summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_vfy.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509/x509_vfy.c')
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c221
1 files changed, 78 insertions, 143 deletions
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index c1be91edba..c72ee4a385 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -62,25 +62,19 @@
62#include <sys/types.h> 62#include <sys/types.h>
63#include <sys/stat.h> 63#include <sys/stat.h>
64 64
65#include "crypto.h" 65#include <openssl/crypto.h>
66#include "cryptlib.h" 66#include "cryptlib.h"
67#include "lhash.h" 67#include <openssl/lhash.h>
68#include "buffer.h" 68#include <openssl/buffer.h>
69#include "evp.h" 69#include <openssl/evp.h>
70#include "asn1.h" 70#include <openssl/asn1.h>
71#include "x509.h" 71#include <openssl/x509.h>
72#include "objects.h" 72#include <openssl/objects.h>
73#include "pem.h" 73
74
75#ifndef NOPROTO
76static int null_callback(int ok,X509_STORE_CTX *e); 74static int null_callback(int ok,X509_STORE_CTX *e);
77static int internal_verify(X509_STORE_CTX *ctx); 75static int internal_verify(X509_STORE_CTX *ctx);
78#else 76const char *X509_version="X.509" OPENSSL_VERSION_PTEXT;
79static int null_callback();
80static int internal_verify();
81#endif
82 77
83char *X509_version="X509 part of SSLeay 0.9.0b 29-Jun-1998";
84static STACK *x509_store_ctx_method=NULL; 78static STACK *x509_store_ctx_method=NULL;
85static int x509_store_ctx_num=0; 79static int x509_store_ctx_num=0;
86#if 0 80#if 0
@@ -88,23 +82,19 @@ static int x509_store_num=1;
88static STACK *x509_store_method=NULL; 82static STACK *x509_store_method=NULL;
89#endif 83#endif
90 84
91static int null_callback(ok,e) 85static int null_callback(int ok, X509_STORE_CTX *e)
92int ok;
93X509_STORE_CTX *e;
94 { 86 {
95 return(ok); 87 return(ok);
96 } 88 }
97 89
98#if 0 90#if 0
99static int x509_subject_cmp(a,b) 91static int x509_subject_cmp(X509 **a, X509 **b)
100X509 **a,**b;
101 { 92 {
102 return(X509_subject_name_cmp(*a,*b)); 93 return(X509_subject_name_cmp(*a,*b));
103 } 94 }
104#endif 95#endif
105 96
106int X509_verify_cert(ctx) 97int X509_verify_cert(X509_STORE_CTX *ctx)
107X509_STORE_CTX *ctx;
108 { 98 {
109 X509 *x,*xtmp,*chain_ss=NULL; 99 X509 *x,*xtmp,*chain_ss=NULL;
110 X509_NAME *xn; 100 X509_NAME *xn;
@@ -112,7 +102,7 @@ X509_STORE_CTX *ctx;
112 int depth,i,ok=0; 102 int depth,i,ok=0;
113 int num; 103 int num;
114 int (*cb)(); 104 int (*cb)();
115 STACK *sktmp=NULL; 105 STACK_OF(X509) *sktmp=NULL;
116 106
117 if (ctx->cert == NULL) 107 if (ctx->cert == NULL)
118 { 108 {
@@ -127,8 +117,8 @@ X509_STORE_CTX *ctx;
127 * present and that the first entry is in place */ 117 * present and that the first entry is in place */
128 if (ctx->chain == NULL) 118 if (ctx->chain == NULL)
129 { 119 {
130 if ( ((ctx->chain=sk_new_null()) == NULL) || 120 if ( ((ctx->chain=sk_X509_new_null()) == NULL) ||
131 (!sk_push(ctx->chain,(char *)ctx->cert))) 121 (!sk_X509_push(ctx->chain,ctx->cert)))
132 { 122 {
133 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 123 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
134 goto end; 124 goto end;
@@ -138,21 +128,26 @@ X509_STORE_CTX *ctx;
138 } 128 }
139 129
140 /* We use a temporary so we can chop and hack at it */ 130 /* We use a temporary so we can chop and hack at it */
141 if ((ctx->untrusted != NULL) && (sktmp=sk_dup(ctx->untrusted)) == NULL) 131 if (ctx->untrusted != NULL
132 && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL)
142 { 133 {
143 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 134 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
144 goto end; 135 goto end;
145 } 136 }
146 137
147 num=sk_num(ctx->chain); 138 num=sk_X509_num(ctx->chain);
148 x=(X509 *)sk_value(ctx->chain,num-1); 139 x=sk_X509_value(ctx->chain,num-1);
149 depth=ctx->depth; 140 depth=ctx->depth;
150 141
151 142
152 for (;;) 143 for (;;)
153 { 144 {
154 /* If we have enough, we break */ 145 /* If we have enough, we break */
155 if (depth <= num) break; 146 if (depth < num) break; /* FIXME: If this happens, we should take
147 * note of it and, if appropriate, use the
148 * X509_V_ERR_CERT_CHAIN_TOO_LONG error
149 * code later.
