Home | History | Annotate | Download | only in x509

Lines Matching full:syscall

9 	"syscall"
13 // Creates a new *syscall.CertContext representing the leaf certificate in an in-memory
19 // syscall.CertFreeCertificateContext.
20 func createStoreContext(leaf *Certificate, opts *VerifyOptions) (*syscall.CertContext, error) {
21 	var storeCtx *syscall.CertContext
23 	leafCtx, err := syscall.CertCreateCertificateContext(syscall.X509_ASN_ENCODING|syscall.PKCS_7_ASN_ENCODING, &leaf.Raw[0], uint32(len(leaf.Raw)))
27 	defer syscall.CertFreeCertificateContext(leafCtx)
29 	handle, err := syscall.CertOpenStore(syscall.CERT_STORE_PROV_MEMORY, 0, 0, syscall.CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG, 0)
33 	defer syscall.CertCloseStore(handle, 0)
35 	err = syscall.CertAddCertificateContextToStore(handle, leafCtx, syscall.CERT_STORE_ADD_ALWAYS, &storeCtx)
42 			ctx, err := syscall.CertCreateCertificateContext(syscall.X509_ASN_ENCODING|syscall.PKCS_7_ASN_ENCODING, &intermediate.Raw[0], uint32(len(intermediate.Raw)))
47 			err = syscall.CertAddCertificateContextToStore(handle, ctx, syscall.CERT_STORE_ADD_ALWAYS, nil)
48 			syscall.CertFreeCertificateContext(ctx)
59 func extractSimpleChain(simpleChain **syscall.CertSimpleChain, count int) (chain []*Certificate, err error) {
64 	simpleChains := (*[1 << 20]*syscall.CertSimpleChain)(unsafe.Pointer(simpleChain))[:]
66 	elements := (*[1 << 20]*syscall.CertChainElement)(unsafe.Pointer(lastChain.Elements))[:]
85 func checkChainTrustStatus(c *Certificate, chainCtx *syscall.CertChainContext) error {
86 	if chainCtx.TrustStatus.ErrorStatus != syscall.CERT_TRUST_NO_ERROR {
89 		case syscall.CERT_TRUST_IS_NOT_TIME_VALID:
100 func checkChainSSLServerPolicy(c *Certificate, chainCtx *syscall.CertChainContext, opts *VerifyOptions) error {
101 	servernamep, err := syscall.UTF16PtrFromString(opts.DNSName)
105 	sslPara := &syscall.SSLExtraCertChainPolicyPara{
106 		AuthType:   syscall.AUTHTYPE_SERVER,
111 	para := &syscall.CertChainPolicyPara{
116 	status := syscall.CertChainPolicyStatus{}
117 	err = syscall.CertVerifyCertificateChainPolicy(syscall.CERT_CHAIN_POLICY_SSL, chainCtx, para, &status)
127 		case syscall.CERT_E_EXPIRED:
129 		case syscall.CERT_E_CN_NO_MATCH:
131 		case syscall.CERT_E_UNTRUSTEDROOT:
150 	defer syscall.CertFreeCertificateContext(storeCtx)
152 	para := new(syscall.CertChainPara)
159 			&syscall.OID_PKIX_KP_SERVER_AUTH[0],
163 			&syscall.OID_SERVER_GATED_CRYPTO[0],
164 			&syscall.OID_SGC_NETSCAPE[0],
166 		para.RequestedUsage.Type = syscall.USAGE_MATCH_TYPE_OR
170 		para.RequestedUsage.Type = syscall.USAGE_MATCH_TYPE_AND
175 	var verifyTime *syscall.Filetime
177 		ft := syscall.NsecToFiletime(opts.CurrentTime.UnixNano())
199 	var chainCtx *syscall.CertChainContext
200 	err = syscall.CertGetCertificateChain(syscall.Handle(0), storeCtx, verifyTime, storeCtx.Store, para, 0, 0, &chainCtx)
204 	defer syscall.CertFreeCertificateChain(chainCtx)