[openssl.org #1138] User data field needed in X509_STORE structure

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

[openssl.org #1138] User data field needed in X509_STORE structure

Rich Salz via RT

[[hidden email] - Fri Jun 24 18:23:27 2005]:

> Sometimes it is needed to do something with errors during X.509
> certificate validation. For example, collect all error messages
> in some memory space.
> Unfortunately, verify callback function only takes preverify status
> and a pointer to X509_STORE structure. If this structure had some
> "void* userdata" field - it would be possible to do it without using
> global variables.

Use the ex_data structure.  Some very simple code to get an appropriate
index, store data and retreive it:

X509_user_data_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
                       int ind,long argl, void *argp)

int X509_user_data_index()
  static index = -1;
  if (index == -1)
      index = X509_STORE_CTX_get_ex_new_index(0, "X509 Store", NULL,
  return index;

/* Store */
X509_STORE_CTX_set_ex_data(ctx, X509_user_data_index(), your_data);

/* Retreive */
your_data = X509_STORE_CTX_set_ex_data(ctx, X509_user_data_index());

Case dismissed.

Richard Levitte
[hidden email]
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]