autodoc.git
/
traditional_manual
/
chapter_21.html
version
»
Context lines:
10
20
40
80
file
none
3
autodoc.git/traditional_manual/chapter_21.html:47746:
<hr /> <dl class='group--doc'> <dt class='head--type'><span class='homogen--type'>Method</span> <span class='homogen--name'><b>verify_certificate</b></span> </dt> <dd><p><code><code class='object unresolved'>TBSCertificate</code> <b><span class='method'>verify_certificate</span>(</b><code class='datatype'>string</code> <code class='argument'>s</code>, <code class='datatype'>mapping</code>(<code class='datatype'>string</code>:<code class='object unresolved'>Verifier</code>|<code class='datatype'>array</code>(<code class='object unresolved'>Verifier</code>)) <code class='argument'>authorities</code>, <code class='datatype'>mapping</code>(<code class='object unresolved'>Standards.ASN1.Types.Identifier</code>:<code class='object unresolved'>Crypto.Hash</code>)|<code class='datatype'>void</code> <code class='argument'>options</code><b>)</b></code></p></dd> <dt class='head--doc'>Description</dt> <dd class='body--doc'><p>Decodes a certificate, checks the signature. Returns the
-
TBSCertificate structure, or 0 if decoding or verification
failes
.
+
TBSCertificate structure, or 0 if decoding or verification
fails
.
The valid time range for the certificate is not checked.</p> </dd> <dt class='head--doc'><span id='p-authorities'></span>Parameter <code class='parameter'>authorities</code></dt> <dd></dd><dd class='body--doc'><p>A mapping from (DER-encoded) names to a verifiers.</p> </dd> <dt class='head--doc'><span id='p-options'></span>Parameter <code class='parameter'>options</code></dt> <dd></dd><dd class='body--doc'><table class='box'><tr><td><code><code class='key'>"verifier_algorithms"</code> : <code class='datatype'>mapping</code>(<code class='object unresolved'>Standards.ASN1.Types.Identifier</code>:<code class='object unresolved'>Crypto.Hash</code>)</code></td><td><p>A mapping of verifier algorithm identifier to hash algorithm implementation.</p> </td></tr> </table>
autodoc.git/traditional_manual/chapter_21.html:47775:
<dl class='group--doc'> <dt class='head--type'><span class='homogen--type'>Method</span> <span class='homogen--name'><b>verify_certificate_chain</b></span> </dt> <dd><p><code><code class='datatype'>mapping</code> <b><span class='method'>verify_certificate_chain</span>(</b><code class='datatype'>array</code>(<code class='datatype'>string</code>|<code class='object unresolved'>.PKCS.Signature.Signed</code>) <code class='argument'>cert_chain</code>, <code class='datatype'>mapping</code>(<code class='datatype'>string</code>:<code class='object unresolved'>Verifier</code>|<code class='datatype'>array</code>(<code class='object unresolved'>Verifier</code>)) <code class='argument'>authorities</code>, <code class='datatype'>int</code>|<code class='datatype'>void</code> <code class='argument'>require_trust</code>, <code class='datatype'>mapping</code>(<code class='datatype'>string</code>:<code class='datatype'>mixed</code>)|<code class='datatype'>void</code> <code class='argument'>options</code><b>)</b></code></p></dd> <dt class='head--doc'>Description</dt> <dd class='body--doc'><p>Decodes a certificate chain, ordered from leaf to root, and checks the signatures. Verifies that the chain can be decoded correctly, is unbroken, and that all certificates are in effect
-
(time-wise.) and allowed to sign
it's
child certificate.</p>
+
(time-wise.) and allowed to sign
its
child certificate.</p>
<p> No verifications are done on the leaf certificate to determine what it can and can not be used for.</p> <p> Returns a mapping with the following contents, depending on the verification of the certificate chain:</p> <table class='box'><tr><td><code><code class='key'>"error_code"</code> : <code class='datatype'>int</code></code></td><td><p>Error describing type of verification failures, if verification failed. May be one of the following, OR:ed together: <code>CERT_TOO_NEW</code>, <code>CERT_TOO_OLD</code>, <code>CERT_ROOT_UNTRUSTED</code>, <code>CERT_BAD_SIGNATURE</code>, <code>CERT_INVALID</code>, <code>CERT_CHAIN_BROKEN</code>, <code>CERT_UNAUTHORIZED_CA</code> or <code>CERT_EXCEEDED_PATH_LENGTH</code>.</p>
autodoc.git/traditional_manual/chapter_21.html:47915:
<hr /> <dl class='group--doc'> <dt class='head--type'><span class='homogen--type'>Constant</span> <span class='homogen--name'><b>CERT_UNAUTHORIZED_SIGNING</b></span> </dt> <dd><p><code><code class='datatype'>constant</code> Standards.X509.<code class='constant'>CERT_UNAUTHORIZED_SIGNING</code></code></p></dd> <dt class='head--doc'>Description</dt>
-
<dd class='body--doc'><p>The certificate is not allowed by
it's
key usage to sign data.</p>
+
<dd class='body--doc'><p>The certificate is not allowed by
its
key usage to sign data.</p>
</dd></dl> </dd></dl><dl><dt><h2 class='header'>Class <b class='ms datatype'>Standards.X509.IssuerId</b></h2> </dt><dd><dl class='group--doc'> <dt class='head--doc'>Description</dt> <dd class='body--doc'><p>Unique identifier for the certificate issuer.</p> <p> X.509v2 (deprecated).</p> </dd></dl> <hr /> <dl class='group--doc'>