Lines Matching refs:cert
182 const CERT_CONTEXT *cert;
305 if (priv->cert)
306 CertFreeCertificateContext(priv->cert);
333 if (strncmp(name, "cert://", 7) == 0) {
368 X509 *cert = NULL;
374 (strncmp(name, "cert://", 7) != 0 &&
388 priv->cert = cryptoapi_find_cert(name, CERT_SYSTEM_STORE_CURRENT_USER);
389 if (priv->cert == NULL) {
390 priv->cert = cryptoapi_find_cert(
393 if (priv->cert == NULL) {
399 cert = d2i_X509(NULL, (OPENSSL_d2i_TYPE) &priv->cert->pbCertEncoded,
400 priv->cert->cbCertEncoded);
401 if (cert == NULL) {
407 if (!CryptAcquireCertificatePrivateKey(priv->cert,
433 if (!SSL_use_certificate(ssl, cert)) {
438 pub_rsa = cert->cert_info->key->pkey->pkey.rsa;
439 X509_free(cert);
440 cert = NULL;
454 if (cert)
455 X509_free(cert);
470 X509 *cert;
492 wpa_printf(MSG_DEBUG, "%s: failed to open system cert store "
499 cert = d2i_X509(NULL, (OPENSSL_d2i_TYPE) &ctx->pbCertEncoded,
501 if (cert == NULL) {
503 "X509 DER encoding for CA cert");
507 X509_NAME_oneline(X509_get_subject_name(cert), buf,
512 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
518 X509_free(cert);
522 wpa_printf(MSG_DEBUG, "%s: failed to close system cert store "
913 /* load private key first in-case PIN is required for cert */
1100 static int tls_match_altsubject_component(X509 *cert, int type,
1107 ext = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
1122 static int tls_match_altsubject(X509 *cert, const char *match)
1156 if (tls_match_altsubject_component(cert, type, pos, len) > 0)
1198 static int tls_match_suffix(X509 *cert, const char *match)
1212 ext = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
1234 name = X509_get_subject_name(cert);
1301 static struct wpabuf * get_x509_cert(X509 *cert)
1306 int cert_len = i2d_X509(cert, NULL);
1315 i2d_X509(cert, &tmp);
1326 struct wpabuf *cert = NULL;
1332 cert = get_x509_cert(err_cert);
1339 ev.cert_fail.cert = cert;
1341 wpabuf_free(cert);
1349 struct wpabuf *cert = NULL;
1361 cert = get_x509_cert(err_cert);
1362 ev.peer_cert.cert = cert;
1365 if (cert) {
1368 addr[0] = wpabuf_head(cert);
1369 len[0] = wpabuf_len(cert);
1379 wpabuf_free(cert);
1436 struct wpabuf *cert;
1437 cert = get_x509_cert(err_cert);
1438 if (!cert) {
1446 addr[0] = wpabuf_head(cert);
1447 len[0] = wpabuf_len(cert);
1454 wpabuf_free(cert);
1537 "cert already in hash table error",
1608 X509 *cert = d2i_X509(NULL, (OPENSSL_d2i_TYPE) &ca_cert_blob,
1610 if (cert == NULL) {
1616 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
1625 "cert already in hash table error",
1628 X509_free(cert);
1632 X509_free(cert);
1931 X509 *cert;
1937 cert = NULL;
1939 if (!PKCS12_parse(p12, passwd, &pkey, &cert, &certs)) {
1947 if (cert) {
1948 X509_NAME_oneline(X509_get_subject_name(cert), buf,
1953 if (SSL_use_certificate(ssl, cert) != 1)
1956 if (SSL_CTX_use_certificate(ssl_ctx, cert) != 1)
1959 X509_free(cert);
1975 while ((cert = sk_X509_pop(certs)) != NULL) {
1976 X509_NAME_oneline(X509_get_subject_name(cert), buf,
1981 * There is no SSL equivalent for the chain cert - so
1984 if (SSL_CTX_add_extra_chain_cert(ssl_ctx, cert) != 1) {
2058 X509 **cert)
2063 X509 *cert;
2066 params.cert = NULL;
2070 wpa_printf(MSG_ERROR, "ENGINE: cannot load client cert with id"
2075 if (!params.cert) {
2076 wpa_printf(MSG_ERROR, "ENGINE: did not properly cert with id"
2080 *cert = params.cert;
2090 X509 *cert;
2092 if (tls_engine_get_cert(conn, cert_id, &cert))
2095 if (!SSL_use_certificate(conn->ssl, cert)) {
2098 X509_free(cert);
2101 X509_free(cert);
2117 X509 *cert;
2120 if (tls_engine_get_cert(conn, ca_cert_id, &cert))
2129 X509_free(cert);
2132 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
2139 wpa_printf(MSG_DEBUG, "OpenSSL: %s - ignoring cert"
2143 X509_free(cert);
2147 X509_free(cert);
2971 static void debug_print_cert(X509 *cert, const char *title)
2986 X509_print(out, cert);
3057 X509 *cert;
3058 cert = X509_dup(conn->peer_issuer);
3059 if (cert && !sk_X509_push(certs, cert)) {
3063 X509_free(cert);
3068 cert = X509_dup(conn->peer_issuer_issuer);
3069 if (cert && !sk_X509_push(certs, cert)) {
3073 X509_free(cert);
