| /freebsd-12-stable/crypto/openssl/crypto/ocsp/ |
| H A D | ocsp_vfy.c | 33 X509 *signer, *x; local
37 int i, ret = ocsp_find_signer(&signer, bs, certs, flags);
53 skey = X509_get0_pubkey(signer);
81 init_res = X509_STORE_CTX_init(ctx, st, signer, untrusted);
141 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, argument
146 ret = ocsp_find_signer(signer, bs, extra_certs, 0);
153 X509 *signer; local
155 if ((signer = ocsp_find_signer_sk(certs, rid))) {
156 *psigner = signer;
160 (signer
199 X509 *signer, *sca; local
342 X509 *signer; local
420 X509 *signer; local
[all...] |
| H A D | ocsp_srv.c | 173 * set the responderID to the subject name in the signer's certificate, and
178 X509 *signer, EVP_MD_CTX *ctx,
191 if (pkey == NULL || !X509_check_private_key(signer, pkey)) {
198 if (!OCSP_basic_add1_cert(brsp, signer))
209 if (!OCSP_RESPID_set_by_key(rid, signer))
211 } else if (!OCSP_RESPID_set_by_name(rid, signer)) {
233 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
247 i = OCSP_basic_sign_ctx(brsp, signer, ctx, certs, flags);
177 OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx, STACK_OF(X509) *certs, unsigned long flags) argument
232 OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags) argument
|
| H A D | ocsp_cl.c | 97 X509 *signer,
105 if (!OCSP_request_set1_name(req, X509_get_subject_name(signer)))
111 if (!X509_check_private_key(signer, key)) {
121 if (!OCSP_request_add1_cert(req, signer))
96 OCSP_request_sign(OCSP_REQUEST *req, X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags) argument
|
| /freebsd-12-stable/crypto/openssl/crypto/ts/ |
| H A D | ts_rsp_verify.c | 18 X509 *signer, STACK_OF(X509) **chain);
37 static int ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
80 * - Checks if there is one and only one signer.
82 * - Check the extended key usage and key usage fields of the signer
88 * - Returns the signer certificate in 'signer', if 'signer' is not NULL.
96 X509 *signer; local
123 * Get hold of the signer certificate, search only internal certificates
129 signer
165 ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, X509 *signer, STACK_OF(X509) **chain) argument
416 X509 *signer = NULL; local
671 ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer) argument
[all...] |
| /freebsd-12-stable/crypto/openssl/crypto/pkcs7/ |
| H A D | pk7_smime.c | 208 X509 *signer; local
265 signer = sk_X509_value(signers, k);
267 if (!X509_STORE_CTX_init(cert_ctx, store, signer,
273 } else if (!X509_STORE_CTX_init(cert_ctx, store, signer, NULL)) {
350 signer = sk_X509_value(signers, i);
351 j = PKCS7_signatureVerify(p7bio, p7, si, signer);
379 X509 *signer; local
409 signer = NULL;
412 signer = X509_find_by_issuer_and_serial(certs,
414 if (!signer
[all...] |
| /freebsd-12-stable/crypto/heimdal/lib/hx509/ |
| H A D | revoke.c | 67 hx509_cert signer; member in struct:revoke_ocsp
129 hx509_cert_free(ocsp->signer);
176 hx509_cert signer = NULL; local
202 ret = hx509_certs_find(context, certs, &q, &signer);
204 ret = hx509_certs_find(context, ocsp->certs, &q, &signer);
209 * If signer certificate isn't the CA certificate, lets check the
210 * it is the CA that signed the signer certificate and the OCSP EKU
213 if (hx509_cert_cmp(signer, parent) != 0) {
215 Certificate *s = _hx509_get_cert(signer);
220 hx509_set_error_string(context, 0, ret, "Revoke OCSP signer i
462 hx509_cert signer; local
967 hx509_ocsp_request(hx509_context context, hx509_certs reqcerts, hx509_certs pool, hx509_cert signer, const AlgorithmIdentifier *digest, heim_octet_string *request, heim_octet_string *nonce) argument
1425 hx509_crl_sign(hx509_context context, hx509_cert signer, hx509_crl crl, heim_octet_string *os) argument
[all...] |
| H A D | test_windows.in | 87 --signer=FILE:wca.pem || exit 1
|
| H A D | crypto.c | 337 const Certificate *signer,
364 spi = &signer->tbsCertificate.subjectPublicKeyInfo;
415 const hx509_private_key signer,
427 if (signer->ops && der_heim_oid_cmp(signer->ops->key_oid, ASN1_OID_ID_ECPUBLICKEY) != 0)
453 sig->length = ECDSA_size(signer->private_key.ecdsa);
465 sig->data, &siglen, signer->private_key.ecdsa);
486 ecdsa_available(const hx509_private_key signer, argument
495 if (der_heim_oid_cmp(signer->ops->key_oid, &asn1_oid_id_ecPublicKey) != 0)
503 group = EC_KEY_get0_group(signer
335 ecdsa_verify_signature(hx509_context context, const struct signature_alg *sig_alg, const Certificate *signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) argument
413 ecdsa_create_signature(hx509_context context, const struct signature_alg *sig_alg, const hx509_private_key signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, AlgorithmIdentifier *signatureAlgorithm, heim_octet_string *sig) argument
