Lines Matching defs:chain
7726 * Once the certificate message is read, parse it into a cert chain and
7731 mbedtls_x509_crt *chain)
7775 /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */
7778 /* Iterate through and parse the CRTs in the provided chain. */
7798 /* Read length of the next CRT in the chain. */
7810 /* Check if we're handling the first CRT in the chain. */
7830 /* Now we can safely free the original chain. */
7835 /* Parse the next certificate in the chain. */
7837 ret = mbedtls_x509_crt_parse_der(chain, ssl->in_msg + i, n);
7839 /* If we don't need to store the CRT chain permanently, parse
7841 ret = mbedtls_x509_crt_parse_der_nocopy(chain, ssl->in_msg + i, n);
7869 MBEDTLS_SSL_DEBUG_CRT(3, "peer certificate", chain);
7933 mbedtls_x509_crt *chain,
7968 chain,
7997 chain,
8021 const mbedtls_pk_context *pk = &chain->pk;
8048 if (mbedtls_ssl_check_cert_usage(chain,
8071 MBEDTLS_SSL_DEBUG_MSG(1, ("got no CA chain"));
8184 mbedtls_x509_crt *chain = NULL;
8197 chain = ssl->handshake->ecrs_peer_cert;
8226 chain = mbedtls_calloc(1, sizeof(mbedtls_x509_crt));
8227 if (chain == NULL) {
8237 mbedtls_x509_crt_init(chain);
8239 ret = ssl_parse_certificate_chain(ssl, chain);
8256 chain, rs_ctx);
8266 /* We parse the CRT chain without copying, so
8269 * CRT chain. */
8271 crt_start = chain->raw.p;
8272 crt_len = chain->raw.len;
8274 pk_start = chain->pk_raw.p;
8275 pk_len = chain->pk_raw.len;
8279 mbedtls_x509_crt_free(chain);
8280 mbedtls_free(chain);
8281 chain = NULL;
8295 ssl->session_negotiate->peer_cert = chain;
8296 chain = NULL;
8309 ssl->handshake->ecrs_peer_cert = chain;
8310 chain = NULL;
8314 if (chain != NULL) {
8315 mbedtls_x509_crt_free(chain);
8316 mbedtls_free(chain);