Current Path : /compat/linux/proc/self/root/usr/opt/openssl11/share/doc/openssl/html/man3/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
Current File : //compat/linux/proc/self/root/usr/opt/openssl11/share/doc/openssl/html/man3/X509_LOOKUP.html |
<?xml version="1.0" ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>X509_LOOKUP</title> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <link rev="made" href="mailto:root@hsxx.drive.ne.jp" /> </head> <body style="background-color: white"> <!-- INDEX BEGIN --> <div name="index"> <p><a name="__index__"></a></p> <ul> <li><a href="#name">NAME</a></li> <li><a href="#synopsis">SYNOPSIS</a></li> <li><a href="#description">DESCRIPTION</a></li> <ul> <li><a href="#file_types">File Types</a></li> <li><a href="#control_commands">Control Commands</a></li> </ul> <li><a href="#return_values">RETURN VALUES</a></li> <li><a href="#see_also">SEE ALSO</a></li> <li><a href="#copyright">COPYRIGHT</a></li> </ul> <hr name="index" /> </div> <!-- INDEX END --> <p> </p> <hr /> <h1><a name="name">NAME</a></h1> <p>X509_LOOKUP, X509_LOOKUP_TYPE, X509_LOOKUP_new, X509_LOOKUP_free, X509_LOOKUP_init, X509_LOOKUP_shutdown, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, X509_LOOKUP_ctrl, X509_LOOKUP_load_file, X509_LOOKUP_add_dir, X509_LOOKUP_get_store, X509_LOOKUP_by_subject, X509_LOOKUP_by_issuer_serial, X509_LOOKUP_by_fingerprint, X509_LOOKUP_by_alias - OpenSSL certificate lookup mechanisms</p> <p> </p> <hr /> <h1><a name="synopsis">SYNOPSIS</a></h1> <pre> #include <openssl/x509_vfy.h></pre> <pre> typedef x509_lookup_st X509_LOOKUP;</pre> <pre> typedef enum X509_LOOKUP_TYPE;</pre> <pre> X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); int X509_LOOKUP_init(X509_LOOKUP *ctx); int X509_LOOKUP_shutdown(X509_LOOKUP *ctx); void X509_LOOKUP_free(X509_LOOKUP *ctx);</pre> <pre> int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data); void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);</pre> <pre> int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); int X509_LOOKUP_load_file(X509_LOOKUP *ctx, char *name, long type); int X509_LOOKUP_add_dir(X509_LOOKUP *ctx, char *name, long type);</pre> <pre> X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);</pre> <pre> int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, X509_NAME *name, X509_OBJECT *ret); int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, X509_NAME *name, ASN1_INTEGER *serial, X509_OBJECT *ret); int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const unsigned char *bytes, int len, X509_OBJECT *ret); int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const char *str, int len, X509_OBJECT *ret);</pre> <p> </p> <hr /> <h1><a name="description">DESCRIPTION</a></h1> <p>The <strong>X509_LOOKUP</strong> structure holds the information needed to look up certificates and CRLs according to an associated <em>X509_LOOKUP_METHOD(3)</em>. Multiple <strong>X509_LOOKUP</strong> instances can be added to an <em>X509_STORE(3)</em> to enable lookup in that store.</p> <p>X509_LOOKUP_new() creates a new <strong>X509_LOOKUP</strong> using the given lookup <em>method</em>. It can also be created by calling <em>X509_STORE_add_lookup(3)</em>, which will associate an <strong>X509_STORE</strong> with the lookup mechanism.</p> <p>X509_LOOKUP_init() initializes the internal state and resources as needed by the given <strong>X509_LOOKUP</strong> to do its work.</p> <p>X509_LOOKUP_shutdown() tears down the internal state and resources of the given <strong>X509_LOOKUP</strong>.</p> <p>X509_LOOKUP_free() destructs the given <strong>X509_LOOKUP</strong>.</p> <p>X509_LOOKUP_set_method_data() associates a pointer to application data to the given <strong>X509_LOOKUP</strong>.</p> <p>X509_LOOKUP_get_method_data() retrieves a pointer to application data from the given <strong>X509_LOOKUP</strong>.</p> <p>X509_LOOKUP_ctrl() is used to set or get additional data to or from an <strong>X509_LOOKUP</strong> structure or its associated <em>X509_LOOKUP_METHOD(3)</em>. The arguments of the control command are passed via <em>argc</em> and <em>argl</em>, its return value via <em>*ret</em>. The meaning of the arguments depends on the <em>cmd</em> number of the control command. In general, this function is not called directly, but wrapped by a macro call, see below. The control <em>cmd</em>s known to OpenSSL are discussed in more depth in <a href="#control_commands">Control Commands</a>.