53 	struct cert		*cert;
67 uripath_add(const char *uri, struct cert *cert)
75 	up->cert = cert;
80 static struct cert *
89 	return up->cert;
127  * Parse the cert pointed at by the AIA URI while doing that also load
128  * the CRL of this cert. While the CRL is validated the returned cert
132 static struct cert *
135 	struct cert *cert = NULL;
154 	cert = cert_parse_pre(uri, f, flen);
157 	if (cert == NULL)
159 	if (cert->purpose != CERT_PURPOSE_CA) {
161 		    purpose2str(cert->purpose), uri);
164 	/* try to load the CRL of this cert */
165 	parse_load_crl(cert->crl);
167 	return cert;
170 	cert_free(cert);
183 	struct cert *stack[MAX_CERT_DEPTH] = { 0 };
185 	struct cert *cert;
192 		if ((cert = uripath_lookup(uri)) != NULL) {
193 			a = auth_find(&auths, cert->certid);
201 		stack[i] = cert = parse_load_cert(uri);
202 		if (cert == NULL || cert->purpose != CERT_PURPOSE_CA) {
206 		uri = cert->aia;
217 		cert = stack[i - 1];
221 		if (!valid_x509(uri, ctx, cert->x509, a, crl, &errstr) ||
222 		    !valid_cert(uri, a, cert)) {
227 		cert->talid = a->cert->talid;
228 		a = auth_insert(uri, &auths, cert, a);
229 		uripath_add(uri, cert);
244 	struct cert *cert;
263 	cert = cert_parse_pre(file, f, flen);
264 	cert = ta_parse(file, cert, tal->pkey, tal->pkeysz);
265 	if (cert == NULL)
268 	cert->talid = tal->id;
269 	auth_insert(file, &auths, cert, NULL);
274 		uripath_add(tal->uri[i], cert);
283 find_tal(struct cert *cert)
289 	if ((opk = X509_get0_pubkey(cert->x509)) == NULL)
316 	if (a->cert->mft != NULL)
317 		printf("                          %s\n", a->cert->mft);
322 		if (a->cert->crl != NULL)
323 			printf("                          %s\n", a->cert->crl);
324 		if (a->issuer != NULL && a->issuer->cert != NULL &&
325 		    a->issuer->cert->mft != NULL)
327 			    a->issuer->cert->mft);
328 		if (a->cert->aia != NULL)
329 			printf("                          %s\n", a->cert->aia);
342 	struct cert *cert = NULL;
408 		cert = cert_parse_pre(file, buf, len);
409 		if (cert == NULL)
411 		is_ta = (cert->purpose == CERT_PURPOSE_TA);
413 			cert = cert_parse(file, cert);
414 		if (cert == NULL)
416 		aia = cert->aia;
417 		x509 = cert->x509;
420 		expires = &cert->expires;
421 		notafter = &cert->notafter;
522 		if (status && cert == NULL) {
523 			struct cert *eecert;
525 			eecert = cert_parse_ee_cert(file, a->cert->talid, x509);
530 			cert->talid = a->cert->talid;
531 			constraints_validate(file, cert);
536 		if ((tal = find_tal(cert)) != NULL) {
537 			cert = ta_parse(file, cert, tal->pkey, tal->pkeysz);
538 			status = (cert != NULL);
540 				expires = &cert->expires;
541 				notafter = &cert->notafter;
550 			cert_free(cert);
551 			cert = NULL;
565 			cert_print(cert);
642 	cert_free(cert);

Indexes created Thu Jul 11 22:23:02 MDT 2024