Add verify callback functions to lookup a STACK of matching certs or CRLs

[openssl.git] / crypto / x509 / x509_vfy.h

diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h
index 3f16330444f8fcaeb7e58e32bcb1fef74687db75..3c550e143310c8c6ddbc5b84a930bd5d62e0ade5 100644 (file)
--- a/crypto/x509/x509_vfy.h
+++ b/crypto/x509/x509_vfy.h
@@ -198,6 +198,8 @@ struct x509_store_st
        int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
        int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
        int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
+       STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
+       STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
        int (*cleanup)(X509_STORE_CTX *ctx);
 
        CRYPTO_EX_DATA ex_data;
@@ -246,6 +248,8 @@ struct x509_store_ctx_st      /* X509_STORE_CTX */
        int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
        int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
        int (*check_policy)(X509_STORE_CTX *ctx);
+       STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
+       STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
        int (*cleanup)(X509_STORE_CTX *ctx);
 
        /* The following is built up */
@@ -383,6 +387,8 @@ void X509_OBJECT_free_contents(X509_OBJECT *a);
 X509_STORE *X509_STORE_new(void );
 void X509_STORE_free(X509_STORE *v);
 
+STACK_OF(X509)* X509_STORE_get_certs(X509_STORE *st, X509_NAME *nm);
+STACK_OF(X509_CRL)* X509_STORE_get_crls(X509_STORE *st, X509_NAME *nm);
 int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
 int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
 int X509_STORE_set_trust(X509_STORE *ctx, int trust);