1ae771770SStanislav Sedov<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 2ae771770SStanislav Sedov<html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> 3ae771770SStanislav Sedov<title>Heimdalx509library: hx509 verification functions</title> 4ae771770SStanislav Sedov<link href="doxygen.css" rel="stylesheet" type="text/css"> 5ae771770SStanislav Sedov<link href="tabs.css" rel="stylesheet" type="text/css"> 6ae771770SStanislav Sedov</head><body> 7ae771770SStanislav Sedov<p> 8ae771770SStanislav Sedov<a href="http://www.h5l.org/"><img src="http://www.h5l.org/keyhole-heimdal.png" alt="keyhole logo"/></a> 9ae771770SStanislav Sedov</p> 10ae771770SStanislav Sedov<!-- end of header marker --> 11ae771770SStanislav Sedov<!-- Generated by Doxygen 1.5.6 --> 12ae771770SStanislav Sedov<div class="navigation" id="top"> 13ae771770SStanislav Sedov <div class="tabs"> 14ae771770SStanislav Sedov <ul> 15ae771770SStanislav Sedov <li><a href="index.html"><span>Main Page</span></a></li> 16ae771770SStanislav Sedov <li><a href="pages.html"><span>Related Pages</span></a></li> 17ae771770SStanislav Sedov <li><a href="modules.html"><span>Modules</span></a></li> 18ae771770SStanislav Sedov </ul> 19ae771770SStanislav Sedov </div> 20ae771770SStanislav Sedov</div> 21ae771770SStanislav Sedov<div class="contents"> 22ae771770SStanislav Sedov<h1>hx509 verification functions</h1><table border="0" cellpadding="0" cellspacing="0"> 23ae771770SStanislav Sedov<tr><td></td></tr> 24ae771770SStanislav Sedov<tr><td colspan="2"><br><h2>Functions</h2></td></tr> 25ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#gcf53ef0c8202b75d946b47266e4777da">hx509_context_set_missing_revoke</a> (hx509_context context, int flag)</td></tr> 26ae771770SStanislav Sedov 27ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#g53a78d7c374e238354600b754f8ef4c7">hx509_verify_init_ctx</a> (hx509_context context, hx509_verify_ctx *ctx)</td></tr> 28ae771770SStanislav Sedov 29ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#ga90ca3387075fbdf3ae014beda0b4108">hx509_verify_destroy_ctx</a> (hx509_verify_ctx ctx)</td></tr> 30ae771770SStanislav Sedov 31ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#gacc284cfe15ebfd4372aa0725d24e8a0">hx509_verify_attach_anchors</a> (hx509_verify_ctx ctx, hx509_certs set)</td></tr> 32ae771770SStanislav Sedov 33ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#gaf1e783c744e3ce3918d7c00f101f1fc">hx509_verify_attach_revoke</a> (hx509_verify_ctx ctx, hx509_revoke_ctx revoke_ctx)</td></tr> 34ae771770SStanislav Sedov 35ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#g1490c2944163f25cf02377bae5d0ab37">hx509_verify_set_time</a> (hx509_verify_ctx ctx, time_t t)</td></tr> 36ae771770SStanislav Sedov 37ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#g11a6fe7afbd5cee1af2dedeffcaad33c">hx509_verify_set_max_depth</a> (hx509_verify_ctx ctx, unsigned int max_depth)</td></tr> 38ae771770SStanislav Sedov 39ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#g50cae1e3d318471ff444770cfec4b0a8">hx509_verify_set_proxy_certificate</a> (hx509_verify_ctx ctx, int boolean)</td></tr> 40ae771770SStanislav Sedov 41ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#g7c301cedab40be9a495dea2778202140">hx509_verify_set_strict_rfc3280_verification</a> (hx509_verify_ctx ctx, int boolean)</td></tr> 42ae771770SStanislav Sedov 43ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#g1e84c0d08972e2dd87ba89f105183914">hx509_verify_path</a> (hx509_context context, hx509_verify_ctx ctx, hx509_cert cert, hx509_certs pool)</td></tr> 44ae771770SStanislav Sedov 45ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#ge7e5973c6c9a66d599c44d9473ade82a">hx509_ocsp_verify</a> (hx509_context context, time_t now, hx509_cert cert, int flags, const void *data, size_t length, time_t *expiration)</td></tr> 46ae771770SStanislav Sedov 47ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#g8b46fa446893a189808deabc2bc630d1">hx509_crl_alloc</a> (hx509_context context, hx509_crl *crl)</td></tr> 48ae771770SStanislav Sedov 49ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#g51a77209dd8f88e8ca52ad618dc62fe6">hx509_crl_add_revoked_certs</a> (hx509_context context, hx509_crl crl, hx509_certs certs)</td></tr> 50ae771770SStanislav Sedov 51ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#gaff0e82873a480d002cc7f1b69f430e8">hx509_crl_lifetime</a> (hx509_context context, hx509_crl crl, int delta)</td></tr> 52ae771770SStanislav Sedov 53ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#gb59b054be16d4607aed4001ee071ecb6">hx509_crl_free</a> (hx509_context context, hx509_crl *crl)</td></tr> 54ae771770SStanislav Sedov 55ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__verify.html#g7361cfd5f3b413ea4715977fae210760">hx509_crl_sign</a> (hx509_context context, hx509_cert signer, hx509_crl crl, heim_octet_string *os)</td></tr> 56ae771770SStanislav Sedov 57ae771770SStanislav Sedov</table> 58ae771770SStanislav Sedov<hr><a name="_details"></a><h2>Detailed Description</h2> 59ae771770SStanislav Sedov<hr><h2>Function Documentation</h2> 60ae771770SStanislav Sedov<a class="anchor" name="gcf53ef0c8202b75d946b47266e4777da"></a><!