diff options
| author | Benjamin Fry <[email protected]> | 2017-03-20 22:28:15 -0700 |
|---|---|---|
| committer | Bastian Köcher <[email protected]> | 2018-03-07 13:51:58 +0100 |
| commit | d8a11973e2c9ccc5a806936edb2cccf28332bc5e (patch) | |
| tree | 823e6efa3faab61402fe41c3d7fba07884c42d2d /openssl/src/x509/mod.rs | |
| parent | add comment about consuming self in verify_cert (diff) | |
| download | rust-openssl-d8a11973e2c9ccc5a806936edb2cccf28332bc5e.tar.xz rust-openssl-d8a11973e2c9ccc5a806936edb2cccf28332bc5e.zip | |
convert to raw pass-through methods
Diffstat (limited to 'openssl/src/x509/mod.rs')
| -rw-r--r-- | openssl/src/x509/mod.rs | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index cb5eca40..52907110 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -86,14 +86,20 @@ impl X509StoreContextRef { } } - /// Verifies the certificate associated in the `build()` method + /// Initializes the store context to verify the certificate. /// - /// This consumes self as the `X509StoreContext` must be reinitialized subsequent to any cally to verify. - pub fn verify_cert(self) -> Result<Option<X509VerifyError>, ErrorStack> { + /// This Context can only be used once, subsequent to any validation, the context must be reinitialized. + /// + /// # Arguments + /// + /// * `trust` - a store of the trusted chain of certificates, or CAs, to validated the certificate + /// * `cert` - certificate to validate + /// * `cert_chain` - the certificates chain + pub fn init(&self, trust: &store::X509StoreRef, cert: &X509Ref, cert_chain: &StackRef<X509>) -> Result<(), ErrorStack> { unsafe { - try!(cvt(ffi::X509_verify_cert(self.as_ptr())).map(|_| ())) + cvt(ffi::X509_STORE_CTX_init(self.as_ptr(), trust.as_ptr(), cert.as_ptr(), cert_chain.as_ptr())) + .map(|_| ()) } - Ok(self.error()) } /// Returns the error code of the context. @@ -105,6 +111,16 @@ impl X509StoreContextRef { unsafe { X509VerifyResult::from_raw(ffi::X509_STORE_CTX_get_error(self.as_ptr())) } } + /// Verifies the certificate associated in the `init()` method + /// + /// This consumes self as the `X509StoreContext` must be reinitialized subsequent to any cally to verify. + pub fn verify_cert(&self) -> Result<Option<X509VerifyError>, ErrorStack> { + unsafe { + try!(cvt(ffi::X509_verify_cert(self.as_ptr())).map(|_| ())) + } + Ok(self.error()) + } + /// Set the error code of the context. /// /// This corresponds to [`X509_STORE_CTX_set_error`]. |