68 			  X509 *signer, STACK_OF(X509) **chain);
85 static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
130  *	- Checks if there is one and only one signer.
132  *	- Check the extended key usage and key usage fields of the signer
138  *	- Returns the signer certificate in 'signer', if 'signer' is not NULL.
146 	X509	*signer;
166 	/* Check if there is one and only one signer. */
183 	/* Get hold of the signer certificate, search only internal
187 	signer = sk_X509_value(signers, 0);
190 	if (!TS_verify_cert(store, certs, signer, &chain)) goto err;
192 	/* Check if the signer certificate is consistent with the
203 	j = PKCS7_signatureVerify(p7bio, token, si, signer);
210 	/* Return the signer certificate if needed. */
213 		*signer_out = signer;
214 		CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
232 			  X509 *signer, STACK_OF(X509) **chain)
240 	X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted);
272 	/* The signer certificate must be the first in cert_ids. */
405  *	- Check if the TSA name matches the signer.
411 	X509 *signer = NULL;
421 					 &signer))
455 	/* Check whether TSA name and signer certificate match. */
457 	    && tsa_name && !TS_check_signer_name(tsa_name, signer))
465 	    && !TS_check_signer_name(ctx->tsa_name, signer))
473 	X509_free(signer);
686 static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer)
694 	    && X509_name_cmp(tsa_name->d.dirn, signer->cert_info->subject) == 0)
698 	gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
706 		gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,

Indexes created Mon Jul 01 21:43:02 MDT 2024