ec_ctx_t *ec_ctx_create(void);
NULL
on failure.ec_ctx_destroy()
once they are no longer required.void ec_ctx_destroy(ec_ctx_t *ctx);
ec_ctx_create()
.typedef ec_cert_t *(*ec_autoload_t)(ec_id_t id);
void ec_ctx_autoload(ec_ctx_t *ctx, ec_autoload_t autoload);
void ec_ctx_validator(ec_ctx_t *ctx, ec_record_validator_t validator);
EC_RECORD_REQUIRE
are acceptable. The validator function should return zero for acceptable, nonzero otherwise.EC_CHECK_REQUIRE
. The validator must reject as failed any records it does not understand.EC_CHECK_CERT
before the validator is run.ec_ctx_t *ec_ctx_next(ec_ctx_t *ctx, ec_ctx_t *next);
next
.ec_ctx_cert()
which is not available in the context's internal store of via autoload.ec_cert_t *ec_ctx_save(ec_ctx_t *ctx, ec_cert_t *c);
ec_cert_t *ec_ctx_remove(ec_ctx_t *ctx, ec_id_t id);
ec_cert_destroy()
once it is no longer required.ec_cert_t *ec_ctx_cert(ec_ctx_t *ctx, ec_id_t id);
ec_ctx_next()
, that context will also be searched (after attempting to autoload).ec_cert_t *ec_ctx_anchor(ec_ctx_t *ctx, ec_cert_t *c);
c
does not pass EC_CHECK_CHAIN, this is considered an error. The same search method as ec_ctx_cert()
is used to find the CA certificate.