/* * get a X.509 authority certificate with a given subject or keyid */ x509cert_t *get_authcert(chunk_t subject, chunk_t serial, chunk_t keyid, u_char auth_flags) { x509cert_t *cert = x509authcerts; x509cert_t *prev_cert = NULL; while (cert != NULL) { if (cert->authority_flags & auth_flags && ((keyid.ptr != NULL) ? same_keyid(keyid, cert->subjectKeyID) : (same_dn(subject, cert->subject) && same_serial(serial, cert->serialNumber)))) { if (cert != x509authcerts) { /* bring the certificate up front */ prev_cert->next = cert->next; cert->next = x509authcerts; x509authcerts = cert; } return cert; } prev_cert = cert; cert = cert->next; } return NULL; }
/** * Compare two ocsp locations for equality */ static bool same_ocsp_location(const ocsp_location_t *a, const ocsp_location_t *b) { return ((a->authKeyID.ptr) ? same_keyid(a->authKeyID, b->authKeyID) : a->issuer->equals(a->issuer, b->issuer)) && streq(a->uri, b->uri); }
/* * get the X.509 CRL with a given issuer */ static x509crl_t* get_x509crl(chunk_t issuer, chunk_t serial, chunk_t keyid) { x509crl_t *crl = x509crls; x509crl_t *prev_crl = NULL; while(crl != NULL) { if ((keyid.ptr != NULL && crl->authKeyID.ptr != NULL) ? same_keyid(keyid, crl->authKeyID) : (same_dn(crl->issuer, issuer) && same_serial(serial, crl->authKeySerialNumber))) { if (crl != x509crls) { /* bring the CRL up front */ prev_crl->next = crl->next; crl->next = x509crls; x509crls = crl; } return crl; } prev_crl = crl; crl = crl->next; } return NULL; }
/* * compare two ocsp locations for equality */ static bool same_ocsp_location(const ocsp_location_t *a, const ocsp_location_t *b) { return ((a->authKeyID.ptr != NULL) ? same_keyid(a->authKeyID, b->authKeyID) : (same_dn(a->issuer, b->issuer) && same_serial(a->authKeySerialNumber, b->authKeySerialNumber))) && same_chunk(a->uri, b->uri); }
/* * get a X.509 certificate with a given issuer found at a certain position */ x509cert_t *get_x509cert(chunk_t issuer, chunk_t serial, chunk_t keyid, x509cert_t *chain) { x509cert_t *cert = (chain != NULL) ? chain->next : x509certs; while (cert != NULL) { if ((keyid.ptr != NULL) ? same_keyid(keyid, cert->authKeyID) : (same_dn(issuer, cert->issuer) && same_serial(serial, cert->authKeySerialNumber))) return cert; cert = cert->next; } return NULL; }
/* * get a cacert with a given subject or keyid from an alternative list */ static const x509cert_t*get_alt_cacert(chunk_t subject, chunk_t serial, chunk_t keyid, const x509cert_t *cert) { while (cert != NULL) { if ((keyid.ptr != NULL) ? same_keyid(keyid, cert->subjectKeyID) : (same_dn(subject, cert->subject) && same_serial(serial, cert->serialNumber))) return cert; cert = cert->next; } return NULL; }