iPXE
Functions
validator.h File Reference

Certificate validator. More...

#include <ipxe/interface.h>
#include <ipxe/x509.h>

Go to the source code of this file.

Functions

 FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
 
int create_validator (struct interface *job, struct x509_chain *chain, struct x509_root *root)
 Instantiate a certificate validator. More...
 

Detailed Description

Certificate validator.

Definition in file validator.h.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL  )

◆ create_validator()

int create_validator ( struct interface job,
struct x509_chain chain,
struct x509_root root 
)

Instantiate a certificate validator.

Parameters
jobJob control interface
chainX.509 certificate chain
rootRoot of trust, or NULL to use default
Return values
rcReturn status code

Definition at line 630 of file validator.c.

631  {
632  struct validator *validator;
633  int rc;
634 
635  /* Sanity check */
636  if ( ! chain ) {
637  rc = -EINVAL;
638  goto err_sanity;
639  }
640 
641  /* Allocate and initialise structure */
642  validator = zalloc ( sizeof ( *validator ) );
643  if ( ! validator ) {
644  rc = -ENOMEM;
645  goto err_alloc;
646  }
649  &validator->refcnt );
651  &validator->refcnt );
653  &validator->refcnt );
657 
658  /* Attach parent interface, mortalise self, and return */
660  ref_put ( &validator->refcnt );
661  DBGC2 ( validator, "VALIDATOR %p \"%s\" validating X509 chain %p\n",
663  return 0;
664 
666  ref_put ( &validator->refcnt );
667  err_alloc:
668  err_sanity:
669  return rc;
670 }
#define EINVAL
Invalid argument.
Definition: errno.h:428
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
static struct x509_chain * x509_chain_get(struct x509_chain *chain)
Get reference to X.509 certificate chain.
Definition: x509.h:258
struct process process
Process.
Definition: validator.c:74
struct stp_switch root
Root switch.
Definition: stp.h:26
struct refcnt refcnt
Reference count.
Definition: validator.c:67
#define ref_init(refcnt, free)
Initialise a reference counter.
Definition: refcnt.h:64
static void process_init(struct process *process, struct process_descriptor *desc, struct refcnt *refcnt)
Initialise process and add to process list.
Definition: process.h:161
void intf_plug_plug(struct interface *a, struct interface *b)
Plug two object interfaces together.
Definition: interface.c:107
struct x509_chain * chain
X.509 certificate chain.
Definition: validator.c:79
A certificate validator.
Definition: validator.c:65
struct interface xfer
Data transfer interface.
Definition: validator.c:71
#define ENOMEM
Not enough space.
Definition: errno.h:534
static struct interface_descriptor validator_xfer_desc
Certificate validator data transfer interface descriptor.
Definition: validator.c:532
static struct process_descriptor validator_process_desc
Certificate validator process descriptor.
Definition: validator.c:613
static void xferbuf_malloc_init(struct xfer_buffer *xferbuf)
Initialise malloc()-based data transfer buffer.
Definition: xferbuf.h:76
static struct x509_root * x509_root_get(struct x509_root *root)
Get reference to X.509 root certificate list.
Definition: x509.h:362
static void validator_free(struct refcnt *refcnt)
Free certificate validator.
Definition: validator.c:113
struct xfer_buffer buffer
Data buffer.
Definition: validator.c:83
void * zalloc(size_t size)
Allocate cleared memory.
Definition: malloc.c:624
static struct interface_descriptor validator_job_desc
Certificate validator job control interface descriptor.
Definition: validator.c:175
#define DBGC2(...)
Definition: compiler.h:522
struct x509_root * root
Root of trust (or NULL to use default)
Definition: validator.c:77
struct interface job
Job control interface.
Definition: validator.c:69
static void validator_finished(struct validator *validator, int rc)
Mark certificate validation as finished.
Definition: validator.c:132
static void intf_init(struct interface *intf, struct interface_descriptor *desc, struct refcnt *refcnt)
Initialise an object interface.
Definition: interface.h:190
#define ref_put(refcnt)
Drop reference to object.
Definition: refcnt.h:106
static const char * validator_name(struct validator *validator)
Get validator name (for debug messages)
Definition: validator.c:102

References validator::buffer, validator::chain, DBGC2, EINVAL, ENOMEM, intf_init(), intf_plug_plug(), validator::job, validator::process, process_init(), rc, ref_init, ref_put, validator::refcnt, root, validator::root, validator_finished(), validator_free(), validator_job_desc, validator_name(), validator_process_desc, validator_xfer_desc, x509_chain_get(), x509_root_get(), validator::xfer, xferbuf_malloc_init(), and zalloc().

Referenced by imgverify(), and tls_new_server_hello_done().