Lines Matching refs:cert
138 /* Add first ctx->cert and its chain if using signature-based protection */
140 && ctx->cert != NULL && ctx->pkey != NULL) {
147 "trying to build chain for own CMP signer cert");
148 ctx->chain = X509_build_chain(ctx->cert, ctx->untrusted, NULL, 0,
152 "success building chain for own CMP signer cert");
157 "could not build chain for own CMP signer cert");
164 /* make sure that at least our own signer cert is included first */
165 if (!ossl_x509_add_cert_new(&msg->extraCerts, ctx->cert, prepend))
167 ossl_cmp_debug(ctx, "fallback: adding just own CMP signer cert");
284 } else if (ctx->cert != NULL && ctx->pkey != NULL) {
285 /* use MSG_SIG_ALG according to 5.1.3.3 if client cert and key given */
288 if (!X509_check_private_key(ctx->cert, ctx->pkey)) {
295 /* set senderKID to keyIdentifier of the cert according to 5.1.1 */
296 if (!set_senderKID(ctx, msg, X509_get0_subject_key_id(ctx->cert)))
300 * will add ctx->cert followed, if possible, by its chain built
313 * For signature-based protection add ctx->cert followed by its chain.