iPXE
Functions
validator.h File Reference

Certificate validator. More...

#include <ipxe/interface.h>
#include <ipxe/x509.h>

Go to the source code of this file.

Functions

 FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
 FILE_SECBOOT (PERMITTED)
int create_validator (struct interface *job, struct x509_chain *chain, struct x509_root *root)
 Instantiate a certificate validator.

Detailed Description

Certificate validator.

Definition in file validator.h.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )

◆ FILE_SECBOOT()

FILE_SECBOOT ( PERMITTED )

References root.

◆ create_validator()

int create_validator ( struct interface * job,
struct x509_chain * chain,
struct x509_root * root )
extern

Instantiate a certificate validator.

Parameters
jobJob control interface
chainX.509 certificate chain
rootRoot of trust, or NULL to use default
Return values
rcReturn status code

Definition at line 760 of file validator.c.

761 {
762 struct validator *validator;
763 int rc;
764
765 /* Sanity check */
766 if ( ! chain ) {
767 rc = -EINVAL;
768 goto err_sanity;
769 }
770
771 /* Allocate and initialise structure */
772 validator = zalloc ( sizeof ( *validator ) );
773 if ( ! validator ) {
774 rc = -ENOMEM;
775 goto err_alloc;
776 }
777 ref_init ( &validator->refcnt, validator_free );
778 intf_init ( &validator->job, &validator_job_desc,
779 &validator->refcnt );
780 intf_init ( &validator->xfer, &validator_xfer_desc,
781 &validator->refcnt );
782 process_init ( &validator->process, &validator_process_desc,
783 &validator->refcnt );
784 validator->root = x509_root_get ( root );
785 validator->chain = x509_chain_get ( chain );
786 xferbuf_malloc_init ( &validator->buffer );
787
788 /* Attach parent interface, mortalise self, and return */
789 intf_plug_plug ( &validator->job, job );
790 ref_put ( &validator->refcnt );
791 DBGC2 ( validator, "VALIDATOR %p \"%s\" validating X509 chain %p\n",
792 validator, validator_name ( validator ), validator->chain );
793 return 0;
794
795 validator_finished ( validator, rc );
796 ref_put ( &validator->refcnt );
797 err_alloc:
798 err_sanity:
799 return rc;
800}
rc
struct arbelprm_rc_send_wqe rc
Definition arbel.h:3
DBGC2
#define DBGC2(...)
Definition compiler.h:522
EINVAL
#define EINVAL
Invalid argument.
Definition errno.h:429
ENOMEM
#define ENOMEM
Not enough space.
Definition errno.h:535
intf_plug_plug
void intf_plug_plug(struct interface *a, struct interface *b)
Plug two object interfaces together.
Definition interface.c:108
intf_init
static void intf_init(struct interface *intf, struct interface_descriptor *desc, struct refcnt *refcnt)
Initialise an object interface.
Definition interface.h:204
zalloc
void * zalloc(size_t size)
Allocate cleared memory.
Definition malloc.c:662
process_init
static void process_init(struct process *process, struct process_descriptor *desc, struct refcnt *refcnt)
Initialise process and add to process list.
Definition process.h:162
ref_put
#define ref_put(refcnt)
Drop reference to object.
Definition refcnt.h:107
ref_init
#define ref_init(refcnt, free)
Initialise a reference counter.
Definition refcnt.h:65
root
struct stp_switch root
Root switch.
Definition stp.h:15
validator
A certificate validator.
Definition validator.c:65
validator::refcnt
struct refcnt refcnt
Reference count.
Definition validator.c:67
validator::job
struct interface job
Job control interface.
Definition validator.c:69
validator::process
struct process process
Process.
Definition validator.c:74
validator::xfer
struct interface xfer
Data transfer interface.
Definition validator.c:71
validator::chain
struct x509_chain * chain
X.509 certificate chain.
Definition validator.c:113
validator::buffer
struct xfer_buffer buffer
Data buffer.
Definition validator.c:117
validator::root
struct x509_root * root
Root of trust (or NULL to use default)
Definition validator.c:111
validator_free
static void validator_free(struct refcnt *refcnt)
Free certificate validator.
Definition validator.c:151
validator_finished
static void validator_finished(struct validator *validator, int rc)
Mark certificate validation as finished.
Definition validator.c:170
validator_process_desc
static struct process_descriptor validator_process_desc
Certificate validator process descriptor.
Definition validator.c:743
validator_name
static const char * validator_name(struct validator *validator)
Get validator name (for debug messages)
Definition validator.c:138
validator_xfer_desc
static struct interface_descriptor validator_xfer_desc
Certificate validator data transfer interface descriptor.
Definition validator.c:610
validator_job_desc
static struct interface_descriptor validator_job_desc
Certificate validator job control interface descriptor.
Definition validator.c:213
x509_chain_get
static struct x509_chain * x509_chain_get(struct x509_chain *chain)
Get reference to X.509 certificate chain.
Definition x509.h:289
x509_root_get
static struct x509_root * x509_root_get(struct x509_root *root)
Get reference to X.509 root certificate list.
Definition x509.h:393
xferbuf_malloc_init
static void xferbuf_malloc_init(struct xfer_buffer *xferbuf)
Initialise malloc()-based data transfer buffer.
Definition xferbuf.h:54

References validator::buffer, validator::chain, DBGC2, EINVAL, ENOMEM, intf_init(), intf_plug_plug(), validator::job, validator::process, process_init(), rc, ref_init, ref_put, validator::refcnt, root, validator::root, validator_finished(), validator_free(), validator_job_desc, validator_name(), validator_process_desc, validator_xfer_desc, x509_chain_get(), x509_root_get(), validator::xfer, xferbuf_malloc_init(), and zalloc().

Referenced by imgverify(), and tls_new_server_hello_done().

Generated by doxygen 1.14.0