X509_verify_cert.pod 1.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859
  1. =pod
  2. =head1 NAME
  3. X509_verify_cert - discover and verify X509 certificate chain
  4. =head1 SYNOPSIS
  5. #include <openssl/x509.h>
  6. int X509_verify_cert(X509_STORE_CTX *ctx);
  7. =head1 DESCRIPTION
  8. The X509_verify_cert() function attempts to discover and validate a
  9. certificate chain based on parameters in B<ctx>. A complete description of
  10. the process is contained in the L<openssl-verify(1)> manual page.
  11. Applications rarely call this function directly but it is used by
  12. OpenSSL internally for certificate validation, in both the S/MIME and
  13. SSL/TLS code.
  14. A negative return value from X509_verify_cert() can occur if it is invoked
  15. incorrectly, such as with no certificate set in B<ctx>, or when it is called
  16. twice in succession without reinitialising B<ctx> for the second call.
  17. A negative return value can also happen due to internal resource problems or if
  18. a retry operation is requested during internal lookups (which never happens
  19. with standard lookup methods).
  20. Applications must check for <= 0 return value on error.
  21. =head1 RETURN VALUES
  22. If a complete chain can be built and validated this function returns 1,
  23. otherwise it return zero, in exceptional circumstances it can also
  24. return a negative code.
  25. If the function fails additional error information can be obtained by
  26. examining B<ctx> using, for example X509_STORE_CTX_get_error().
  27. =head1 BUGS
  28. This function uses the header F<< <x509.h> >>
  29. as opposed to most chain verification
  30. functions which use F<< <x509_vfy.h> >>.
  31. =head1 SEE ALSO
  32. L<X509_STORE_CTX_get_error(3)>
  33. =head1 COPYRIGHT
  34. Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
  35. Licensed under the Apache License 2.0 (the "License"). You may not use
  36. this file except in compliance with the License. You can obtain a copy
  37. in the file LICENSE in the source distribution or at
  38. L<https://www.openssl.org/source/license.html>.
  39. =cut