50  * Trees of revoked serial numbers, key IDs and keys. This allows
82 /* Tracks revoked certs for a single CA */
433  * current section type, the run length of contiguous revoked serial
434  * numbers and the gaps from the last and to the next revoked serial.
540 	/* Store the revoked serials.  */
686 	/* Store sections for revoked certificates */
1056 	/* Check that the key(s) used to sign the KRL weren't revoked */
1067 		error("All keys used to sign KRL were revoked");
1108 /* Checks whether a given key/cert is revoked. Does not check its CA */
1117 	/* Check explicitly revoked hashes first */
1124 		debug("%s: revoked by key SHA1", __func__);
1135 		debug("%s: revoked by explicit key", __func__);
1154 		debug("%s: revoked by key ID", __func__);
1171 		debug("%s: revoked by serial", __func__);
1196 /* Returns 0 on success, -1 on error or key revoked, -2 if path is not a KRL */
1202 	int revoked, fd;
1234 	revoked = ssh_krl_check_key(krl, key) != 0;
1236 	return revoked ? -1 : 0;

Indexes created Fri Jul 05 22:58:02 MDT 2024