Hi,
I've created an X509_STORE and than I've loaded CA certs
and CRLs using PEM format.
...
store=X509_STORE_new();
lu=X509_STORE_add_lookup(store,X509_LOOKUP_file());
X509_load_cert_file(lu,"cacert.pem",X509_FILETYPE_PEM));
X509_load_crl_file(lu,"cacrl.pem",X509_FILETYPE_PEM));
...
Than I tried to verify a PKCS#7 using PKCS7_dataVerify() using
a certificate trusted (with the issuer in cacert.pem), yet valid but
revoked
(in cacrl.pem) ...
The problem is that the verify doesn't find any error over
the signature.
Have I set some flag to tell the library to check against the CRL
while verifing signatures ?
thanks!
--
FERDINANDO RICCHIUTI
Research & Development
CSP s.c. a r.l.
____________________________________________
Villa Gualino
Viale Settimo Severo, 63 - 10133 Torino [IT]
e-mail [EMAIL PROTECTED]
mob +39 (0)348 6023959
tel +39 (0)11 3165401
____________________________________________
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
