pam_pkcs11 0.6.12
cert_vfy.h File Reference

Several routines to: More...

#include "cert_st.h"

Go to the source code of this file.

Data Structures

struct  cert_policy_st
 

Macros

#define CERTVFY_EXTERN   extern
 

Enumerations

enum  crl_policy_t { CRLP_NONE , CRLP_ONLINE , CRLP_OFFLINE , CRLP_AUTO }
 
enum  ocsp_policy_t { OCSP_NONE , OCSP_ON }
 

Functions

CERTVFY_EXTERN int verify_certificate (X509 *x509, cert_policy *policy)
 Verify provided certificate, and if needed, CRL.
 
CERTVFY_EXTERN int verify_signature (X509 *x509, unsigned char *data, int data_length, unsigned char **signature, unsigned long *signature_length)
 Verify signature of provided data.
 

Detailed Description

Several routines to:

  • Verify certificate
  • Check for revocation list
  • Verify signature

Definition in file cert_vfy.h.

Macro Definition Documentation

◆ CERTVFY_EXTERN

#define CERTVFY_EXTERN   extern

Definition at line 59 of file cert_vfy.h.

Referenced by verify_certificate(), and verify_signature().

Enumeration Type Documentation

◆ crl_policy_t

Enumerator
CRLP_NONE 

Do not perform any CRL verification.

CRLP_ONLINE 

Retrieve CRL from CA site.

CRLP_OFFLINE 

Retrieve CRL from local filesystem.

CRLP_AUTO 

Try CRL check online, else ofline, else fail.

Definition at line 32 of file cert_vfy.h.

◆ ocsp_policy_t

Enumerator
OCSP_NONE 
OCSP_ON 

Definition at line 43 of file cert_vfy.h.

Function Documentation

◆ verify_certificate()

CERTVFY_EXTERN int verify_certificate ( X509 * x509,
cert_policy * policy )

Verify provided certificate, and if needed, CRL.

Parameters
x509Certificate to check
policyCRL verify policy
Returns
1 on cert vfy sucess, 0 on fail, -1 on process error

References CERTVFY_EXTERN.

◆ verify_signature()

CERTVFY_EXTERN int verify_signature ( X509 * x509,
unsigned char * data,
int data_length,
unsigned char ** signature,
unsigned long * signature_length )

Verify signature of provided data.

Parameters
x509Certificate to be used
dataByte array of data to check
data_lengthLenght of provided byte array
signatureByte array of signature to check
signature_lengthLength of signature byte array
Returns
1 on signature vfy sucess, 0 on vfy fail, -1 on process error

References CERTVFY_EXTERN.