1X509_LOOKUP_METH_NEW(3)             OpenSSL            X509_LOOKUP_METH_NEW(3)
2
3
4

NAME

6       X509_LOOKUP_meth_new, X509_LOOKUP_meth_free,
7       X509_LOOKUP_meth_set_new_item, X509_LOOKUP_meth_get_new_item,
8       X509_LOOKUP_meth_set_free, X509_LOOKUP_meth_get_free,
9       X509_LOOKUP_meth_set_init, X509_LOOKUP_meth_get_init,
10       X509_LOOKUP_meth_set_shutdown, X509_LOOKUP_meth_get_shutdown,
11       X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl,
12       X509_LOOKUP_meth_get_ctrl, X509_LOOKUP_get_by_subject_fn,
13       X509_LOOKUP_meth_set_get_by_subject,
14       X509_LOOKUP_meth_get_get_by_subject,
15       X509_LOOKUP_get_by_issuer_serial_fn,
16       X509_LOOKUP_meth_set_get_by_issuer_serial,
17       X509_LOOKUP_meth_get_get_by_issuer_serial,
18       X509_LOOKUP_get_by_fingerprint_fn,
19       X509_LOOKUP_meth_set_get_by_fingerprint,
20       X509_LOOKUP_meth_get_get_by_fingerprint, X509_LOOKUP_get_by_alias_fn,
21       X509_LOOKUP_meth_set_get_by_alias, X509_LOOKUP_meth_get_get_by_alias,
22       X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data,
23       X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL
24       - Routines to build up X509_LOOKUP methods
25

SYNOPSIS

27        #include <openssl/x509_vfy.h>
28
29        X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
30        void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
31
32        int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
33                                          int (*new_item) (X509_LOOKUP *ctx));
34        int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
35            (X509_LOOKUP *ctx);
36
37        int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
38                                      void (*free) (X509_LOOKUP *ctx));
39        void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
40            (X509_LOOKUP *ctx);
41
42        int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
43                                      int (*init) (X509_LOOKUP *ctx));
44        int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
45            (X509_LOOKUP *ctx);
46
47        int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
48                                          int (*shutdown) (X509_LOOKUP *ctx));
49        int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
50            (X509_LOOKUP *ctx);
51
52        typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
53                                           long argl, char **ret);
54        int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
55            X509_LOOKUP_ctrl_fn ctrl_fn);
56        X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
57
58        typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
59                                                     X509_LOOKUP_TYPE type,
60                                                     X509_NAME *name,
61                                                     X509_OBJECT *ret);
62        int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
63            X509_LOOKUP_get_by_subject_fn fn);
64        X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
65            const X509_LOOKUP_METHOD *method);
66
67        typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
68                                                           X509_LOOKUP_TYPE type,
69                                                           X509_NAME *name,
70                                                           ASN1_INTEGER *serial,
71                                                           X509_OBJECT *ret);
72        int X509_LOOKUP_meth_set_get_by_issuer_serial(
73            X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
74        X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
75            const X509_LOOKUP_METHOD *method);
76
77        typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
78                                                         X509_LOOKUP_TYPE type,
79                                                         const unsigned char* bytes,
80                                                         int len,
81                                                         X509_OBJECT *ret);
82        int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
83            X509_LOOKUP_get_by_fingerprint_fn fn);
84        X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
85            const X509_LOOKUP_METHOD *method);
86
87        typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
88                                                   X509_LOOKUP_TYPE type,
89                                                   const char *str,
90                                                   int len,
91                                                   X509_OBJECT *ret);
92        int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
93            X509_LOOKUP_get_by_alias_fn fn);
94        X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
95            const X509_LOOKUP_METHOD *method);
96
97        int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
98        void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
99
100        X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
101
102        int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
103        int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);
104

DESCRIPTION

106       The X509_LOOKUP_METHOD type is a structure used for the implementation
107       of new X509_LOOKUP types. It provides a set of functions used by
108       OpenSSL for the implementation of various X509 and X509_CRL lookup
109       capabilities. One instance of an X509_LOOKUP_METHOD can be associated
110       to many instantiations of an X509_LOOKUP structure.
111
112       X509_LOOKUP_meth_new() creates a new X509_LOOKUP_METHOD structure. It
113       should be given a human-readable string containing a brief description
114       of the lookup method.
115
116       X509_LOOKUP_meth_free() destroys a X509_LOOKUP_METHOD structure.
117
118       X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set
119       the function that is called when an X509_LOOKUP object is created with
120       X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any
121       per-X509_LOOKUP specific data, the supplied new_item function should
122       allocate this data and invoke X509_LOOKUP_set_method_data().
123
124       X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the
125       function that is used to free any method data that was allocated and
126       set from within new_item function.
127
128       X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set
129       the function that is used to initialize the method data that was set
130       with X509_LOOKUP_set_method_data() as part of the new_item routine.
131
132       X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get
133       and set the function that is used to shut down the method data whose
134       state was previously initialized in the init function.
135
136       X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set
137       a function to be used to handle arbitrary control commands issued by
138       X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP ctx,
139       along with the arguments passed by X509_LOOKUP_ctrl. cmd is an
140       arbitrary integer that defines some operation. argc is a pointer to an
141       array of characters. argl is an integer. ret, if set, points to a
142       location where any return data should be written to. How argc and argl
143       are used depends entirely on the control function.
144
145       X509_LOOKUP_set_get_by_subject(),
146       X509_LOOKUP_set_get_by_issuer_serial(),
147       X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias()
148       set the functions used to retrieve an X509 or X509_CRL object by the
149       object's subject, issuer, fingerprint, and alias respectively. These
150       functions are given the X509_LOOKUP context, the type of the
151       X509_OBJECT being requested, parameters related to the lookup, and an
152       X509_OBJECT that will receive the requested object.
153
154       Implementations must add objects they find to the X509_STORE object
155       using X509_STORE_add_cert() or X509_STORE_add_crl().  This increments
156       its reference count.  However, the X509_STORE_CTX_get_by_subject()
157       function also increases the reference count which leads to one too many
158       references being held.  Therefore applications should additionally call
159       X509_free() or X509_CRL_free() to decrement the reference count again.
160
161       Implementations should also use either X509_OBJECT_set1_X509() or
162       X509_OBJECT_set1_X509_CRL() to set the result.  Note that this also
163       increments the result's reference count.
164
165       Any method data that was created as a result of the new_item function
166       set by X509_LOOKUP_meth_set_new_item() can be accessed with
167       X509_LOOKUP_get_method_data(). The X509_STORE object that owns the
168       X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful
169       lookups should return 1, and unsuccessful lookups should return 0.
170
171       X509_LOOKUP_get_get_by_subject(),
172       X509_LOOKUP_get_get_by_issuer_serial(),
173       X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias()
174       retrieve the function set by the corresponding setter.
175

RETURN VALUES

177       The X509_LOOKUP_meth_set functions return 1 on success or 0 on error.
178
179       The X509_LOOKUP_meth_get functions return the corresponding function
180       pointers.
181

SEE ALSO

183       X509_STORE_new(3), SSL_CTX_set_cert_store(3)
184

HISTORY

186       The functions described here were added in OpenSSL 1.1.0i.
187
189       Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
190
191       Licensed under the OpenSSL license (the "License").  You may not use
192       this file except in compliance with the License.  You can obtain a copy
193       in the file LICENSE in the source distribution or at
194       <https://www.openssl.org/source/license.html>.
195
196
197
1981.1.1c                            2019-05-28           X509_LOOKUP_METH_NEW(3)
Impressum