#include <ctype.h>
#include <limits.h>
#include <string.h>
#include <time.h>
#include <openssl/asn1.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/mem.h>
#include <openssl/obj.h>
#include <openssl/thread.h>
#include <openssl/x509.h>
#include "../internal.h"
#include "internal.h"
static CRYPTO_EX_DATA_CLASS g_ex_data_class = …;
#define CRL_SCORE_NOCRITICAL …
#define CRL_SCORE_SCOPE …
#define CRL_SCORE_TIME …
#define CRL_SCORE_ISSUER_NAME …
#define CRL_SCORE_VALID …
#define CRL_SCORE_ISSUER_CERT …
#define CRL_SCORE_SAME_PATH …
#define CRL_SCORE_AKID …
static int null_callback(int ok, X509_STORE_CTX *e);
static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
static int check_chain_extensions(X509_STORE_CTX *ctx);
static int check_name_constraints(X509_STORE_CTX *ctx);
static int check_id(X509_STORE_CTX *ctx);
static int check_trust(X509_STORE_CTX *ctx);
static int check_revocation(X509_STORE_CTX *ctx);
static int check_cert(X509_STORE_CTX *ctx);
static int check_policy(X509_STORE_CTX *ctx);
static X509 *get_trusted_issuer(X509_STORE_CTX *ctx, X509 *x);
static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, X509_CRL *crl,
X509 *x);
static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x);
static int crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,
int *pcrl_score);
static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score);
static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl);
static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
static int internal_verify(X509_STORE_CTX *ctx);
static int null_callback(int ok, X509_STORE_CTX *e) { … }
static int cert_self_signed(X509 *x, int *out_is_self_signed) { … }
static int call_verify_cb(int ok, X509_STORE_CTX *ctx) { … }
static X509 *lookup_cert_match(X509_STORE_CTX *ctx, X509 *x) { … }
int X509_verify_cert(X509_STORE_CTX *ctx) { … }
static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) { … }
int x509_check_issued_with_callback(X509_STORE_CTX *ctx, X509 *x,
X509 *issuer) { … }
static X509 *get_trusted_issuer(X509_STORE_CTX *ctx, X509 *x) { … }
static int check_chain_extensions(X509_STORE_CTX *ctx) { … }
static int reject_dns_name_in_common_name(X509 *x509) { … }
static int check_name_constraints(X509_STORE_CTX *ctx) { … }
static int check_id_error(X509_STORE_CTX *ctx, int errcode) { … }
static int check_hosts(X509 *x, X509_VERIFY_PARAM *param) { … }
static int check_id(X509_STORE_CTX *ctx) { … }
static int check_trust(X509_STORE_CTX *ctx) { … }
static int check_revocation(X509_STORE_CTX *ctx) { … }
static int check_cert(X509_STORE_CTX *ctx) { … }
static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) { … }
static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 **pissuer,
int *pscore, STACK_OF(X509_CRL) *crls) { … }
static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, X509_CRL *crl,
X509 *x) { … }
static int crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,
int *pcrl_score) { … }
static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b) { … }
static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score) { … }
static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x) { … }
static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) { … }
static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) { … }
static int check_policy(X509_STORE_CTX *ctx) { … }
static int check_cert_time(X509_STORE_CTX *ctx, X509 *x) { … }
static int internal_verify(X509_STORE_CTX *ctx) { … }
int X509_cmp_current_time(const ASN1_TIME *ctm) { … }
int X509_cmp_time(const ASN1_TIME *ctm, const time_t *cmp_time) { … }
int X509_cmp_time_posix(const ASN1_TIME *ctm, int64_t cmp_time) { … }
ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long offset_sec) { … }
ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, const time_t *in_tm) { … }
ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, int offset_day, long offset_sec,
const time_t *in_tm) { … }
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_unused *unused,
CRYPTO_EX_dup *dup_unused,
CRYPTO_EX_free *free_func) { … }
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) { … }
void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) { … }
int X509_STORE_CTX_get_error(const X509_STORE_CTX *ctx) { … }
void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) { … }
int X509_STORE_CTX_get_error_depth(const X509_STORE_CTX *ctx) { … }
X509 *X509_STORE_CTX_get_current_cert(const X509_STORE_CTX *ctx) { … }
STACK_OF(X509) *X509_STORE_CTX_get_chain(const X509_STORE_CTX *ctx) { … }
STACK_OF(X509) *X509_STORE_CTX_get0_chain(const X509_STORE_CTX *ctx) { … }
STACK_OF(X509) *X509_STORE_CTX_get1_chain(const X509_STORE_CTX *ctx) { … }
X509_CRL *X509_STORE_CTX_get0_current_crl(const X509_STORE_CTX *ctx) { … }
X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(const X509_STORE_CTX *ctx) { … }
void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) { … }
STACK_OF(X509) *X509_STORE_CTX_get0_untrusted(const X509_STORE_CTX *ctx) { … }
void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk) { … }
int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) { … }
int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) { … }
X509_STORE_CTX *X509_STORE_CTX_new(void) { … }
void X509_STORE_CTX_free(X509_STORE_CTX *ctx) { … }
int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
STACK_OF(X509) *chain) { … }
void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx,
STACK_OF(X509) *sk) { … }
void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) { … }
void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) { … }
void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth) { … }
void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags) { … }
void X509_STORE_CTX_set_time_posix(X509_STORE_CTX *ctx, unsigned long flags,
int64_t t) { … }
void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
time_t t) { … }
X509 *X509_STORE_CTX_get0_cert(const X509_STORE_CTX *ctx) { … }
void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
int (*verify_cb)(int, X509_STORE_CTX *)) { … }
int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name) { … }
X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx) { … }
void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param) { … }