150 */
156 151
157 /* If we are self signed, we break */ 152 /* If we are self signed, we break */
158 xn=X509_get_issuer_name(x); 153 xn=X509_get_issuer_name(x);
@@ -165,13 +160,13 @@ X509_STORE_CTX *ctx;
165 xtmp=X509_find_by_subject(sktmp,xn); 160 xtmp=X509_find_by_subject(sktmp,xn);
166 if (xtmp != NULL) 161 if (xtmp != NULL)
167 { 162 {
168 if (!sk_push(ctx->chain,(char *)xtmp)) 163 if (!sk_X509_push(ctx->chain,xtmp))
169 { 164 {
170 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 165 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
171 goto end; 166 goto end;
172 } 167 }
173 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); 168 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
174 sk_delete_ptr(sktmp,(char *)xtmp); 169 sk_X509_delete_ptr(sktmp,xtmp);
175 ctx->last_untrusted++; 170 ctx->last_untrusted++;
176 x=xtmp; 171 x=xtmp;
177 num++; 172 num++;
@@ -187,13 +182,13 @@ X509_STORE_CTX *ctx;
187 * certificates. We now need to add at least one trusted one, 182 * certificates. We now need to add at least one trusted one,
188 * if possible, otherwise we complain. */ 183 * if possible, otherwise we complain. */
189 184
190 i=sk_num(ctx->chain); 185 i=sk_X509_num(ctx->chain);
191 x=(X509 *)sk_value(ctx->chain,i-1); 186 x=sk_X509_value(ctx->chain,i-1);
192 if (X509_NAME_cmp(X509_get_subject_name(x),X509_get_issuer_name(x)) 187 if (X509_NAME_cmp(X509_get_subject_name(x),X509_get_issuer_name(x))
193 == 0) 188 == 0)
194 { 189 {
195 /* we have a self signed certificate */ 190 /* we have a self signed certificate */
196 if (sk_num(ctx->chain) == 1) 191 if (sk_X509_num(ctx->chain) == 1)
197 { 192 {
198 ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; 193 ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
199 ctx->current_cert=x; 194 ctx->current_cert=x;
@@ -204,10 +199,10 @@ X509_STORE_CTX *ctx;
204 else 199 else
205 { 200 {
206 /* worry more about this one elsewhere */ 201 /* worry more about this one elsewhere */
207 chain_ss=(X509 *)sk_pop(ctx->chain); 202 chain_ss=sk_X509_pop(ctx->chain);
208 ctx->last_untrusted--; 203 ctx->last_untrusted--;
209 num--; 204 num--;
210 x=(X509 *)sk_value(ctx->chain,num-1); 205 x=sk_X509_value(ctx->chain,num-1);
211 } 206 }
212 } 207 }
213 208
@@ -215,7 +210,7 @@ X509_STORE_CTX *ctx;
215 for (;;) 210 for (;;)
216 { 211 {
217 /* If we have enough, we break */ 212 /* If we have enough, we break */
218 if (depth <= num) break; 213 if (depth < num) break;
219 214
220 /* If we are self signed, we break */ 215 /* If we are self signed, we break */
221 xn=X509_get_issuer_name(x); 216 xn=X509_get_issuer_name(x);
@@ -240,7 +235,7 @@ X509_STORE_CTX *ctx;
240 break; 235 break;
241 } 236 }
242 x=obj.data.x509; 237 x=obj.data.x509;
243 if (!sk_push(ctx->chain,(char *)obj.data.x509)) 238 if (!sk_X509_push(ctx->chain,obj.data.x509))
244 { 239 {
245 X509_OBJECT_free_contents(&obj); 240 X509_OBJECT_free_contents(&obj);
246 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 241 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
@@ -264,7 +259,7 @@ X509_STORE_CTX *ctx;
264 else 259 else
265 { 260 {
266 261
267 sk_push(ctx->chain,(char *)chain_ss); 262 sk_X509_push(ctx->chain,chain_ss);
268 num++; 263 num++;
269 ctx->last_untrusted=num; 264 ctx->last_untrusted=num;
