[thirdparty/openssl.git] / doc / man3 / TS_VERIFY_CTX_set_certs.pod

=pod

=head1 NAME

TS_VERIFY_CTX_set_certs, TS_VERIFY_CTS_set_certs
- set certificates for TS response verification

=head1 SYNOPSIS

 #include <openssl/ts.h>

 STACK_OF(X509) *TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX *ctx,
                                         STACK_OF(X509) *certs);
 STACK_OF(X509) *TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX *ctx,
                                         STACK_OF(X509) *certs);

=head1 DESCRIPTION

The Time-Stamp Protocol (TSP) is defined by RFC 3161. TSP is a protocol used to
provide long term proof of the existence of a certain datum before a particular
time. TSP defines a Time Stamping Authority (TSA) and an entity who shall make
requests to the TSA. Usually the TSA is denoted as the server side and the
requesting entity is denoted as the client.

In TSP, when a server is sending a response to a client, the server normally
needs to sign the response data - the TimeStampToken (TST) - with its private
key. Then the client shall verify the received TST by the server's certificate
chain.

TS_VERIFY_CTX_set_certs() is used to set the server's certificate chain when
verifying a TST. B<ctx> is the verification context created in advance and
B<certs> is a stack of B<X509> certificates.

TS_VERIFY_CTS_set_certs() is a misspelled version of TS_VERIFY_CTX_set_certs()
which takes the same parameters and returns the same result.

=head1 RETURN VALUES

TS_VERIFY_CTX_set_certs() returns the stack of B<X509> certificates the user
passes in via parameter B<certs>.

=head1 HISTORY

The spelling of TS_VERIFY_CTX_set_certs() was corrected in OpenSSL 3.0.0.
The misspelled version TS_VERIFY_CTS_set_certs() has been retained for
compatibility reasons, but it is deprecated in OpenSSL 3.0.0.

=head1 COPYRIGHT

Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
9372ddf1 PY	1	=pod
	2
	3	=head1 NAME
	4
	5	TS_VERIFY_CTX_set_certs, TS_VERIFY_CTS_set_certs
	6	- set certificates for TS response verification
	7
	8	=head1 SYNOPSIS
	9
	10	#include <openssl/ts.h>
	11
	12	STACK_OF(X509) TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX ctx,
	13	STACK_OF(X509) *certs);
	14	STACK_OF(X509) TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX ctx,
	15	STACK_OF(X509) *certs);
	16
	17	=head1 DESCRIPTION
	18
	19	The Time-Stamp Protocol (TSP) is defined by RFC 3161. TSP is a protocol used to
	20	provide long term proof of the existence of a certain datum before a particular
	21	time. TSP defines a Time Stamping Authority (TSA) and an entity who shall make
	22	requests to the TSA. Usually the TSA is denoted as the server side and the
	23	requesting entity is denoted as the client.
	24
	25	In TSP, when a server is sending a response to a client, the server normally
	26	needs to sign the response data - the TimeStampToken (TST) - with its private
	27	key. Then the client shall verify the received TST by the server's certificate
	28	chain.
	29
	30	TS_VERIFY_CTX_set_certs() is used to set the server's certificate chain when
	31	verifying a TST. B<ctx> is the verification context created in advance and
	32	B<certs> is a stack of B<X509> certificates.
	33
	34	TS_VERIFY_CTS_set_certs() is a misspelled version of TS_VERIFY_CTX_set_certs()
	35	which takes the same parameters and returns the same result.
	36
	37	=head1 RETURN VALUES
	38
	39	TS_VERIFY_CTX_set_certs() returns the stack of B<X509> certificates the user
	40	passes in via parameter B<certs>.
	41
	42	=head1 HISTORY
	43
	44	The spelling of TS_VERIFY_CTX_set_certs() was corrected in OpenSSL 3.0.0.
	45	The misspelled version TS_VERIFY_CTS_set_certs() has been retained for
	46	compatibility reasons, but it is deprecated in OpenSSL 3.0.0.
	47
	48	=head1 COPYRIGHT
	49
33388b44	50	Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
9372ddf1 PY	51
	52	Licensed under the Apache License 2.0 (the "License"). You may not use
	53	this file except in compliance with the License. You can obtain a copy
	54	in the file LICENSE in the source distribution or at
	55	L<https://www.openssl.org/source/license.html>.
	56
	57	=cut