20 	struct x509_certificate	*cert;		/* Certificate being constructed */  member
44 void x509_free_certificate(struct x509_certificate *cert)  in x509_free_certificate()  argument
46 	if (cert) {  in x509_free_certificate()
47 		public_key_free(cert->pub);  in x509_free_certificate()
48 		public_key_signature_free(cert->sig);  in x509_free_certificate()
49 		kfree(cert->issuer);  in x509_free_certificate()
50 		kfree(cert->subject);  in x509_free_certificate()
51 		kfree(cert->id);  in x509_free_certificate()
52 		kfree(cert->skid);  in x509_free_certificate()
53 		kfree(cert);  in x509_free_certificate()
63 	struct x509_certificate *cert;  in x509_cert_parse()  local
69 	cert = kzalloc(sizeof(struct x509_certificate), GFP_KERNEL);  in x509_cert_parse()
70 	if (!cert)  in x509_cert_parse()
72 	cert->pub = kzalloc(sizeof(struct public_key), GFP_KERNEL);  in x509_cert_parse()
73 	if (!cert->pub)  in x509_cert_parse()
75 	cert->sig = kzalloc(sizeof(struct public_key_signature), GFP_KERNEL);  in x509_cert_parse()
76 	if (!cert->sig)  in x509_cert_parse()
82 	ctx->cert = cert;  in x509_cert_parse()
103 	cert->pub->key = kmemdup(ctx->key, ctx->key_size, GFP_KERNEL);  in x509_cert_parse()
104 	if (!cert->pub->key)  in x509_cert_parse()
107 	cert->pub->keylen = ctx->key_size;  in x509_cert_parse()
109 	cert->pub->params = kmemdup(ctx->params, ctx->params_size, GFP_KERNEL);  in x509_cert_parse()
110 	if (!cert->pub->params)  in x509_cert_parse()
113 	cert->pub->paramlen = ctx->params_size;  in x509_cert_parse()
114 	cert->pub->algo = ctx->key_algo;  in x509_cert_parse()
117 	ret = x509_get_sig_params(cert);  in x509_cert_parse()
122 	kid = asymmetric_key_generate_id(cert->raw_serial,  in x509_cert_parse()
123 					 cert->raw_serial_size,  in x509_cert_parse()
124 					 cert->raw_issuer,  in x509_cert_parse()
125 					 cert->raw_issuer_size);  in x509_cert_parse()
130 	cert->id = kid;  in x509_cert_parse()
133 	ret = x509_check_for_self_signed(cert);  in x509_cert_parse()
138 	return cert;  in x509_cert_parse()
143 	x509_free_certificate(cert);  in x509_cert_parse()
182 	ctx->cert->tbs = value - hdrlen;  in x509_note_tbs_certificate()
183 	ctx->cert->tbs_size = vlen + hdrlen;  in x509_note_tbs_certificate()
204 		ctx->cert->sig->hash_algo = "md4";  in x509_note_sig_algo()
208 		ctx->cert->sig->hash_algo = "sha1";  in x509_note_sig_algo()
212 		ctx->cert->sig->hash_algo = "sha256";  in x509_note_sig_algo()
216 		ctx->cert->sig->hash_algo = "sha384";  in x509_note_sig_algo()
220 		ctx->cert->sig->hash_algo = "sha512";  in x509_note_sig_algo()
224 		ctx->cert->sig->hash_algo = "sha224";  in x509_note_sig_algo()
228 		ctx->cert->sig->hash_algo = "sha1";  in x509_note_sig_algo()
232 		ctx->cert->sig->hash_algo = "sha224";  in x509_note_sig_algo()
236 		ctx->cert->sig->hash_algo = "sha256";  in x509_note_sig_algo()
240 		ctx->cert->sig->hash_algo = "sha384";  in x509_note_sig_algo()
244 		ctx->cert->sig->hash_algo = "sha512";  in x509_note_sig_algo()
248 		ctx->cert->sig->hash_algo = "streebog256";  in x509_note_sig_algo()
252 		ctx->cert->sig->hash_algo = "streebog512";  in x509_note_sig_algo()
256 		ctx->cert->sig->hash_algo = "sm3";  in x509_note_sig_algo()
261 	ctx->cert->sig->pkey_algo = "rsa";  in x509_note_sig_algo()
262 	ctx->cert->sig->encoding = "pkcs1";  in x509_note_sig_algo()