-- doxytag: member="cert.c::hx509_context_set_missing_revoke" ref="gcf53ef0c8202b75d946b47266e4777da" args="(hx509_context context, int flag)" --> 61ae771770SStanislav Sedov<div class="memitem"> 62ae771770SStanislav Sedov<div class="memproto"> 63ae771770SStanislav Sedov <table class="memname"> 64ae771770SStanislav Sedov <tr> 65ae771770SStanislav Sedov <td class="memname">void hx509_context_set_missing_revoke </td> 66ae771770SStanislav Sedov <td>(</td> 67ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 68ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 69ae771770SStanislav Sedov </tr> 70ae771770SStanislav Sedov <tr> 71ae771770SStanislav Sedov <td class="paramkey"></td> 72ae771770SStanislav Sedov <td></td> 73ae771770SStanislav Sedov <td class="paramtype">int </td> 74ae771770SStanislav Sedov <td class="paramname"> <em>flag</em></td><td> </td> 75ae771770SStanislav Sedov </tr> 76ae771770SStanislav Sedov <tr> 77ae771770SStanislav Sedov <td></td> 78ae771770SStanislav Sedov <td>)</td> 79ae771770SStanislav Sedov <td></td><td></td><td></td> 80ae771770SStanislav Sedov </tr> 81ae771770SStanislav Sedov </table> 82ae771770SStanislav Sedov</div> 83ae771770SStanislav Sedov<div class="memdoc"> 84ae771770SStanislav Sedov 85ae771770SStanislav Sedov<p> 86ae771770SStanislav SedovSelects if the <a class="el" href="group__hx509__revoke.html#g3faf6194dc7429f8850e02b3ae2bbeeb">hx509_revoke_verify()</a> function is going to require the existans of a revokation method (OCSP, CRL) or not. Note that <a class="el" href="group__hx509__verify.html#g1e84c0d08972e2dd87ba89f105183914">hx509_verify_path()</a>, <a class="el" href="group__hx509__cms.html#gedaf18507474021a8d092ca6ac90a1ad">hx509_cms_verify_signed()</a>, and other function call <a class="el" href="group__hx509__revoke.html#g3faf6194dc7429f8850e02b3ae2bbeeb">hx509_revoke_verify()</a>.<p> 87ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 88ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 89ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>hx509 context to change the flag for. </td></tr> 90ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>flag</em> </td><td>zero, revokation method required, non zero missing revokation method ok </td></tr> 91ae771770SStanislav Sedov </table> 92ae771770SStanislav Sedov</dl> 93ae771770SStanislav Sedov 94ae771770SStanislav Sedov</div> 95ae771770SStanislav Sedov</div><p> 96ae771770SStanislav Sedov<a class="anchor" name="g51a77209dd8f88e8ca52ad618dc62fe6"></a><!-- doxytag: member="revoke.c::hx509_crl_add_revoked_certs" ref="g51a77209dd8f88e8ca52ad618dc62fe6" args="(hx509_context context, hx509_crl crl, hx509_certs certs)" --> 97ae771770SStanislav Sedov<div class="memitem"> 98ae771770SStanislav Sedov<div class="memproto"> 99ae771770SStanislav Sedov <table class="memname"> 100ae771770SStanislav Sedov <tr> 101ae771770SStanislav Sedov <td class="memname">int hx509_crl_add_revoked_certs </td> 102ae771770SStanislav Sedov <td>(</td> 103ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 104ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 105ae771770SStanislav Sedov </tr> 106ae771770SStanislav Sedov <tr> 107ae771770SStanislav Sedov <td class="paramkey"></td> 108ae771770SStanislav Sedov <td></td> 109ae771770SStanislav Sedov <td class="paramtype">hx509_crl </td> 110ae771770SStanislav Sedov <td class="paramname"> <em>crl</em>, </td> 111ae771770SStanislav Sedov </tr> 112ae771770SStanislav Sedov <tr> 113ae771770SStanislav Sedov <td class="paramkey"></td> 114ae771770SStanislav Sedov <td></td> 115ae771770SStanislav Sedov <td class="paramtype">hx509_certs </td> 116ae771770SStanislav Sedov <td class="paramname"> <em>certs</em></td><td> </td> 117ae771770SStanislav Sedov </tr> 118ae771770SStanislav Sedov <tr> 119ae771770SStanislav Sedov <td></td> 120ae771770SStanislav Sedov <td>)</td> 121ae771770SStanislav Sedov <td></td><td></td><td></td> 122ae771770SStanislav Sedov </tr> 123ae771770SStanislav Sedov </table> 124ae771770SStanislav Sedov</div> 125ae771770SStanislav Sedov<div class="memdoc"> 126ae771770SStanislav Sedov 127ae771770SStanislav Sedov<p> 128ae771770SStanislav SedovAdd revoked certificate to an CRL context.<p> 129ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 130ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 131ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>a hx509 context. </td></tr> 132ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>crl</em> </td><td>the CRL to add the revoked certificate to. </td></tr> 133ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>certs</em> </td><td>keyset of certificate to revoke.</td></tr> 134ae771770SStanislav Sedov </table> 135ae771770SStanislav Sedov</dl> 136ae771770SStanislav Sedov<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl> 137ae771770SStanislav Sedov 138ae771770SStanislav Sedov</div> 139ae771770SStanislav Sedov</div><p> 140ae771770SStanislav Sedov<a class="anchor" name="g8b46fa446893a189808deabc2bc630d1"></a><!