Lines Matching defs:crt
76 mbedtls_x509_crt *crt;
379 ver_chain->items[i].crt = NULL;
862 mbedtls_x509_crt *crt,
874 if ((ret = mbedtls_x509_get_ext(p, end, &crt->v3_ext, 3)) != 0) {
878 end = crt->v3_ext.p + crt->v3_ext.len;
935 ret = cb(p_ctx, crt, &extn_oid, is_critical, *p, end_ext_octet);
955 if ((crt->ext_types & ext_type) != 0) {
959 crt->ext_types |= ext_type;
965 &crt->ca_istrue, &crt->max_pathlen)) != 0) {
973 &crt->key_usage)) != 0) {
981 &crt->ext_key_usage)) != 0) {
989 &crt->subject_key_id)) != 0) {
997 &crt->authority_key_id)) != 0) {
1006 &crt->subject_alt_names)) != 0) {
1014 &crt->ns_cert_type)) != 0) {
1022 &crt->certificate_policies)) != 0) {
1026 cb(p_ctx, crt, &extn_oid, is_critical,
1071 static int x509_crt_parse_der_core(mbedtls_x509_crt *crt,
1090 if (crt == NULL || buf == NULL) {
1107 mbedtls_x509_crt_free(crt);
1112 crt->raw.len = (size_t) (crt_end - buf);
1115 crt->raw.p = p = mbedtls_calloc(1, crt->raw.len);
1116 if (crt->raw.p == NULL) {
1120 memcpy(crt->raw.p, buf, crt->raw.len);
1121 crt->own_buffer = 1;
1123 p += crt->raw.len - len;
1126 crt->raw.p = (unsigned char *) buf;
1127 crt->own_buffer = 0;
1133 crt->tbs.p = p;
1137 mbedtls_x509_crt_free(crt);
1142 crt->tbs.len = (size_t) (end - crt->tbs.p);
1151 if ((ret = x509_get_version(&p, end, &crt->version)) != 0 ||
1152 (ret = mbedtls_x509_get_serial(&p, end, &crt->serial)) != 0 ||
1153 (ret = mbedtls_x509_get_alg(&p, end, &crt->sig_oid,
1155 mbedtls_x509_crt_free(crt);
1159 if (crt->version < 0 || crt->version > 2) {
1160 mbedtls_x509_crt_free(crt);
1164 crt->version++;
1166 if ((ret = mbedtls_x509_get_sig_alg(&crt->sig_oid, &sig_params1,
1167 &crt->sig_md, &crt->sig_pk,
1168 &crt->sig_opts)) != 0) {
1169 mbedtls_x509_crt_free(crt);
1176 crt->issuer_raw.p = p;
1180 mbedtls_x509_crt_free(crt);
1184 if ((ret = mbedtls_x509_get_name(&p, p + len, &crt->issuer)) != 0) {
1185 mbedtls_x509_crt_free(crt);
1189 crt->issuer_raw.len = (size_t) (p - crt->issuer_raw.p);
1197 if ((ret = x509_get_dates(&p, end, &crt->valid_from,
1198 &crt->valid_to)) != 0) {
1199 mbedtls_x509_crt_free(crt);
1206 crt->subject_raw.p = p;
1210 mbedtls_x509_crt_free(crt);
1214 if (len && (ret = mbedtls_x509_get_name(&p, p + len, &crt->subject)) != 0) {
1215 mbedtls_x509_crt_free(crt);
1219 crt->subject_raw.len = (size_t) (p - crt->subject_raw.p);
1224 crt->pk_raw.p = p;
1225 if ((ret = mbedtls_pk_parse_subpubkey(&p, end, &crt->pk)) != 0) {
1226 mbedtls_x509_crt_free(crt);
1229 crt->pk_raw.len = (size_t) (p - crt->pk_raw.p);
1239 if (crt->version == 2 || crt->version == 3) {
1240 ret = x509_get_uid(&p, end, &crt->issuer_id, 1);
1242 mbedtls_x509_crt_free(crt);
1247 if (crt->version == 2 || crt->version == 3) {
1248 ret = x509_get_uid(&p, end, &crt->subject_id, 2);
1250 mbedtls_x509_crt_free(crt);
1255 if (crt->version == 3) {
1256 ret = x509_get_crt_ext(&p, end, crt, cb, p_ctx);
1258 mbedtls_x509_crt_free(crt);
1264 mbedtls_x509_crt_free(crt);
1279 mbedtls_x509_crt_free(crt);
1283 if (crt->sig_oid.len != sig_oid2.len ||
1284 memcmp(crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len) != 0 ||
1289 mbedtls_x509_crt_free(crt);
1293 if ((ret = mbedtls_x509_get_sig(&p, end, &crt->sig)) != 0) {
1294 mbedtls_x509_crt_free(crt);
1299 mbedtls_x509_crt_free(crt);
1319 mbedtls_x509_crt *crt = chain, *prev = NULL;
1324 if (crt == NULL || buf == NULL) {
1328 while (crt->version != 0 && crt->next != NULL) {
1329 prev = crt;
1330 crt = crt->next;
1336 if (crt->version != 0 && crt->next == NULL) {
1337 crt->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crt));
1339 if (crt->next == NULL) {
1343 prev = crt;
1344 mbedtls_x509_crt_init(crt->next);
1345 crt = crt->next;
1348 ret = x509_crt_parse_der_core(crt, buf, buflen, make_copy, cb, p_ctx);
1354 if (crt != chain) {
1355 mbedtls_free(crt);
1750 const mbedtls_x509_crt *crt)
1760 if (NULL == crt) {
1768 prefix, crt->version);
1774 ret = mbedtls_x509_serial_gets(p, n, &crt->serial);
1779 ret = mbedtls_x509_dn_gets(p, n, &crt->issuer);
1784 ret = mbedtls_x509_dn_gets(p, n, &crt->subject);