270 ctx->current_cert=chain_ss; 265 ctx->current_cert=chain_ss;
@@ -285,14 +280,17 @@ X509_STORE_CTX *ctx;
285 ok=ctx->ctx->verify(ctx); 280 ok=ctx->ctx->verify(ctx);
286 else 281 else
287 ok=internal_verify(ctx); 282 ok=internal_verify(ctx);
283 if (0)
284 {
288end: 285end:
289 if (sktmp != NULL) sk_free(sktmp); 286 X509_get_pubkey_parameters(NULL,ctx->chain);
287 }
288 if (sktmp != NULL) sk_X509_free(sktmp);
290 if (chain_ss != NULL) X509_free(chain_ss); 289 if (chain_ss != NULL) X509_free(chain_ss);
291 return(ok); 290 return(ok);
292 } 291 }
293 292
294static int internal_verify(ctx) 293static int internal_verify(X509_STORE_CTX *ctx)
295X509_STORE_CTX *ctx;
296 { 294 {
297 int i,ok=0,n; 295 int i,ok=0,n;
298 X509 *xs,*xi; 296 X509 *xs,*xi;
@@ -302,10 +300,10 @@ X509_STORE_CTX *ctx;
302 cb=ctx->ctx->verify_cb; 300 cb=ctx->ctx->verify_cb;
303 if (cb == NULL) cb=null_callback; 301 if (cb == NULL) cb=null_callback;
304 302
305 n=sk_num(ctx->chain); 303 n=sk_X509_num(ctx->chain);
306 ctx->error_depth=n-1; 304 ctx->error_depth=n-1;
307 n--; 305 n--;
308 xi=(X509 *)sk_value(ctx->chain,n); 306 xi=sk_X509_value(ctx->chain,n);
309 if (X509_NAME_cmp(X509_get_subject_name(xi), 307 if (X509_NAME_cmp(X509_get_subject_name(xi),
310 X509_get_issuer_name(xi)) == 0) 308 X509_get_issuer_name(xi)) == 0)
311 xs=xi; 309 xs=xi;
@@ -322,7 +320,7 @@ X509_STORE_CTX *ctx;
322 { 320 {
323 n--; 321 n--;
324 ctx->error_depth=n; 322 ctx->error_depth=n;
325 xs=(X509 *)sk_value(ctx->chain,n); 323 xs=sk_X509_value(ctx->chain,n);
326 } 324 }
327 } 325 }
328 326
@@ -341,11 +339,13 @@ X509_STORE_CTX *ctx;
341 } 339 }
342 if (X509_verify(xs,pkey) <= 0) 340 if (X509_verify(xs,pkey) <= 0)
343 { 341 {
342 EVP_PKEY_free(pkey);
344 ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; 343 ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
345 ctx->current_cert=xs; 344 ctx->current_cert=xs;
346 ok=(*cb)(0,ctx); 345 ok=(*cb)(0,ctx);
347 if (!ok) goto end; 346 if (!ok) goto end;
348 } 347 }
348 EVP_PKEY_free(pkey);
349 pkey=NULL; 349 pkey=NULL;
350 350
351 i=X509_cmp_current_time(X509_get_notBefore(xs)); 351 i=X509_cmp_current_time(X509_get_notBefore(xs));
@@ -394,7 +394,7 @@ X509_STORE_CTX *ctx;
394 if (n >= 0) 394 if (n >= 0)
395 { 395 {
396 xi=xs; 396 xi=xs;
397 xs=(X509 *)sk_value(ctx->chain,n); 397 xs=sk_X509_value(ctx->chain,n);
398 } 398 }
399 } 399 }
400 ok=1; 400 ok=1;
@@ -402,8 +402,7 @@ end:
402 return(ok); 402 return(ok);
403 } 403 }
404 404
405int X509_cmp_current_time(ctm) 405int X509_cmp_current_time(ASN1_UTCTIME *ctm)
406ASN1_UTCTIME *ctm;
407 { 406 {
408 char *str; 407 char *str;
409 ASN1_UTCTIME atm; 408 ASN1_UTCTIME atm;
@@ -434,7 +433,7 @@ ASN1_UTCTIME *ctm;
434 offset=((str[1]-'0')*10+(str[2]-'0'))*60; 433 offset=((str[1]-'0')*10+(str[2]-'0'))*60;
435 offset+=(str[3]-'0')*10+(str[4]-'0'); 434 offset+=(str[3]-'0')*10+(str[4]-'0');
436 if (*str == '-') 435 if (*str == '-')
437 offset=-offset; 436 offset= -offset;
438 } 437 }
439 atm.type=V_ASN1_UTCTIME; 438 atm.type=V_ASN1_UTCTIME;
440 atm.length=sizeof(buff2); 439 atm.length=sizeof(buff2);
@@ -443,9 +442,9 @@ ASN1_UTCTIME *ctm;
443 X509_gmtime_adj(&atm,-offset); 442 X509_gmtime_adj(&atm,-offset);
444 443
445 i=(buff1[0]-'0')*10+(buff1[1]-'0'); 444 i=(buff1[0]-'0')*10+(buff1[1]-'0');
446 if (i < 70) i+=100; 445 if (i < 50) i+=100; /* cf. RFC 2459 */
