#include <openssl/x509.h> X509 *X509_new(void); X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq); void X509_free(X509 *a); int X509_up_ref(X509 *a); STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x);
X509_new_ex() allocates and initializes a X509 structure with a library context of libctx, property query of propq and a reference count of 1. Many X509 functions such as X509_check_purpose(), and X509_verify() use this library context to select which providers supply the fetched algorithms (SHA1 is used internally). This created X509 object can then be used when loading binary data using d2i_X509().
X509_new() is similar to X509_new_ex() but sets the library context and property query to NULL. This results in the default (NULL) library context being used for any X509 operations requiring algorithm fetches.
X509_free() decrements the reference count of X509 structure a and frees it up if the reference count is zero. If a is NULL nothing is done.
X509_up_ref() increments the reference count of a.
X509_chain_up_ref() increases the reference count of all certificates in chain x and returns a copy of the stack, or an empty stack if a is NULL.
The function X509_chain_up_ref() doesn't just up the reference count of each certificate. It also returns a copy of the stack, using sk_X509_dup(), but it serves a similar purpose: the returned chain persists after the original has been freed.
X509_up_ref() returns 1 for success and 0 for failure.
X509_chain_up_ref() returns a copy of the stack or NULL if an error occurred.
Licensed under the Apache License 2.0 (the ``License''). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.