static GTlsCertificateFlags
double_check_before_after_dates (GTlsCertificateOpenssl *chain)
{
GTlsCertificateFlags gtls_flags = 0;
X509 *cert;
while (chain)
{
ASN1_TIME *not_before;
ASN1_TIME *not_after;
cert = g_tls_certificate_openssl_get_cert (chain);
not_before = X509_get_notBefore (cert);
not_after = X509_get_notAfter (cert);
if (X509_cmp_current_time (not_before) > 0)
gtls_flags |= G_TLS_CERTIFICATE_NOT_ACTIVATED;
if (X509_cmp_current_time (not_after) < 0)
gtls_flags |= G_TLS_CERTIFICATE_EXPIRED;
chain = G_TLS_CERTIFICATE_OPENSSL (g_tls_certificate_get_issuer
(G_TLS_CERTIFICATE (chain)));
}
return gtls_flags;
}
static STACK_OF(X509) *
convert_certificate_chain_to_openssl (GTlsCertificateOpenssl *chain)
{
GTlsCertificate *cert;
STACK_OF(X509) *openssl_chain;
openssl_chain = sk_X509_new_null ();
for (cert = G_TLS_CERTIFICATE (chain); cert; cert = g_tls_certificate_get_issuer (cert))
sk_X509_push (openssl_chain, g_tls_certificate_openssl_get_cert (G_TLS_CERTIFICATE_OPENSSL (cert)));
return openssl_chain;
}
static gint
tls_certificate_count (GTlsCertificate *cert)
{
gint count = 0;
while (cert != NULL)
{
cert = g_tls_certificate_get_issuer (cert);
count++;
}
return count;
}
