OpenGrok

$NetBSD: CTLOG_STORE_new.3,v 1.5 2026/04/08 17:06:42 christos Exp $

-*- mode: troff; coding: utf-8 -*-
Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45)

Standard preamble:
========================================================================
..

..

.. \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
. ds C` "" . ds C' "" 'br\} . ds C` . ds C' 'br\}
Escape single quotes in literal strings from groff's Unicode transform.

If the F register is >0, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.

Avoid warning from groff about undefined register 'F'.
.. .nr rF 0 . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF
Required to disable full justification in groff 1.23.0.
========================================================================

Title "CTLOG_STORE_new 3" For nroff, turn off justification. Always turn off hyphenation; it makes
way too many mistakes in technical documents.
.nh CTLOG_STORE_new_ex, CTLOG_STORE_new, CTLOG_STORE_free, CTLOG_STORE_load_default_file, CTLOG_STORE_load_file - Create and populate a Certificate Transparency log list Header "SYNOPSIS" .Vb 1 #include <openssl/ct.h> \& CTLOG_STORE *CTLOG_STORE_new_ex(OSSL_LIB_CTX *libctx, const char *propq); CTLOG_STORE *CTLOG_STORE_new(void); void CTLOG_STORE_free(CTLOG_STORE *store); \& int CTLOG_STORE_load_default_file(CTLOG_STORE *store); int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file); .Ve Header "DESCRIPTION" A CTLOG_STORE is a container for a list of CTLOGs (Certificate Transparency logs). The list can be loaded from one or more files and then searched by LogID (see RFC 6962, Section 3.2, for the definition of a LogID).

\fBCTLOG_STORE_new_ex() creates an empty list of CT logs associated with the library context libctx and the property query string propq.

\fBCTLOG_STORE_new() does the same thing as CTLOG_STORE_new_ex() but with the default library context and property query string.

The CTLOG_STORE is then populated by CTLOG_STORE_load_default_file() or \fBCTLOG_STORE_load_file(). CTLOG_STORE_load_default_file() loads from the default file, which is named ct_log_list.cnf in OPENSSLDIR (see the output of \fBopenssl-version\|(1)). This can be overridden using an environment variable named CTLOG_FILE. CTLOG_STORE_load_file() loads from a caller-specified file path instead. Both of these functions append any loaded CT logs to the CTLOG_STORE.

The expected format of the file is:

.Vb 1 enabled_logs=foo,bar \& [foo] description = Log 1 key = <base64-encoded DER SubjectPublicKeyInfo here> \& [bar] description = Log 2 key = <base64-encoded DER SubjectPublicKeyInfo here> .Ve

Once a CTLOG_STORE is no longer required, it should be passed to \fBCTLOG_STORE_free(). This will delete all of the CTLOGs stored within, along with the CTLOG_STORE itself. If the argument is NULL, nothing is done.

Header "NOTES" If there are any invalid CT logs in a file, they are skipped and the remaining valid logs will still be added to the CTLOG_STORE. A CT log will be considered invalid if it is missing a "key" or "description" field. Header "RETURN VALUES" Both CTLOG_STORE_load_default_file and CTLOG_STORE_load_file return 1 if all CT logs in the file are successfully parsed and loaded, 0 otherwise. Header "SEE ALSO" \fBct\|(7), \fBCTLOG_STORE_get0_log_by_id\|(3), \fBSSL_CTX_set_ctlog_list_file\|(3) Header "HISTORY" CTLOG_STORE_new_ex was added in OpenSSL 3.0. All other functions were added in OpenSSL 1.1.0. Header "COPYRIGHT" Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.

Indexes created Mon Apr 27 00:23:16 UTC 2026