534 rsa_verify_signature(hx509_context context, const struct signature_alg *sig_alg, const Certificate *signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) argument
643 rsa_create_signature(hx509_context context, const struct signature_alg *sig_alg, const hx509_private_key signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, AlgorithmIdentifier *signatureAlgorithm, heim_octet_string *sig) argument
1041 dsa_verify_signature(hx509_context context, const struct signature_alg *sig_alg, const Certificate *signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) argument
1173 evp_md_create_signature(hx509_context context, const struct signature_alg *sig_alg, const hx509_private_key signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, AlgorithmIdentifier *signatureAlgorithm, heim_octet_string *sig) argument
1213 evp_md_verify_signature(hx509_context context, const struct signature_alg *sig_alg, const Certificate *signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) argument
1619 const Certificate *signer = NULL; local
1650 _hx509_create_signature(hx509_context context, const hx509_private_key signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, AlgorithmIdentifier *signatureAlgorithm, heim_octet_string *sig) argument
1677 _hx509_create_signature_bitstring(hx509_context context, const hx509_private_key signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, AlgorithmIdentifier *signatureAlgorithm, heim_bit_string *sig) argument
[all...] |
| H A D | hxtool.c | 364 hx509_certs store, pool, anchors, signer = NULL; local
421 ret = hx509_certs_filter(context, store, q, &signer);
446 signer,
480 if (signer) {
481 ret = hx509_certs_iter_f(context, signer, print_signer, header);
483 hx509_err(context, 1, ret, "print signer");
503 hx509_certs_free(&signer);
1225 hx509_private_key *signer)
1275 ret = read_private_key(fn, signer);
1286 hx509_private_key signer; local
1224 get_key(const char *fn, const char *type, int optbits, hx509_private_key *signer) argument
1750 hx509_cert signer = NULL, cert = NULL; local
2030 hx509_certs signer = NULL; local
2114 hx509_cert signer = NULL; local
[all...] |
| H A D | req.c | 172 const hx509_private_key signer,
214 signer,
170 _hx509_request_to_pkcs10(hx509_context context, const hx509_request req, const hx509_private_key signer, heim_octet_string *request) argument
|
| H A D | test_cms.in | 81 echo "create signed data (no signer)"
83 --no-signer \
88 echo "verify signed data (no signer)"
91 --no-signer-allowed \
93 sd.data sd.data.out > signer.tmp || exit 1
95 grep "unsigned" signer.tmp > /dev/null || exit 1
97 echo "verify signed data (no signer) (test failure)"
101 sd.data sd.data.out 2> signer.tmp && exit 1
102 grep "No signers where found" signer.tmp > /dev/null || exit 1
217 --signer
[all...] |
| H A D | ca.c | 985 hx509_private_key signer,
1402 signer,
1529 * @param signer the CA certificate object to sign with (need private key).
1540 hx509_cert signer,
1549 signer_cert = _hx509_get_cert(signer);
1557 _hx509_cert_private_key(signer),
1573 * @param signer private key to sign with.
1584 hx509_private_key signer,
1589 signer,
983 ca_sign(hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, const AuthorityKeyIdentifier *ai, const Name *issuername, hx509_cert *certificate) argument
1538 hx509_ca_sign(hx509_context context, hx509_ca_tbs tbs, hx509_cert signer, hx509_cert *certificate) argument
1582 hx509_ca_sign_self(hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, hx509_cert *certificate) argument
|
| /freebsd-12-stable/crypto/openssl/crypto/cms/ |
| H A D | cms_sd.c | 242 X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
249 if (!X509_check_private_key(signer, pk)) {
261 X509_check_purpose(signer, -1, -1);
263 X509_up_ref(signer);
267 si->signer = signer;
286 if (!cms_set1_SignerIdentifier(si->sid, signer, type))
362 if (!CMS_add1_cert(cms, signer))
453 if (si->signer) {
459 if (!sk_X509_push(signers, si->signer)) {
241 CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk, const EVP_MD *md, unsigned int flags) argument
468 CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer) argument
537 CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer, X509_ALGOR **pdig, X509_ALGOR **psig) argument
[all...] |
| /freebsd-12-stable/contrib/wpa/src/crypto/ |
| H A D | tls_openssl_ocsp.c | 506 X509 *signer, *tmp_cert; local
616 signer = ocsp_find_signer(certs, rd->responderID);
617 if (!signer)
618 signer = ocsp_find_signer(untrusted, rd->responderID);
621 if (!signer) {
623 "OpenSSL: Could not find OCSP signer certificate");
627 skey = X509_get_pubkey(signer);
630 "OpenSSL: Could not get OCSP signer public key");
641 X509_NAME_oneline(X509_get_subject_name(signer), buf, sizeof(buf));
643 "OpenSSL: Found OCSP signer certificat
[all...] |
| /freebsd-12-stable/contrib/wpa/src/tls/ |
