xref: /freebsd/crypto/openssl/doc/man3/EVP_PKEY_get_attr.pod (revision cb14a3fe5122c879eae1fb480ed7ce82a699ddb6)
1=pod
2
3=head1 NAME
4
5EVP_PKEY_get_attr,
6EVP_PKEY_get_attr_count,
7EVP_PKEY_get_attr_by_NID, EVP_PKEY_get_attr_by_OBJ,
8EVP_PKEY_delete_attr,
9EVP_PKEY_add1_attr,
10EVP_PKEY_add1_attr_by_OBJ, EVP_PKEY_add1_attr_by_NID, EVP_PKEY_add1_attr_by_txt
11- EVP_PKEY B<X509_ATTRIBUTE> functions
12
13=head1 SYNOPSIS
14
15 #include <openssl/x509.h>
16
17 int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
18 int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos);
19 int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, const ASN1_OBJECT *obj,
20                              int lastpos);
21 X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
22 X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
23 int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
24 int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
25                               const ASN1_OBJECT *obj, int type,
26                               const unsigned char *bytes, int len);
27 int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
28                               int nid, int type,
29                               const unsigned char *bytes, int len);
30 int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
31                               const char *attrname, int type,
32                               const unsigned char *bytes, int len);
33
34=head1 DESCRIPTION
35
36These functions are used by B<PKCS12>.
37
38EVP_PKEY_get_attr_by_OBJ() finds the location of the first matching object I<obj>
39in the I<key> attribute list. The search starts at the position after I<lastpos>.
40If the returned value is positive then it can be used on the next call to
41EVP_PKEY_get_attr_by_OBJ() as the value of I<lastpos> in order to iterate through
42the remaining attributes. I<lastpos> can be set to any negative value on the
43first call, in order to start searching from the start of the attribute list.
44
45EVP_PKEY_get_attr_by_NID() is similar to EVP_PKEY_get_attr_by_OBJ() except that
46it passes the numerical identifier (NID) I<nid> associated with the object.
47See <openssl/obj_mac.h> for a list of NID_*.
48
49EVP_PKEY_get_attr() returns the B<X509_ATTRIBUTE> object at index I<loc> in the
50I<key> attribute list. I<loc> should be in the range from 0 to
51EVP_PKEY_get_attr_count() - 1.
52
53EVP_PKEY_delete_attr() removes the B<X509_ATTRIBUTE> object at index I<loc> in
54the I<key> attribute list.
55
56EVP_PKEY_add1_attr() pushes a copy of the passed in B<X509_ATTRIBUTE> object
57to the I<key> attribute list. A new I<key> attribute list is created if required.
58An error occurs if either I<attr> is NULL, or the attribute already exists.
59
60EVP_PKEY_add1_attr_by_OBJ() creates a new B<X509_ATTRIBUTE> using
61X509_ATTRIBUTE_set1_object() and X509_ATTRIBUTE_set1_data() to assign a new
62I<obj> with type I<type> and data I<bytes> of length I<len> and then pushes it
63to the I<key> object's attribute list. If I<obj> already exists in the attribute
64list then an error occurs.
65
66EVP_PKEY_add1_attr_by_NID() is similar to EVP_PKEY_add1_attr_by_OBJ() except
67that it passes the numerical identifier (NID) I<nid> associated with the object.
68See <openssl/obj_mac.h> for a list of NID_*.
69
70EVP_PKEY_add1_attr_by_txt() is similar to EVP_PKEY_add1_attr_by_OBJ() except
71that it passes a name I<attrname> associated with the object.
72See <openssl/obj_mac.h> for a list of SN_* names.
73
74=head1 RETURN VALUES
75
76EVP_PKEY_get_attr_count() returns the number of attributes in the I<key> object
77attribute list or -1 if the attribute list is NULL.
78
79EVP_PKEY_get_attr_by_OBJ() returns -1 if either the list is empty OR the object
80is not found, otherwise it returns the location of the object in the list.
81
82EVP_PKEY_get_attr_by_NID() is similar to EVP_PKEY_get_attr_by_OBJ(), except that
83it returns -2 if the I<nid> is not known by OpenSSL.
84
85EVP_PKEY_get_attr() returns either a B<X509_ATTRIBUTE> or NULL if there is a
86error.
87
88EVP_PKEY_delete_attr() returns either the removed B<X509_ATTRIBUTE> or NULL if
89there is a error.
90
91EVP_PKEY_add1_attr(), EVP_PKEY_add1_attr_by_OBJ(), EVP_PKEY_add1_attr_by_NID()
92and EVP_PKEY_add1_attr_by_txt() return 1 on success or 0 otherwise.
93
94=head1 NOTES
95
96A B<EVP_PKEY> object's attribute list is initially NULL. All the above functions
97listed will return an error unless EVP_PKEY_add1_attr() is called.
98All functions listed assume that the I<key> is not NULL.
99
100=head1 SEE ALSO
101
102L<X509_ATTRIBUTE(3)>
103
104=head1 COPYRIGHT
105
106Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved.
107
108Licensed under the Apache License 2.0 (the "License").  You may not use
109this file except in compliance with the License.  You can obtain a copy
110in the file LICENSE in the source distribution or at
111L<https://www.openssl.org/source/license.html>.
112
113=cut
114