-- doxytag: member="revoke.c::hx509_crl_alloc" ref="g8b46fa446893a189808deabc2bc630d1" args="(hx509_context context, hx509_crl *crl)" --> 141ae771770SStanislav Sedov<div class="memitem"> 142ae771770SStanislav Sedov<div class="memproto"> 143ae771770SStanislav Sedov <table class="memname"> 144ae771770SStanislav Sedov <tr> 145ae771770SStanislav Sedov <td class="memname">int hx509_crl_alloc </td> 146ae771770SStanislav Sedov <td>(</td> 147ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 148ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 149ae771770SStanislav Sedov </tr> 150ae771770SStanislav Sedov <tr> 151ae771770SStanislav Sedov <td class="paramkey"></td> 152ae771770SStanislav Sedov <td></td> 153ae771770SStanislav Sedov <td class="paramtype">hx509_crl * </td> 154ae771770SStanislav Sedov <td class="paramname"> <em>crl</em></td><td> </td> 155ae771770SStanislav Sedov </tr> 156ae771770SStanislav Sedov <tr> 157ae771770SStanislav Sedov <td></td> 158ae771770SStanislav Sedov <td>)</td> 159ae771770SStanislav Sedov <td></td><td></td><td></td> 160ae771770SStanislav Sedov </tr> 161ae771770SStanislav Sedov </table> 162ae771770SStanislav Sedov</div> 163ae771770SStanislav Sedov<div class="memdoc"> 164ae771770SStanislav Sedov 165ae771770SStanislav Sedov<p> 166ae771770SStanislav SedovCreate a CRL context. Use <a class="el" href="group__hx509__verify.html#gb59b054be16d4607aed4001ee071ecb6">hx509_crl_free()</a> to free the CRL context.<p> 167ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 168ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 169ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>a hx509 context. </td></tr> 170ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>crl</em> </td><td>return pointer to a newly allocated CRL context.</td></tr> 171ae771770SStanislav Sedov </table> 172ae771770SStanislav Sedov</dl> 173ae771770SStanislav Sedov<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl> 174ae771770SStanislav Sedov 175ae771770SStanislav Sedov</div> 176ae771770SStanislav Sedov</div><p> 177ae771770SStanislav Sedov<a class="anchor" name="gb59b054be16d4607aed4001ee071ecb6"></a><!-- doxytag: member="revoke.c::hx509_crl_free" ref="gb59b054be16d4607aed4001ee071ecb6" args="(hx509_context context, hx509_crl *crl)" --> 178ae771770SStanislav Sedov<div class="memitem"> 179ae771770SStanislav Sedov<div class="memproto"> 180ae771770SStanislav Sedov <table class="memname"> 181ae771770SStanislav Sedov <tr> 182ae771770SStanislav Sedov <td class="memname">void hx509_crl_free </td> 183ae771770SStanislav Sedov <td>(</td> 184ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 185ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 186ae771770SStanislav Sedov </tr> 187ae771770SStanislav Sedov <tr> 188ae771770SStanislav Sedov <td class="paramkey"></td> 189ae771770SStanislav Sedov <td></td> 190ae771770SStanislav Sedov <td class="paramtype">hx509_crl * </td> 191ae771770SStanislav Sedov <td class="paramname"> <em>crl</em></td><td> </td> 192ae771770SStanislav Sedov </tr> 193ae771770SStanislav Sedov <tr> 194ae771770SStanislav Sedov <td></td> 195ae771770SStanislav Sedov <td>)</td> 196ae771770SStanislav Sedov <td></td><td></td><td></td> 197ae771770SStanislav Sedov </tr> 198ae771770SStanislav Sedov </table> 199ae771770SStanislav Sedov</div> 200ae771770SStanislav Sedov<div class="memdoc"> 201ae771770SStanislav Sedov 202ae771770SStanislav Sedov<p> 203ae771770SStanislav SedovFree a CRL context.<p> 204ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 205ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 206ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>a hx509 context. </td></tr> 207ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>crl</em> </td><td>a CRL context to free. </td></tr> 208ae771770SStanislav Sedov </table> 209ae771770SStanislav Sedov</dl> 210ae771770SStanislav Sedov 211ae771770SStanislav Sedov</div> 212ae771770SStanislav Sedov</div><p> 213ae771770SStanislav Sedov<a class="anchor" name="gaff0e82873a480d002cc7f1b69f430e8"></a><!-- doxytag: member="revoke.c::hx509_crl_lifetime" ref="gaff0e82873a480d002cc7f1b69f430e8" args="(hx509_context context, hx509_crl crl, int delta)" --> 214ae771770SStanislav Sedov<div class="memitem"> 215ae771770SStanislav Sedov<div class="memproto"> 216ae771770SStanislav Sedov <table class="memname"> 217ae771770SStanislav Sedov <tr> 218ae771770SStanislav Sedov <td class="memname">int hx509_crl_lifetime </td> 219ae771770SStanislav Sedov <td>(</td> 220ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 221ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 222ae771770SStanislav Sedov </tr> 223ae771770SStanislav Sedov <tr> 224ae771770SStanislav Sedov <td class="paramkey"></td> 225ae771770SStanislav Sedov <td></td> 226ae771770SStanislav Sedov <td class="paramtype">hx509_crl </td> 227ae771770SStanislav Sedov <td class="paramname"> <em>crl</em>, </td> 228ae771770SStanislav Sedov </tr> 229ae771770SStanislav Sedov <tr> 230ae771770SStanislav Sedov <td class="paramkey"></td> 231ae771770SStanislav Sedov <td></td> 232ae771770SStanislav Sedov <td class="paramtype">int </td> 233ae771770SStanislav Sedov <td class="paramname"> <em>delta</em></td><td> </td> 234ae771770SStanislav Sedov </tr> 235ae771770SStanislav Sedov <tr> 236ae771770SStanislav Sedov <td></td> 237ae771770SStanislav Sedov <td>)</td> 238ae771770SStanislav Sedov <td></td><td></td><td></td> 239ae771770SStanislav Sedov </tr> 240ae771770SStanislav Sedov </table> 241ae771770SStanislav Sedov</div> 242ae771770SStanislav Sedov<div class="memdoc"> 243ae771770SStanislav Sedov 244ae771770SStanislav Sedov<p> 245ae771770SStanislav SedovSet the lifetime of a CRL context.<p> 246ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 247ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 248ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>a hx509 context. </td></tr> 249ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>crl</em> </td><td>a CRL context </td></tr> 250ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>delta</em> </td><td>delta time the certificate is valid, library adds the current time to this.