| H A D | tlsv1_client_ocsp.c | 50 static int ocsp_responder_id_match(struct x509_certificate *signer, argument
55 const u8 *addr[1] = { signer->public_key };
56 size_t len[1] = { signer->public_key_len };
63 return x509_name_compare(&signer->subject, name) == 0;
365 struct x509_certificate *issuer, *signer; local
626 signer = issuer;
628 for (signer = certs; signer; signer = signer
[all...] |
| /freebsd-12-stable/crypto/heimdal/kdc/ |
| H A D | kx509.c | 159 hx509_cert signer = NULL; local
192 ret = hx509_certs_find(context->hx509ctx, certs, q, &signer);
261 ret = hx509_ca_sign(context->hx509ctx, tbs, signer, &cert);
262 hx509_cert_free(signer);
279 if (signer)
280 hx509_cert_free(signer);
|
| /freebsd-12-stable/crypto/openssl/apps/ |
| H A D | smime.c | 62 "Don't search certificates in message for signer"},
71 {"signer", OPT_SIGNER, 's', "Signer certificate file"},
76 "Input private key (if not signer or recipient)"},
119 X509 *cert = NULL, *recip = NULL, *signer = NULL; local
245 /* If previous -signer argument add signer to list */
273 /* If previous -inkey argument add signer to list */
277 "%s: Must have -signer before -inkey\n", prog);
330 /* Check to see if any final signer needs to be appended */
332 BIO_puts(bio_err, "Illegal -inkey without -signer\
[all...] |
| H A D | ts.c | 51 const EVP_MD *md, const char *signer, const char *chain,
57 const char *inkey, const EVP_MD *md, const char *signer,
107 {"signer", OPT_SIGNER, 's', "Signer certificate file"},
108 {"chain", OPT_CHAIN, '<', "File with signer CA chain"},
134 " [-signer tsa_cert.pem] [-inkey private_key.pem]",
160 char *inkey = NULL, *signer = NULL, *chain = NULL, *CApath = NULL; local
245 signer = opt_arg();
305 password, inkey, md, signer, chain, policy,
558 const EVP_MD *md, const char *signer, const char *chain,
580 passin, inkey, md, signer, chai
556 reply_command(CONF *conf, const char *section, const char *engine, const char *queryfile, const char *passin, const char *inkey, const EVP_MD *md, const char *signer, const char *chain, const char *policy, const char *in, int token_in, const char *out, int token_out, int text) argument
664 create_response(CONF *conf, const char *section, const char *engine, const char *queryfile, const char *passin, const char *inkey, const EVP_MD *md, const char *signer, const char *chain, const char *policy) argument
[all...] |
| H A D | cms.c | 121 "Don't search certificates in message for signer"},
161 {"signer", OPT_SIGNER, 's', "Signer certificate file"},
166 "Input private key (if not signer or recipient)"},
199 X509 *cert = NULL, *recip = NULL, *signer = NULL; local
473 /* If previous -signer argument add signer to list */
490 /* If previous -inkey argument add signer to list */
493 BIO_puts(bio_err, "Illegal -inkey without -signer\n");
606 BIO_puts(bio_err, "Illegal -inkey without -signer\n");
609 /* Check to see if any final signer need
[all...] |
| /freebsd-12-stable/crypto/heimdal/lib/roken/ |
| H A D | resolve.h | 155 char *signer; member in struct:rk_sig_record
157 char sig_data[1]; /* also includes signer */
|
| H A D | resolve-test.c | 137 printf ("type %u (%s), algorithm %u, labels %u, orig_ttl %u, sig_expiration %u, sig_inception %u, key_tag %u, signer %s\n",
141 sig->signer);
|
| /freebsd-12-stable/crypto/openssl/include/openssl/ |
| H A D | ocsp.h | 188 X509 *signer,
199 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
251 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
254 X509 *signer, EVP_MD_CTX *ctx,
|
| H A D | cms.h | 221 X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
227 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
235 X509 **signer, X509_ALGOR **pdig,
|
| /freebsd-12-stable/contrib/unbound/validator/ |
| H A D | val_utils.h | 99 * Given a response, determine the name of the "signer". This is primarily
108 * @param signer_name: signer name, if the response is signed
300 * the answer section, NS and AR sections that are signed with same signer.
306 * @param name: the signer name to look for.
308 * @param signer: signer name or NULL if an unsigned RRset is considered.
312 size_t cname_skip, uint8_t* name, size_t len, uint8_t* signer);
364 * Find the signer name for an RRset.
366 * @param sname: signer name is returned or NULL if not signed.
|
| H A D | val_neg.c | 851 /** see if the reply has signed NSEC records and return the signer */
863 /* return first signer name of first NSEC */
896 /* No SOA in positive (wildcard) answer. Use signer from the
972 uint8_t* signer; local
976 /* no SOA in this message, find RRSIG over NSEC's signer name.
978 signer = reply_nsec_signer(rep, &signer_len, &dclass);
979 if(!signer)
981 if(!dname_subdomain_c(signer, zone_name)) {
982 /* the signer is not in the bailiwick, throw it out */
987 signer, LDNS_RR_TYPE_N
[all...] |