OpenBSD manual page server

Manual Page Search Parameters

X509_STORE_SET1_PARAM(3) Library Functions Manual X509_STORE_SET1_PARAM(3)

X509_STORE_set1_param, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_set_depth, X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_get0_param, X509_STORE_get0_objects, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_dataget and set X509_STORE data

#include <openssl/x509_vfy.h>

int
X509_STORE_set1_param(X509_STORE *store, X509_VERIFY_PARAM *pm);

int
X509_STORE_set_flags(X509_STORE *store, unsigned long flags);

int
X509_STORE_set_purpose(X509_STORE *store, int purpose);

int
X509_STORE_set_trust(X509_STORE *store, int trust);

int
X509_STORE_set_depth(X509_STORE *store, int depth);

int
X509_STORE_add_cert(X509_STORE *store, X509 *x);

int
X509_STORE_add_crl(X509_STORE *store, X509_CRL *crl);

X509_VERIFY_PARAM *
X509_STORE_get0_param(X509_STORE *store);

STACK_OF(X509_OBJECT) *
X509_STORE_get0_objects(X509_STORE *store);

int
X509_STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);

int
X509_STORE_set_ex_data(X509_STORE *store, int idx, void *arg);

void *
X509_STORE_get_ex_data(X509_STORE *store, int idx);

() copies the verification parameters from pm using X509_VERIFY_PARAM_set1(3) into the verification parameter object contained in the store.

(), (), (), and () call X509_VERIFY_PARAM_set_flags(), (), (), and () on the verification parameter object contained in the store.

() and () add the certificate x or the certificate revocation list crl to the store, increasing its reference count by 1 in case of success. Untrusted objects should not be added in this way.

(), (), and () handle application specific data in X509_STORE objects. Their usage is identical to that of RSA_get_ex_new_index(3), RSA_set_ex_data(3), and RSA_get_ex_data(3).

X509_STORE_set1_param(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set_ex_data() return 1 for success or 0 for failure.

X509_STORE_set_flags() and X509_STORE_set_depth() always return 1, indicating success.

X509_STORE_add_cert() and X509_STORE_add_crl() return 1 for success or 0 for failure. For example, they fail if x or crl is a NULL pointer, if a certificate with the same subject name as x or a revocation list with the same issuer name as crl are already contained in the store, or if memory allocation fails.

X509_STORE_get0_param() returns an internal pointer to the verification parameter object contained in the store, X509_STORE_get0_objects() to the stack of certificates, revocation lists, and private keys. The returned pointers must not be freed by the calling application.

X509_STORE_get_ex_new_index() returns a new index or -1 on failure.

X509_STORE_get_ex_data() returns the application data or NULL on failure.

RSA_get_ex_new_index(3), SSL_set1_param(3), X509_LOOKUP_new(3), X509_OBJECT_get0_X509(3), X509_STORE_CTX_set0_param(3), X509_STORE_load_locations(3), X509_STORE_new(3), X509_VERIFY_PARAM_new(3), X509_VERIFY_PARAM_set_flags(3)

X509_STORE_add_cert() first appeared in SSLeay 0.8.0. X509_STORE_add_crl() first appeared in SSLeay 0.9.0. These functions have been available since OpenBSD 2.4.

X509_STORE_set_flags(), X509_STORE_set_purpose(), and X509_STORE_set_trust() first appeared in OpenSSL 0.9.7 and have been available since OpenBSD 3.2.

X509_STORE_set1_param() and X509_STORE_set_depth() first appeared in OpenSSL 0.9.8 and have been available since OpenBSD 4.5.

X509_STORE_get0_param(), X509_STORE_get0_objects(), X509_STORE_get_ex_new_index(), X509_STORE_set_ex_data(), and X509_STORE_get_ex_data() first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 6.3.

October 18, 2021 OpenBSD-7.4