522                              mbedtls_x509_crt *crt )  in x509_get_crt_ext()  argument
528     if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 )  in x509_get_crt_ext()
605         if( ( crt->ext_types & ext_type ) != 0 )  in x509_get_crt_ext()
608         crt->ext_types |= ext_type;  in x509_get_crt_ext()
615                     &crt->ca_istrue, &crt->max_pathlen ) ) != 0 )  in x509_get_crt_ext()
622                     &crt->key_usage ) ) != 0 )  in x509_get_crt_ext()
629                     &crt->ext_key_usage ) ) != 0 )  in x509_get_crt_ext()
636                     &crt->subject_alt_names ) ) != 0 )  in x509_get_crt_ext()
643                     &crt->ns_cert_type ) ) != 0 )  in x509_get_crt_ext()
662 static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, const unsigned char *buf,  in x509_crt_parse_der_core()  argument
677     if( crt == NULL || buf == NULL )  in x509_crt_parse_der_core()
694         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
700         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
707     crt->raw.len = crt_end - buf;  in x509_crt_parse_der_core()
708     crt->raw.p = p = mbedtls_calloc( 1, crt->raw.len );  in x509_crt_parse_der_core()
712     memcpy( p, buf, crt->raw.len );  in x509_crt_parse_der_core()
715     p += crt->raw.len - len;  in x509_crt_parse_der_core()
721     crt->tbs.p = p;  in x509_crt_parse_der_core()
726         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
731     crt->tbs.len = end - crt->tbs.p;  in x509_crt_parse_der_core()
740     if( ( ret = x509_get_version(  &p, end, &crt->version  ) ) != 0 ||  in x509_crt_parse_der_core()
741         ( ret = mbedtls_x509_get_serial(   &p, end, &crt->serial   ) ) != 0 ||  in x509_crt_parse_der_core()
742         ( ret = mbedtls_x509_get_alg(      &p, end, &crt->sig_oid,  in x509_crt_parse_der_core()
745         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
749     crt->version++;  in x509_crt_parse_der_core()
751     if( crt->version > 3 )  in x509_crt_parse_der_core()
753         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
757     if( ( ret = mbedtls_x509_get_sig_alg( &crt->sig_oid, &sig_params1,  in x509_crt_parse_der_core()
758                                   &crt->sig_md, &crt->sig_pk,  in x509_crt_parse_der_core()
759                                   &crt->sig_opts ) ) != 0 )  in x509_crt_parse_der_core()
761         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
768     crt->issuer_raw.p = p;  in x509_crt_parse_der_core()
773         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
777     if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 )  in x509_crt_parse_der_core()
779         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
783     crt->issuer_raw.len = p - crt->issuer_raw.p;  in x509_crt_parse_der_core()
791     if( ( ret = x509_get_dates( &p, end, &crt->valid_from,  in x509_crt_parse_der_core()
792                                          &crt->valid_to ) ) != 0 )  in x509_crt_parse_der_core()
794         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
801     crt->subject_raw.p = p;  in x509_crt_parse_der_core()
806         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
810     if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 )  in x509_crt_parse_der_core()
812         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
816     crt->subject_raw.len = p - crt->subject_raw.p;  in x509_crt_parse_der_core()
821     if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 )  in x509_crt_parse_der_core()
823         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
835     if( crt->version == 2 || crt->version == 3 )  in x509_crt_parse_der_core()
837         ret = x509_get_uid( &p, end, &crt->issuer_id,  1 );  in x509_crt_parse_der_core()
840             mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
845     if( crt->version == 2 || crt->version == 3 )  in x509_crt_parse_der_core()
847         ret = x509_get_uid( &p, end, &crt->subject_id,  2 );  in x509_crt_parse_der_core()