266 	ctx->cert->sig->pkey_algo = "ecrdsa";  in x509_note_sig_algo()
267 	ctx->cert->sig->encoding = "raw";  in x509_note_sig_algo()
271 	ctx->cert->sig->pkey_algo = "sm2";  in x509_note_sig_algo()
272 	ctx->cert->sig->encoding = "raw";  in x509_note_sig_algo()
276 	ctx->cert->sig->pkey_algo = "ecdsa";  in x509_note_sig_algo()
277 	ctx->cert->sig->encoding = "x962";  in x509_note_sig_algo()
304 	if (strcmp(ctx->cert->sig->pkey_algo, "rsa") == 0 ||  in x509_note_signature()
305 	    strcmp(ctx->cert->sig->pkey_algo, "ecrdsa") == 0 ||  in x509_note_signature()
306 	    strcmp(ctx->cert->sig->pkey_algo, "sm2") == 0 ||  in x509_note_signature()
307 	    strcmp(ctx->cert->sig->pkey_algo, "ecdsa") == 0) {  in x509_note_signature()
316 	ctx->cert->raw_sig = value;  in x509_note_signature()
317 	ctx->cert->raw_sig_size = vlen;  in x509_note_signature()
329 	ctx->cert->raw_serial = value;  in x509_note_serial()
330 	ctx->cert->raw_serial_size = vlen;  in x509_note_serial()
448 	ctx->cert->raw_issuer = value;  in x509_note_issuer()
449 	ctx->cert->raw_issuer_size = vlen;  in x509_note_issuer()
451 	if (!ctx->cert->sig->auth_ids[2]) {  in x509_note_issuer()
455 		ctx->cert->sig->auth_ids[2] = kid;  in x509_note_issuer()
458 	return x509_fabricate_name(ctx, hdrlen, tag, &ctx->cert->issuer, vlen);  in x509_note_issuer()
466 	ctx->cert->raw_subject = value;  in x509_note_subject()
467 	ctx->cert->raw_subject_size = vlen;  in x509_note_subject()
468 	return x509_fabricate_name(ctx, hdrlen, tag, &ctx->cert->subject, vlen);  in x509_note_subject()
485 	if (!ctx->cert->raw_subject || ctx->key)  in x509_note_params()
505 		ctx->cert->pub->pkey_algo = "rsa";  in x509_extract_key_data()
509 		ctx->cert->pub->pkey_algo = "ecrdsa";  in x509_extract_key_data()
512 		ctx->cert->pub->pkey_algo = "sm2";  in x509_extract_key_data()
520 			ctx->cert->pub->pkey_algo = "sm2";  in x509_extract_key_data()
523 			ctx->cert->pub->pkey_algo = "ecdsa-nist-p192";  in x509_extract_key_data()
526 			ctx->cert->pub->pkey_algo = "ecdsa-nist-p256";  in x509_extract_key_data()
529 			ctx->cert->pub->pkey_algo = "ecdsa-nist-p384";  in x509_extract_key_data()
565 		if (ctx->cert->skid || vlen < 3)  in x509_process_extension()
572 		ctx->cert->raw_skid_size = vlen;  in x509_process_extension()
573 		ctx->cert->raw_skid = v;  in x509_process_extension()
577 		ctx->cert->skid = kid;  in x509_process_extension()
602 			ctx->cert->pub->key_eflags |= 1 << KEY_EFLAG_DIGITALSIG;  in x509_process_extension()
604 			ctx->cert->pub->key_eflags |= 1 << KEY_EFLAG_KEYCERTSIGN;  in x509_process_extension()
606 			ctx->cert->pub->key_eflags |= 1 << KEY_EFLAG_KEYCERTSIGN;  in x509_process_extension()
635 			ctx->cert->pub->key_eflags |= 1 << KEY_EFLAG_CA;  in x509_process_extension()
742 	return x509_decode_time(&ctx->cert->valid_from, hdrlen, tag, value, vlen);  in x509_note_not_before()
750 	return x509_decode_time(&ctx->cert->valid_to, hdrlen, tag, value, vlen);  in x509_note_not_after()
765 	if (ctx->cert->sig->auth_ids[1])  in x509_akid_note_kid()
772 	ctx->cert->sig->auth_ids[1] = kid;  in x509_akid_note_kid()
804 	if (!ctx->akid_raw_issuer || ctx->cert->sig->auth_ids[0])  in x509_akid_note_serial()
815 	ctx->cert->sig->auth_ids[0] = kid;  in x509_akid_note_serial()