[openssl-users] Certificat & CRL verification chain by callback

Fabrice fj at qsp-systems.com
Tue Jun 16 14:38:16 UTC 2015


I explain :

I would like a function like this :

int X509_verify(const char *certPem, void *who, char 
*(*whatYouWant)(void *who, int type, const X509_NAME *subject, const 
X509_NAME *issuer))

where :

<certPem> : is a certificat in PEM format to verify
<who> : is an instance of a class
whatYouWant : is a method of <who> that can find <type> (certificat 
X509_LU_X509, CRL X509_LU_CRL)
with the <subject> and eventually the <issuer>

this function would callback <who> on <whatYouWant> until the root CA of 
<certPem> and do the appropriates verifications on intermediate
certificats and CRLs, and return 0 succes, other error.

Is there any solution to do so with the current version of openssl API 
otherwise how can i do ?

Thanks for reply.

Best regards.


More information about the openssl-users mailing list