ec_cert_t
type, and are created by ec_cert_create()
. All certificates must be freed once they are no longer required using ec_cert_destroy()
.ec_ctx_save()
, then it will be destroyed automatically once it is removed, overwritten, or the context it was saved to is destroyed.ec_cert_t *ec_cert_create(time_t valid_from, time_t valid_until);
valid_from
and valid_until
define the certificate's validity period - if the validity period does not fall entirely within the valitity period of its signer, then the timestamp which violates this constraint will be adjusted to match that of the signer.time()
(see time.h
).ec_cert_destroy()
when they are no longer required.ec_cert_t *ec_cert_copy(ec_cert_t *c);
c
, or NULL on failure.void ec_cert_destroy(ec_cert_t *c);
ec_cert_create()
.void ec_cert_strip(ec_cert_t *c, int what);
when
. Possible flags are listed below:ec_err_t ec_cert_sign(ec_cert_t *c, ec_cert_t *signer);
ec_err_t ec_cert_check(ec_ctx_t *ctx, ec_cert_t *c, int flags);
NULL
instead.flags
parameter is used to set which tests are run, according to the following table. Checks are run in the order that they are listed here.EC_CHECK_CHAIN
always passes if EC_CERT_TRUSTED
is set on the certificate.ec_id_t ec_cert_id(ec_cert_t *c);
ec_record_t *ec_cert_records(ec_cert_t *c);
ec_err_t ec_cert_lock(ec_cert_t *c, char *password);
ec_err_t ec_cert_unlock(ec_cert_t *c, char *password);