xref: /freebsd/crypto/openssl/doc/man3/TS_VERIFY_CTX_set_certs.pod (revision aa1a8ff2d6dbc51ef058f46f3db5a8bb77967145) 
1=pod
2
3=head1 NAME
4
5TS_VERIFY_CTX_set_certs, TS_VERIFY_CTS_set_certs
6- set certificates for TS response verification
7
8=head1 SYNOPSIS
9
10 #include <openssl/ts.h>
11
12 STACK_OF(X509) *TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX *ctx,
13                                         STACK_OF(X509) *certs);
14 STACK_OF(X509) *TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX *ctx,
15                                         STACK_OF(X509) *certs);
16
17=head1 DESCRIPTION
18
19The Time-Stamp Protocol (TSP) is defined by RFC 3161. TSP is a protocol used to
20provide long term proof of the existence of a certain datum before a particular
21time. TSP defines a Time Stamping Authority (TSA) and an entity who shall make
22requests to the TSA. Usually the TSA is denoted as the server side and the
23requesting entity is denoted as the client.
24
25In TSP, when a server is sending a response to a client, the server normally
26needs to sign the response data - the TimeStampToken (TST) - with its private
27key. Then the client shall verify the received TST by the server's certificate
28chain.
29
30TS_VERIFY_CTX_set_certs() is used to set the server's certificate chain when
31verifying a TST. B<ctx> is the verification context created in advance and
32B<certs> is a stack of B<X509> certificates.
33
34TS_VERIFY_CTS_set_certs() is a misspelled version of TS_VERIFY_CTX_set_certs()
35which takes the same parameters and returns the same result.
36
37=head1 RETURN VALUES
38
39TS_VERIFY_CTX_set_certs() returns the stack of B<X509> certificates the user
40passes in via parameter B<certs>.
41
42=head1 SEE ALSO
43
44L<OSSL_ESS_check_signing_certs(3)>
45
46=head1 HISTORY
47
48The spelling of TS_VERIFY_CTX_set_certs() was corrected in OpenSSL 3.0.0.
49The misspelled version TS_VERIFY_CTS_set_certs() has been retained for
50compatibility reasons, but it is deprecated in OpenSSL 3.0.0.
51
52=head1 COPYRIGHT
53
54Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
55
56Licensed under the Apache License 2.0 (the "License").  You may not use
57this file except in compliance with the License.  You can obtain a copy
58in the file LICENSE in the source distribution or at
59L<https://www.openssl.org/source/license.html>.
60
61=cut
62