1 files changed, 19 insertions, 0 deletions

diff --git a/src/include/ipxe/x509.h b/src/include/ipxe/x509.h
index 87323cec0..612743a77 100644
--- a/src/include/ipxe/x509.h
+++ b/src/include/ipxe/x509.h
@@ -17,6 +17,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <ipxe/list.h>
 
 struct image;
+struct private_key;
 
 /** An X.509 serial number */
 struct x509_serial {
@@ -201,6 +202,13 @@ struct x509_chain {
 	struct refcnt refcnt;
 	/** List of links */
 	struct list_head links;
+	/** Mark certificate as found
+	 *
+	 * @v certs		X.509 certificate list
+	 * @v cert		X.509 certificate
+	 */
+	void ( * found ) ( struct x509_chain *certs,
+			   struct x509_certificate *cert );
 };
 
 /** An X.509 certificate */
@@ -424,6 +432,17 @@ extern int x509_append ( struct x509_chain *chain,
 extern int x509_append_raw ( struct x509_chain *chain, const void *data,
 			     size_t len );
 extern void x509_truncate ( struct x509_chain *chain, struct x509_link *link );
+extern struct x509_certificate * x509_find ( struct x509_chain *certs,
+					     const struct asn1_cursor *raw );
+extern struct x509_certificate *
+x509_find_subject ( struct x509_chain *certs,
+		    const struct asn1_cursor *subject );
+extern struct x509_certificate *
+x509_find_issuer_serial ( struct x509_chain *certs,
+			  const struct asn1_cursor *issuer,
+			  const struct asn1_cursor *serial );
+extern struct x509_certificate * x509_find_key ( struct x509_chain *certs,
+						 struct private_key *key );
 extern int x509_auto_append ( struct x509_chain *chain,
 			      struct x509_chain *certs );
 extern int x509_validate_chain ( struct x509_chain *chain, time_t time,