NAME
X509_STORE_set1_param,
X509_STORE_set_flags,
X509_STORE_set_purpose,
X509_STORE_set_trust,
X509_STORE_set_depth,
X509_STORE_add_cert,
X509_STORE_add_crl,
X509_STORE_get0_param,
X509_STORE_get0_objects,
X509_STORE_get_ex_new_index,
X509_STORE_set_ex_data,
X509_STORE_get_ex_data —
get and set X509_STORE data
SYNOPSIS
#include
<openssl/x509_vfy.h>
int
X509_STORE_set1_param(X509_STORE
*store, X509_VERIFY_PARAM *pm);
int
X509_STORE_set_flags(X509_STORE
*store, unsigned long flags);
int
X509_STORE_set_purpose(X509_STORE
*store, int purpose);
int
X509_STORE_set_trust(X509_STORE
*store, int trust);
int
X509_STORE_set_depth(X509_STORE
*store, int depth);
int
X509_STORE_add_cert(X509_STORE
*store, X509 *x);
int
X509_STORE_add_crl(X509_STORE
*store, X509_CRL *crl);
X509_VERIFY_PARAM *
X509_STORE_get0_param(X509_STORE
*store);
STACK_OF(X509_OBJECT) *
X509_STORE_get0_objects(X509_STORE
*store);
int
X509_STORE_get_ex_new_index(long
argl, void *argp, CRYPTO_EX_new
*new_func, CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int
X509_STORE_set_ex_data(X509_STORE
*store, int idx, void
*arg);
void *
X509_STORE_get_ex_data(X509_STORE
*store, int idx);
DESCRIPTION
X509_STORE_set1_param()
copies the verification parameters from pm into the
verification parameter object contained in the
store.
X509_VERIFY_PARAM_set_flags(),
X509_STORE_set_purpose(),
X509_STORE_set_trust(),
and
X509_STORE_set_depth()
call X509_VERIFY_PARAM_set_flags(),
X509_VERIFY_PARAM_set_purpose(),
X509_VERIFY_PARAM_set_trust(),
and
X509_VERIFY_PARAM_set_depth()
on the verification parameter object contained in the
store.
X509_STORE_add_cert()
and
X509_STORE_add_crl()
add the certificate x or the certificate revocation
list crl to the store,
increasing its reference count by 1 in case of success. Untrusted objects
should not be added in this way.
X509_STORE_get_ex_new_index(),
X509_STORE_set_ex_data(),
and
X509_STORE_get_ex_data()
handle application specific data in X509_STORE
objects. Their usage is identical to that of
RSA_get_ex_new_index(3),
RSA_set_ex_data(3), and
RSA_get_ex_data(3).
RETURN VALUES
X509_STORE_set1_param(),
X509_STORE_set_purpose(),
X509_STORE_set_trust(), and
X509_STORE_set_ex_data() return 1 for success or 0
for failure.
X509_STORE_set_flags() and
X509_STORE_set_depth() always return 1, indicating
success.
X509_STORE_add_cert() and
X509_STORE_add_crl() return 1 for success or 0 for
failure. For example, they fail if x or
crl is a NULL pointer, if a
certificate with the same subject name as x or a
revocation list with the same issuer name as crl are
already contained in the store, or if memory
allocation fails.
X509_STORE_get0_param() returns an
internal pointer to the verification parameter object contained in the
store,
X509_STORE_get0_objects() to the stack of
certificates, revocation lists, and private keys. The returned pointers must
not be freed by the calling application.
X509_STORE_get_ex_new_index() returns a
new index or -1 on failure.
X509_STORE_get_ex_data() returns the
application data or NULL on failure.
SEE ALSO
RSA_get_ex_new_index(3), SSL_set1_param(3), X509_OBJECT_get0_X509(3), X509_STORE_CTX_set0_param(3), X509_STORE_load_locations(3), X509_STORE_new(3), X509_VERIFY_PARAM_set_flags(3)
HISTORY
X509_STORE_add_cert() first appeared in
SSLeay 0.8.0. X509_STORE_add_crl() first appeared in
SSLeay 0.9.0. These functions have been available since
OpenBSD 2.4.
X509_STORE_set_flags(),
X509_STORE_set_purpose(), and
X509_STORE_set_trust() first appeared in OpenSSL
0.9.7 and have been available since OpenBSD 3.2.
X509_STORE_set1_param() and
X509_STORE_set_depth() first appeared in OpenSSL
0.9.8 and have been available since OpenBSD 4.5.
X509_STORE_get0_param(),
X509_STORE_get0_objects(),
X509_STORE_get_ex_new_index(),
X509_STORE_set_ex_data(), and
X509_STORE_get_ex_data() first appeared in OpenSSL
1.1.0 and have been available since OpenBSD 6.3.