understanding ASN1_item_verify()

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

understanding ASN1_item_verify()

Michael Richardson

Zero,
  my goal is to validate Certificate Signing Requests in ruby.

First,
  https://www.openssl.org/docs/man1.1.1/man3/ASN1_item_verify.html
and
  https://www.openssl.org/docs/man1.1.0/man3/ASN1_item_verify.html
.. do not seem to exist, but at least
  https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_asn1_set_ctrl.html 
points to such a page.

I'm not sure what this means for this function. It also does not
show up in doc/*, but it is exported in crypto.num.  
Maybe it should not be used by new code?


Second,

I was looking at:
  int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
  {
    return (ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO),
                                 &a->sig_alg, a->signature, &a->req_info,
r));
  }

as I'm not sure that I want to build a ruby wrapper for X509_REQ.

I just don't understand ASN1_ITEM_rptr.  My understanding is that
it returns a function (or global) that would be named X509_REQ_INFO_it().

But, how does the "a" argument get connected with this?
I'm thinking that there is some global "current ASN1 thing" that is involved,
but surely that can't be...

If there is any non-generic documentation on X509_REQ_*(), I haven't found it.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

signature.asc (497 bytes) Download Attachment