Home | History | Annotate | Download | only in crypto

Lines Matching defs:cert

400 				   "GnuTLS: Failed to read CA cert '%s' in DER format (%s) - try in PEM format",
408 					   "Failed to read CA cert '%s' in PEM format: %s",
424 				   "Failed to parse CA cert in DER format: %s",
430 					   "Failed to parse CA cert in PEM format: %s",
471 			wpa_printf(MSG_DEBUG, "Failed to read client cert/key "
485 					   "cert/key in PEM format: %s",
511 		gnutls_datum_t cert, key;
513 		cert.data = (unsigned char *) params->client_cert_blob;
514 		cert.size = params->client_cert_blob_len;
520 			conn->xcred, &cert, &key, GNUTLS_X509_FMT_DER,
525 			conn->xcred, &cert, &key, GNUTLS_X509_FMT_DER);
528 			wpa_printf(MSG_DEBUG, "Failed to read client cert/key "
532 				conn->xcred, &cert, &key, GNUTLS_X509_FMT_PEM,
537 				conn->xcred, &cert, &key, GNUTLS_X509_FMT_PEM);
541 					   "cert/key in PEM format: %s",
625 			wpa_printf(MSG_DEBUG, "Failed to read CA cert '%s' "
632 				wpa_printf(MSG_DEBUG, "Failed to read CA cert "
659 			wpa_printf(MSG_DEBUG, "Failed to read client cert/key "
666 					   "cert/key in PEM format: %s",
761 				  const gnutls_datum_t *cert, int depth,
777 	if (cert) {
778 		cert_buf = wpabuf_alloc_copy(cert->data, cert->size);
779 		ev.cert_fail.cert = cert_buf;
787 static int server_eku_purpose(gnutls_x509_crt_t cert)
796 		res = gnutls_x509_crt_get_key_purpose_oid(cert, i, oid,
893 		wpa_printf(MSG_DEBUG, "GnuTLS: OCSP cert status: good");
896 			   "GnuTLS: OCSP cert status: revoked");
900 			   "GnuTLS: OCSP cert status: unknown");
927 	gnutls_x509_crt_t cert;
1058 		if (gnutls_x509_crt_init(&cert) < 0) {
1065 		if (gnutls_x509_crt_import(cert, &certs[i],
1069 			gnutls_x509_crt_deinit(cert);
1074 		gnutls_x509_crt_get_dn(cert, NULL, &len);
1079 			gnutls_x509_crt_get_dn(cert, buf, &len);
1081 		wpa_printf(MSG_DEBUG, "TLS: Peer cert chain %d/%d: %s",
1097 				ev.peer_cert.cert = cert_buf;
1117 				    cert, conn->suffix_match)) {
1126 				gnutls_x509_crt_deinit(cert);
1134 				    cert, conn->domain_match,
1144 				gnutls_x509_crt_deinit(cert);
1160 			    !server_eku_purpose(cert)) {
1168 				gnutls_x509_crt_deinit(cert);
1176 		    (gnutls_x509_crt_get_expiration_time(cert) < now.sec ||
1177 		     gnutls_x509_crt_get_activation_time(cert) > now.sec)) {
1185 			gnutls_x509_crt_deinit(cert);
1193 		gnutls_x509_crt_deinit(cert);