Lines Matching refs:cert
378 const CERT_CONTEXT *cert; member
501 if (priv->cert) in cryptoapi_free_data()
502 CertFreeCertificateContext(priv->cert); in cryptoapi_free_data()
564 X509 *cert = NULL; in tls_cryptoapi_cert() local
584 priv->cert = cryptoapi_find_cert(name, CERT_SYSTEM_STORE_CURRENT_USER); in tls_cryptoapi_cert()
585 if (priv->cert == NULL) { in tls_cryptoapi_cert()
586 priv->cert = cryptoapi_find_cert( in tls_cryptoapi_cert()
589 if (priv->cert == NULL) { in tls_cryptoapi_cert()
595 cert = d2i_X509(NULL, in tls_cryptoapi_cert()
596 (const unsigned char **) &priv->cert->pbCertEncoded, in tls_cryptoapi_cert()
597 priv->cert->cbCertEncoded); in tls_cryptoapi_cert()
598 if (cert == NULL) { in tls_cryptoapi_cert()
604 if (!CryptAcquireCertificatePrivateKey(priv->cert, in tls_cryptoapi_cert()
630 if (!SSL_use_certificate(ssl, cert)) { in tls_cryptoapi_cert()
635 pub_rsa = cert->cert_info->key->pkey->pkey.rsa; in tls_cryptoapi_cert()
636 X509_free(cert); in tls_cryptoapi_cert()
637 cert = NULL; in tls_cryptoapi_cert()
651 if (cert) in tls_cryptoapi_cert()
652 X509_free(cert); in tls_cryptoapi_cert()
667 X509 *cert; in tls_cryptoapi_ca_cert() local
696 cert = d2i_X509(NULL, in tls_cryptoapi_ca_cert()
699 if (cert == NULL) { in tls_cryptoapi_ca_cert()
705 X509_NAME_oneline(X509_get_subject_name(cert), buf, in tls_cryptoapi_ca_cert()
711 cert)) { in tls_cryptoapi_ca_cert()
717 X509_free(cert); in tls_cryptoapi_ca_cert()
1843 static int tls_match_altsubject_component(X509 *cert, int type, in tls_match_altsubject_component() argument
1851 ext = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL); in tls_match_altsubject_component()
1868 static int tls_match_altsubject(X509 *cert, const char *match) in tls_match_altsubject() argument
1902 if (tls_match_altsubject_component(cert, type, pos, len) > 0) in tls_match_altsubject()
1992 static int match_dn_field(const X509 *cert, int nid, const char *field, in match_dn_field() argument
2000 name = X509_get_subject_name((X509 *) cert); in match_dn_field()
2065 static int get_value_from_field(const X509 *cert, char *field_str, in get_value_from_field() argument
2115 return match_dn_field(cert, nid, name, value, dn_cnt); in get_value_from_field()
2125 static int tls_match_dn_field(X509 *cert, const char *match) in tls_match_dn_field() argument
2146 if (!get_value_from_field(cert, field, &dn_cnt)) { in tls_match_dn_field()
2158 static int tls_match_suffix_helper(X509 *cert, const char *match, in tls_match_suffix_helper() argument
2171 ext = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL); in tls_match_suffix_helper()
2197 name = X509_get_subject_name(cert); in tls_match_suffix_helper()
2229 static int tls_match_suffix(X509 *cert, const char *match, int full) in tls_match_suffix() argument
2239 if (tls_match_suffix_helper(cert, token, last - token, full)) in tls_match_suffix()
2286 static struct wpabuf * get_x509_cert(X509 *cert) in get_x509_cert() argument
2291 int cert_len = i2d_X509(cert, NULL); in get_x509_cert()
2300 i2d_X509(cert, &tmp); in get_x509_cert()
2311 struct wpabuf *cert = NULL; in openssl_tls_fail_event() local
2317 cert = get_x509_cert(err_cert); in openssl_tls_fail_event()
2324 ev.cert_fail.cert = cert; in openssl_tls_fail_event()
2326 wpabuf_free(cert); in openssl_tls_fail_event()
2330 static int openssl_cert_tod(X509 *cert) in openssl_cert_tod() argument
2338 ext = X509_get_ext_d2i(cert, NID_certificate_policies, NULL, NULL); in openssl_cert_tod()
2365 struct wpabuf *cert = NULL; in openssl_tls_cert_event() local
2385 cert = get_x509_cert(err_cert); in openssl_tls_cert_event()
2386 ev.peer_cert.cert = cert; in openssl_tls_cert_event()
2389 if (cert) { in openssl_tls_cert_event()
2392 addr[0] = wpabuf_head(cert); in openssl_tls_cert_event()
2393 len[0] = wpabuf_len(cert); in openssl_tls_cert_event()
2456 wpabuf_free(cert); in openssl_tls_cert_event()
2462 static void debug_print_cert(X509 *cert, const char *title) in debug_print_cert() argument
