Lines Matching defs:chain
197 * against the CA's in store, but also return the validation chain.
200 ldns_dane_pkix_validate_and_get_chain(STACK_OF(X509)** chain, X509* cert,
207 assert(chain != NULL);
229 *chain = X509_STORE_CTX_get1_chain(vrfy_ctx);
230 if (! *chain) {
245 /* Return the validation chain that can be build out of cert, with extra_certs.
248 ldns_dane_pkix_get_chain(STACK_OF(X509)** chain,
255 assert(chain != NULL);
269 *chain = X509_STORE_CTX_get1_chain(vrfy_ctx);
270 if (! *chain) {
288 X509** cert, STACK_OF(X509)* chain, int n, bool ca)
290 if (n >= sk_X509_num(chain) || n < 0) {
293 *cert = sk_X509_pop(chain);
296 *cert = sk_X509_pop(chain);
305 /* Create validation chain with cert and extra_certs and returns the last
558 /* Return whether any certificate from the chain with selector/matching_type
563 ldns_dane_match_any_cert_with_data(STACK_OF(X509)* chain,
572 n = (size_t)sk_X509_num(chain);
574 cert = sk_X509_pop(chain);
633 * certificate from the chain, so we return
645 * chain, thus the error is failed PKIX