Refactoring verify_cert
Apply the changes that we've been talking about in
https://github.com/pyca/pyopenssl/pull/155 regarding the placement of
verify_cert, viz., moving verify_cert from top level of crypto into
X509StoreContext.
This makes the pyOpenSSL API slightly different than the OpenSSL API,
but the plan will be to add back a verify_cert to the top level that is
nice to use.
diff --git a/doc/api/crypto.rst b/doc/api/crypto.rst
index 344fa40..5528870 100644
--- a/doc/api/crypto.rst
+++ b/doc/api/crypto.rst
@@ -240,18 +240,6 @@
.. versionadded:: 0.11
-.. py:function:: verify_cert(store_ctx)
-
- Verify a certificate in a context.
-
- A :py:class:`X509StoreContext` is used to verify a certificate in some
- context in conjunction with :py:func:`verify_cert`. The information
- encapsulated in this object includes, but is not limited to, a set of
- trusted certificates, verification parameters and revoked certificates.
-
- .. versionadded:: 0.15
-
-
.. _openssl-x509:
X509 objects
@@ -548,6 +536,22 @@
Add the certificate *cert* to the certificate store.
+X509StoreContext objects
+------------------------
+
+The X509StoreContext object is used for verifying a certificate against a set
+of trusted certificates.
+
+
+.. py:method:: X509StoreContext.verify_certificate()
+
+ Verify a certificate in the context of this initialized `X509StoreContext`.
+ On error, raises `X509StoreContextError`, otherwise does nothing.
+
+ .. versionadded:: 0.15
+
+
+
.. _openssl-pkey:
PKey objects