Initial OCSP certificate verify. Not complete,

it just supports a "trusted OCSP global root CA".
author: Dr. Stephen Henson <steve@openssl.org> 2001-01-17 01:31:34 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2001-01-17 01:31:34 +0000
commit: 81f169e95c86fe9b2c3a7ba51a85f7a00763a0e7 (patch)
tree: 9c61e9161ee5332e99d091153a4cd242160b9180 /apps/apps.c
parent: a068630a2038ff167d29cdaed828161719355531 (diff)
download: openssl-81f169e95c86fe9b2c3a7ba51a85f7a00763a0e7.tar.gz
1 files changed, 29 insertions, 0 deletions
diff --git a/apps/apps.c b/apps/apps.c
index ca3f557ca2..bdd8c71426 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -837,3 +837,32 @@ void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
 	}
 }
 
+X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
+{
+	X509_STORE *store;
+	X509_LOOKUP *lookup;
+	if(!(store = X509_STORE_new())) goto end;
+	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
+	if (lookup == NULL) goto end;
+	if (CAfile) {
+		if(!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) {
+			BIO_printf(bp, "Error loading file %s\n", CAfile);
+			goto end;
+		}
+	} else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
+		
+	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
+	if (lookup == NULL) goto end;
+	if (CApath) {
+		if(!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) {
+			BIO_printf(bp, "Error loading directory %s\n", CApath);
+			goto end;
+		}
+	} else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
+
+	ERR_clear_error();
+	return store;
+	end:
+	X509_STORE_free(store);
+	return NULL;
+}
author	Dr. Stephen Henson <steve@openssl.org>	2001-01-17 01:31:34 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2001-01-17 01:31:34 +0000
commit	81f169e95c86fe9b2c3a7ba51a85f7a00763a0e7 (patch)
tree	9c61e9161ee5332e99d091153a4cd242160b9180 /apps/apps.c
parent	a068630a2038ff167d29cdaed828161719355531 (diff)
download	openssl-81f169e95c86fe9b2c3a7ba51a85f7a00763a0e7.tar.gz