Sortix
current nightly

Sortix volatile manual

This manual documents Sortix volatile, a development build that has not been officially released. You can instead view this document in the latest official manual.

NAME

EXTENDED_KEY_USAGE_new, EXTENDED_KEY_USAGE_freeX.509 key usage restrictions

SYNOPSIS

#include <openssl/x509v3.h>
EXTENDED_KEY_USAGE
EXTENDED_KEY_USAGE_new(void);
void
EXTENDED_KEY_USAGE_free(EXTENDED_KEY_USAGE *eku);

DESCRIPTION

By using the key usage extension, the extended key usage extension, or both of them, X509 end entity certificates may indicate that the key contained in them is only intended to be used for the specified purposes. If both extensions are present, only uses compatible with both extensions are intended.
EXTENDED_KEY_USAGE_new() allocates and initializes an empty EXTENDED_KEY_USAGE object, which is a STACK_OF(ASN1_OBJECT) and represents an ASN.1 ExtKeyUsageSyntax structure defined in RFC 5280 section 4.2.1.12. It can hold key purpose identifiers.
EXTENDED_KEY_USAGE_free() frees eku.
The key usage extension uses the ASN.1 BIT STRING data type and doesn't require any dedicated object.

RETURN VALUES

EXTENDED_KEY_USAGE_new() returns the new EXTENDED_KEY_USAGE object or NULL if an error occurs.

SEE ALSO

BASIC_CONSTRAINTS_new(3), d2i_EXTENDED_KEY_USAGE(3), POLICYINFO_new(3), X509_check_purpose(3), X509_EXTENSION_new(3), X509_get_extension_flags(3), X509_new(3)

STANDARDS

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile:
  • section 4.2.1.3: Key Usage
  • section 4.2.1.12: Extended Key Usage

HISTORY

EXTENDED_KEY_USAGE_new() and EXTENDED_KEY_USAGE_free() first appeared in OpenSSL 0.9.7 and have been available since OpenBSD 3.2.
Copyright 2011-2025 Jonas 'Sortie' Termansen and contributors.
Sortix's source code is free software under the ISC license. 		#sortix on irc.sortix.org
@sortix_org