Certificate validator. More...

#include <ipxe/interface.h>
#include <ipxe/x509.h>

Functions
	FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)

	FILE_SECBOOT (PERMITTED)

int	create_validator (struct interface job, struct x509_chain chain, struct x509_root *root)
	Instantiate a certificate validator. More...

Detailed Description

Certificate validator.

Definition in file validator.h.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )

◆ FILE_SECBOOT()

FILE_SECBOOT ( PERMITTED )

◆ create_validator()

int create_validator	(	struct interface *	job,
		struct x509_chain *	chain,
		struct x509_root *	root
	)

Instantiate a certificate validator.

Parameters

job	Job control interface
chain	X.509 certificate chain
root	Root of trust, or NULL to use default

Return values

rc	Return status code

Definition at line 760 of file validator.c.

                                                 {
         struct validator *validator;
         int rc;
 
         /* Sanity check */
         if ( ! chain ) {
                 rc = -EINVAL;
                 goto err_sanity;
         }
 
         /* Allocate and initialise structure */
         validator = zalloc ( sizeof ( *validator ) );
         if ( ! validator ) {
                 rc = -ENOMEM;
                 goto err_alloc;
         }
         ref_init ( &validator->refcnt, validator_free );
         intf_init ( &validator->job, &validator_job_desc,
                     &validator->refcnt );
         intf_init ( &validator->xfer, &validator_xfer_desc,
                     &validator->refcnt );
         process_init ( &validator->process, &validator_process_desc,
                        &validator->refcnt );
         validator->root = x509_root_get ( root );
         validator->chain = x509_chain_get ( chain );
         xferbuf_malloc_init ( &validator->buffer );
 
         /* Attach parent interface, mortalise self, and return */
         intf_plug_plug ( &validator->job, job );
         ref_put ( &validator->refcnt );
         DBGC2 ( validator, "VALIDATOR %p \"%s\" validating X509 chain %p\n",
                 validator, validator_name ( validator ), validator->chain );
         return 0;
 
         validator_finished ( validator, rc );
         ref_put ( &validator->refcnt );
  err_alloc:
  err_sanity:
         return rc;
 }

References validator::buffer, validator::chain, DBGC2, EINVAL, ENOMEM, intf_init(), intf_plug_plug(), validator::job, validator::process, process_init(), rc, ref_init, ref_put, validator::refcnt, root, validator::root, validator_finished(), validator_free(), validator_job_desc, validator_name(), validator_process_desc, validator_xfer_desc, x509_chain_get(), x509_root_get(), validator::xfer, xferbuf_malloc_init(), and zalloc().

Referenced by imgverify(), and tls_new_server_hello_done().

Functions

Detailed Description

Function Documentation

◆ FILE_LICENCE()

◆ FILE_SECBOOT()

◆ create_validator()