1789 crt->valid_from.year, crt->valid_from.mon,
1790 crt->valid_from.day, crt->valid_from.hour,
1791 crt->valid_from.min, crt->valid_from.sec);
1796 crt->valid_to.year, crt->valid_to.mon,
1797 crt->valid_to.day, crt->valid_to.hour,
1798 crt->valid_to.min, crt->valid_to.sec);
1804 ret = mbedtls_x509_sig_alg_gets(p, n, &crt->sig_oid, crt->sig_pk,
1805 crt->sig_md, crt->sig_opts);
1810 mbedtls_pk_get_name(&crt->pk))) != 0) {
1815 (int) mbedtls_pk_get_bitlen(&crt->pk));
1822 if (crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS) {
1824 crt->ca_istrue ? "true" : "false");
1827 if (crt->max_pathlen > 0) {
1828 ret = mbedtls_snprintf(p, n, ", max_pathlen=%d", crt->max_pathlen - 1);
1833 if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) {
1838 &crt->subject_alt_names,
1844 if (crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE) {
1848 if ((ret = mbedtls_x509_info_cert_type(&p, &n, crt->ns_cert_type)) != 0) {
1853 if (crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE) {
1857 if ((ret = mbedtls_x509_info_key_usage(&p, &n, crt->key_usage)) != 0) {
1862 if (crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE) {
1867 &crt->ext_key_usage)) != 0) {
1872 if (crt->ext_types & MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES) {
1877 &crt->certificate_policies)) != 0) {
1928 int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt,
1935 if ((crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE) == 0) {
1941 if (((crt->key_usage & ~may_mask) & usage_must) != usage_must) {
1947 if (((crt->key_usage & may_mask) | usage_may) != usage_may) {
1954 int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt,
1961 if ((crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE) == 0) {
1968 for (cur = &crt->ext_key_usage; cur != NULL; cur = cur->next) {
1988 int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl)
1993 if (crt->serial.len == cur->serial.len &&
1994 memcmp(crt->serial.p, cur->serial.p, crt->serial.len) == 0) {
2008 static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
2107 if (mbedtls_x509_crt_is_revoked(crt, crl_list)) {
2442 mbedtls_x509_crt *crt,
2448 if (x509_name_cmp(&crt->issuer, &crt->subject) != 0) {
2454 if (crt->raw.len == cur->raw.len &&
2455 memcmp(crt->raw.p, cur->raw.p, crt->raw.len) == 0) {
2491 * - [in] crt: the cert list EE, C1, ..., Cn
2505 mbedtls_x509_crt *crt,
2543 child = cur->crt;
2550 child = crt;
2558 cur->crt = child;
2672 /* Check trusted CA's CRL for the given crt */
2982 static void x509_crt_verify_name(const mbedtls_x509_crt *crt,
2989 if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) {
2990 if (x509_crt_check_san(&crt->subject_alt_names, cn, cn_len) == 0) {
2994 for (name = &crt->subject; name != NULL; name = name->next) {
3025 if ((ret = f_vrfy(p_vrfy, cur->crt, (int) i-1, &cur_flags)) != 0) {
3053 static int x509_crt_verify_restartable_ca_cb(mbedtls_x509_crt *crt,
3083 x509_crt_verify_name(crt, cn, &ee_flags);
3087 pk_type = mbedtls_pk_get_type(&crt->pk);
3093 if (x509_profile_check_key(profile, &crt->pk) != 0) {
3098 ret = x509_crt_verify_chain(crt, trust_ca, ca_crl,
3149 int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt,
3156 return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl,
3166 int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt,
3174 return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl,
3185 int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt,
3193 return x509_crt_verify_restartable_ca_cb(crt, NULL, NULL,
3200 int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt,
3209 return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl,
3219 void mbedtls_x509_crt_init(mbedtls_x509_crt *crt)
3221 memset(crt, 0, sizeof(mbedtls_x509_crt));
3227 void mbedtls_x509_crt_free(mbedtls_x509_crt *crt)
3229 mbedtls_x509_crt *cert_cur = crt;
3254 if (cert_prv != crt) {
3293 int mbedtls_x509_crt_get_ca_istrue(const mbedtls_x509_crt *crt)
3295 if ((crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS) != 0) {
3296 return crt->MBEDTLS_PRIVATE(ca_istrue);