abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-06 16:36:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update X.509 validation and fix TLS 1.3 chain verify

Browse Source
This commit is contained in:
Zhi Guan
2023-01-11 15:29:22 +08:00
parent 167f2c0c33
commit 2f19fc3067
5 changed files with 101 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
include/gmssl/x509.h
View File

@@ -355,6 +355,7 @@ typedef enum {
X509_cert_chain_client,
} X509_CERT_CHAIN_TYPE;
#define X509_MAX_VERIFY_DEPTH 6 // TODO: any requirement from CA/B or OpenSSL?
int x509_certs_verify(const uint8_t *certs, size_t certslen, int certs_type,
const uint8_t *rootcerts, size_t rootcertslen, int depth, int *verify_result);
int x509_certs_verify_tlcp(const uint8_t *certs, size_t certslen, int certs_type,