On 2008.04.04 at 15:53:33 +0200, roberto calosino wrote: > Hello, > > I'd like to know the difference between X509_STORE (X509_STORE_new) and > STACK_OF(X509) (sk_X509_new). > What kind of additional information contains a X509_STORE ?
Stack is generic data structure. There are stacks of everything in Openssl. Stack is no more than variable-size array. X509_STORE is quite another matter. It is generic access interface for CA cerrrtificate database. It can store CRLS as well as certificates, lookup certificates by subject and by fingerprint, build validation chains etc. OpenSSL itself provides just two X509_STORE_METHODs - one which loads pack of cerriticates from file and caches them in the memory, and one which uses dierectory with hashed names as backend storage. But nothing (short of lack of documentation) prevents you from writing your own X509_STORE_METHOD and use relational DBMS or something else for certificate storage. All OpenSSL fucntions which verify certificates would transparently use your storage using X509_STORE interface. > Thank you very much in advance. > _________________________________________________________________________ > Mit der Gruppen-SMS von WEB.DE FreeMail k?nnen Sie eine SMS an alle > Freunde gleichzeitig schicken: http://freemail.web.de/features/?mc=021179 > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
