[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: Re: [openssl-users] Loading CA from memory
From: Devchandra L Meetei <dlmeetei () gmail ! com>
Date: 2018-02-21 4:55:15
Message-ID: CAKmFMKfP1Tv=rNO2hg8tdn79NYSvQknOFxH7wipNf8RRUNqD3Q () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Thanks Viktor
As usual, Your answer throws light. Now, it is time to get started.
Will revert if got obstructed on the way
On Wed, Feb 21, 2018 at 9:58 AM, Viktor Dukhovni <openssl-users@dukhovni.org
> wrote:
>
>
> > On Feb 20, 2018, at 12:58 PM, Devchandra L Meetei <dlmeetei@gmail.com>
> wrote:
> >
> > By the way, Is there any plan to port SSL_CTX_load_verify_mem to openssl?
>
> The basic functionality is already there:
>
> If you want to parse in-memory PEM, see the use of
> PEM_X509_INFO_read_bio() [needs documentation] at:
>
> https://github.com/openssl/openssl/blob/master/apps/crl2p7.c#L179
>
> if have a PKCS7 DER or PEM structure, there are suitable functions for
> pulling
> out a chain from that. Then you can set a "trusted stack" for your
> X509_STORE_CTX.
>
> --
> Viktor.
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
--
Warm Regards
--Dev
OpenPegasus Developer
"I'm one of those people that think Thomas Edison and the light bulb
changed the world more than Karl Marx ever did," Steve Jobs
[Attachment #5 (text/html)]
<div dir="ltr">Thanks Viktor<div>As usual, Your answer throws light. Now, it is time \
to get started.</div><div>Will revert if got obstructed on the way</div></div><div \
class="gmail_extra"><br><div class="gmail_quote">On Wed, Feb 21, 2018 at 9:58 AM, \
Viktor Dukhovni <span dir="ltr"><<a href="mailto:openssl-users@dukhovni.org" \
target="_blank">openssl-users@dukhovni.org</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><span class=""><br> <br>
> On Feb 20, 2018, at 12:58 PM, Devchandra L Meetei <<a \
href="mailto:dlmeetei@gmail.com">dlmeetei@gmail.com</a>> wrote:<br> ><br>
> By the way, Is there any plan to port SSL_CTX_load_verify_mem to openssl?<br>
<br>
</span>The basic functionality is already there:<br>
<br>
If you want to parse in-memory PEM, see the use of PEM_X509_INFO_read_bio() [needs \
documentation] at:<br> <br>
<a href="https://github.com/openssl/openssl/blob/master/apps/crl2p7.c#L179" \
rel="noreferrer" target="_blank">https://github.com/openssl/<wbr>openssl/blob/master/apps/<wbr>crl2p7.c#L179</a><br>
<br>
if have a PKCS7 DER or PEM structure, there are suitable functions for pulling<br>
out a chain from that. Then you can set a "trusted stack" for your \
X509_STORE_CTX.<br> <span class="HOEnZb"><font color="#888888"><br>
--<br>
Viktor.<br>
</font></span><div class="HOEnZb"><div class="h5"><br>
--<br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" \
rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div \
class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>Warm \
Regards<br>--Dev<br>OpenPegasus Developer<br><br>"I'm one of those people \
that think Thomas Edison and the light bulb changed the world more than Karl Marx \
ever did," Steve Jobs<br></div></div></div> </div>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic