/freebsd-12-stable/crypto/openssl/crypto/ocsp/ |
H A D | ocsp_vfy.c | 33 X509 *signer, *x; local 37 int i, ret = ocsp_find_signer(&signer, bs, certs, flags); 53 skey = X509_get0_pubkey(signer); 81 init_res = X509_STORE_CTX_init(ctx, st, signer, untrusted); 141 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, argument 146 ret = ocsp_find_signer(signer, bs, extra_certs, 0); 153 X509 *signer; local 155 if ((signer = ocsp_find_signer_sk(certs, rid))) { 156 *psigner = signer; 160 (signer 199 X509 *signer, *sca; local 342 X509 *signer; local 420 X509 *signer; local [all...] |
H A D | ocsp_srv.c | 173 * set the responderID to the subject name in the signer's certificate, and 178 X509 *signer, EVP_MD_CTX *ctx, 191 if (pkey == NULL || !X509_check_private_key(signer, pkey)) { 198 if (!OCSP_basic_add1_cert(brsp, signer)) 209 if (!OCSP_RESPID_set_by_key(rid, signer)) 211 } else if (!OCSP_RESPID_set_by_name(rid, signer)) { 233 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, 247 i = OCSP_basic_sign_ctx(brsp, signer, ctx, certs, flags); 177 OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx, STACK_OF(X509) *certs, unsigned long flags) argument 232 OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags) argument
|
H A D | ocsp_cl.c | 97 X509 *signer, 105 if (!OCSP_request_set1_name(req, X509_get_subject_name(signer))) 111 if (!X509_check_private_key(signer, key)) { 121 if (!OCSP_request_add1_cert(req, signer)) 96 OCSP_request_sign(OCSP_REQUEST *req, X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags) argument
|
/freebsd-12-stable/crypto/openssl/crypto/ts/ |
H A D | ts_rsp_verify.c | 18 X509 *signer, STACK_OF(X509) **chain); 37 static int ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer); 80 * - Checks if there is one and only one signer. 82 * - Check the extended key usage and key usage fields of the signer 88 * - Returns the signer certificate in 'signer', if 'signer' is not NULL. 96 X509 *signer; local 123 * Get hold of the signer certificate, search only internal certificates 129 signer 165 ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, X509 *signer, STACK_OF(X509) **chain) argument 416 X509 *signer = NULL; local 671 ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer) argument [all...] |
/freebsd-12-stable/crypto/openssl/crypto/pkcs7/ |
H A D | pk7_smime.c | 208 X509 *signer; local 265 signer = sk_X509_value(signers, k); 267 if (!X509_STORE_CTX_init(cert_ctx, store, signer, 273 } else if (!X509_STORE_CTX_init(cert_ctx, store, signer, NULL)) { 350 signer = sk_X509_value(signers, i); 351 j = PKCS7_signatureVerify(p7bio, p7, si, signer); 379 X509 *signer; local 409 signer = NULL; 412 signer = X509_find_by_issuer_and_serial(certs, 414 if (!signer [all...] |
/freebsd-12-stable/crypto/heimdal/lib/hx509/ |
H A D | revoke.c | 67 hx509_cert signer; member in struct:revoke_ocsp 129 hx509_cert_free(ocsp->signer); 176 hx509_cert signer = NULL; local 202 ret = hx509_certs_find(context, certs, &q, &signer); 204 ret = hx509_certs_find(context, ocsp->certs, &q, &signer); 209 * If signer certificate isn't the CA certificate, lets check the 210 * it is the CA that signed the signer certificate and the OCSP EKU 213 if (hx509_cert_cmp(signer, parent) != 0) { 215 Certificate *s = _hx509_get_cert(signer); 220 hx509_set_error_string(context, 0, ret, "Revoke OCSP signer i 462 hx509_cert signer; local 967 hx509_ocsp_request(hx509_context context, hx509_certs reqcerts, hx509_certs pool, hx509_cert signer, const AlgorithmIdentifier *digest, heim_octet_string *request, heim_octet_string *nonce) argument 1425 hx509_crl_sign(hx509_context context, hx509_cert signer, hx509_crl crl, heim_octet_string *os) argument [all...] |