850             mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
856     if( crt->version == 3 )  in x509_crt_parse_der_core()
859         ret = x509_get_crt_ext( &p, end, crt );  in x509_crt_parse_der_core()
862             mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
869         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
885         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
889     if( crt->sig_oid.len != sig_oid2.len ||  in x509_crt_parse_der_core()
890         memcmp( crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len ) != 0 ||  in x509_crt_parse_der_core()
895         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
899     if( ( ret = mbedtls_x509_get_sig( &p, end, &crt->sig ) ) != 0 )  in x509_crt_parse_der_core()
901         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
907         mbedtls_x509_crt_free( crt );  in x509_crt_parse_der_core()
923     mbedtls_x509_crt *crt = chain, *prev = NULL;  in mbedtls_x509_crt_parse_der()  local
928     if( crt == NULL || buf == NULL )  in mbedtls_x509_crt_parse_der()
931     while( crt->version != 0 && crt->next != NULL )  in mbedtls_x509_crt_parse_der()
933         prev = crt;  in mbedtls_x509_crt_parse_der()
934         crt = crt->next;  in mbedtls_x509_crt_parse_der()
940     if( crt->version != 0 && crt->next == NULL )  in mbedtls_x509_crt_parse_der()
942         crt->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );  in mbedtls_x509_crt_parse_der()
944         if( crt->next == NULL )  in mbedtls_x509_crt_parse_der()
947         prev = crt;  in mbedtls_x509_crt_parse_der()
948         mbedtls_x509_crt_init( crt->next );  in mbedtls_x509_crt_parse_der()
949         crt = crt->next;  in mbedtls_x509_crt_parse_der()
952     if( ( ret = x509_crt_parse_der_core( crt, buf, buflen ) ) != 0 )  in mbedtls_x509_crt_parse_der()
957         if( crt != chain )  in mbedtls_x509_crt_parse_der()
958             mbedtls_free( crt );  in mbedtls_x509_crt_parse_der()
1357                    const mbedtls_x509_crt *crt )  in mbedtls_x509_crt_info()  argument
1367     if( NULL == crt )  in mbedtls_x509_crt_info()
1376                                prefix, crt->version );  in mbedtls_x509_crt_info()
1382     ret = mbedtls_x509_serial_gets( p, n, &crt->serial );  in mbedtls_x509_crt_info()
1387     ret = mbedtls_x509_dn_gets( p, n, &crt->issuer  );  in mbedtls_x509_crt_info()
1392     ret = mbedtls_x509_dn_gets( p, n, &crt->subject );  in mbedtls_x509_crt_info()
1397                    crt->valid_from.year, crt->valid_from.mon,  in mbedtls_x509_crt_info()
1398                    crt->valid_from.day,  crt->valid_from.hour,  in mbedtls_x509_crt_info()
1399                    crt->valid_from.min,  crt->valid_from.sec );  in mbedtls_x509_crt_info()
1404                    crt->valid_to.year, crt->valid_to.mon,  in mbedtls_x509_crt_info()
1405                    crt->valid_to.day,  crt->valid_to.hour,  in mbedtls_x509_crt_info()
1406                    crt->valid_to.min,  crt->valid_to.sec );  in mbedtls_x509_crt_info()
1412     ret = mbedtls_x509_sig_alg_gets( p, n, &crt->sig_oid, crt->sig_pk,  in mbedtls_x509_crt_info()
1413                              crt->sig_md, crt->sig_opts );  in mbedtls_x509_crt_info()
1418                                       mbedtls_pk_get_name( &crt->pk ) ) ) != 0 )  in mbedtls_x509_crt_info()
1424                           (int) mbedtls_pk_get_bitlen( &crt->pk ) );  in mbedtls_x509_crt_info()
1431     if( crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS )  in mbedtls_x509_crt_info()
1434                         crt->ca_istrue ? "true" : "false" );  in mbedtls_x509_crt_info()
1437         if( crt->max_pathlen > 0 )  in mbedtls_x509_crt_info()
1439             ret = mbedtls_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 );  in mbedtls_x509_crt_info()
1444     if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )  in mbedtls_x509_crt_info()
1450                                             &crt->subject_alt_names ) ) != 0 )  in mbedtls_x509_crt_info()
