Searched refs:cert (Results 1 - 25 of 211) sorted by relevance

123456789

/openbsd-current/regress/usr.sbin/rpki-client/
H A Dconstraints-dummy.c9 constraints_validate(const char *fn, const struct cert *cert) argument
/openbsd-current/regress/usr.bin/ssh/unittests/authopt/testdata/
H A Dmktestdata.sh7 rm -f *.cert
18 mv user_key-cert.pub "$output"
21 sign all_permit.cert -Opermit-agent-forwarding -Opermit-port-forwarding \
23 sign no_permit.cert -Oclear
25 sign no_agentfwd.cert -Ono-agent-forwarding
26 sign no_portfwd.cert -Ono-port-forwarding
27 sign no_pty.cert -Ono-pty
28 sign no_user_rc.cert -Ono-user-rc
29 sign no_x11fwd.cert -Ono-X11-forwarding
31 sign only_agentfwd.cert
[all...]
/openbsd-current/usr.bin/dig/lib/dns/include/dns/
H A Dcert.h17 /* $Id: cert.h,v 1.3 2020/02/23 19:54:25 jung Exp $ */
22 /*! \file dns/cert.h */
27 dns_cert_totext(dns_cert_t cert, isc_buffer_t *target);
29 * Put a textual representation of certificate type 'cert' into 'target'.
32 *\li 'cert' is a valid cert.
/openbsd-current/usr.sbin/rpki-client/
H A Dfilemode.c53 struct cert *cert; member in struct:uripath
67 uripath_add(const char *uri, struct cert *cert) argument
75 up->cert = cert;
80 static struct cert *
89 return up->cert;
127 * Parse the cert pointed at by the AIA URI while doing that also load
128 * the CRL of this cert
135 struct cert *cert = NULL; local
185 struct cert *cert; local
244 struct cert *cert; local
283 find_tal(struct cert *cert) argument
342 struct cert *cert = NULL; local
[all...]
H A Dvalidate.c46 c = as_check_covered(min, max, a->cert->as, a->cert->asz);
72 c = ip_addr_check_covered(afi, min, max, a->cert->ips, a->cert->ipsz);
88 valid_cert(const char *fn, struct auth *a, const struct cert *cert) argument
93 for (i = 0; i < cert->asz; i++) {
94 if (cert->as[i].type == CERT_AS_INHERIT)
97 if (cert->as[i].type == CERT_AS_ID) {
98 min = cert
132 valid_roa(const char *fn, struct cert *cert, struct roa *roa) argument
157 valid_spl(const char *fn, struct cert *cert, struct spl *spl) argument
440 valid_rsc(const char *fn, struct cert *cert, struct rsc *rsc) argument
510 valid_aspa(const char *fn, struct cert *cert, struct aspa *aspa) argument
527 valid_geofeed(const char *fn, struct cert *cert, struct geofeed *g) argument
[all...]
H A Dcert.c1 /* $OpenBSD: cert.c,v 1.148 2024/06/12 10:03:09 tb Exp $ */
32 extern ASN1_OBJECT *certpol_oid; /* id-cp-ipAddr-asNumber cert policy */
242 sbgp_assysnum(const char *fn, struct cert *cert, X509_EXTENSION *ext) argument
259 if (!sbgp_parse_assysnum(fn, asidentifiers, &cert->as, &cert->asz))
466 sbgp_ipaddrblk(const char *fn, struct cert *cert, X509_EXTENSION *ext) argument
483 if (!sbgp_parse_ipaddrblk(fn, addrblk, &cert->ips, &cert
503 sbgp_sia(const char *fn, struct cert *cert, X509_EXTENSION *ext) argument
630 certificate_policies(const char *fn, struct cert *cert, X509_EXTENSION *ext) argument
732 struct cert *cert; local
794 struct cert *cert; local
1261 auth_insert(const char *fn, struct auth_tree *auths, struct cert *cert, struct auth *issuer) argument
1300 insert_brk(struct brk_tree *tree, struct cert *cert, int asid) argument
1334 cert_insert_brks(struct brk_tree *tree, struct cert *cert) argument
[all...]