H A D | test_windows.in | 87 --signer=FILE:wca.pem || exit 1
|
H A D | crypto.c | 337 const Certificate *signer, 364 spi = &signer->tbsCertificate.subjectPublicKeyInfo; 415 const hx509_private_key signer, 427 if (signer->ops && der_heim_oid_cmp(signer->ops->key_oid, ASN1_OID_ID_ECPUBLICKEY) != 0) 453 sig->length = ECDSA_size(signer->private_key.ecdsa); 465 sig->data, &siglen, signer->private_key.ecdsa); 486 ecdsa_available(const hx509_private_key signer, argument 495 if (der_heim_oid_cmp(signer->ops->key_oid, &asn1_oid_id_ecPublicKey) != 0) 503 group = EC_KEY_get0_group(signer 335 ecdsa_verify_signature(hx509_context context, const struct signature_alg *sig_alg, const Certificate *signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) argument 413 ecdsa_create_signature(hx509_context context, const struct signature_alg *sig_alg, const hx509_private_key signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, AlgorithmIdentifier *signatureAlgorithm, heim_octet_string *sig) argument 534 rsa_verify_signature(hx509_context context, const struct signature_alg *sig_alg, const Certificate *signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) argument 643 rsa_create_signature(hx509_context context, const struct signature_alg *sig_alg, const hx509_private_key signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, AlgorithmIdentifier *signatureAlgorithm, heim_octet_string *sig) argument 1041 dsa_verify_signature(hx509_context context, const struct signature_alg *sig_alg, const Certificate *signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) argument 1173 evp_md_create_signature(hx509_context context, const struct signature_alg *sig_alg, const hx509_private_key signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, AlgorithmIdentifier *signatureAlgorithm, heim_octet_string *sig) argument 1213 evp_md_verify_signature(hx509_context context, const struct signature_alg *sig_alg, const Certificate *signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) argument 1619 const Certificate *signer = NULL; local 1650 _hx509_create_signature(hx509_context context, const hx509_private_key signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, AlgorithmIdentifier *signatureAlgorithm, heim_octet_string *sig) argument 1677 _hx509_create_signature_bitstring(hx509_context context, const hx509_private_key signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, AlgorithmIdentifier *signatureAlgorithm, heim_bit_string *sig) argument [all...] |
H A D | hxtool.c | 364 hx509_certs store, pool, anchors, signer = NULL; local 421 ret = hx509_certs_filter(context, store, q, &signer); 446 signer, 480 if (signer) { 481 ret = hx509_certs_iter_f(context, signer, print_signer, header); 483 hx509_err(context, 1, ret, "print signer"); 503 hx509_certs_free(&signer); 1225 hx509_private_key *signer) 1275 ret = read_private_key(fn, signer); 1286 hx509_private_key signer; local 1224 get_key(const char *fn, const char *type, int optbits, hx509_private_key *signer) argument 1750 hx509_cert signer = NULL, cert = NULL; local 2030 hx509_certs signer = NULL; local 2114 hx509_cert signer = NULL; local [all...] |
H A D | req.c | 172 const hx509_private_key signer, 214 signer, 170 _hx509_request_to_pkcs10(hx509_context context, const hx509_request req, const hx509_private_key signer, heim_octet_string *request) argument
|
