn X509_REQ_INFO_new void
40.Ft void
41.Fn X509_REQ_INFO_free "X509_REQ_INFO *req_info"
42.Sh DESCRIPTION
43.Fn X509_REQ_new
44allocates and initializes an empty
45.Vt X509_REQ
46object, representing an ASN.1
47.Vt CertificationRequest
48structure defined in RFC 2986 section 4.2.
49It can hold a pointer to an
50.Vt X509_REQ_INFO
51object discussed below together with a cryptographic signature and
52information about the signature algorithm used.
53.Pp
54.Fn X509_REQ_dup
55creates a deep copy of
56.Fa req
57using
58.Xr ASN1_item_dup 3 ,
59setting the reference count of the copy to 1.
60.Pp
61.Fn X509_to_X509_REQ
62allocates a new certification request object, copies
63the subject name and the public key into it from the certificate
64.Fa x ,
65and sets the version to zero.
66Unless
67.Fa pkey
68is
69.Dv NULL ,
70it also signs the request with
71.Xr X509_REQ_sign 3
72using
73.Fa pkey
74and
75.Fa md .
76.Pp
77.Fn X509_REQ_free
78frees
79.Fa req .
80If
81.Fa req
82is a
83.Dv NULL
84pointer, no action occurs.
85.Pp
86.Fn X509_REQ_INFO_new
87allocates and initializes an empty
88.Vt X509_REQ_INFO
89object, representing an ASN.1
90.Vt CertificationRequestInfo
91structure defined in RFC 2986 section 4.1.
92It is used inside the
93.Vt X509_REQ
94object and can hold the subject and the public key of the requested
95certificate and additional attributes.
96.Fn X509_REQ_INFO_free
97frees
98.Fa req_info .
99If
100.Fa req_info
101is a
102.Dv NULL
103pointer, no action occurs.
104.Sh RETURN VALUES
105.Fn X509_REQ_new ,
106.Fn X509_REQ_dup ,
107.Fn X509_to_X509_REQ ,
108and
109.Fn X509_REQ_INFO_new
110return the new
111.Vt X509_REQ
112or
113.Vt X509_REQ_INFO
114object, respectively, or
115.Dv NULL
116if an error occurs.
117.Sh SEE ALSO
118.Xr d2i_X509_REQ 3 ,
119.Xr PEM_read_X509_REQ 3 ,
120.Xr X509_new 3 ,
121.Xr X509_REQ_add1_attr 3 ,
122.Xr X509_REQ_add_extensions 3 ,
123.Xr X509_REQ_check_private_key 3 ,
124.Xr X509_REQ_digest 3 ,
125.Xr X509_REQ_get0_signature 3 ,
126.Xr X509_REQ_get_pubkey 3 ,
127.Xr X509_REQ_get_subject_name 3 ,
128.Xr X509_REQ_get_version 3 ,
129.Xr X509_REQ_print_ex 3 ,
130.Xr X509_REQ_sign 3
131.Sh STANDARDS
132RFC 2986: PKCS #10: Certification Request Syntax Specification
133.Sh HISTORY
134.Fn X509_REQ_new ,
135.Fn X509_REQ_free ,
136.Fn X509_REQ_INFO_new ,
137and
138.Fn X509_REQ_INFO_free
139first appeared in SSLeay 0.4.4,
140.Fn X509_REQ_dup
141in SSLeay 0.5.1, and
142.Fn X509_to_X509_REQ
143in SSLeay 0.6.0.
144These functions have been available since
145.Ox 2.4 .
146