iPXE
Functions | Variables
certstore.h File Reference

Certificate store. More...

#include <ipxe/asn1.h>
#include <ipxe/x509.h>

Go to the source code of this file.

Functions

 FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
struct x509_certificatecertstore_find (struct asn1_cursor *raw)
 Find certificate in store.
struct x509_certificatecertstore_find_key (struct asn1_cursor *key)
 Find certificate in store corresponding to a private key.
void certstore_add (struct x509_certificate *cert)
 Add certificate to store.
void certstore_del (struct x509_certificate *cert)
 Remove certificate from store.

Variables

struct x509_chain certstore
 Certificate store.

Detailed Description

Certificate store.

Definition in file certstore.h.


Function Documentation

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL  )
struct x509_certificate* certstore_find ( struct asn1_cursor raw) [read]

Find certificate in store.

Parameters:
rawRaw certificate data
Return values:
certX.509 certificate, or NULL if not found

Definition at line 102 of file certstore.c.

References asn1_compare(), certstore_found(), x509_chain::links, x509_link::list, list_for_each_entry, NULL, x509_certificate::raw, and x509_certificate::store.

Referenced by certstore_init(), and x509_certificate().

                                                                     {
        struct x509_certificate *cert;

        /* Search for certificate within store */
        list_for_each_entry ( cert, &certstore.links, store.list ) {
                if ( asn1_compare ( raw, &cert->raw ) == 0 )
                        return certstore_found ( cert );
        }
        return NULL;
}
struct x509_certificate* certstore_find_key ( struct asn1_cursor key) [read]

Find certificate in store corresponding to a private key.

Parameters:
keyPrivate key
Return values:
certX.509 certificate, or NULL if not found

Definition at line 119 of file certstore.c.

References certstore_found(), asn1_cursor::data, asn1_cursor::len, x509_chain::links, x509_link::list, list_for_each_entry, NULL, asn1_algorithm::pubkey, pubkey_match(), x509_subject::public_key, x509_public_key::raw, x509_certificate::signature_algorithm, x509_certificate::store, and x509_certificate::subject.

Referenced by tls_new_certificate_request().

                                                                         {
        struct x509_certificate *cert;

        /* Search for certificate within store */
        list_for_each_entry ( cert, &certstore.links, store.list ) {
                if ( pubkey_match ( cert->signature_algorithm->pubkey,
                                    key->data, key->len,
                                    cert->subject.public_key.raw.data,
                                    cert->subject.public_key.raw.len ) == 0 )
                        return certstore_found ( cert );
        }
        return NULL;
}
void certstore_add ( struct x509_certificate cert)

Add certificate to store.

Parameters:
certX.509 certificate

Definition at line 138 of file certstore.c.

References x509_link::cert, DBGC, x509_chain::links, x509_link::list, list_add, x509_certificate::store, x509_get(), and x509_name().

Referenced by certstore_init(), and x509_certificate().

                                                     {

        /* Add certificate to store */
        cert->store.cert = cert;
        x509_get ( cert );
        list_add ( &cert->store.list, &certstore.links );
        DBGC ( &certstore, "CERTSTORE added certificate %s\n",
               x509_name ( cert ) );
}
void certstore_del ( struct x509_certificate cert)

Remove certificate from store.

Parameters:
certX.509 certificate

Definition at line 153 of file certstore.c.

References DBGC, x509_certificate::flags, x509_link::list, list_del, x509_certificate::store, X509_FL_PERMANENT, x509_name(), and x509_put().

Referenced by certfree_payload(), and certstore_discard().

                                                     {

        /* Ignore attempts to remove permanent certificates */
        if ( cert->flags & X509_FL_PERMANENT )
                return;

        /* Remove certificate from store */
        DBGC ( &certstore, "CERTSTORE removed certificate %s\n",
               x509_name ( cert ) );
        list_del ( &cert->store.list );
        x509_put ( cert );
}

Variable Documentation

Certificate store.

Definition at line 73 of file certstore.c.

Referenced by cert_exec(), and x509_validate_chain().