1454     if( crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE )  in mbedtls_x509_crt_info()
1459         if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 )  in mbedtls_x509_crt_info()
1463     if( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE )  in mbedtls_x509_crt_info()
1468         if( ( ret = x509_info_key_usage( &p, &n, crt->key_usage ) ) != 0 )  in mbedtls_x509_crt_info()
1472     if( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE )  in mbedtls_x509_crt_info()
1478                                              &crt->ext_key_usage ) ) != 0 )  in mbedtls_x509_crt_info()
1546 int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,  in mbedtls_x509_crt_check_key_usage()  argument
1553     if( ( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) == 0 )  in mbedtls_x509_crt_check_key_usage()
1558     if( ( ( crt->key_usage & ~may_mask ) & usage_must ) != usage_must )  in mbedtls_x509_crt_check_key_usage()
1563     if( ( ( crt->key_usage & may_mask ) | usage_may ) != usage_may )  in mbedtls_x509_crt_check_key_usage()
1571 int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,  in mbedtls_x509_crt_check_extended_key_usage()  argument
1578     if( ( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) == 0 )  in mbedtls_x509_crt_check_extended_key_usage()
1584     for( cur = &crt->ext_key_usage; cur != NULL; cur = cur->next )  in mbedtls_x509_crt_check_extended_key_usage()
1606 int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl )  in mbedtls_x509_crt_is_revoked()  argument
1612         if( crt->serial.len == cur->serial.len &&  in mbedtls_x509_crt_is_revoked()
1613             memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 )  in mbedtls_x509_crt_is_revoked()
1629 static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,  in x509_crt_verifycrl()  argument
1706         if( mbedtls_x509_crt_is_revoked( crt, crl_list ) )  in x509_crt_verifycrl()
2163 int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,  in mbedtls_x509_crt_verify()  argument
2170     return( mbedtls_x509_crt_verify_with_profile( crt, trust_ca, ca_crl,  in mbedtls_x509_crt_verify()
2178 int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,  in mbedtls_x509_crt_verify_with_profile()  argument
2201         name = &crt->subject;  in mbedtls_x509_crt_verify_with_profile()
2204         if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )  in mbedtls_x509_crt_verify_with_profile()
2206             cur = &crt->subject_alt_names;  in mbedtls_x509_crt_verify_with_profile()
2252     pk_type = mbedtls_pk_get_type( &crt->pk );  in mbedtls_x509_crt_verify_with_profile()
2257     if( x509_profile_check_key( profile, pk_type, &crt->pk ) != 0 )  in mbedtls_x509_crt_verify_with_profile()
2263         if( x509_crt_check_parent( crt, parent, 0, pathlen == 0 ) == 0 )  in mbedtls_x509_crt_verify_with_profile()
2269         ret = x509_crt_verify_top( crt, parent, ca_crl, profile,  in mbedtls_x509_crt_verify_with_profile()
2277         for( parent = crt->next; parent != NULL; parent = parent->next )  in mbedtls_x509_crt_verify_with_profile()
2278             if( x509_crt_check_parent( crt, parent, 0, pathlen == 0 ) == 0 )  in mbedtls_x509_crt_verify_with_profile()
2284             ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl, profile,  in mbedtls_x509_crt_verify_with_profile()
2291             ret = x509_crt_verify_top( crt, trust_ca, ca_crl, profile,  in mbedtls_x509_crt_verify_with_profile()
2307 void mbedtls_x509_crt_init( mbedtls_x509_crt *crt )  in mbedtls_x509_crt_init()  argument
2309     memset( crt, 0, sizeof(mbedtls_x509_crt) );  in mbedtls_x509_crt_init()
2315 void mbedtls_x509_crt_free( mbedtls_x509_crt *crt )  in mbedtls_x509_crt_free()  argument
2317     mbedtls_x509_crt *cert_cur = crt;  in mbedtls_x509_crt_free()
2324     if( crt == NULL )  in mbedtls_x509_crt_free()
2381     cert_cur = crt;  in mbedtls_x509_crt_free()
2388         if( cert_prv != crt )  in mbedtls_x509_crt_free()