NAME

X509_STORE_set1_param, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_set_depth, X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_get0_param, X509_STORE_get0_objects, X509_STORE_get_ex_new_index, X509_STORE_set_ex_data, X509_STORE_get_ex_data —

SYNOPSIS

#include <openssl/x509_vfy.h> int
X509_STORE_set1_param(X509_STORE *store, X509_VERIFY_PARAM *pm); int
X509_STORE_set_flags(X509_STORE *store, unsigned long flags); int
X509_STORE_set_purpose(X509_STORE *store, int purpose); int
X509_STORE_set_trust(X509_STORE *store, int trust); int
X509_STORE_set_depth(X509_STORE *store, int depth); int
X509_STORE_add_cert(X509_STORE *store, X509 *x); int
X509_STORE_add_crl(X509_STORE *store, X509_CRL *crl); X509_VERIFY_PARAM *
X509_STORE_get0_param(X509_STORE *store); STACK_OF(X509_OBJECT) *
X509_STORE_get0_objects(X509_STORE *store); int
X509_STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int
X509_STORE_set_ex_data(X509_STORE *store, int idx, void *arg); void *
X509_STORE_get_ex_data(X509_STORE *store, int idx);

DESCRIPTION

X509_STORE_set1_param() copies the verification parameters from pm using X509_VERIFY_PARAM_set1(3) into the verification parameter object contained in the store. X509_VERIFY_PARAM_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set_depth() call X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(), and X509_VERIFY_PARAM_set_depth() on the verification parameter object contained in the store. X509_STORE_add_cert() and X509_STORE_add_crl() add the certificate x or the certificate revocation list crl to the store, increasing its reference count by 1 in case of success. Untrusted objects should not be added in this way. X509_STORE_get_ex_new_index(), X509_STORE_set_ex_data(), and X509_STORE_get_ex_data() handle application specific data in X509_STORE objects. Their usage is identical to that of RSA_get_ex_new_index(3), RSA_set_ex_data(3), and RSA_get_ex_data(3).

RETURN VALUES

X509_STORE_set1_param(), X509_STORE_set_purpose(), X509_STORE_set_trust(), and X509_STORE_set_ex_data() return 1 for success or 0 for failure. X509_STORE_set_flags() and X509_STORE_set_depth() always return 1, indicating success. X509_STORE_add_cert() and X509_STORE_add_crl() return 1 for success or 0 for failure. For example, they fail if x or crl is a NULL pointer, if a certificate with the same subject name as x or a revocation list with the same issuer name as crl are already contained in the store, or if memory allocation fails. X509_STORE_get0_param() returns an internal pointer to the verification parameter object contained in the store, X509_STORE_get0_objects() to the stack of certificates, revocation lists, and private keys. The returned pointers must not be freed by the calling application. X509_STORE_get_ex_new_index() returns a new index or -1 on failure. X509_STORE_get_ex_data() returns the application data or NULL on failure.

SEE ALSO

RSA_get_ex_new_index(3), SSL_set1_param(3), X509_LOOKUP_new(3), X509_OBJECT_get0_X509(3), X509_STORE_CTX_set0_param(3), X509_STORE_load_locations(3), X509_STORE_new(3), X509_VERIFY_PARAM_new(3), X509_VERIFY_PARAM_set_flags(3)

HISTORY

X509_STORE_add_cert() first appeared in SSLeay 0.8.0. X509_STORE_add_crl() first appeared in SSLeay 0.9.0. These functions have been available since OpenBSD 2.4. X509_STORE_set_flags(), X509_STORE_set_purpose(), and X509_STORE_set_trust() first appeared in OpenSSL 0.9.7 and have been available since OpenBSD 3.2. X509_STORE_set1_param() and X509_STORE_set_depth() first appeared in OpenSSL 0.9.8 and have been available since OpenBSD 4.5. X509_STORE_get0_param(), X509_STORE_get0_objects(), X509_STORE_get_ex_new_index(), X509_STORE_set_ex_data(), and X509_STORE_get_ex_data() first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 6.3.