/openbsd-current/lib/libcrypto/cms/ |
H A D | cms.h | 197 int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, 200 int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert); 213 int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert); 251 int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert); 252 int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert); 270 int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert); 336 int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert); 342 X509 *cert);
|
/openbsd-current/gnu/llvm/lldb/scripts/ |
H A D | macos-setup-codesign.sh | 46 sudo security add-trusted-cert -d -r trustRoot -p codeSign -k /Library/Keychains/System.keychain "$TMPDIR/$CERT.cer" > /dev/null 2>&1
|
/openbsd-current/regress/usr.bin/ssh/ |
H A D | principals-command.sh | 29 CERT_BODY=`cat $OBJ/cert_user_key-cert.pub | awk '{ print $2 }'` 31 CERT_FP=`${SSHKEYGEN} -lf $OBJ/cert_user_key-cert.pub | awk '{ print $2 }'` 41 test "x\$2" != "xssh-${userkeytype}-cert-v01@openssh.com" && exit 1 76 fail "ssh cert connect succeeded unexpectedly" 85 fail "ssh cert connect succeeded unexpectedly" 94 fail "ssh cert connect failed" 103 fail "ssh cert connect succeeded unexpectedly" 113 fail "ssh cert connect succeeded unexpectedly" 124 fail "ssh cert connect failed" 137 printf 'cert [all...] |
H A D | Makefile | 79 cert-hostkey \ 80 cert-userkey \ 91 cert-file \ 105 agent-pkcs11-cert \ 128 known_hosts-cert known_hosts.* krl-* ls.copy modpipe \
|
/openbsd-current/usr.sbin/rpki-client/ |
H A D | Makefile | 4 SRCS= as.c aspa.c cert.c cms.c constraints.c crl.c encoding.c filemode.c \
|
H A D | tak.c | 208 struct cert *cert = NULL; local 250 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) 266 cert_free(cert);
|
H A D | aspa.c | 170 struct cert *cert = NULL; local 210 warnx("%s: inherit elements not allowed in EE cert", fn); 217 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) 220 aspa->valid = valid_aspa(fn, cert, aspa); 230 cert_free(cert);
|
H A D | rsc.c | 388 struct cert *cert = NULL; local 419 warnx("%s: RSC: EE cert must not have an SIA extension", fn); 424 warnx("%s: inherit elements not allowed in EE cert", fn); 431 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) 434 rsc->valid = valid_rsc(fn, cert, rsc); 444 cert_free(cert);
|
/openbsd-current/lib/libcrypto/ocsp/ |
H A D | ocsp_cl.c | 129 OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert) argument 138 if (!cert) 143 if (!sk_X509_push(sig->certs, cert)) 145 X509_up_ref(cert);
|
H A D | ocsp_srv.c | 218 OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert) argument 223 if (!sk_X509_push(resp->certs, cert)) 225 X509_up_ref(cert);
|
/openbsd-current/lib/libssl/ |
H A D | ssl_seclevel.c | 227 return ctx->cert->security_cb(NULL, ctx, secop, bits, nid, 228 other, ctx->cert->security_ex_data); 234 return ssl->cert->security_cb(ssl, NULL, secop, bits, nid, other, 235 ssl->cert->security_ex_data);
|
H A D | s3_lib.c | 1699 DH_free(s->cert->dhe_params); 1700 s->cert->dhe_params = dhe_params; 1708 s->cert->dhe_params_auto = state; 1872 if (ssl->cert->key != NULL) 1873 *out_chain = ssl->cert->key->chain; 2114 s->cert->dhe_params_cb = (DH *(*)(SSL *, int, int))fp; 2149 DH_free(ctx->cert->dhe_params); 2150 ctx->cert->dhe_params = dhe_params; 2158 ctx->cert->dhe_params_auto = state; 2273 if (ctx->cert 2288 _SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *cert) argument 2491 SSL_CERT *cert; local [all...] |
/openbsd-current/usr.bin/dig/lib/dns/ |
H A D | rcode.c | 29 #include <dns/cert.h> 142 dns_cert_totext(dns_cert_t cert, isc_buffer_t *target) { argument 143 return (dns_mnemonic_totext(cert, target, certs));
|
/openbsd-current/regress/lib/libssl/certs/ |
H A D | make-certs.sh | 150 openssl ca -batch -notext -cert "${TMPDIR}/${issuer_file}.crt" \ 169 openssl ca -cert "${TMPDIR}/${issuer_file}.crt" \ 173 openssl ca -gencrl -cert "${TMPDIR}/${issuer_file}.crt" \
|
/openbsd-current/lib/libcrypto/x509/ |
H A D | x509_constraints.c | 755 * Extract the relevant names for constraint checking from "cert", 756 * validate them, and add them to the list of cert names for "chain". 761 X509 *cert, int is_leaf, int *error) 770 while ((name = sk_GENERAL_NAME_value(cert->altname, i++)) != NULL) { 858 subject_name = X509_get_subject_name(cert); 863 * This cert has a non-empty subject, so we must add 1071 x509_constraints_extract_constraints(X509 *cert, argument 1077 NAME_CONSTRAINTS *nc = cert->nc; 1231 X509 *cert; local 1243 if ((cert 760 x509_constraints_extract_names(struct x509_constraints_names *names, X509 *cert, int is_leaf, int *error) argument [all...] |
