diff options
author | Rob Percival <robpercival@google.com> | 2016-08-23 12:52:43 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-08-23 20:12:25 +0100 |
commit | cdb2a60347f988037d29adc7e4415e9c66c8a5a5 (patch) | |
tree | ce213a2202bbbbe21c33014db2d1ecef97c7a71a /crypto/ct/ct_locl.h | |
parent | 5579eab9efd2c8e2f21340f9b9fe20ee89f25857 (diff) | |
download | openssl-cdb2a60347f988037d29adc7e4415e9c66c8a5a5.tar.gz |
Internalizes SCT_verify and removes SCT_verify_v1
SCT_verify is impossible to call through the public API (SCT_CTX_new() is
not part of the public API), so rename it to SCT_CTX_verify and move it
out of the public API.
SCT_verify_v1 is redundant, since SCT_validate does the same verification
(by calling SCT_verify) and more. The API is less confusing with a single
verification function (SCT_validate).
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'crypto/ct/ct_locl.h')
-rw-r--r-- | crypto/ct/ct_locl.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/crypto/ct/ct_locl.h b/crypto/ct/ct_locl.h index 1180455e1a..6b2fa3ef0c 100644 --- a/crypto/ct/ct_locl.h +++ b/crypto/ct/ct_locl.h @@ -151,6 +151,13 @@ __owur int SCT_CTX_set1_issuer_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey); __owur int SCT_CTX_set1_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey); /* + * Verifies an SCT with the given context. + * Returns 1 if the SCT verifies successfully; any other value indicates + * failure. See EVP_DigestVerifyFinal() for the meaning of those values. + */ +__owur int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct); + +/* * Does this SCT have the minimum fields populated to be usable? * Returns 1 if so, 0 otherwise. */ |