scp home

Home    CertX ActiveX Online Help Prev Next
Introduction
License
Certificate Request functions
csr_new
csr_export_to_file
csr_export
csr_sign
x.509 functions
x509_check_private_key
x509_checkpurpose
x509_export
x509_export_to_file
x509_free
x509_read
x509_parse
PKCS7 functions
pkcs7_decrypt
pkcs7_encrypt
pkcs7_sign
pkcs7_verify
RSA
pkey_new
pkey_export
pkey_export_to_file
pkey_get_public
pkey_get_private
public_encrypt
private_decrypt
open (decrypt)
seal (encrypt)
sign
verify
PKCS7 Constants

x509_checkpurpose

Verifies if a certificate can be used for a particular purpose

Syntax

Function x509_checkpurpose (x509cert, purpose As x509_PURPOSE, cainfo, [untrustedfile]) As Boolean

Returns True if the certificate can be used for the intended purpose, False if it cannot.

x509_checkpurpose() examines the certificate specified by x509cert to see if it can be used for the purpose specified by purpose.

cainfo should be an array of trusted CA files/dirs.

untrustedfile, if specified, is the name of a PEM encoded file holding certificates that can be used to help verify the certificate, although no trust in placed in the certificates that come from that file.

Table 1. x509_checkpurpose() purposes

Constant Description
X509_PURPOSE_SSL_CLIENT Can the certificate be used for the client side of an SSL connection?
X509_PURPOSE_SSL_SERVER Can the certificate be used for the server side of an SSL connection?
X509_PURPOSE_NS_SSL_SERVER Can the cert be used for Netscape SSL server?
X509_PURPOSE_SMIME_SIGN Can the cert be used to sign S/MIME email?
X509_PURPOSE_SMIME_ENCRYPT Can the cert be used to encrypt S/MIME email?
X509_PURPOSE_CRL_SIGN Can the cert be used to sign a certificate revocation list (CRL)?
X509_PURPOSE_ANY Can the cert be used for Any/All purposes?
These options are not bitfields - you may specify one only!

(c) Activecrypt Software LLC, 2004

 

Browser Based Help. Published by chm2web software.