</p> <p>X509_LOOKUP_load_file() passes a filename to be loaded immediately into the associated <strong>X509_STORE</strong>. <em>type</em> indicates what type of object is expected. This can only be used with a lookup using the implementation <em>X509_LOOKUP_file(3)</em>.</p> <p>X509_LOOKUP_add_dir() passes a directory specification from which certificates and CRLs are loaded on demand into the associated <strong>X509_STORE</strong>. <em>type</em> indicates what type of object is expected. This can only be used with a lookup using the implementation <em>X509_LOOKUP_hash_dir(3)</em>.</p> <p>X509_LOOKUP_load_file(), X509_LOOKUP_add_dir(), X509_LOOKUP_add_store(), and X509_LOOKUP_load_store() are implemented as macros that use X509_LOOKUP_ctrl().</p> <p>X509_LOOKUP_by_subject(), X509_LOOKUP_by_issuer_serial(), X509_LOOKUP_by_fingerprint(), and X509_LOOKUP_by_alias() look up certificates and CRLs in the <em>X509_STORE(3)</em> associated with the <strong>X509_LOOKUP</strong> using different criteria, where the looked up object is stored in <em>ret</em>. Some of the underlying <strong>X509_LOOKUP_METHOD</strong>s will also cache objects matching the criteria in the associated <strong>X509_STORE</strong>, which makes it possible to handle cases where the criteria have more than one hit.</p> <p> </p> <h2><a name="file_types">File Types</a></h2> <p>X509_LOOKUP_load_file() and X509_LOOKUP_add_dir() take a <em>type</em>, which can be one of the following:</p> <dl> <dt><strong><a name="x509_filetype_pem" class="item"><strong>X509_FILETYPE_PEM</strong></a></strong></dt> <dd> <p>The file or files that are loaded are expected to be in PEM format.</p> </dd> <dt><strong><a name="x509_filetype_asn1" class="item"><strong>X509_FILETYPE_ASN1</strong></a></strong></dt> <dd> <p>The file or files that are loaded are expected to be in raw DER format.</p> </dd> <dt><strong><a name="x509_filetype_default" class="item"><strong>X509_FILETYPE_DEFAULT</strong></a></strong></dt> <dd> <p>The default certificate file or directory is used. In this case, <em>name</em> is ignored.</p> </dd> </dl> <p> </p> <h2><a name="control_commands">Control Commands</a></h2> <p>The <strong>X509_LOOKUP_METHOD</strong>s built into OpenSSL recognise the following X509_LOOKUP_ctrl() <em>cmd</em>s:</p> <dl> <dt><strong><a name="x509_l_file_load" class="item"><strong>X509_L_FILE_LOAD</strong></a></strong></dt> <dd> <p>This is the command that X509_LOOKUP_load_file() uses. The filename is passed in <em>argc</em>, and the type in <em>argl</em>.</p> </dd> <dt><strong><a name="x509_l_add_dir" class="item"><strong>X509_L_ADD_DIR</strong></a></strong></dt> <dd> <p>This is the command that X509_LOOKUP_add_dir() uses. The directory specification is passed in <em>argc</em>, and the type in <em>argl</em>.</p> </dd> <dt><strong><a name="x509_l_add_store" class="item"><strong>X509_L_ADD_STORE</strong></a></strong></dt> <dd> <p>This is the command that X509_LOOKUP_add_store() uses. The URI is passed in <em>argc</em>.</p> </dd> <dt><strong><a name="x509_l_load_store" class="item"><strong>X509_L_LOAD_STORE</strong></a></strong></dt> <dd> <p>This is the command that X509_LOOKUP_load_store() uses. The URI is passed in <em>argc</em>.</p> </dd> </dl> <p> </p> <hr /> <h1><a name="return_values">RETURN VALUES</a></h1> <p>X509_LOOKUP_new() returns an <strong>X509_LOOKUP</strong> pointer when successful, or NULL on error.</p> <p>X509_LOOKUP_init() and X509_LOOKUP_shutdown() return 1 on success, or 0 on error.</p> <p>X509_LOOKUP_ctrl() returns -1 if the <strong>X509_LOOKUP</strong> doesn't have an associated <strong>X509_LOOKUP_METHOD</strong>, or 1 if the doesn't have a control function. Otherwise, it returns what the control function in the <strong>X509_LOOKUP_METHOD</strong> returns, which is usually 1 on success and 0 in error.</p> <p>X509_LOOKUP_get_store() returns an <strong>X509_STORE</strong> pointer if there is one, otherwise NULL.</p> <p>X509_LOOKUP_by_subject(), X509_LOOKUP_by_issuer_serial(), X509_LOOKUP_by_fingerprint(), and X509_LOOKUP_by_alias() all return 0 if there is no <strong>X509_LOOKUP_METHOD</strong> or that method doesn't implement the corresponding function. Otherwise, it returns what the corresponding function in the <strong>X509_LOOKUP_METHOD</strong> returns, which is usually 1 on success and 0 in error.</p> <p> </p> <hr /> <h1><a name="see_also">SEE ALSO</a></h1> <p><em>X509_LOOKUP_METHOD(3)</em>, <em>X509_STORE(3)</em></p> <p> </p> <hr /> <h1><a name="copyright">COPYRIGHT</a></h1> <p>Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.</p> <p>Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p> </body> </html>