</td></tr> 251ae771770SStanislav Sedov </table> 252ae771770SStanislav Sedov</dl> 253ae771770SStanislav Sedov<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl> 254ae771770SStanislav Sedov 255ae771770SStanislav Sedov</div> 256ae771770SStanislav Sedov</div><p> 257ae771770SStanislav Sedov<a class="anchor" name="g7361cfd5f3b413ea4715977fae210760"></a><!-- doxytag: member="revoke.c::hx509_crl_sign" ref="g7361cfd5f3b413ea4715977fae210760" args="(hx509_context context, hx509_cert signer, hx509_crl crl, heim_octet_string *os)" --> 258ae771770SStanislav Sedov<div class="memitem"> 259ae771770SStanislav Sedov<div class="memproto"> 260ae771770SStanislav Sedov <table class="memname"> 261ae771770SStanislav Sedov <tr> 262ae771770SStanislav Sedov <td class="memname">int hx509_crl_sign </td> 263ae771770SStanislav Sedov <td>(</td> 264ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 265ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 266ae771770SStanislav Sedov </tr> 267ae771770SStanislav Sedov <tr> 268ae771770SStanislav Sedov <td class="paramkey"></td> 269ae771770SStanislav Sedov <td></td> 270ae771770SStanislav Sedov <td class="paramtype">hx509_cert </td> 271ae771770SStanislav Sedov <td class="paramname"> <em>signer</em>, </td> 272ae771770SStanislav Sedov </tr> 273ae771770SStanislav Sedov <tr> 274ae771770SStanislav Sedov <td class="paramkey"></td> 275ae771770SStanislav Sedov <td></td> 276ae771770SStanislav Sedov <td class="paramtype">hx509_crl </td> 277ae771770SStanislav Sedov <td class="paramname"> <em>crl</em>, </td> 278ae771770SStanislav Sedov </tr> 279ae771770SStanislav Sedov <tr> 280ae771770SStanislav Sedov <td class="paramkey"></td> 281ae771770SStanislav Sedov <td></td> 282ae771770SStanislav Sedov <td class="paramtype">heim_octet_string * </td> 283ae771770SStanislav Sedov <td class="paramname"> <em>os</em></td><td> </td> 284ae771770SStanislav Sedov </tr> 285ae771770SStanislav Sedov <tr> 286ae771770SStanislav Sedov <td></td> 287ae771770SStanislav Sedov <td>)</td> 288ae771770SStanislav Sedov <td></td><td></td><td></td> 289ae771770SStanislav Sedov </tr> 290ae771770SStanislav Sedov </table> 291ae771770SStanislav Sedov</div> 292ae771770SStanislav Sedov<div class="memdoc"> 293ae771770SStanislav Sedov 294ae771770SStanislav Sedov<p> 295ae771770SStanislav SedovSign a CRL and return an encode certificate.<p> 296ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 297ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 298ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>a hx509 context. </td></tr> 299ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>signer</em> </td><td>certificate to sign the CRL with </td></tr> 300ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>crl</em> </td><td>the CRL to sign </td></tr> 301ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>os</em> </td><td>return the signed and encoded CRL, free with free_heim_octet_string()</td></tr> 302ae771770SStanislav Sedov </table> 303ae771770SStanislav Sedov</dl> 304ae771770SStanislav Sedov<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl> 305ae771770SStanislav Sedov 306ae771770SStanislav Sedov</div> 307ae771770SStanislav Sedov</div><p> 308ae771770SStanislav Sedov<a class="anchor" name="ge7e5973c6c9a66d599c44d9473ade82a"></a><!-- doxytag: member="revoke.c::hx509_ocsp_verify" ref="ge7e5973c6c9a66d599c44d9473ade82a" args="(hx509_context context, time_t now, hx509_cert cert, int flags, const void *data, size_t length, time_t *expiration)" --> 309ae771770SStanislav Sedov<div class="memitem"> 310ae771770SStanislav Sedov<div class="memproto"> 311ae771770SStanislav Sedov <table class="memname"> 312ae771770SStanislav Sedov <tr> 313ae771770SStanislav Sedov <td class="memname">int hx509_ocsp_verify </td> 314ae771770SStanislav Sedov <td>(</td> 315ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 316ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 317ae771770SStanislav Sedov </tr> 318ae771770SStanislav Sedov <tr> 319ae771770SStanislav Sedov <td class="paramkey"></td> 320ae771770SStanislav Sedov <td></td> 321ae771770SStanislav Sedov <td class="paramtype">time_t </td> 322ae771770SStanislav Sedov <td class="paramname"> <em>now</em>, </td> 323ae771770SStanislav Sedov </tr> 324ae771770SStanislav Sedov <tr> 325ae771770SStanislav Sedov <td class="paramkey"></td> 326ae771770SStanislav Sedov <td></td> 327ae771770SStanislav Sedov <td class="paramtype">hx509_cert </td> 328ae771770SStanislav Sedov <td class="paramname"> <em>cert</em>, </td> 329ae771770SStanislav Sedov </tr> 330ae771770SStanislav Sedov <tr> 331ae771770SStanislav Sedov <td class="paramkey"></td> 332ae771770SStanislav Sedov <td></td> 333ae771770SStanislav Sedov <td class="paramtype">int </td> 334ae771770SStanislav Sedov <td class="paramname"> <em>flags</em>, </td> 335ae771770SStanislav Sedov </tr> 336ae771770SStanislav Sedov <tr> 337ae771770SStanislav Sedov <td class="paramkey"></td> 338ae771770SStanislav Sedov <td></td> 339ae771770SStanislav Sedov <td class="paramtype">const void * </td> 340ae771770SStanislav Sedov <td class="paramname"> <em>data</em>, </td> 341ae771770SStanislav Sedov </tr> 342ae771770SStanislav Sedov <tr> 343ae771770SStanislav Sedov <td class="paramkey"></td> 344ae771770SStanislav Sedov <td></td> 345ae771770SStanislav Sedov <td class="paramtype">size_t </td> 346ae771770SStanislav Sedov <td class="paramname"> <em>length</em>, </td> 347ae771770SStanislav Sedov </tr> 348ae771770SStanislav