Add trust setting support to the verify code. It now checks the

trust settings of the root CA. After a few fixes it seems to work OK. Still need to add support to SSL and S/MIME code though.
1999-11-27 19:43:10 +00:00
parent 74ecf9e2bb
commit 51630a3706
10 changed files with 90 additions and 18 deletions
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -1098,6 +1098,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
 #define X509_F_X509_REQ_PRINT				 121
 #define X509_F_X509_REQ_PRINT_FP			 122
 #define X509_F_X509_REQ_TO_X509				 123
+#define X509_F_X509_SET_PURPOSE_AND_TRUST		 134
 #define X509_F_X509_STORE_ADD_CERT			 124
 #define X509_F_X509_STORE_ADD_CRL			 125
 #define X509_F_X509_TO_X509_REQ				 126
@@ -1122,6 +1123,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
 #define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY		 108
 #define X509_R_UNKNOWN_KEY_TYPE				 117
 #define X509_R_UNKNOWN_NID				 109
+#define X509_R_UNKNOWN_TRUST_ID				 120
 #define X509_R_UNSUPPORTED_ALGORITHM			 111
 #define X509_R_WRONG_LOOKUP_TYPE			 112