]>
Commit | Line | Data |
---|---|---|
b8c182a4 DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
186bb907 | 5 | X509_verify_cert - discover and verify X509 certificate chain |
b8c182a4 DSH |
6 | |
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/x509.h> | |
10 | ||
11 | int X509_verify_cert(X509_STORE_CTX *ctx); | |
12 | ||
13 | =head1 DESCRIPTION | |
14 | ||
15 | The X509_verify_cert() function attempts to discover and validate a | |
53246488 | 16 | certificate chain based on parameters in B<ctx>. A complete description of |
1903a9b7 | 17 | the process is contained in the L<openssl-verify(1)> manual page. |
b8c182a4 | 18 | |
b8c182a4 DSH |
19 | Applications rarely call this function directly but it is used by |
20 | OpenSSL internally for certificate validation, in both the S/MIME and | |
21 | SSL/TLS code. | |
22 | ||
5fba3912 | 23 | A negative return value from X509_verify_cert() can occur if it is invoked |
f3e235ed | 24 | incorrectly, such as with no certificate set in B<ctx>, or when it is called |
5fba3912 VD |
25 | twice in succession without reinitialising B<ctx> for the second call. |
26 | A negative return value can also happen due to internal resource problems or if | |
27 | a retry operation is requested during internal lookups (which never happens | |
28 | with standard lookup methods). | |
29 | Applications must check for <= 0 return value on error. | |
b8c182a4 | 30 | |
21d08b9e RS |
31 | =head1 RETURN VALUES |
32 | ||
33 | If a complete chain can be built and validated this function returns 1, | |
34 | otherwise it return zero, in exceptional circumstances it can also | |
35 | return a negative code. | |
36 | ||
37 | If the function fails additional error information can be obtained by | |
38 | examining B<ctx> using, for example X509_STORE_CTX_get_error(). | |
39 | ||
b8c182a4 DSH |
40 | =head1 BUGS |
41 | ||
21d08b9e RS |
42 | This function uses the header F<< <x509.h> >> |
43 | as opposed to most chain verification | |
44 | functions which use F<< <x509_vfy.h> >>. | |
b8c182a4 DSH |
45 | |
46 | =head1 SEE ALSO | |
47 | ||
9b86974e | 48 | L<X509_STORE_CTX_get_error(3)> |
b8c182a4 | 49 | |
e2f92610 RS |
50 | =head1 COPYRIGHT |
51 | ||
33388b44 | 52 | Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 53 | |
4746f25a | 54 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
55 | this file except in compliance with the License. You can obtain a copy |
56 | in the file LICENSE in the source distribution or at | |
57 | L<https://www.openssl.org/source/license.html>. | |
58 | ||
59 | =cut |