x509 certificate verification in C

by

I use following code for verifying a certificate

init CertStore:

X509_STORE* m_store = X509_STORE_new();
X509_LOOKUP* m_lookup = X509_STORE_add_lookup(m_store,X509_LOOKUP_file());    
X509_STORE_load_locations(m_store, "CAFile.pem", NULL);
X509_STORE_set_default_paths(m_store);
X509_LOOKUP_load_file(m_lookup,"CAFile.pem",X509_FILETYPE_PEM)
// alternative lookup by hashdir
// X509_LOOKUP* m_lookup=X509_STORE_add_lookup(m_store,X509_LOOKUP_hash_dir());

VerifyCert:

X509_STORE_CTX *storeCtx = X509_STORE_CTX_new();
X509_STORE_CTX_init(storeCtx,m_store,cert,NULL);
X509_STORE_CTX_set_flags(storeCtx, X509_V_FLAG_CB_ISSUER_CHECK);
if (X509_verify_cert(storeCtx) == 1)
{
  printf("success");
}
else
{
  printf("Verificatione rror: %s",X509_verify_cert_error_string(storeCtx->error));
}
X509_STORE_CTX_free(storeCtx);

you also need to cleanup m_store

if(m_store != NULL)
{
   X509_STORE_free(m_store);
   m_store = NULL;
}

More Related Contents:

  1. How to generate RSA private key using OpenSSL?
  2. How to implement Server Name Indication (SNI)
  3. Password to key function compatible with OpenSSL commands?
  4. AES CTR 256 Encryption Mode of operation on OpenSSL
  5. How to compile .c file with OpenSSL includes?
  6. Directly Read/Write Handshake data with Memory BIO
  7. Error: “invalid use of incomplete type ‘RSA {aka struct rsa_st}” in OpenSSL 1.1.0
  8. AES (aes-cbc-128, aes-cbc-192, aes-cbc-256) encryption/decryption with openssl C
  9. How do I build OpenSSL statically linked against Windows runtime?
  10. How to do encryption using AES in Openssl
  11. Build OpenVPN with specific OpenSSL version
  12. Serving multiple domains in one box with SNI
  13. Usage of uint_8, uint_16 and uint_32
  14. C Program that reads and Stores a series of integers
  15. What does the ??!??! operator do in C?
  16. When should I use ampersand with scanf()
  17. “#include” a text file in a C program as a char[]
  18. What exactly do C include guards do?
  19. ?: ternary conditional operator behaviour when leaving one expression empty
  20. Segmentation fault handling
  21. gcc will not properly include math.h
  22. How to iterate over a string in C?
  23. Casting float to int (bitwise) in C
  24. Shellcode in C program
  25. Sending columns of a matrix using MPI_Scatter
  26. RS485: Inappropriate ioctl for device
  27. How can I convert a binary file to the text declaring a C/C++ array with that content?
  28. Convert UTF-16 to UTF-8 under Windows and Linux, in C
  29. C split a char array into different variables
  30. What is the difference between AF_INET and PF_INET in socket programming?

Leave a Comment