/openbsd-current/usr.sbin/acme-client/ |
H A D | parse.h | 52 char *cert; member in struct:domain_c
|
/openbsd-current/lib/libcrypto/cms/ |
H A D | cms_lib.c | 530 CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert) argument 542 if (!X509_cmp(cch->d.certificate, cert)) { 552 cch->d.certificate = cert; 559 CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert) argument 563 r = CMS_add0_cert(cms, cert); 565 X509_up_ref(cert); 711 cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert) argument 715 ret = X509_NAME_cmp(ias->issuer, X509_get_issuer_name(cert)); 719 return ASN1_INTEGER_cmp(ias->serialNumber, X509_get_serialNumber(cert)); 723 cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert) argument 734 cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) argument 758 cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert) argument [all...] |
H A D | cms_smime.c | 669 X509 *cert) 680 if (cert != NULL && CMS_RecipientEncryptedKey_cert_cmp(rek, cert)) 687 return cert == NULL ? 0 : -1; 694 CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) argument 716 r = cms_kari_set1_pkey(cms, ri, pk, cert); 723 * If we have a cert try matching RecipientInfo otherwise try them 726 else if (!cert || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) { 731 if (cert) { 668 cms_kari_set1_pkey(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, EVP_PKEY *pk, X509 *cert) argument 831 CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, BIO *dcont, BIO *out, unsigned int flags) argument [all...] |
H A D | cms_local.h | 173 /* Set to 1 if we have no cert and need extra safety measures for MMA */ 195 /* Recipient Key and cert */ 419 int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type); 422 int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert); 428 int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert); 429 int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert); 430 int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert); 431 int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
|
/openbsd-current/regress/usr.sbin/syslogd/ |
H A D | args-tls-cafile-default.pl | 4 # The cafile is the system default which has no matching cert. 20 qr{NAMI "/etc/ssl/cert.pem"} => 1, 23 qr{CAfile /etc/ssl/cert.pem} => 1,
|
/openbsd-current/regress/usr.bin/ssh/ |
H A D | agent.sh | 42 ${SSHKEYGEN} -qs $OBJ/user_ca_key -I "$t cert" \ 61 cp -f $OBJ/$t-agent-cert.pub $OBJ/$t-agent-private-cert.pub 143 (printf 'cert-authority,principals="estragon" '; cat $OBJ/user_ca_key.pub) \ 149 -oCertificateFile=$OBJ/$t-agent-cert.pub \ 202 check_key_present ssh-ed25519-cert-v01@openssh.com 203 # Put key/cert back. 208 trace "delete key/cert by file" 211 check_key_absent ssh-ed25519-cert-v01@openssh.com 212 # Put key/cert bac [all...] |
H A D | cert-file.sh | 1 # $OpenBSD: cert-file.sh,v 1.8 2019/11/26 23:43:10 djm Exp $ 32 mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_1.pub 36 mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_2.pub 49 echo "cert-authority $(cat $OBJ/user_ca_key1.pub)" > $OBJ/authorized_keys_$USER 57 # Key with no .pub should work - finding the equivalent *-cert.pub. 58 verbose "identity cert with no plain public file" 66 -oCertificateFile=$OBJ/user_key3-cert.pub \ 78 # Keys with untrusted cert should fail. 79 verbose "untrusted cert" 84 fail "ssh succeeded with bad cert" [all...] |
/openbsd-current/usr.sbin/rpki-client/ |
