2
0

X509_verify_cert.pod 1.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960
  1. =pod
  2. =head1 NAME
  3. X509_verify_cert - discover and verify X509 certificate chain
  4. =head1 SYNOPSIS
  5. #include <openssl/x509.h>
  6. int X509_verify_cert(X509_STORE_CTX *ctx);
  7. =head1 DESCRIPTION
  8. The X509_verify_cert() function attempts to discover and validate a
  9. certificate chain based on parameters in B<ctx>. A complete description of
  10. the process is contained in the L<verify(1)> manual page.
  11. =head1 RETURN VALUES
  12. If a complete chain can be built and validated this function returns 1,
  13. otherwise it return zero, in exceptional circumstances it can also
  14. return a negative code.
  15. If the function fails additional error information can be obtained by
  16. examining B<ctx> using, for example X509_STORE_CTX_get_error().
  17. =head1 NOTES
  18. Applications rarely call this function directly but it is used by
  19. OpenSSL internally for certificate validation, in both the S/MIME and
  20. SSL/TLS code.
  21. A negative return value from X509_verify_cert() can occur if it is invoked
  22. incorrectly, such as with no certificate set in B<ctx>, or when it is called
  23. twice in succession without reinitialising B<ctx> for the second call.
  24. A negative return value can also happen due to internal resource problems or if
  25. a retry operation is requested during internal lookups (which never happens
  26. with standard lookup methods).
  27. Applications must check for <= 0 return value on error.
  28. =head1 BUGS
  29. This function uses the header B<x509.h> as opposed to most chain verification
  30. functions which use B<x509_vfy.h>.
  31. =head1 SEE ALSO
  32. L<X509_STORE_CTX_get_error(3)>
  33. =head1 COPYRIGHT
  34. Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
  35. Licensed under the OpenSSL license (the "License"). You may not use
  36. this file except in compliance with the License. You can obtain a copy
  37. in the file LICENSE in the source distribution or at
  38. L<https://www.openssl.org/source/license.html>.
  39. =cut