Lines Matching defs:cert
179 const CERT_CONTEXT *cert;
302 if (priv->cert)
303 CertFreeCertificateContext(priv->cert);
330 if (strncmp(name, "cert://", 7) == 0) {
365 X509 *cert = NULL;
371 (strncmp(name, "cert://", 7) != 0 &&
385 priv->cert = cryptoapi_find_cert(name, CERT_SYSTEM_STORE_CURRENT_USER);
386 if (priv->cert == NULL) {
387 priv->cert = cryptoapi_find_cert(
390 if (priv->cert == NULL) {
396 cert = d2i_X509(NULL,
397 (const unsigned char **) &priv->cert->pbCertEncoded,
398 priv->cert->cbCertEncoded);
399 if (cert == NULL) {
405 if (!CryptAcquireCertificatePrivateKey(priv->cert,
431 if (!SSL_use_certificate(ssl, cert)) {
436 pub_rsa = cert->cert_info->key->pkey->pkey.rsa;
437 X509_free(cert);
438 cert = NULL;
452 if (cert)
453 X509_free(cert);
468 X509 *cert;
490 wpa_printf(MSG_DEBUG, "%s: failed to open system cert store "
497 cert = d2i_X509(NULL,
500 if (cert == NULL) {
502 "X509 DER encoding for CA cert");
506 X509_NAME_oneline(X509_get_subject_name(cert), buf,
511 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
517 X509_free(cert);
521 wpa_printf(MSG_DEBUG, "%s: failed to close system cert store "
961 /* load private key first in-case PIN is required for cert */
1156 static int tls_match_altsubject_component(X509 *cert, int type,
1164 ext = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
1179 static int tls_match_altsubject(X509 *cert, const char *match)
1213 if (tls_match_altsubject_component(cert, type, pos, len) > 0)
1256 static int tls_match_suffix(X509 *cert, const char *match, int full)
1272 ext = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
1296 name = X509_get_subject_name(cert);
1366 static struct wpabuf * get_x509_cert(X509 *cert)
1371 int cert_len = i2d_X509(cert, NULL);
1380 i2d_X509(cert, &tmp);
1391 struct wpabuf *cert = NULL;
1397 cert = get_x509_cert(err_cert);
1404 ev.cert_fail.cert = cert;
1406 wpabuf_free(cert);
1414 struct wpabuf *cert = NULL;
1431 cert = get_x509_cert(err_cert);
1432 ev.peer_cert.cert = cert;
1435 if (cert) {
1438 addr[0] = wpabuf_head(cert);
1439 len[0] = wpabuf_len(cert);
1491 wpabuf_free(cert);
1555 struct wpabuf *cert;
1556 cert = get_x509_cert(err_cert);
1557 if (!cert) {
1565 addr[0] = wpabuf_head(cert);
1566 len[0] = wpabuf_len(cert);
1581 wpabuf_free(cert);
1672 "cert already in hash table error",
1744 X509 *cert = d2i_X509(NULL,
1747 if (cert == NULL) {
1754 cert)) {
1763 "cert already in hash table error",
1766 X509_free(cert);
1770 X509_free(cert);
2078 X509 *cert;
2084 cert = NULL;
2086 if (!PKCS12_parse(p12, passwd, &pkey, &cert, &certs)) {
2094 if (cert) {
2095 X509_NAME_oneline(X509_get_subject_name(cert), buf,
2100 if (SSL_use_certificate(ssl, cert) != 1)
2103 if (SSL_CTX_use_certificate(ssl_ctx, cert) != 1)
2106 X509_free(cert);
2122 while ((cert = sk_X509_pop(certs)) != NULL) {
2123 X509_NAME_oneline(X509_get_subject_name(cert), buf,
2128 * There is no SSL equivalent for the chain cert - so
2131 if (SSL_CTX_add_extra_chain_cert(ssl_ctx, cert) != 1) {
2205 X509 **cert)
2210 X509 *cert;
2213 params.cert = NULL;
2219 wpa_printf(MSG_ERROR, "ENGINE: cannot load client cert with id"
2226 if (!params.cert) {
2227 wpa_printf(MSG_ERROR, "ENGINE: did not properly cert with id"
2231 *cert = params.cert;
2241 X509 *cert;
2243 if (tls_engine_get_cert(conn, cert_id, &cert))
2246 if (!SSL_use_certificate(conn->ssl, cert)) {
2249 X509_free(cert);
2252 X509_free(cert);
2268 X509 *cert;
2272 if (tls_engine_get_cert(conn, ca_cert_id, &cert))
2280 X509_free(cert);
2284 if (!X509_STORE_add_cert(store, cert)) {
2291 wpa_printf(MSG_DEBUG, "OpenSSL: %s - ignoring cert"
2295 X509_free(cert);
2299 X509_free(cert);
3228 static void debug_print_cert(X509 *cert, const char *title)
3243 X509_print(out, cert);
3314 X509 *cert;
3315 cert
3316 if (cert && !sk_X509_push(certs, cert)) {
3320 X509_free(cert);
3325 cert = X509_dup(conn->peer_issuer_issuer);
3326 if (cert && !sk_X509_push(certs, cert)) {
3330 X509_free(cert);
3458 * cert/key fields are actually PKCS#11 URIs, then automatically