Sedov <tr> 349ae771770SStanislav Sedov <td class="paramkey"></td> 350ae771770SStanislav Sedov <td></td> 351ae771770SStanislav Sedov <td class="paramtype">time_t * </td> 352ae771770SStanislav Sedov <td class="paramname"> <em>expiration</em></td><td> </td> 353ae771770SStanislav Sedov </tr> 354ae771770SStanislav Sedov <tr> 355ae771770SStanislav Sedov <td></td> 356ae771770SStanislav Sedov <td>)</td> 357ae771770SStanislav Sedov <td></td><td></td><td></td> 358ae771770SStanislav Sedov </tr> 359ae771770SStanislav Sedov </table> 360ae771770SStanislav Sedov</div> 361ae771770SStanislav Sedov<div class="memdoc"> 362ae771770SStanislav Sedov 363ae771770SStanislav Sedov<p> 364ae771770SStanislav SedovVerify that the certificate is part of the OCSP reply and it's not expired. Doesn't verify signature the OCSP reply or it's done by a authorized sender, that is assumed to be already done.<p> 365ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 366ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 367ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>a hx509 context </td></tr> 368ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>now</em> </td><td>the time right now, if 0, use the current time. </td></tr> 369ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>cert</em> </td><td>the certificate to verify </td></tr> 370ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>flags</em> </td><td>flags control the behavior </td></tr> 371ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>data</em> </td><td>pointer to the encode ocsp reply </td></tr> 372ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>length</em> </td><td>the length of the encode ocsp reply </td></tr> 373ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>expiration</em> </td><td>return the time the OCSP will expire and need to be rechecked.</td></tr> 374ae771770SStanislav Sedov </table> 375ae771770SStanislav Sedov</dl> 376ae771770SStanislav Sedov<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl> 377ae771770SStanislav Sedov 378ae771770SStanislav Sedov</div> 379ae771770SStanislav Sedov</div><p> 380ae771770SStanislav Sedov<a class="anchor" name="gacc284cfe15ebfd4372aa0725d24e8a0"></a><!-- doxytag: member="cert.c::hx509_verify_attach_anchors" ref="gacc284cfe15ebfd4372aa0725d24e8a0" args="(hx509_verify_ctx ctx, hx509_certs set)" --> 381ae771770SStanislav Sedov<div class="memitem"> 382ae771770SStanislav Sedov<div class="memproto"> 383ae771770SStanislav Sedov <table class="memname"> 384ae771770SStanislav Sedov <tr> 385ae771770SStanislav Sedov <td class="memname">void hx509_verify_attach_anchors </td> 386ae771770SStanislav Sedov <td>(</td> 387ae771770SStanislav Sedov <td class="paramtype">hx509_verify_ctx </td> 388ae771770SStanislav Sedov <td class="paramname"> <em>ctx</em>, </td> 389ae771770SStanislav Sedov </tr> 390ae771770SStanislav Sedov <tr> 391ae771770SStanislav Sedov <td class="paramkey"></td> 392ae771770SStanislav Sedov <td></td> 393ae771770SStanislav Sedov <td class="paramtype">hx509_certs </td> 394ae771770SStanislav Sedov <td class="paramname"> <em>set</em></td><td> </td> 395ae771770SStanislav Sedov </tr> 396ae771770SStanislav Sedov <tr> 397ae771770SStanislav Sedov <td></td> 398ae771770SStanislav Sedov <td>)</td> 399ae771770SStanislav Sedov <td></td><td></td><td></td> 400ae771770SStanislav Sedov </tr> 401ae771770SStanislav Sedov </table> 402ae771770SStanislav Sedov</div> 403ae771770SStanislav Sedov<div class="memdoc"> 404ae771770SStanislav Sedov 405ae771770SStanislav Sedov<p> 406ae771770SStanislav SedovSet the trust anchors in the verification context, makes an reference to the keyset, so the consumer can free the keyset independent of the destruction of the verification context (ctx). If there already is a keyset attached, it's released.<p> 407ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 408ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 409ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>a verification context </td></tr> 410ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>set</em> </td><td>a keyset containing the trust anchors. </td></tr> 411ae771770SStanislav Sedov </table> 412ae771770SStanislav Sedov</dl> 413ae771770SStanislav Sedov 414ae771770SStanislav Sedov</div> 415ae771770SStanislav Sedov</div><p> 416ae771770SStanislav Sedov<a class="anchor" name="gaf1e783c744e3ce3918d7c00f101f1fc"></a><!-- doxytag: member="cert.c::hx509_verify_attach_revoke" ref="gaf1e783c744e3ce3918d7c00f101f1fc" args="(hx509_verify_ctx ctx, hx509_revoke_ctx revoke_ctx)" --> 417ae771770SStanislav Sedov<div class="memitem"> 418ae771770SStanislav Sedov<div class="memproto"> 419ae771770SStanislav Sedov <table class="memname"> 420ae771770SStanislav Sedov <tr> 421ae771770SStanislav Sedov <td class="memname">void hx509_verify_attach_revoke </td> 422ae771770SStanislav Sedov <td>(</td> 423ae771770SStanislav Sedov <td class="paramtype">hx509_verify_ctx </td> 424ae771770SStanislav Sedov <td class="paramname"> <em>ctx</em>, </td> 425ae771770SStanislav Sedov </tr> 426ae771770SStanislav Sedov <tr> 427ae771770SStanislav Sedov <td class="paramkey"></td> 428ae771770SStanislav Sedov <td></td> 429ae771770SStanislav Sedov <td class="paramtype">hx509_revoke_ctx </td> 430ae771770SStanislav Sedov <td class="paramname"> <em>revoke_ctx</em></td><td> </td> 431ae771770SStanislav Sedov </tr> 432ae771770SStanislav Sedov <tr> 433ae771770SStanislav Sedov <td></td> 434ae771770SStanislav Sedov <td>)</td> 435ae771770SStanislav Sedov <td></td><td></td><td></td> 436ae771770SStanislav Sedov </tr> 437ae771770SStanislav Sedov </table> 438ae771770SStanislav Sedov</div> 439ae771770SStanislav Sedov<div class="memdoc"> 440ae771770SStanislav Sedov 441ae771770SStanislav Sedov<p> 442ae771770SStanislav SedovAttach an revocation context to the verfication context, , makes an reference to the revoke context, so the consumer can free the revoke context independent of the destruction of the verification context. If there is no revoke context, the verification process is NOT going to check any verification status.