Your company here — click to reach over 10,000 unique daily visitors

X509_get_subject_name.3ossl - Man Page

get X509_NAME hashes or get and set issuer or subject names


 #include <openssl/x509.h>

 unsigned long X509_NAME_hash_ex(const X509_NAME *x, OSSL_LIB_CTX *libctx,
                                 const char *propq, int *ok);

 X509_NAME *X509_get_subject_name(const X509 *x);
 int X509_set_subject_name(X509 *x, const X509_NAME *name);
 unsigned long X509_subject_name_hash(X509 *x);

 X509_NAME *X509_get_issuer_name(const X509 *x);
 int X509_set_issuer_name(X509 *x, const X509_NAME *name);
 unsigned long X509_issuer_name_hash(X509 *x);

 X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
 int X509_REQ_set_subject_name(X509_REQ *req, const X509_NAME *name);

 X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
 int X509_CRL_set_issuer_name(X509_CRL *x, const X509_NAME *name);

The following macro has been deprecated since OpenSSL 3.0, and can be hidden entirely by defining OPENSSL_API_COMPAT with a suitable version value, see openssl_user_macros(7):

 #define X509_NAME_hash(x) X509_NAME_hash_ex(x, NULL, NULL, NULL)


X509_NAME_hash_ex() returns a hash value of name x or 0 on failure, using any given library context libctx and property query propq. The ok result argument may be NULL or else is used to return 1 for success and 0 for failure. Failure may happen on malloc error or if no SHA1 implementation is available.

X509_NAME_hash() returns a hash value of name x or 0 on failure, using the default library context and default property query.

X509_get_subject_name() returns the subject name of certificate x. The returned value is an internal pointer which MUST NOT be freed.

X509_set_subject_name() sets the issuer name of certificate x to name. The name parameter is copied internally and should be freed up when it is no longer needed.

X509_subject_name_hash() returns a hash value of the subject name of certificate x.

X509_get_issuer_name(), X509_set_issuer_name(), and X509_issuer_name_hash() are identical to X509_get_subject_name(), X509_set_subject_name(), and X509_subject_name_hash() except they relate to the issuer name of x.

Similarly X509_REQ_get_subject_name(), X509_REQ_set_subject_name(), X509_CRL_get_issuer() and X509_CRL_set_issuer_name() get or set the subject or issuer names of certificate requests of CRLs respectively.

Return Values

X509_get_subject_name(), X509_get_issuer_name(), X509_REQ_get_subject_name() and X509_CRL_get_issuer() return an X509_NAME pointer.

X509_NAME_hash_ex(), X509_NAME_hash(), X509_subject_name_hash() and X509_issuer_name_hash() return the first four bytes of the SHA1 hash value, converted to unsigned long in little endian order, or 0 on failure.

X509_set_subject_name(), X509_set_issuer_name(), X509_REQ_set_subject_name() and X509_CRL_set_issuer_name() return 1 for success and 0 for failure.


In case X509_NAME_hash(), X509_subject_name_hash(), or X509_issuer_name_hash() returns 0 it remains unclear if this is the real hash value or due to failure. Better use X509_NAME_hash_ex() instead.

See Also

d2i_X509(3), ERR_get_error(3), d2i_X509(3) X509_CRL_get0_by_serial(3), X509_get0_signature(3), X509_get_ext_d2i(3), X509_get_extension_flags(3), X509_get_pubkey(3), X509_NAME_add_entry_by_txt(3), X509_NAME_ENTRY_get_object(3), X509_NAME_get_index_by_NID(3), X509_NAME_print_ex(3), X509_new(3), X509_sign(3), X509V3_get_d2i(3), X509_verify_cert(3)


X509_REQ_get_subject_name() is a function in OpenSSL 1.1.0 and a macro in earlier versions.

X509_CRL_get_issuer() is a function in OpenSSL 1.1.0. It was previously added in OpenSSL 1.0.0 as a macro.

X509_NAME_hash() was turned into a macro and deprecated in OpenSSL 3.0.

Referenced By

i2d_re_X509_tbs.3ossl(3), X509_CRL_get0_by_serial.3ossl(3), X509_get0_notBefore.3ossl(3), X509_get0_signature.3ossl(3), X509_get0_uids.3ossl(3), X509_get_pubkey.3ossl(3), X509_get_serialNumber.3ossl(3), X509_get_version.3ossl(3), X509_new.3ossl(3), X509V3_get_d2i.3ossl(3), X509_verify.3ossl(3).

The man pages X509_CRL_get_issuer.3ossl(3), X509_CRL_set_issuer_name.3ossl(3), X509_get_issuer_name.3ossl(3), X509_issuer_name_hash.3ossl(3), X509_NAME_hash.3ossl(3), X509_NAME_hash_ex.3ossl(3), X509_REQ_get_subject_name.3ossl(3), X509_REQ_set_subject_name.3ossl(3), X509_set_issuer_name.3ossl(3), X509_set_subject_name.3ossl(3) and X509_subject_name_hash.3ossl(3) are aliases of X509_get_subject_name.3ossl(3).

2024-07-09 3.2.2 OpenSSL