H A D | geofeed.c | 108 struct cert *cert = NULL; local 248 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) 252 warnx("%s: inherit elements not allowed in EE cert", fn); 256 if (cert->asz > 0) { 261 geofeed->valid = valid_geofeed(fn, cert, geofeed); 271 cert_free(cert);
|
/openbsd-current/regress/lib/libtls/keypair/ |
H A D | keypairtest.c | 88 const uint8_t *cert, *key, *ocsp_staple; local 94 load_file(cert_file, &cert, &cert_len); 104 fprintf(stderr, "FAIL: failed to load cert file: %s\n", 118 if (compare_mem("certificate", cert, cert_len, kp->cert_mem, 140 if (tls_keypair_set_cert_mem(kp, &err, cert, cert_len) == -1) { 141 fprintf(stderr, "FAIL: failed to load cert: %s\n", err.msg); 153 if (compare_mem("certificate", cert, cert_len, kp->cert_mem, 186 free((uint8_t *)cert);
|
/openbsd-current/usr.bin/ssh/ |
H A D | auth2-hostbased.c | 111 (key->cert == NULL || key->cert->signature_type == NULL) ? 112 "(null)" : key->cert->signature_type); 234 if ((fp = sshkey_fingerprint(key->cert->signature_key, 238 "%s CA %s from %s@%s", key->cert->key_id, 239 sshkey_type(key->cert->signature_key), fp,
|
H A D | auth2-pubkey.c | 166 (key->cert == NULL || key->cert->signature_type == NULL) ? 167 "(null)" : key->cert->signature_type); 177 ca_s = format_key(key->cert->signature_key); 316 struct sshkey_cert *cert, struct sshauthopt **authoptsp) 330 success = auth_process_principals(f, file, cert, authoptsp); 345 const struct sshkey_cert *cert = key->cert; local 393 if ((ca_fp = sshkey_fingerprint(cert->signature_key, 403 if ((r = sshkey_to_base64(cert 315 match_principals_file(struct passwd *pw, char *file, struct sshkey_cert *cert, struct sshauthopt **authoptsp) argument [all...] |
H A D | authfile.c | 305 if (asprintf(&file, "%s-cert.pub", filename) == -1) 319 struct sshkey *key = NULL, *cert = NULL; local 341 (r = sshkey_load_cert(filename, &cert)) != 0) 345 if (sshkey_equal_public(key, cert) == 0) { 351 (r = sshkey_cert_copy(cert, key)) != 0) 360 sshkey_free(cert); 419 sshkey_compare(key->cert->signature_key, pub))) {
|
/openbsd-current/lib/libssl/test/ |
H A D | testssl | 9 cert=../apps/server.pem 11 cert="$2" 13 ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert" 15 if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then 152 ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1 158 ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
|
/openbsd-current/usr.sbin/relayd/ |
H A D | ca.c | 75 hash_x509(X509 *cert, char *hash, size_t hashlen) argument 82 if (X509_pubkey_digest(cert, EVP_sha256(), digest, &dlen) != 1) 105 struct relay_cert *cert; local 109 TAILQ_FOREACH(cert, env->sc_certs, cert_entry) { 110 if (cert->cert_fd == -1 || cert->cert_key_fd == -1) 113 if ((buf = relay_load_fd(cert->cert_fd, &len)) == NULL) 114 fatal("ca_launch: cert relay_load_fd"); 117 fatalx("ca_launch: cert BIO_new_mem_buf"); 121 fatalx("ca_launch: cert PEM_read_bio_X50 [all...] |
H A D | relayd.c | 554 struct relay_cert *cert, *tmpcert; local 597 TAILQ_FOREACH_SAFE(cert, env->sc_certs, cert_entry, tmpcert) { 598 if (rlay->rl_conf.id != cert->cert_relayid) 600 if (cert->cert_fd != -1) 601 close(cert->cert_fd); 602 if (cert->cert_key_fd != -1) 603 close(cert->cert_key_fd); 604 if (cert->cert_ocsp_fd != -1) 605 close(cert->cert_ocsp_fd); 606 if (cert 1259 struct relay_cert *cert; local 1285 struct relay_cert *cert; local 1329 struct relay_cert *cert; local [all...] |
/openbsd-current/lib/libcrypto/ts/ |
