Hi,
below is my application code
sshX509CACertStore = X509_STORE_new();
X509_STORE_set_verify_cb_func(sshX509CACertStore,
sshX509CertVerifyCallback);
pLookup = X509_STORE_add_lookup(sshX509CACertStore,
X509_LOOKUP_file());
X509_LOOKUP_load_file(pLookup,caFile,X509_FILETYPE_PEM)
X509_STORE_CTX_init (pStoreCtx, sshX509CACertStore, pX509, NULL);
ret = X509_verify_cert (pStoreCtx);
in the callback function I just checked for
retVal = X509_STORE_get_by_subject (&storeCtx, X509_LU_CRL,
pSubject, &x509_obj);
retVal = X509_STORE_get_by_subject (&storeCtx, X509_LU_CRL,
pIssuer, &x509_obj);
older openssl used md5 hash and newer doesn't seem to use it
As you mentioned about c_rehash. How should I create new symlink in code.
My application is to verify the certificate and signature in image
It will be helpful if you can provide your inputs for crash of above
application at
X509_STORE_get_by_subject (&storeCtx, X509_LU_CRL,
pIssuer, &x509_obj);
Thanks & regards,
Tosif
On Thu, Oct 15, 2015 at 8:16 PM, Emilia Käsper <[email protected]> wrote:
> This sounds like an application problem.
> 1) Did you recompile your source? 0.9.7 and 1.0.1 are not
> binary-compatible.
> 2) The certificate hash format has changed between 1.0.1 and 0.9.7, which
> could
> explain why the lookup no longer works:
> https://www.openssl.org/docs/manmaster/apps/rehash.html
>
> If the above isn't helpful, try asking for help on openssl-users@.
> Rejecting
> the ticket (though please reopen if you find new evidence that this is a
> bug
> within OpenSSL).
>
> Cheers,
> Emilia
>
>
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