<p> 443ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 444ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 445ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>a verification context. </td></tr> 446ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>revoke_ctx</em> </td><td>a revoke context. </td></tr> 447ae771770SStanislav Sedov </table> 448ae771770SStanislav Sedov</dl> 449ae771770SStanislav Sedov 450ae771770SStanislav Sedov</div> 451ae771770SStanislav Sedov</div><p> 452ae771770SStanislav Sedov<a class="anchor" name="ga90ca3387075fbdf3ae014beda0b4108"></a><!-- doxytag: member="cert.c::hx509_verify_destroy_ctx" ref="ga90ca3387075fbdf3ae014beda0b4108" args="(hx509_verify_ctx ctx)" --> 453ae771770SStanislav Sedov<div class="memitem"> 454ae771770SStanislav Sedov<div class="memproto"> 455ae771770SStanislav Sedov <table class="memname"> 456ae771770SStanislav Sedov <tr> 457ae771770SStanislav Sedov <td class="memname">void hx509_verify_destroy_ctx </td> 458ae771770SStanislav Sedov <td>(</td> 459ae771770SStanislav Sedov <td class="paramtype">hx509_verify_ctx </td> 460ae771770SStanislav Sedov <td class="paramname"> <em>ctx</em> </td> 461ae771770SStanislav Sedov <td> ) </td> 462ae771770SStanislav Sedov <td></td> 463ae771770SStanislav Sedov </tr> 464ae771770SStanislav Sedov </table> 465ae771770SStanislav Sedov</div> 466ae771770SStanislav Sedov<div class="memdoc"> 467ae771770SStanislav Sedov 468ae771770SStanislav Sedov<p> 469ae771770SStanislav SedovFree an hx509 verification context.<p> 470ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 471ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 472ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>the context to be freed. </td></tr> 473ae771770SStanislav Sedov </table> 474ae771770SStanislav Sedov</dl> 475ae771770SStanislav Sedov 476ae771770SStanislav Sedov</div> 477ae771770SStanislav Sedov</div><p> 478ae771770SStanislav Sedov<a class="anchor" name="g53a78d7c374e238354600b754f8ef4c7"></a><!-- doxytag: member="cert.c::hx509_verify_init_ctx" ref="g53a78d7c374e238354600b754f8ef4c7" args="(hx509_context context, hx509_verify_ctx *ctx)" --> 479ae771770SStanislav Sedov<div class="memitem"> 480ae771770SStanislav Sedov<div class="memproto"> 481ae771770SStanislav Sedov <table class="memname"> 482ae771770SStanislav Sedov <tr> 483ae771770SStanislav Sedov <td class="memname">int hx509_verify_init_ctx </td> 484ae771770SStanislav Sedov <td>(</td> 485ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 486ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 487ae771770SStanislav Sedov </tr> 488ae771770SStanislav Sedov <tr> 489ae771770SStanislav Sedov <td class="paramkey"></td> 490ae771770SStanislav Sedov <td></td> 491ae771770SStanislav Sedov <td class="paramtype">hx509_verify_ctx * </td> 492ae771770SStanislav Sedov <td class="paramname"> <em>ctx</em></td><td> </td> 493ae771770SStanislav Sedov </tr> 494ae771770SStanislav Sedov <tr> 495ae771770SStanislav Sedov <td></td> 496ae771770SStanislav Sedov <td>)</td> 497ae771770SStanislav Sedov <td></td><td></td><td></td> 498ae771770SStanislav Sedov </tr> 499ae771770SStanislav Sedov </table> 500ae771770SStanislav Sedov</div> 501ae771770SStanislav Sedov<div class="memdoc"> 502ae771770SStanislav Sedov 503ae771770SStanislav Sedov<p> 504ae771770SStanislav SedovAllocate an verification context that is used fo control the verification process.<p> 505ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 506ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 507ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr> 508ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>returns a pointer to a hx509_verify_ctx object.</td></tr> 509ae771770SStanislav Sedov </table> 510ae771770SStanislav Sedov</dl> 511ae771770SStanislav Sedov<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl> 512ae771770SStanislav Sedov 513ae771770SStanislav Sedov</div> 514ae771770SStanislav Sedov</div><p> 515ae771770SStanislav Sedov<a class="anchor" name="g1e84c0d08972e2dd87ba89f105183914"></a><!