diff options
| author | Benjamin Fry <[email protected]> | 2017-03-19 00:25:45 -0700 |
|---|---|---|
| committer | Bastian Köcher <[email protected]> | 2018-03-07 13:41:44 +0100 |
| commit | eb6296e892b168ef5f0908271443b646d742d724 (patch) | |
| tree | ebed9ff08c67a670ac74387b56f41a4992bcc681 | |
| parent | Remove the x509 module-level example (diff) | |
| download | rust-openssl-eb6296e892b168ef5f0908271443b646d742d724.tar.xz rust-openssl-eb6296e892b168ef5f0908271443b646d742d724.zip | |
add verify_cert and store_context_builder
| -rw-r--r-- | openssl-sys/src/lib.rs | 4 | ||||
| -rw-r--r-- | openssl/src/x509/tests.rs | 17 |
2 files changed, 21 insertions, 0 deletions
diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 77f69188..85ab03f7 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -2605,6 +2605,8 @@ extern "C" { pub fn X509_sign(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; pub fn X509_get_pubkey(x: *mut X509) -> *mut EVP_PKEY; pub fn X509_to_X509_REQ(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> *mut X509_REQ; + #[cfg(not(any(ossl101, libressl)))] + pub fn X509_verify_cert(ctx: *mut X509_STORE_CTX) -> c_int; pub fn X509_verify_cert_error_string(n: c_long) -> *const c_char; pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING; pub fn X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int; @@ -2638,6 +2640,8 @@ extern "C" { pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int; pub fn X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int; + pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX; + pub fn X509_STORE_CTX_init(ctx: *mut X509_STORE_CTX, store: *mut X509_STORE, x509: *mut X509, chain: *mut stack_st_X509) -> c_int; pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX); pub fn X509_STORE_CTX_get_current_cert(ctx: *mut X509_STORE_CTX) -> *mut X509; pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int; diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs index 6f6b430a..e91a039b 100644 --- a/openssl/src/x509/tests.rs +++ b/openssl/src/x509/tests.rs @@ -291,3 +291,20 @@ fn clone_x509() { let cert = X509::from_pem(cert).unwrap(); cert.clone(); } + +#[test] +fn test_verify_cert() { + let cert = include_bytes!("../../test/cert.pem"); + let cert = X509::from_pem(cert).unwrap(); + let ca = include_bytes!("../../test/root-ca.pem"); + let ca = X509::from_pem(ca).unwrap(); + + let mut store_bldr = X509StoreBuilder::new().unwrap(); + store_bldr.add_cert(ca); + let store = store_bldr.build(); + + let store_ctx_bldr = X509StoreContext::builder().unwrap(); + let store_ctx = store_ctx_bldr.build(store, cert, Stack::new().unwrap()).unwrap(); + + store_ctx.verify_cert().unwrap(); +} |