2477 X509_print(out, cert); in debug_print_cert()
2562 struct wpabuf *cert; in tls_verify_cb() local
2563 cert = get_x509_cert(err_cert); in tls_verify_cb()
2564 if (!cert) { in tls_verify_cb()
2572 addr[0] = wpabuf_head(cert); in tls_verify_cb()
2573 len[0] = wpabuf_len(cert); in tls_verify_cb()
2588 wpabuf_free(cert); in tls_verify_cb()
2605 X509 *cert; in tls_verify_cb() local
2607 cert = sk_X509_value(chain, 0); in tls_verify_cb()
2608 X509_NAME_oneline(X509_get_subject_name(cert), in tls_verify_cb()
2611 openssl_tls_cert_event(conn, cert, 0, buf2); in tls_verify_cb()
2843 X509 *cert = d2i_X509(NULL, in tls_connection_ca_cert() local
2846 if (cert == NULL) { in tls_connection_ca_cert()
2851 cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); in tls_connection_ca_cert()
2855 if (!cert) { in tls_connection_ca_cert()
2867 cert)) { in tls_connection_ca_cert()
2879 X509_free(cert); in tls_connection_ca_cert()
2883 X509_free(cert); in tls_connection_ca_cert()
3584 X509 *cert; in tls_parse_pkcs12() local
3590 cert = NULL; in tls_parse_pkcs12()
3594 if (!PKCS12_parse(p12, passwd, &pkey, &cert, &certs)) { in tls_parse_pkcs12()
3602 if (cert) { in tls_parse_pkcs12()
3603 X509_NAME_oneline(X509_get_subject_name(cert), buf, in tls_parse_pkcs12()
3608 if (SSL_use_certificate(ssl, cert) != 1) in tls_parse_pkcs12()
3611 if (SSL_CTX_use_certificate(data->ssl, cert) != 1) in tls_parse_pkcs12()
3614 X509_free(cert); in tls_parse_pkcs12()
3635 while ((cert = sk_X509_pop(certs)) != NULL) { in tls_parse_pkcs12()
3636 X509_NAME_oneline(X509_get_subject_name(cert), buf, in tls_parse_pkcs12()
3640 if ((ssl && SSL_add1_chain_cert(ssl, cert) != 1) || in tls_parse_pkcs12()
3642 cert) != 1)) { in tls_parse_pkcs12()
3646 X509_free(cert); in tls_parse_pkcs12()
3649 X509_free(cert); in tls_parse_pkcs12()
3681 while ((cert = sk_X509_pop(certs)) != NULL) { in tls_parse_pkcs12()
3682 X509_NAME_oneline(X509_get_subject_name(cert), buf, in tls_parse_pkcs12()
3690 if (SSL_CTX_add_extra_chain_cert(data->ssl, cert) != 1) in tls_parse_pkcs12()
3692 X509_free(cert); in tls_parse_pkcs12()
3767 X509 **cert) in tls_engine_get_cert() argument
3772 X509 *cert; in tls_engine_get_cert() member
3775 params.cert = NULL; in tls_engine_get_cert()
3788 if (!params.cert) { in tls_engine_get_cert()
3793 *cert = params.cert; in tls_engine_get_cert()
3803 X509 *cert; in tls_connection_engine_client_cert() local
3805 if (tls_engine_get_cert(conn, cert_id, &cert)) in tls_connection_engine_client_cert()
3808 if (!SSL_use_certificate(conn->ssl, cert)) { in tls_connection_engine_client_cert()
3811 X509_free(cert); in tls_connection_engine_client_cert()
3814 X509_free(cert); in tls_connection_engine_client_cert()
3830 X509 *cert; in tls_connection_engine_ca_cert() local
3834 if (tls_engine_get_cert(conn, ca_cert_id, &cert)) in tls_connection_engine_ca_cert()
3842 X509_free(cert); in tls_connection_engine_ca_cert()
3846 if (!X509_STORE_add_cert(store, cert)) { in tls_connection_engine_ca_cert()
3857 X509_free(cert); in tls_connection_engine_ca_cert()
3861 X509_free(cert); in tls_connection_engine_ca_cert()
5108 X509 *cert; in ocsp_resp_cb() local
5109 cert = X509_dup(conn->peer_issuer); in ocsp_resp_cb()
5110 if (cert && !sk_X509_push(certs, cert)) { in ocsp_resp_cb()
5114 X509_free(cert); in ocsp_resp_cb()
5119 cert = X509_dup(conn->peer_issuer_issuer); in ocsp_resp_cb()
5120 if (cert && !sk_X509_push(certs, cert)) { in ocsp_resp_cb()
5124 X509_free(cert); in ocsp_resp_cb()
5599 static void openssl_debug_dump_certificate(int i, X509 *cert) in openssl_debug_dump_certificate() argument
5606 if (!cert) in openssl_debug_dump_certificate()
5609 X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf)); in openssl_debug_dump_certificate()
5611 ser = X509_get_serialNumber(cert); in openssl_debug_dump_certificate()
5619 pkey = X509_get_pubkey(cert); in openssl_debug_dump_certificate()