H A D | x509_policy.c | 487 * process_policy_mappings processes the policy mappings extension of |cert|, 505 process_policy_mappings(const X509 *cert, argument 518 mappings = X509_get_ext_d2i(cert, NID_policy_mappings, &critical, NULL); 878 X509 *cert; local 904 cert = sk_X509_value(certs, i); 905 if (!x509v3_cache_extensions(cert)) 907 is_self_issued = (cert->ex_flags & EXFLAG_SI) != 0; 924 if (!process_certificate_policies(cert, level, 927 *out_current_cert = cert; 949 level = process_policy_mappings(cert, current_leve [all...] |
H A D | x509_vfy.c | 146 static int check_key_level(X509_STORE_CTX *ctx, X509 *cert); 170 ctx->current_cert = ctx->cert; 198 X509 *x = ctx->cert; 244 if (ctx->chain == NULL || !sk_X509_push(ctx->chain, ctx->cert)) { 249 X509_up_ref(ctx->cert); 286 * If successful for now free up cert so it 294 /* If we were passed a cert chain, use it first */ 297 * If we do not find a non-expired untrusted cert, peek 299 * store. If not, see if we have an expired untrusted cert. 450 * Free up the found cert 2521 check_key_level(X509_STORE_CTX *ctx, X509 *cert) argument 2543 check_sig_level(X509_STORE_CTX *ctx, X509 *cert) argument 2580 X509 *cert = sk_X509_value(ctx->chain, i); local [all...] |
H A D | x509_conf.c | 381 X509 *cert) 385 if (cert) 386 sk = &cert->cert_info->extensions; 563 const char *section, X509 *cert) 568 return X509V3_EXT_add_nconf(&ctmp, ctx, section, cert); 380 X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, X509 *cert) argument
|
/openbsd-current/lib/libcrypto/ts/ |
H A D | ts_rsp_sign.c | 89 static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed); 250 X509 *cert = sk_X509_value(ctx->certs, i); local 251 CRYPTO_add(&cert->references, +1, CRYPTO_LOCK_X509); 769 X509 *cert = sk_X509_value(ctx->certs, i); local 770 PKCS7_add_certificate(p7, cert); 861 X509 *cert = sk_X509_value(certs, i); local 862 if (!(cid = ESS_CERT_ID_new_init(cert, 1)) || 876 ESS_CERT_ID_new_init(X509 *cert, int issuer_needed) argument 883 X509_check_purpose(cert, -1, 0); 888 if (!X509_digest(cert, TS_HASH_EV [all...] |
/openbsd-current/lib/libtls/ |
H A D | tls_client.c | 456 X509 *cert = NULL; local 480 cert = SSL_get_peer_certificate(ctx->ssl_conn); 481 if (cert == NULL) { 486 if (tls_check_name(ctx, cert, ctx->servername, &match) == -1) 506 X509_free(cert);
|
/openbsd-current/regress/sbin/iked/live/ |
H A D | Makefile | 315 REGRESS_TARGETS += run-cert-single-ca 316 run-cert-single-ca: 324 REGRESS_TARGETS += run-cert-single-ca-asn1dn 325 run-cert-single-ca-asn1dn: 333 REGRESS_TARGETS += run-cert-no-ca 334 run-cert-no-ca: 445 REGRESS_TARGETS += run-cert-multi-ca 446 run-cert-multi-ca: 455 REGRESS_TARGETS += run-cert-second-altname 456 run-cert [all...] |
/openbsd-current/sbin/isakmpd/ |
H A D | exchange.c | 43 #include "cert.h" 1615 * Some peers (e.g. Cisco IOS) won't send their cert unless we 1664 u_int8_t *cert = 0, *new_cert = 0; local 1685 if (!aca->handler->cert_obtain(id, id_len, aca->data, &cert, 1687 log_print("exchange_add_certs: could not obtain cert " 1688 "for a type %d cert request", aca->id); 1689 free(cert); 1692 new_cert = realloc(cert, ISAKMP_CERT_SZ + certlen); 1695 "failed", cert, ISAKMP_CERT_SZ + certlen); 1696 free(cert); [all...] |
H A D | policy.c | 2070 keynote_cert_free(void *cert) argument 2072 free(cert); 2116 keynote_cert_obtain(u_int8_t *id, size_t id_len, void *data, u_int8_t **cert, argument 2196 *cert = calloc(size + 1, sizeof(char)); 2197 if (*cert == NULL) { 2205 if (read(fd, *cert, size) != (int)size) { 2209 free(cert); 2210 cert = NULL; 2280 keynote_cert_dup(void *cert) argument 2282 return strdup((char *)cert); 2286 keynote_serialize(void *cert, u_int8_t **data, u_int32_t *datalen) argument 2297 keynote_printable(void *cert) argument 2304 keynote_from_printable(char *cert) argument [all...] |
/openbsd-current/sbin/iked/ |
H A D | ikev2_pld.c | 789 struct ikev2_cert *cert) 793 if (left < sizeof(*cert)) { 795 "(%zu < %zu)", __func__, left, sizeof(*cert)); 798 memcpy(cert, msgbuf + offset, sizeof(*cert)); 799 if (cert->cert_type == IKEV2_CERT_NONE) { 800 log_debug("%s: malformed payload: invalid cert type", __func__); 811 struct ikev2_cert cert; local 819 if (ikev2_validate_cert(msg, offset, left, &cert)) 821 offset += sizeof(cert); 788 ikev2_validate_cert(struct iked_message *msg, size_t offset, size_t left, struct ikev2_cert *cert) argument 867 ikev2_validate_certreq(struct iked_message *msg, size_t offset, size_t left, struct ikev2_cert *cert) argument 886 struct ikev2_cert cert; local [all...] |
/openbsd-current/regress/lib/libcrypto/certs/ |
H A D | make-certs.sh | 128 openssl ca -batch -notext -cert "${TMPDIR}/${issuer_file}.crt" \ 153 openssl ca -batch -notext -cert "${TMPDIR}/${issuer_file}.crt" \ 172 openssl ca -batch -notext -cert "${TMPDIR}/${issuer_file}.crt" \
|