H A D | ts_conf.c | 96 BIO *cert = NULL; local 99 if ((cert = BIO_new_file(file, "r")) == NULL) 101 x = PEM_read_bio_X509_AUX(cert, NULL, NULL, NULL); 106 BIO_free(cert); 211 TS_CONF_set_signer_cert(CONF *conf, const char *section, const char *cert, argument 217 if (!cert) 218 cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT); 219 if (!cert) { 223 if (!(cert_obj = TS_CONF_load_cert(cert)))
|
/openbsd-current/regress/lib/libcrypto/x509/bettertls/ |
H A D | verify.c | 104 STACK_OF(X509) *roots = NULL, *bundle = NULL, *cert = NULL; 118 if (!certs_from_file(cert_file, &cert)) 119 errx(1, "failed to load cert from '%s'", cert_file); 120 if (sk_X509_num(cert) < 1) 121 errx(1, "no certs in cert bundle %s", cert_file); 122 leaf = sk_X509_shift(cert); 187 sk_X509_pop_free(cert, X509_free);
|
H A D | check.perl | 75 my $cert = $id + 1; 79 print STDERR "$cert DNS expected $expecteddns[$id] known $knowndns[$id] result $outdns[$id]"; 89 print STDERR "$cert IP expected $expectedip[$id] known $knownip[$id] result $outip[$id]";
|
/openbsd-current/regress/usr.bin/ssh/unittests/sshkey/ |
H A D | mktestdata.sh | 202 ssh-keygen -lf rsa_1-cert.pub | awk '{print $2}' > rsa_1-cert.fp 203 ssh-keygen -lf dsa_1-cert.pub | awk '{print $2}' > dsa_1-cert.fp 204 ssh-keygen -lf ecdsa_1-cert.pub | awk '{print $2}' > ecdsa_1-cert.fp 205 ssh-keygen -lf ed25519_1-cert.pub | awk '{print $2}' > ed25519_1-cert.fp 206 ssh-keygen -lf ecdsa_sk1-cert.pub | awk '{print $2}' > ecdsa_sk1-cert [all...] |
/openbsd-current/lib/libssl/ |
H A D | ssl_lib.c | 227 ctx->cert); 267 if ((s->cert = ssl_cert_dup(ctx->cert)) == NULL) 567 ssl_cert_free(s->cert); 914 X509 *cert; local 919 if ((cert = s->session->peer_cert) == NULL) 922 X509_up_ref(cert); 924 return cert; 975 tmp = t->cert; 976 if (f->cert ! [all...] |
/openbsd-current/sbin/isakmpd/ |
H A D | ike_auth.c | 49 #include "cert.h" 564 void *cert = 0; local 615 cert = handler->cert_get(rawcert, rawcertlen); 616 if (!cert) 620 if (!handler->cert_get_key(cert, &key)) { 623 handler->cert_free(cert); 627 "rsa_sig_decode_hash: using cert " 629 exchange->recv_cert = cert; 632 cert); 662 cert [all...] |
/openbsd-current/usr.sbin/ldapd/ |
H A D | parse.y | 188 char *cert; 197 cert = ($6 != NULL) ? $6 : $3; 200 load_certfile(conf, cert, F_SCERT, $5) < 0) { 201 yyerror("cannot load certificate: %s", cert); 207 if (! interface($3, cert, &conf->listeners, 209 if (host($3, cert, &conf->listeners, 1016 host_dns(const char *s, const char *cert, 1049 if (cert != NULL) 1050 (void)strlcpy(h->ssl_cert_name, cert, sizeof(h->ssl_cert_name)); 1073 host(const char *s, const char *cert, struc [all...] |
/openbsd-current/lib/libcrypto/ct/ |
H A D | ct_local.h | 148 X509 *cert; member in struct:ct_policy_eval_ctx_st 169 * If *cert does not have a poison extension, presigner must be NULL. 170 * If *cert does not have a poison extension, it may have a single SCT 172 * If either *cert or *presigner have an AKID (NID_authority_key_identifier) 176 int SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner);
|
/openbsd-current/regress/lib/libssl/ssl/ |
H A D | testssl | 4 cert="$2" 6 ssltest="${4-./ssltest} -key $key -cert $cert -c_key $key -c_cert $cert" 12 if $openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then 105 # ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1 111 # ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
|
/openbsd-current/lib/libcrypto/x509/ |
H A D | x509_internal.h | 63 int *cert_errors; /* Verify error for each cert in chain. */ 126 X509 *cert, int include_cn, int *error); 127 int x509_constraints_extract_constraints(X509 *cert,
|