H A D | test_cms.in | 81 echo "create signed data (no signer)" 83 --no-signer \ 88 echo "verify signed data (no signer)" 91 --no-signer-allowed \ 93 sd.data sd.data.out > signer.tmp || exit 1 95 grep "unsigned" signer.tmp > /dev/null || exit 1 97 echo "verify signed data (no signer) (test failure)" 101 sd.data sd.data.out 2> signer.tmp && exit 1 102 grep "No signers where found" signer.tmp > /dev/null || exit 1 217 --signer [all...] |
H A D | ca.c | 985 hx509_private_key signer, 1402 signer, 1529 * @param signer the CA certificate object to sign with (need private key). 1540 hx509_cert signer, 1549 signer_cert = _hx509_get_cert(signer); 1557 _hx509_cert_private_key(signer), 1573 * @param signer private key to sign with. 1584 hx509_private_key signer, 1589 signer, 983 ca_sign(hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, const AuthorityKeyIdentifier *ai, const Name *issuername, hx509_cert *certificate) argument 1538 hx509_ca_sign(hx509_context context, hx509_ca_tbs tbs, hx509_cert signer, hx509_cert *certificate) argument 1582 hx509_ca_sign_self(hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, hx509_cert *certificate) argument
|
/freebsd-12-stable/crypto/openssl/crypto/cms/ |
H A D | cms_sd.c | 242 X509 *signer, EVP_PKEY *pk, const EVP_MD *md, 249 if (!X509_check_private_key(signer, pk)) { 261 X509_check_purpose(signer, -1, -1); 263 X509_up_ref(signer); 267 si->signer = signer; 286 if (!cms_set1_SignerIdentifier(si->sid, signer, type)) 362 if (!CMS_add1_cert(cms, signer)) 453 if (si->signer) { 459 if (!sk_X509_push(signers, si->signer)) { 241 CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk, const EVP_MD *md, unsigned int flags) argument 468 CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer) argument 537 CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer, X509_ALGOR **pdig, X509_ALGOR **psig) argument [all...] |
/freebsd-12-stable/contrib/wpa/src/crypto/ |
H A D | tls_openssl_ocsp.c | 506 X509 *signer, *tmp_cert; local 616 signer = ocsp_find_signer(certs, rd->responderID); 617 if (!signer) 618 signer = ocsp_find_signer(untrusted, rd->responderID); 621 if (!signer) { 623 "OpenSSL: Could not find OCSP signer certificate"); 627 skey = X509_get_pubkey(signer); 630 "OpenSSL: Could not get OCSP signer public key"); 641 X509_NAME_oneline(X509_get_subject_name(signer), buf, sizeof(buf)); 643 "OpenSSL: Found OCSP signer certificat [all...] |
/freebsd-12-stable/contrib/wpa/src/tls/ |
H A D | tlsv1_client_ocsp.c | 50 static int ocsp_responder_id_match(struct x509_certificate *signer, argument 55 const u8 *addr[1] = { signer->public_key }; 56 size_t len[1] = { signer->public_key_len }; 63 return x509_name_compare(&signer->subject, name) == 0; 365 struct x509_certificate *issuer, *signer; local 626 signer = issuer; 628 for (signer = certs; signer; signer = signer [all...] |
/freebsd-12-stable/crypto/heimdal/kdc/ |
H A D | kx509.c | 159 hx509_cert signer = NULL; local 192 ret = hx509_certs_find(context->hx509ctx, certs, q, &signer); 261 ret = hx509_ca_sign(context->hx509ctx, tbs, signer, &cert); 262 hx509_cert_free(signer); 279 if (signer) 280 hx509_cert_free(signer);
|
/freebsd-12-stable/crypto/openssl/apps/ |
H A D | smime.c | 62 "Don't search certificates in message for signer"}, 71 {"signer", OPT_SIGNER, 's', "Signer certificate file"}, 76 "Input private key (if not signer or recipient)"}, 119 X509 *cert = NULL, *recip = NULL, *signer = NULL; local 245 /* If previous -signer argument add signer to list */ 273 /* If previous -inkey argument add signer to list */ 277 "%s: Must have -signer before -inkey\n", prog); 330 /* Check to see if any final signer needs to be appended */ 332 BIO_puts(bio_err, "Illegal -inkey without -signer\ [all...] |
