certstore.h File Reference

Certificate store. More...

#include <ipxe/asn1.h>
#include <ipxe/x509.h>
#include <ipxe/privkey.h>

Go to the source code of this file.

Functions
	FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
struct x509_certificate *	certstore_find (struct asn1_cursor *raw)
	Find certificate in store. More...
struct x509_certificate *	certstore_find_key (struct private_key *key)
	Find certificate in store corresponding to a private key. More...
void	certstore_add (struct x509_certificate *cert)
	Add certificate to store. More...
void	certstore_del (struct x509_certificate *cert)
	Remove certificate from store. More...

Variables
struct x509_chain	certstore
	Certificate store. More...

Detailed Description

Certificate store.

Definition in file certstore.h.

Function Documentation

FILE_LICENCE()

FILE_LICENCE

(

GPL2_OR_LATER_OR_UBDL

)

certstore_find()

struct x509_certificate* certstore_find

(

struct asn1_cursor *

raw

)

Find certificate in store.

Parameters

raw	Raw certificate data

Return values

cert	X.509 certificate, or NULL if not found

Definition at line 102 of file certstore.c.

                                                                     {
        struct x509_certificate *cert;

        /* Search for certificate within store */
        list_for_each_entry ( cert, &certstore.links, store.list ) {
                if ( asn1_compare ( raw, &cert->raw ) == 0 )
                        return certstore_found ( cert );
        }
        return NULL;
}

References asn1_compare(), certstore, certstore_found(), x509_chain::links, x509_link::list, list_for_each_entry, NULL, raw, x509_certificate::raw, and x509_certificate::store.

Referenced by certstore_init(), and x509_certificate().

certstore_find_key()

struct x509_certificate* certstore_find_key

(

struct private_key *

key

)

Find certificate in store corresponding to a private key.

Parameters

key	Private key

Return values

cert	X.509 certificate, or NULL if not found

Definition at line 119 of file certstore.c.

                                                                         {
        struct x509_certificate *cert;

        /* Search for certificate within store */
        list_for_each_entry ( cert, &certstore.links, store.list ) {
                if ( pubkey_match ( cert->signature_algorithm->pubkey,
                                    key->builder.data, key->builder.len,
                                    cert->subject.public_key.raw.data,
                                    cert->subject.public_key.raw.len ) == 0 )
                        return certstore_found ( cert );
        }
        return NULL;
}

References certstore, certstore_found(), asn1_cursor::data, key, asn1_cursor::len, x509_chain::links, x509_link::list, list_for_each_entry, NULL, asn1_algorithm::pubkey, pubkey_match(), x509_subject::public_key, x509_public_key::raw, x509_certificate::signature_algorithm, x509_certificate::store, and x509_certificate::subject.

Referenced by tls_new_certificate_request().

certstore_add()

void certstore_add

(

struct x509_certificate *

cert

)

Add certificate to store.

Parameters

cert	X.509 certificate

Definition at line 138 of file certstore.c.

                                                     {

        /* Add certificate to store */
        cert->store.cert = cert;
        x509_get ( cert );
        list_add ( &cert->store.list, &certstore.links );
        DBGC ( &certstore, "CERTSTORE added certificate %s\n",
               x509_name ( cert ) );
}

References x509_link::cert, certstore, DBGC, x509_chain::links, x509_link::list, list_add, x509_certificate::store, x509_get(), and x509_name().

Referenced by certstore_init(), and x509_certificate().

certstore_del()

void certstore_del

(

struct x509_certificate *

cert

)

Remove certificate from store.

Parameters

cert	X.509 certificate

Definition at line 153 of file certstore.c.

                                                     {

        /* Ignore attempts to remove permanent certificates */
        if ( cert->flags & X509_FL_PERMANENT )
                return;

        /* Remove certificate from store */
        DBGC ( &certstore, "CERTSTORE removed certificate %s\n",
               x509_name ( cert ) );
        list_del ( &cert->store.list );
        x509_put ( cert );
}

References certstore, DBGC, x509_certificate::flags, x509_link::list, list_del, x509_certificate::store, X509_FL_PERMANENT, x509_name(), and x509_put().

Referenced by certfree_payload(), and certstore_discard().

Variable Documentation

certstore

struct x509_chain certstore

Certificate store.

Definition at line 73 of file certstore.c.

Referenced by cert_exec(), certstore_add(), certstore_apply_settings(), certstore_del(), certstore_discard(), certstore_find(), certstore_find_key(), certstore_found(), certstore_init(), tls_new_certificate_request(), and x509_validate_chain().