Lines Matching refs:cert
1 /* $NetBSD: cert.c,v 1.1.1.1 2011/04/13 18:15:10 elric Exp $ */
193 _hx509_get_cert(hx509_cert cert)
195 return cert->data;
214 * @param cert
222 hx509_cert_init(hx509_context context, const Certificate *c, hx509_cert *cert)
226 *cert = malloc(sizeof(**cert));
227 if (*cert == NULL)
229 (*cert)->ref = 1;
230 (*cert)->friendlyname = NULL;
231 (*cert)->attrs.len = 0;
232 (*cert)->attrs.val = NULL;
233 (*cert)->private_key = NULL;
234 (*cert)->basename = NULL;
235 (*cert)->release = NULL;
236 (*cert)->ctx = NULL;
238 (*cert)->data = calloc(1, sizeof(*(*cert)->data));
239 if ((*cert)->data == NULL) {
240 free(*cert);
243 ret = copy_Certificate(c, (*cert)->data);
245 free((*cert)->data);
246 free(*cert);
247 *cert = NULL;
264 * @param cert a return pointer to a hx509 certificate object, will
276 hx509_cert *cert)
294 ret = hx509_cert_init(context, &t, cert);
300 _hx509_cert_set_release(hx509_cert cert,
304 cert->release = release;
305 cert->ctx = ctx;
312 _hx509_cert_assign_key(hx509_cert cert, hx509_private_key private_key)
314 if (cert->private_key)
315 hx509_private_key_free(&cert->private_key);
316 cert->private_key = _hx509_private_key_ref(private_key);
324 * @param cert the cert to free.
330 hx509_cert_free(hx509_cert cert)
334 if (cert == NULL)
337 if (cert->ref <= 0)
338 _hx509_abort("cert refcount <= 0 on free");
339 if (--cert->ref > 0)
342 if (cert->release)
343 (cert->release)(cert, cert->ctx);
345 if (cert->private_key)
346 hx509_private_key_free(&cert->private_key);
348 free_Certificate(cert->data);
349 free(cert->data);
351 for (i = 0; i < cert->attrs.len; i++) {
352 der_free_octet_string(&cert->attrs.val[i]->data);
353 der_free_oid(&cert->attrs.val[i]->oid);
354 free(cert->attrs.val[i]);
356 free(cert->attrs.val);
357 free(cert->friendlyname);
358 if (cert->basename)
359 hx509_name_free(&cert->basename);
360 memset(cert, 0, sizeof(*cert));
361 free(cert);
367 * @param cert a pointer to an hx509 certificate object.
375 hx509_cert_ref(hx509_cert cert)
377 if (cert == NULL)
379 if (cert->ref <= 0)
380 _hx509_abort("cert refcount <= 0");
381 cert->ref++;
382 if (cert->ref == 0)
383 _hx509_abort("cert refcount == 0");
384 return cert;
589 find_extension(const Certificate *cert, const heim_oid *oid, int *idx)
591 const TBSCertificate *c = &cert->tbsCertificate;
661 find_extension_subject_alt_name(const Certificate *cert, int *i,
669 e = find_extension(cert, &asn1_oid_id_x509_ce_subjectAltName, i);
679 find_extension_eku(const Certificate *cert, ExtKeyUsage *eku)
687 e = find_extension(cert, &asn1_oid_id_x509_ce_extKeyUsage, &i);
741 * @param cert a hx509 certificate object.
752 hx509_cert cert,
764 ret = find_extension_subject_alt_name(_hx509_get_cert(cert), &i, &sa);
795 check_key_usage(hx509_context context, const Certificate *cert,
804 if (_hx509_cert_get_version(cert) < 3)
807 e = find_extension(cert, &asn1_oid_id_x509_ce_keyUsage, &i);
827 _hx509_unparse_Name(&cert->tbsCertificate.subject, &name);
838 * Return 0 on matching key usage 'flags' for 'cert', otherwise return
844 _hx509_check_key_usage(hx509_context context, hx509_cert cert,
847 return check_key_usage(context, _hx509_get_cert(cert), flags, req_present);
853 check_basic_constraints(hx509_context context, const Certificate *cert,
861 if (_hx509_cert_get_version(cert) < 3)
864 e = find_extension(cert, &asn1_oid_id_x509_ce_basicConstraints, &i);
872 ret = _hx509_unparse_Name(&cert->tbsCertificate.subject, &name);
999 const hx509_cert cert)
1011 q.certificate = _hx509_get_cert(cert);
1021 const Certificate *cert,
1025 ret = _hx509_name_cmp(&cert->tbsCertificate.subject,
1026 &cert->tbsCertificate.issuer, &diff);
1032 ret = _hx509_self_signed_valid(context, &cert->signatureAlgorithm);
1143 const Certificate *cert,
1154 e = find_extension(cert, &asn1_oid_id_pkix_pe_proxyCertInfo, &i);
1187 _hx509_path_append(hx509_context context, hx509_path *path, hx509_cert cert)
1197 path->val[path->len] = hx509_cert_ref(cert);
1238 hx509_cert cert,
1248 ret = _hx509_path_append(context, path, cert);
1252 current = hx509_cert_ref(cert);
1517 const heim_bit_string *cert, heim_bit_string *subject)
1521 if (cert == NULL) {
1526 ret = der_copy_bit_string(cert, subject);
1960 * @param cert the certificate to build the path from.