447 j=(buff2[0]-'0')*10+(buff2[1]-'0'); 446 j=(buff2[0]-'0')*10+(buff2[1]-'0');
448 if (j < 70) j+=100; 447 if (j < 50) j+=100;
449 448
450 if (i < j) return (-1); 449 if (i < j) return (-1);
451 if (i > j) return (1); 450 if (i > j) return (1);
@@ -456,9 +455,7 @@ ASN1_UTCTIME *ctm;
456 return(i); 455 return(i);
457 } 456 }
458 457
459ASN1_UTCTIME *X509_gmtime_adj(s, adj) 458ASN1_UTCTIME *X509_gmtime_adj(ASN1_UTCTIME *s, long adj)
460ASN1_UTCTIME *s;
461long adj;
462 { 459 {
463 time_t t; 460 time_t t;
464 461
@@ -467,18 +464,16 @@ long adj;
467 return(ASN1_UTCTIME_set(s,t)); 464 return(ASN1_UTCTIME_set(s,t));
468 } 465 }
469 466
470int X509_get_pubkey_parameters(pkey,chain) 467int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
471EVP_PKEY *pkey;
472STACK *chain;
473 { 468 {
474 EVP_PKEY *ktmp=NULL,*ktmp2; 469 EVP_PKEY *ktmp=NULL,*ktmp2;
475 int i,j; 470 int i,j;
476 471
477 if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return(1); 472 if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return(1);
478 473
479 for (i=0; i<sk_num(chain); i++) 474 for (i=0; i<sk_X509_num(chain); i++)
480 { 475 {
481 ktmp=X509_get_pubkey((X509 *)sk_value(chain,i)); 476 ktmp=X509_get_pubkey(sk_X509_value(chain,i));
482 if (ktmp == NULL) 477 if (ktmp == NULL)
483 { 478 {
484 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); 479 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
@@ -488,6 +483,7 @@ STACK *chain;
488 break; 483 break;
489 else 484 else
490 { 485 {
486 EVP_PKEY_free(ktmp);
491 ktmp=NULL; 487 ktmp=NULL;
492 } 488 }
493 } 489 }
@@ -500,63 +496,17 @@ STACK *chain;
500 /* first, populate the other certs */ 496 /* first, populate the other certs */
501 for (j=i-1; j >= 0; j--) 497 for (j=i-1; j >= 0; j--)
502 { 498 {
503 ktmp2=X509_get_pubkey((X509 *)sk_value(chain,j)); 499 ktmp2=X509_get_pubkey(sk_X509_value(chain,j));
504 EVP_PKEY_copy_parameters(ktmp2,ktmp); 500 EVP_PKEY_copy_parameters(ktmp2,ktmp);
501 EVP_PKEY_free(ktmp2);
505 } 502 }
506 503
507 if (pkey != NULL) 504 if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
508 EVP_PKEY_copy_parameters(pkey,ktmp); 505 EVP_PKEY_free(ktmp);
509 return(1); 506 return(1);
510 } 507 }
511 508
512EVP_PKEY *X509_get_pubkey(x) 509int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
513X509 *x;
514 {
515 if ((x == NULL) || (x->cert_info == NULL))
516 return(NULL);
517 return(X509_PUBKEY_get(x->cert_info->key));
518 }
519
520int X509_check_private_key(x,k)
521X509 *x;
522EVP_PKEY *k;
523 {
524 EVP_PKEY *xk=NULL;
525 int ok=0;
526
527 xk=X509_get_pubkey(x);
528 if (xk->type != k->type) goto err;
529 switch (k->type)
530 {
531#ifndef NO_RSA
532 case EVP_PKEY_RSA:
533 if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0) goto err;
534 if (BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) goto err;
535 break;
536#endif
537#ifndef NO_DSA
538 case EVP_PKEY_DSA:
539 if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0)
540 goto err;
541 break;
542#endif
543#ifndef NO_DH
544 case EVP_PKEY_DH:
545 /* No idea */
546 goto err;
547#endif
548 default:
549 goto err;
550 }
551
552 ok=1;
553err:
554 return(ok);
555 }
556
557int X509_STORE_add_cert(ctx,x)
558X509_STORE *ctx;
559X509 *x;
560 { 510 {
561 X509_OBJECT *obj,*r; 511 X509_OBJECT *obj,*r;
562 int ret=1; 512 int ret=1;