H A D | ts.c | 51 const EVP_MD *md, const char *signer, const char *chain, 57 const char *inkey, const EVP_MD *md, const char *signer, 107 {"signer", OPT_SIGNER, 's', "Signer certificate file"}, 108 {"chain", OPT_CHAIN, '<', "File with signer CA chain"}, 134 " [-signer tsa_cert.pem] [-inkey private_key.pem]", 160 char *inkey = NULL, *signer = NULL, *chain = NULL, *CApath = NULL; local 245 signer = opt_arg(); 305 password, inkey, md, signer, chain, policy, 558 const EVP_MD *md, const char *signer, const char *chain, 580 passin, inkey, md, signer, chai 556 reply_command(CONF *conf, const char *section, const char *engine, const char *queryfile, const char *passin, const char *inkey, const EVP_MD *md, const char *signer, const char *chain, const char *policy, const char *in, int token_in, const char *out, int token_out, int text) argument 664 create_response(CONF *conf, const char *section, const char *engine, const char *queryfile, const char *passin, const char *inkey, const EVP_MD *md, const char *signer, const char *chain, const char *policy) argument [all...] |
H A D | cms.c | 121 "Don't search certificates in message for signer"}, 161 {"signer", OPT_SIGNER, 's', "Signer certificate file"}, 166 "Input private key (if not signer or recipient)"}, 199 X509 *cert = NULL, *recip = NULL, *signer = NULL; local 473 /* If previous -signer argument add signer to list */ 490 /* If previous -inkey argument add signer to list */ 493 BIO_puts(bio_err, "Illegal -inkey without -signer\n"); 606 BIO_puts(bio_err, "Illegal -inkey without -signer\n"); 609 /* Check to see if any final signer need [all...] |
/freebsd-12-stable/crypto/heimdal/lib/roken/ |
H A D | resolve.h | 155 char *signer; member in struct:rk_sig_record 157 char sig_data[1]; /* also includes signer */
|
H A D | resolve-test.c | 137 printf ("type %u (%s), algorithm %u, labels %u, orig_ttl %u, sig_expiration %u, sig_inception %u, key_tag %u, signer %s\n", 141 sig->signer);
|
/freebsd-12-stable/crypto/openssl/include/openssl/ |
H A D | ocsp.h | 188 X509 *signer, 199 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, 251 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, 254 X509 *signer, EVP_MD_CTX *ctx,
|
H A D | cms.h | 221 X509 *signer, EVP_PKEY *pk, const EVP_MD *md, 227 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer); 235 X509 **signer, X509_ALGOR **pdig,
|
/freebsd-12-stable/contrib/unbound/validator/ |
H A D | val_utils.h | 99 * Given a response, determine the name of the "signer". This is primarily 108 * @param signer_name: signer name, if the response is signed 300 * the answer section, NS and AR sections that are signed with same signer. 306 * @param name: the signer name to look for. 308 * @param signer: signer name or NULL if an unsigned RRset is considered. 312 size_t cname_skip, uint8_t* name, size_t len, uint8_t* signer); 364 * Find the signer name for an RRset. 366 * @param sname: signer name is returned or NULL if not signed.
|
H A D | val_neg.c | 851 /** see if the reply has signed NSEC records and return the signer */ 863 /* return first signer name of first NSEC */ 896 /* No SOA in positive (wildcard) answer. Use signer from the 972 uint8_t* signer; local 976 /* no SOA in this message, find RRSIG over NSEC's signer name. 978 signer = reply_nsec_signer(rep, &signer_len, &dclass); 979 if(!signer) 981 if(!dname_subdomain_c(signer, zone_name)) { 982 /* the signer is not in the bailiwick, throw it out */ 987 signer, LDNS_RR_TYPE_N [all...] |