Lines Matching refs:cert
191 _hx509_get_cert(hx509_cert cert)
193 return cert->data;
212 * @param cert
220 hx509_cert_init(hx509_context context, const Certificate *c, hx509_cert *cert)
224 *cert = malloc(sizeof(**cert));
225 if (*cert == NULL)
227 (*cert)->ref = 1;
228 (*cert)->friendlyname = NULL;
229 (*cert)->attrs.len = 0;
230 (*cert)->attrs.val = NULL;
231 (*cert)->private_key = NULL;
232 (*cert)->basename = NULL;
233 (*cert)->release = NULL;
234 (*cert)->ctx = NULL;
236 (*cert)->data = calloc(1, sizeof(*(*cert)->data));
237 if ((*cert)->data == NULL) {
238 free(*cert);
241 ret = copy_Certificate(c, (*cert)->data);
243 free((*cert)->data);
244 free(*cert);
245 *cert = NULL;
262 * @param cert a return pointer to a hx509 certificate object, will
274 hx509_cert *cert)
292 ret = hx509_cert_init(context, &t, cert);
298 _hx509_cert_set_release(hx509_cert cert,
302 cert->release = release;
303 cert->ctx = ctx;
310 _hx509_cert_assign_key(hx509_cert cert, hx509_private_key private_key)
312 if (cert->private_key)
313 hx509_private_key_free(&cert->private_key);
314 cert->private_key = _hx509_private_key_ref(private_key);
322 * @param cert the cert to free.
328 hx509_cert_free(hx509_cert cert)
332 if (cert == NULL)
335 if (cert->ref <= 0)
336 _hx509_abort("cert refcount <= 0 on free");
337 if (--cert->ref > 0)
340 if (cert->release)
341 (cert->release)(cert, cert->ctx);
343 if (cert->private_key)
344 hx509_private_key_free(&cert->private_key);
346 free_Certificate(cert->data);
347 free(cert->data);
349 for (i = 0; i < cert->attrs.len; i++) {
350 der_free_octet_string(&cert->attrs.val[i]->data);
351 der_free_oid(&cert->attrs.val[i]->oid);
352 free(cert->attrs.val[i]);
354 free(cert->attrs.val);
355 free(cert->friendlyname);
356 if (cert->basename)
357 hx509_name_free(&cert->basename);
358 memset(cert, 0, sizeof(*cert));
359 free(cert);
365 * @param cert a pointer to an hx509 certificate object.
373 hx509_cert_ref(hx509_cert cert)
375 if (cert == NULL)
377 if (cert->ref <= 0)
378 _hx509_abort("cert refcount <= 0");
379 cert->ref++;
380 if (cert->ref == 0)
381 _hx509_abort("cert refcount == 0");
382 return cert;
587 find_extension(const Certificate *cert, const heim_oid *oid, size_t *idx)
589 const TBSCertificate *c = &cert->tbsCertificate;
659 find_extension_subject_alt_name(const Certificate *cert, size_t *i,
667 e = find_extension(cert, &asn1_oid_id_x509_ce_subjectAltName, i);
677 find_extension_eku(const Certificate *cert, ExtKeyUsage *eku)
685 e = find_extension(cert, &asn1_oid_id_x509_ce_extKeyUsage, &i);
739 * @param cert a hx509 certificate object.
750 hx509_cert cert,
763 ret = find_extension_subject_alt_name(_hx509_get_cert(cert), &i, &sa);
794 check_key_usage(hx509_context context, const Certificate *cert,
804 if (_hx509_cert_get_version(cert) < 3)
807 e = find_extension(cert, &asn1_oid_id_x509_ce_keyUsage, &i);
827 _hx509_unparse_Name(&cert->tbsCertificate.subject, &name);
838 * Return 0 on matching key usage 'flags' for 'cert', otherwise return
844 _hx509_check_key_usage(hx509_context context, hx509_cert cert,
847 return check_key_usage(context, _hx509_get_cert(cert), flags, req_present);
853 check_basic_constraints(hx509_context context, const Certificate *cert,
862 if (_hx509_cert_get_version(cert) < 3)
865 e = find_extension(cert, &asn1_oid_id_x509_ce_basicConstraints, &i);
873 ret = _hx509_unparse_Name(&cert->tbsCertificate.subject, &name);
1000 const hx509_cert cert)
1012 q.certificate = _hx509_get_cert(cert);
1022 const Certificate *cert,
1026 ret = _hx509_name_cmp(&cert->tbsCertificate.subject,
1027 &cert->tbsCertificate.issuer, &diff);
1033 ret = _hx509_self_signed_valid(context, &cert->signatureAlgorithm);
1144 const Certificate *cert,
1156 e = find_extension(cert, &asn1_oid_id_pkix_pe_proxyCertInfo, &i);
1189 _hx509_path_append(hx509_context context, hx509_path *path, hx509_cert cert)
1199 path->val[path->len] = hx509_cert_ref(cert);
1240 hx509_cert cert,
1250 ret = _hx509_path_append(context, path, cert);
1254 current = hx509_cert_ref(cert);
1519 const heim_bit_string *cert, heim_bit_string *subject)
1523 if (cert == NULL) {
1528 ret = der_copy_bit_string(cert, subject);
1964 * @param cert the certificate to build the path from.