-- doxytag: member="cert.c::hx509_verify_path" ref="g1e84c0d08972e2dd87ba89f105183914" args="(hx509_context context, hx509_verify_ctx ctx, hx509_cert cert, hx509_certs pool)" --> 516ae771770SStanislav Sedov<div class="memitem"> 517ae771770SStanislav Sedov<div class="memproto"> 518ae771770SStanislav Sedov <table class="memname"> 519ae771770SStanislav Sedov <tr> 520ae771770SStanislav Sedov <td class="memname">int hx509_verify_path </td> 521ae771770SStanislav Sedov <td>(</td> 522ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 523ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 524ae771770SStanislav Sedov </tr> 525ae771770SStanislav Sedov <tr> 526ae771770SStanislav Sedov <td class="paramkey"></td> 527ae771770SStanislav Sedov <td></td> 528ae771770SStanislav Sedov <td class="paramtype">hx509_verify_ctx </td> 529ae771770SStanislav Sedov <td class="paramname"> <em>ctx</em>, </td> 530ae771770SStanislav Sedov </tr> 531ae771770SStanislav Sedov <tr> 532ae771770SStanislav Sedov <td class="paramkey"></td> 533ae771770SStanislav Sedov <td></td> 534ae771770SStanislav Sedov <td class="paramtype">hx509_cert </td> 535ae771770SStanislav Sedov <td class="paramname"> <em>cert</em>, </td> 536ae771770SStanislav Sedov </tr> 537ae771770SStanislav Sedov <tr> 538ae771770SStanislav Sedov <td class="paramkey"></td> 539ae771770SStanislav Sedov <td></td> 540ae771770SStanislav Sedov <td class="paramtype">hx509_certs </td> 541ae771770SStanislav Sedov <td class="paramname"> <em>pool</em></td><td> </td> 542ae771770SStanislav Sedov </tr> 543ae771770SStanislav Sedov <tr> 544ae771770SStanislav Sedov <td></td> 545ae771770SStanislav Sedov <td>)</td> 546ae771770SStanislav Sedov <td></td><td></td><td></td> 547ae771770SStanislav Sedov </tr> 548ae771770SStanislav Sedov </table> 549ae771770SStanislav Sedov</div> 550ae771770SStanislav Sedov<div class="memdoc"> 551ae771770SStanislav Sedov 552ae771770SStanislav Sedov<p> 553ae771770SStanislav SedovBuild and verify the path for the certificate to the trust anchor specified in the verify context. The path is constructed from the certificate, the pool and the trust anchors.<p> 554ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 555ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 556ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr> 557ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>A hx509 verification context. </td></tr> 558ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>cert</em> </td><td>the certificate to build the path from. </td></tr> 559ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>pool</em> </td><td>A keyset of certificates to build the chain from.</td></tr> 560ae771770SStanislav Sedov </table> 561ae771770SStanislav Sedov</dl> 562ae771770SStanislav Sedov<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl> 563ae771770SStanislav Sedov 564ae771770SStanislav Sedov</div> 565ae771770SStanislav Sedov</div><p> 566ae771770SStanislav Sedov<a class="anchor" name="g11a6fe7afbd5cee1af2dedeffcaad33c"></a><!-- doxytag: member="cert.c::hx509_verify_set_max_depth" ref="g11a6fe7afbd5cee1af2dedeffcaad33c" args="(hx509_verify_ctx ctx, unsigned int max_depth)" --> 567ae771770SStanislav Sedov<div class="memitem"> 568ae771770SStanislav Sedov<div class="memproto"> 569ae771770SStanislav Sedov <table class="memname"> 570ae771770SStanislav Sedov <tr> 571ae771770SStanislav Sedov <td class="memname">void hx509_verify_set_max_depth </td> 572ae771770SStanislav Sedov <td>(</td> 573ae771770SStanislav Sedov <td class="paramtype">hx509_verify_ctx </td> 574ae771770SStanislav Sedov <td class="paramname"> <em>ctx</em>, </td> 575ae771770SStanislav Sedov </tr> 576ae771770SStanislav Sedov <tr> 577ae771770SStanislav Sedov <td class="paramkey"></td> 578ae771770SStanislav Sedov <td></td> 579ae771770SStanislav Sedov <td class="paramtype">unsigned int </td> 580ae771770SStanislav Sedov <td class="paramname"> <em>max_depth</em></td><td> </td> 581ae771770SStanislav Sedov </tr> 582ae771770SStanislav Sedov <tr> 583ae771770SStanislav Sedov <td></td> 584ae771770SStanislav Sedov <td>)</td> 585ae771770SStanislav Sedov <td></td><td></td><td></td> 586ae771770SStanislav Sedov </tr> 587ae771770SStanislav Sedov </table> 588ae771770SStanislav Sedov</div> 589ae771770SStanislav Sedov<div class="memdoc"> 590ae771770SStanislav Sedov 591ae771770SStanislav Sedov<p> 592ae771770SStanislav SedovSet the maximum depth of the certificate chain that the path builder is going to try.<p> 593ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 594ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 595ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>a verification context </td></tr> 596ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>max_depth</em> </td><td>maxium depth of the certificate chain, include trust anchor. </td></tr> 597ae771770SStanislav Sedov </table> 598ae771770SStanislav Sedov</dl> 599ae771770SStanislav Sedov 600ae771770SStanislav Sedov</div> 601ae771770SStanislav Sedov</div><p> 602ae771770SStanislav Sedov<a class="anchor" name="g50cae1e3d318471ff444770cfec4b0a8"></a><!-- doxytag: member="cert.c::hx509_verify_set_proxy_certificate" ref="g50cae1e3d318471ff444770cfec4b0a8" args="(hx509_verify_ctx ctx, int boolean)" --> 603ae771770SStanislav Sedov<div class="memitem"> 604ae771770SStanislav Sedov<div class="memproto"> 605ae771770SStanislav Sedov <table class="memname"> 606ae771770SStanislav Sedov <tr> 607ae771770SStanislav Sedov <td class="memname">void hx509_verify_set_proxy_certificate </td> 608ae771770SStanislav Sedov <td>(</td> 609ae771770SStanislav Sedov <td class="paramtype">hx509_verify_ctx </td> 610ae771770SStanislav Sedov <td class="paramname"> <em>ctx</em>, </td> 611ae771770SStanislav Sedov </tr> 612ae771770SStanislav Sedov <tr> 613ae771770SStanislav Sedov <td class="paramkey"></td> 614ae771770SStanislav Sedov <td></td> 615ae771770SStanislav Sedov <td class="paramtype">int </td> 616ae771770SStanislav Sedov <td class="paramname"> <em>boolean</em></td><td> </td> 617ae771770SStanislav Sedov </tr> 618ae771770SStanislav Sedov <tr> 619ae771770SStanislav Sedov <td></td> 620ae771770SStanislav Sedov <td>)</td> 621ae771770SStanislav Sedov <td></td><td></td><td></td> 622ae771770SStanislav Sedov </tr> 623ae771770SStanislav Sedov </table> 624ae771770SStanislav Sedov</div> 625ae771770SStanislav Sedov<div class="memdoc"> 626ae771770SStanislav Sedov 627ae771770SStanislav Sedov<p> 628ae771770SStanislav SedovAllow or deny the use of proxy certificates<p> 629ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 630ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 631ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>a verification context </td></tr> 632ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>boolean</em> </td><td>if non zero, allow proxy certificates. </td></tr> 633ae771770SStanislav Sedov </table> 634ae771770SStanislav Sedov</dl> 635ae771770SStanislav Sedov 636ae771770SStanislav Sedov</div> 637ae771770SStanislav Sedov</div><p> 638ae771770SStanislav Sedov<a class="anchor" name="g7c301cedab40be9a495dea2778202140"></a><!-- doxytag: member="cert.c::hx509_verify_set_strict_rfc3280_verification" ref="g7c301cedab40be9a495dea2778202140" args="(hx509_verify_ctx ctx, int boolean)" --> 639ae771770SStanislav Sedov<div class="memitem"> 640ae771770SStanislav Sedov<div class="memproto"> 641ae771770SStanislav Sedov <table class="memname"> 642ae771770SStanislav Sedov <tr> 643ae771770SStanislav Sedov <td class="memname">void hx509_verify_set_strict_rfc3280_verification </td> 644ae771770SStanislav Sedov <td>(</td> 645ae771770SStanislav Sedov <td class="paramtype">hx509_verify_ctx </td> 646ae771770SStanislav Sedov <td class="paramname"> <em>ctx</em>, </td> 647ae771770SStanislav Sedov </tr> 648ae771770SStanislav Sedov <tr> 649ae771770SStanislav Sedov <td class="paramkey"></td> 650ae771770SStanislav Sedov <td></td> 651ae771770SStanislav Sedov <td class="paramtype">int </td> 652ae771770SStanislav Sedov <td class="paramname"> <em>boolean</em></td><td> </td> 653ae771770SStanislav Sedov </tr> 654ae771770SStanislav Sedov <tr> 655ae771770SStanislav Sedov <td></td> 656ae771770SStanislav Sedov <td>)</td> 657ae771770SStanislav Sedov <td></td><td></td><td></td> 658ae771770SStanislav Sedov </tr> 659ae771770SStanislav Sedov </table> 660ae771770SStanislav Sedov</div> 661ae771770SStanislav Sedov<div class="memdoc"> 662ae771770SStanislav Sedov 663ae771770SStanislav Sedov<p> 664ae771770SStanislav SedovSelect strict RFC3280 verification of certificiates. This means checking key usage on CA certificates, this will make version 1 certificiates unuseable.<p> 665ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 666ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 667ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>a verification context </td></tr> 668ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>boolean</em> </td><td>if non zero, use strict verification. </td></tr> 669ae771770SStanislav Sedov </table> 670ae771770SStanislav Sedov</dl> 671ae771770SStanislav Sedov 672ae771770SStanislav Sedov</div> 673ae771770SStanislav Sedov</div><p> 674ae771770SStanislav Sedov<a class="anchor" name="g1490c2944163f25cf02377bae5d0ab37"></a><!-- doxytag: member="cert.c::hx509_verify_set_time" ref="g1490c2944163f25cf02377bae5d0ab37" args="(hx509_verify_ctx ctx, time_t t)" --> 675ae771770SStanislav Sedov<div class="memitem"> 676ae771770SStanislav Sedov<div class="memproto"> 677ae771770SStanislav Sedov <table class="memname"> 678ae771770SStanislav Sedov <tr> 679ae771770SStanislav Sedov <td class="memname">void hx509_verify_set_time </td> 680ae771770SStanislav Sedov <td>(</td> 681ae771770SStanislav Sedov <td class="paramtype">hx509_verify_ctx </td> 682ae771770SStanislav Sedov <td class="paramname"> <em>ctx</em>, </td> 683ae771770SStanislav Sedov </tr> 684ae771770SStanislav Sedov <tr> 685ae771770SStanislav Sedov <td class="paramkey"></td> 686ae771770SStanislav Sedov <td></td> 687ae771770SStanislav Sedov <td class="paramtype">time_t </td> 688ae771770SStanislav Sedov <td class="paramname"> <em>t</em></td><td> </td> 689ae771770SStanislav Sedov </tr> 690ae771770SStanislav Sedov <tr> 691ae771770SStanislav Sedov <td></td> 692ae771770SStanislav Sedov <td>)</td> 693ae771770SStanislav Sedov <td></td><td></td><td></td> 694ae771770SStanislav Sedov </tr> 695ae771770SStanislav Sedov </table> 696ae771770SStanislav Sedov</div> 697ae771770SStanislav Sedov<div class="memdoc"> 698ae771770SStanislav Sedov 699ae771770SStanislav Sedov<p> 700ae771770SStanislav SedovSet the clock time the the verification process is going to use. Used to check certificate in the past and future time. If not set the current time will be used.<p> 701ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 702ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 703ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>a verification context. </td></tr> 704ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>t</em> </td><td>the time the verifiation is using. </td></tr> 705ae771770SStanislav Sedov </table> 706ae771770SStanislav Sedov</dl> 707ae771770SStanislav Sedov 708ae771770SStanislav Sedov</div> 709ae771770SStanislav Sedov</div><p> 710ae771770SStanislav Sedov</div> 711ae771770SStanislav Sedov<hr size="1"><address style="text-align: right;"><small> 712*cf771f22SStanislav SedovGenerated on Wed Jan 11 14:07:40 2012 for Heimdalx509library by <a href="http://www.doxygen.org/index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.6</small></address> 713ae771770SStanislav Sedov</body> 714ae771770SStanislav Sedov</html> 715
