validator.h File Reference

Certificate validator. More...

#include <ipxe/interface.h>
#include <ipxe/x509.h>

Go to the source code of this file.


int create_validator (struct interface *job, struct x509_chain *chain, struct x509_root *root)
 Instantiate a certificate validator. More...

Detailed Description

Certificate validator.

Definition in file validator.h.

Function Documentation



◆ create_validator()

int create_validator ( struct interface job,
struct x509_chain chain,
struct x509_root root 

Instantiate a certificate validator.

jobJob control interface
chainX.509 certificate chain
rootRoot of trust, or NULL to use default
Return values
rcReturn status code

Definition at line 757 of file validator.c.

758  {
759  struct validator *validator;
760  int rc;
762  /* Sanity check */
763  if ( ! chain ) {
764  rc = -EINVAL;
765  goto err_sanity;
766  }
768  /* Allocate and initialise structure */
769  validator = zalloc ( sizeof ( *validator ) );
770  if ( ! validator ) {
771  rc = -ENOMEM;
772  goto err_alloc;
773  }
776  &validator->refcnt );
778  &validator->refcnt );
780  &validator->refcnt );
785  /* Attach parent interface, mortalise self, and return */
787  ref_put ( &validator->refcnt );
788  DBGC2 ( validator, "VALIDATOR %p \"%s\" validating X509 chain %p\n",
790  return 0;
793  ref_put ( &validator->refcnt );
794  err_alloc:
795  err_sanity:
796  return rc;
797 }
#define EINVAL
Invalid argument.
Definition: errno.h:428
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
static struct x509_chain * x509_chain_get(struct x509_chain *chain)
Get reference to X.509 certificate chain.
Definition: x509.h:280
struct process process
Definition: validator.c:73
struct stp_switch root
Root switch.
Definition: stp.h:26
struct refcnt refcnt
Reference count.
Definition: validator.c:66
#define ref_init(refcnt, free)
Initialise a reference counter.
Definition: refcnt.h:64
static void process_init(struct process *process, struct process_descriptor *desc, struct refcnt *refcnt)
Initialise process and add to process list.
Definition: process.h:161
void intf_plug_plug(struct interface *a, struct interface *b)
Plug two object interfaces together.
Definition: interface.c:107
struct x509_chain * chain
X.509 certificate chain.
Definition: validator.c:112
A certificate validator.
Definition: validator.c:64
struct interface xfer
Data transfer interface.
Definition: validator.c:70
#define ENOMEM
Not enough space.
Definition: errno.h:534
static struct interface_descriptor validator_xfer_desc
Certificate validator data transfer interface descriptor.
Definition: validator.c:607
static struct process_descriptor validator_process_desc
Certificate validator process descriptor.
Definition: validator.c:740
static void xferbuf_malloc_init(struct xfer_buffer *xferbuf)
Initialise malloc()-based data transfer buffer.
Definition: xferbuf.h:76
static struct x509_root * x509_root_get(struct x509_root *root)
Get reference to X.509 root certificate list.
Definition: x509.h:384
static void validator_free(struct refcnt *refcnt)
Free certificate validator.
Definition: validator.c:148
struct xfer_buffer buffer
Data buffer.
Definition: validator.c:116
void * zalloc(size_t size)
Allocate cleared memory.
Definition: malloc.c:624
static struct interface_descriptor validator_job_desc
Certificate validator job control interface descriptor.
Definition: validator.c:210
#define DBGC2(...)
Definition: compiler.h:522
struct x509_root * root
Root of trust (or NULL to use default)
Definition: validator.c:110
struct interface job
Job control interface.
Definition: validator.c:68
static void validator_finished(struct validator *validator, int rc)
Mark certificate validation as finished.
Definition: validator.c:167
static void intf_init(struct interface *intf, struct interface_descriptor *desc, struct refcnt *refcnt)
Initialise an object interface.
Definition: interface.h:203
#define ref_put(refcnt)
Drop reference to object.
Definition: refcnt.h:106
static const char * validator_name(struct validator *validator)
Get validator name (for debug messages)
Definition: validator.c:137

References validator::buffer, validator::chain, DBGC2, EINVAL, ENOMEM, intf_init(), intf_plug_plug(), validator::job, validator::process, process_init(), rc, ref_init, ref_put, validator::refcnt, root, validator::root, validator_finished(), validator_free(), validator_job_desc, validator_name(), validator_process_desc, validator_xfer_desc, x509_chain_get(), x509_root_get(), validator::xfer, xferbuf_malloc_init(), and zalloc().

Referenced by imgverify(), and tls_new_server_hello_done().