1971 hx509_cert cert,
2012 cert, pool, &path);
2055 /* self signed cert doesn't add to path length */
2108 * then check with the EE cert when we get to it.
2166 * cert was an EE cert and we we will fall though to
2192 if (cert->basename)
2193 hx509_name_free(&cert->basename);
2195 ret = _hx509_name_from_Name(&proxy_issuer, &cert->basename);
2429 * @param cert the certificate to match with
2446 const hx509_cert cert,
2464 ret = find_extension_subject_alt_name(cert->data, &i, &san);
2490 name = &cert->data->tbsCertificate.subject;
2537 hx509_cert cert,
2544 if (hx509_cert_get_attribute(cert, oid) != NULL)
2547 d = realloc(cert->attrs.val,
2548 sizeof(cert->attrs.val[0]) * (cert->attrs.len + 1));
2553 cert->attrs.val = d;
2562 cert->attrs.val[cert->attrs.len] = a;
2563 cert->attrs.len++;
2572 * @param cert hx509 certificate object to search
2582 hx509_cert_get_attribute(hx509_cert cert, const heim_oid *oid)
2585 for (i = 0; i < cert->attrs.len; i++)
2586 if (der_heim_oid_cmp(oid, &cert->attrs.val[i]->oid) == 0)
2587 return cert->attrs.val[i];
2594 * @param cert The certificate to set the friendly name on
2603 hx509_cert_set_friendly_name(hx509_cert cert, const char *name)
2605 if (cert->friendlyname)
2606 free(cert->friendlyname);
2607 cert->friendlyname = strdup(name);
2608 if (cert->friendlyname == NULL)
2616 * @param cert cert to get the friendly name from.
2625 hx509_cert_get_friendly_name(hx509_cert cert)
2632 if (cert->friendlyname)
2633 return cert->friendlyname;
2635 a = hx509_cert_get_attribute(cert, &asn1_oid_id_pkcs_9_at_friendlyName);
2639 ret = hx509_cert_get_subject(cert, &name);
2642 ret = hx509_name_to_string(name, &cert->friendlyname);
2646 return cert->friendlyname;
2658 cert->friendlyname = malloc(n.val[0].length + 1);
2659 if (cert->friendlyname == NULL) {
2666 cert->friendlyname[i] = n.val[0].data[i] & 0xff;
2668 cert->friendlyname[i] = 'X';
2670 cert->friendlyname[i] = '\0';
2673 return cert->friendlyname;
2935 _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert cert)
2937 Certificate *c = _hx509_get_cert(cert);
2981 _hx509_cert_private_key(cert) == NULL)
3009 a = hx509_cert_get_attribute(cert, &asn1_oid_id_pkcs_9_at_localKeyId);
3020 if (hx509_cert_cmp(q->path->val[i], cert) == 0)
3024 const char *name = hx509_cert_get_friendly_name(cert);
3031 ret = (*q->cmp_func)(context, cert, q->cmp_func_ctx);
3062 /* If an EKU is required, check the cert for it. */
3064 hx509_cert_check_eku(context, cert, q->eku, 0))
3070 ret = _hx509_cert_to_env(context, cert, &env);
3118 "find issuer cert",
3244 * @param cert A hx509 context.
3255 hx509_cert_check_eku(hx509_context context, hx509_cert cert,
3261 ret = find_extension_eku(_hx509_get_cert(cert), &e);
3291 Certificate *cert;
3298 cert = _hx509_get_cert(c);
3300 if (_hx509_cert_get_version(cert) < 3)
3303 e = find_extension(cert, &asn1_oid_id_x509_ce_keyUsage, &i);
3315 hx509_cert cert,
3322 ret = find_extension_eku(_hx509_get_cert(cert), e);
3404 _hx509_cert_to_env(hx509_context context, hx509_cert cert, hx509_env *env)
3415 asprintf(&buf, "%d", _hx509_cert_get_version(_hx509_get_cert(cert)));
3422 ret = hx509_cert_get_subject(cert, &name);
3438 ret = hx509_cert_get_issuer(cert, &name);
3454 ret = _hx509_cert_get_eku(context, cert, &eku);
3489 Certificate *c = _hx509_get_cert(cert);
3542 * @param cert certificate to print
3551 hx509_print_cert(hx509_context context, hx509_cert cert, FILE *out)
3560 ret = hx509_cert_get_issuer(cert, &name);
3568 ret = hx509_cert_get_subject(cert, &name);
3579 ret = hx509_cert_get_serialnumber(cert, &serialNumber);
3591 ret = hx509_cert_keyusage_print(context, cert, &str);