1975 hx509_cert cert,
2017 cert, pool, &path);
2060 /* self signed cert doesn't add to path length */
2113 * then check with the EE cert when we get to it.
2171 * cert was an EE cert and we we will fall though to
2197 if (cert->basename)
2198 hx509_name_free(&cert->basename);
2200 ret = _hx509_name_from_Name(&proxy_issuer, &cert->basename);
2436 * @param cert the certificate to match with
2453 const hx509_cert cert,
2472 ret = find_extension_subject_alt_name(cert->data, &i, &san);
2498 name = &cert->data->tbsCertificate.subject;
2546 hx509_cert cert,
2553 if (hx509_cert_get_attribute(cert, oid) != NULL)
2556 d = realloc(cert->attrs.val,
2557 sizeof(cert->attrs.val[0]) * (cert->attrs.len + 1));
2562 cert->attrs.val = d;
2571 cert->attrs.val[cert->attrs.len] = a;
2572 cert->attrs.len++;
2581 * @param cert hx509 certificate object to search
2591 hx509_cert_get_attribute(hx509_cert cert, const heim_oid *oid)
2594 for (i = 0; i < cert->attrs.len; i++)
2595 if (der_heim_oid_cmp(oid, &cert->attrs.val[i]->oid) == 0)
2596 return cert->attrs.val[i];
2603 * @param cert The certificate to set the friendly name on
2612 hx509_cert_set_friendly_name(hx509_cert cert, const char *name)
2614 if (cert->friendlyname)
2615 free(cert->friendlyname);
2616 cert->friendlyname = strdup(name);
2617 if (cert->friendlyname == NULL)
2625 * @param cert cert to get the friendly name from.
2634 hx509_cert_get_friendly_name(hx509_cert cert)
2642 if (cert->friendlyname)
2643 return cert->friendlyname;
2645 a = hx509_cert_get_attribute(cert, &asn1_oid_id_pkcs_9_at_friendlyName);
2649 ret = hx509_cert_get_subject(cert, &name);
2652 ret = hx509_name_to_string(name, &cert->friendlyname);
2656 return cert->friendlyname;
2668 cert->friendlyname = malloc(n.val[0].length + 1);
2669 if (cert->friendlyname == NULL) {
2676 cert->friendlyname[i] = n.val[0].data[i] & 0xff;
2678 cert->friendlyname[i] = 'X';
2680 cert->friendlyname[i] = '\0';
2683 return cert->friendlyname;
2945 _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert cert)
2947 Certificate *c = _hx509_get_cert(cert);
2991 _hx509_cert_private_key(cert) == NULL)
3019 a = hx509_cert_get_attribute(cert, &asn1_oid_id_pkcs_9_at_localKeyId);
3030 if (hx509_cert_cmp(q->path->val[i], cert) == 0)
3034 const char *name = hx509_cert_get_friendly_name(cert);
3041 ret = (*q->cmp_func)(context, cert, q->cmp_func_ctx);
3072 /* If an EKU is required, check the cert for it. */
3074 hx509_cert_check_eku(context, cert, q->eku, 0))
3080 ret = _hx509_cert_to_env(context, cert, &env);
3128 "find issuer cert",
3255 * @param cert A hx509 context.
3266 hx509_cert_check_eku(hx509_context context, hx509_cert cert,
3273 ret = find_extension_eku(_hx509_get_cert(cert), &e);
3303 Certificate *cert;
3311 cert = _hx509_get_cert(c);
3313 if (_hx509_cert_get_version(cert) < 3)
3316 e = find_extension(cert, &asn1_oid_id_x509_ce_keyUsage, &i);
3328 hx509_cert cert,
3335 ret = find_extension_eku(_hx509_get_cert(cert), e);
3417 _hx509_cert_to_env(hx509_context context, hx509_cert cert, hx509_env *env)
3428 asprintf(&buf, "%d", _hx509_cert_get_version(_hx509_get_cert(cert)));
3435 ret = hx509_cert_get_subject(cert, &name);
3451 ret = hx509_cert_get_issuer(cert, &name);
3467 ret = _hx509_cert_get_eku(context, cert, &eku);
3502 Certificate *c = _hx509_get_cert(cert);
3555 * @param cert certificate to print
3564 hx509_print_cert(hx509_context context, hx509_cert cert, FILE *out)
3573 ret = hx509_cert_get_issuer(cert, &name);
3581 ret = hx509_cert_get_subject(cert, &name);
3592 ret = hx509_cert_get_serialnumber(cert, &serialNumber);
3604 ret = hx509_cert_keyusage_print(context, cert, &str);