cmp_vfy.c - OpenGrok cross reference for /openssl/crypto/cmp/cmp

Lines Matching refs:cert
26                             const OSSL_CMP_MSG *msg, X509 *cert)  in verify_signature()  argument
33     if (!ossl_assert(cmp_ctx != NULL && msg != NULL && cert != NULL))  in verify_signature()
41             && (X509_get_key_usage(cert) & X509v3_KU_DIGITAL_SIGNATURE) == 0) {  in verify_signature()
46     pubkey = X509_get_pubkey(cert);  in verify_signature()
64     res = ossl_x509_print_ex_brief(bio, cert, X509_FLAG_NO_EXTENSIONS);  in verify_signature()
107                                 X509_STORE *trusted_store, X509 *cert)  in OSSL_CMP_validate_cert_path()  argument
113     if (ctx == NULL || cert == NULL) {  in OSSL_CMP_validate_cert_path()
125                                     cert, ctx->untrusted))  in OSSL_CMP_validate_cert_path()
142 static int verify_cb_cert(X509_STORE *ts, X509 *cert, int err)  in verify_cb_cert()  argument
151             && X509_STORE_CTX_init(csc, ts, cert, NULL)) {  in verify_cb_cert()
153         X509_STORE_CTX_set_current_cert(csc, cert);  in verify_cb_cert()
225 static int already_checked(const X509 *cert,  in already_checked()  argument
231         if (X509_cmp(sk_X509_value(already_checked, i - 1), cert) == 0)  in already_checked()
245                            const char *desc1, const char *desc2, X509 *cert,  in cert_acceptable()  argument
251     int self_issued = X509_check_issued(cert, cert) == X509_V_OK;  in cert_acceptable()
258     if ((str = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0)) != NULL)  in cert_acceptable()
262         str = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0);  in cert_acceptable()
268     if (already_checked(cert, already_checked1)  in cert_acceptable()
269             || already_checked(cert, already_checked2)) {  in cert_acceptable()
274     time_cmp = X509_cmp_timeframe(vpm, X509_get0_notBefore(cert),  in cert_acceptable()
275                                   X509_get0_notAfter(cert));  in cert_acceptable()
283                 && verify_cb_cert(ts, cert, err) <= 0)  in cert_acceptable()
288                     "cert subject", X509_get_subject_name(cert),  in cert_acceptable()
292     if (!check_kid(ctx, X509_get0_subject_key_id(cert), msg->header->senderKID))  in cert_acceptable()
295     if (!ossl_x509v3_cache_extensions(cert)) {  in cert_acceptable()
299     if (!verify_signature(ctx, msg, cert)) {  in cert_acceptable()
368 static int check_msg_given_cert(const OSSL_CMP_CTX *ctx, X509 *cert,  in check_msg_given_cert()  argument
372                            cert, NULL, NULL, msg)  in check_msg_given_cert()
373         && (check_cert_path(ctx, ctx->trusted, cert)  in check_msg_given_cert()
374             || check_cert_path_3gpp(ctx, msg, cert));  in check_msg_given_cert()
398         X509 *cert = sk_X509_value(certs, i);  in check_msg_with_certs()  local
400         if (!ossl_assert(cert != NULL))  in check_msg_with_certs()
402         if (!cert_acceptable(ctx, "cert from", desc, cert,  in check_msg_with_certs()
406         if (mode_3gpp ? check_cert_path_3gpp(ctx, msg, cert)  in check_msg_with_certs()
407                       : check_cert_path(ctx, ctx->trusted, cert)) {  in check_msg_with_certs()
409             return ossl_cmp_ctx_set1_validatedSrvCert(ctx, cert);  in check_msg_with_certs()