@@ -591,9 +541,7 @@ X509 *x;
591 return(ret); 541 return(ret);
592 } 542 }
593 543
594int X509_STORE_add_crl(ctx,x) 544int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
595X509_STORE *ctx;
596X509_CRL *x;
597 { 545 {
598 X509_OBJECT *obj,*r; 546 X509_OBJECT *obj,*r;
599 int ret=1; 547 int ret=1;
@@ -628,12 +576,8 @@ X509_CRL *x;
628 return(ret); 576 return(ret);
629 } 577 }
630 578
631int X509_STORE_CTX_get_ex_new_index(argl,argp,new_func,dup_func,free_func) 579int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(),
632long argl; 580 int (*dup_func)(), void (*free_func)())
633char *argp;
634int (*new_func)();
635int (*dup_func)();
636void (*free_func)();
637 { 581 {
638 x509_store_ctx_num++; 582 x509_store_ctx_num++;
639 return(CRYPTO_get_ex_new_index(x509_store_ctx_num-1, 583 return(CRYPTO_get_ex_new_index(x509_store_ctx_num-1,
@@ -641,64 +585,55 @@ void (*free_func)();
641 argl,argp,new_func,dup_func,free_func)); 585 argl,argp,new_func,dup_func,free_func));
642 } 586 }
643 587
644int X509_STORE_CTX_set_ex_data(ctx,idx,data) 588int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
645X509_STORE_CTX *ctx;
646int idx;
647char *data;
648 { 589 {
649 return(CRYPTO_set_ex_data(&ctx->ex_data,idx,data)); 590 return(CRYPTO_set_ex_data(&ctx->ex_data,idx,data));
650 } 591 }
651 592
652char *X509_STORE_CTX_get_ex_data(ctx,idx) 593void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
653X509_STORE_CTX *ctx;
654int idx;
655 { 594 {
656 return(CRYPTO_get_ex_data(&ctx->ex_data,idx)); 595 return(CRYPTO_get_ex_data(&ctx->ex_data,idx));
657 } 596 }
658 597
659int X509_STORE_CTX_get_error(ctx) 598int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
660X509_STORE_CTX *ctx;
661 { 599 {
662 return(ctx->error); 600 return(ctx->error);
663 } 601 }
664 602
665void X509_STORE_CTX_set_error(ctx,err) 603void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
666X509_STORE_CTX *ctx;
667int err;
668 { 604 {
669 ctx->error=err; 605 ctx->error=err;
670 } 606 }
671 607
672int X509_STORE_CTX_get_error_depth(ctx) 608int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
673X509_STORE_CTX *ctx;
674 { 609 {
675 return(ctx->error_depth); 610 return(ctx->error_depth);
676 } 611 }
677 612
678X509 *X509_STORE_CTX_get_current_cert(ctx) 613X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
679X509_STORE_CTX *ctx;
680 { 614 {
681 return(ctx->current_cert); 615 return(ctx->current_cert);
682 } 616 }
683 617
684STACK *X509_STORE_CTX_get_chain(ctx) 618STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
685X509_STORE_CTX *ctx;
686 { 619 {
687 return(ctx->chain); 620 return(ctx->chain);
688 } 621 }
689 622
690void X509_STORE_CTX_set_cert(ctx,x) 623void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
691X509_STORE_CTX *ctx;
692X509 *x;
693 { 624 {
694 ctx->cert=x; 625 ctx->cert=x;
695 } 626 }
696 627
697void X509_STORE_CTX_set_chain(ctx,sk) 628void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
698X509_STORE_CTX *ctx;
699STACK *sk;
700 { 629 {
701 ctx->untrusted=sk; 630 ctx->untrusted=sk;
702 } 631 }
703 632
633IMPLEMENT_STACK_OF(X509)
634IMPLEMENT_ASN1_SET_OF(X509)
635
636IMPLEMENT_STACK_OF(X509_NAME)
704 637
638IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
639IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 03:24:07 +0000