H A Dgbr.c39 struct cert *cert = NULL; local
80 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL)
89 cert_free(cert);
/openbsd-current/regress/usr.sbin/syslogd/
H A Dargs-tls-key-empty.pl10 my $cert = "/etc/ssl/127.0.0.1:6514.crt";
14 @cmd = (@sudo, "cp", "--", "127.0.0.1.crt", $cert);
18 my @cmd = (@sudo, "rm", "-f", "--", $key, $cert);
45 qr{Certfile $cert} => 1,
H A Dargs-tls-cert-noexist.pl9 my $cert = "/etc/ssl/127.0.0.1.crt";
11 my @cmd = (@sudo, "rm", "-f", "--", $cert);
15 my @cmd = (@sudo, "cp", "--", "127.0.0.1.crt", $cert);
44 qr{load server TLS cert: failed to open certificate file} => 1,
H A Dargs-tls-cert-empty.pl9 my $cert = "/etc/ssl/127.0.0.1.crt";
11 my @cmd = (@sudo, "cp", "--", "empty", $cert);
15 my @cmd = (@sudo, "cp", "--", "127.0.0.1.crt", $cert);
/openbsd-current/regress/usr.bin/ssh/
H A Dcert-hostkey.sh1 # $OpenBSD: cert-hostkey.sh,v 1.27 2021/09/30 05:26:26 dtucker Exp $
6 rm -f $OBJ/known_hosts-cert* $OBJ/host_ca_key* $OBJ/host_revoked_*
19 *rsa*cert*)
20 types="rsa-sha2-256-cert-v01@openssh.com,$i,$types"
21 types="rsa-sha2-512-cert-v01@openssh.com,$types";;
26 *cert*) types="$i,$types";;
44 printf "@cert-authority $HOSTS "
64 kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig
65 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
[all...]
H A Dagent-pkcs11-cert.sh1 # $OpenBSD: agent-pkcs11-cert.sh,v 1.1 2023/12/18 14:50:08 djm Exp $
42 # Note: deliberately contains non-cert keys and non-matching cert on commandline
46 ${SSH_SOFTHSM_DIR}/EC-cert.pub \
48 ${SSH_SOFTHSM_DIR}/RSA-cert.pub ||
54 ${SSH_SOFTHSM_DIR}/EC-cert.pub \
55 ${SSH_SOFTHSM_DIR}/RSA-cert.pub | sort > $OBJ/expect_list
61 ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub ; do
68 for x in ${SSH_SOFTHSM_DIR}/EC-cert
[all...]
/openbsd-current/regress/lib/libcrypto/CA/
H A DMakefile16 # Vanna Vanna make me a root cert
21 root.cert.pem: root.cnf root.key.pem \
23 # generate root cert
25 -new -x509 -days 365 -sha256 -extensions v3_ca -out root.cert.pem
38 intermediate.cert.pem: root.cnf root.cert.pem intermediate.csr.pem \
43 -in intermediate.csr.pem -out intermediate.cert.pem
47 run-verify-intermediate: root.cert.pem intermediate.cert.pem
49 openssl verify -CAfile root.cert
[all...]
/openbsd-current/regress/usr.bin/openssl/x509/
H A Dcreate-libressl-test-certs.pl11 my @ca = cert(
20 my @leafcert = cert(
34 @leafcert = cert(
48 my @caO = cert(
56 my @caX = cert(
66 my @subcaR = cert(
75 @leafcert = cert(
88 sub cert { CERT_create(not_after => 10*365*86400+time(), @_) } subroutine
H A DMakefile34 REGRESS_TARGETS += test-verify-unusual-wildcard-cert
35 REGRESS_TARGETS += test-openssl-verify-common-wildcard-cert
47 test-verify-unusual-wildcard-cert:
48 # openssl verify, unusual wildcard cert
52 test-openssl-verify-common-wildcard-cert:
53 # openssl verify, common wildcard cert
/openbsd-current/regress/lib/libssl/verify/
H A Dcreate-libressl-test-certs.pl11 my @ca = cert(
20 my @leafcert = cert(
34 @leafcert = cert(
48 my @caO = cert(
56 my @caX = cert(
66 my @subcaR = cert(
75 @leafcert = cert(
88 sub cert { CERT_create(not_after => 10*365*86400+time(), @_) } subroutine
H A Dverify.c34 const char *cert; member in struct:peer_config
48 .description = "unusual wildcard cert, no CA given to client",
52 .cert = NULL,
58 .cert = "server-unusual-wildcard.pem",
66 .description = "unusual wildcard cert, CA given to client",
70 .cert = NULL,
76 .cert = "server-unusual-wildcard.pem",
83 .description = "common wildcard cert, no CA given to client",
87 .cert = NULL,
93 .cert
[all...]
/openbsd-current/lib/libcrypto/ct/
H A Dct_policy.c96 X509_free(ctx->cert);
103 CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert) argument
105 if (!X509_up_ref(cert))
107 ctx->cert = cert;
140 return ctx->cert;
/openbsd-current/lib/libssl/
H A Dssl_cert.c181 ssl_cert_dup(SSL_CERT *cert) argument
193 * same as ret->key = ret->pkeys + (cert->key - cert->pkeys),
196 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
198 ret->valid = cert->valid;
199 ret->mask_k = cert->mask_k;
200 ret->mask_a = cert->mask_a;
202 if (cert->dhe_params != NULL) {
203 ret->dhe_params = DHparams_dup(cert
354 ssl_cert_add0_chain_cert(SSL_CTX *ctx, SSL *ssl, X509 *cert) argument
382 ssl_cert_add1_chain_cert(SSL_CTX *ctx, SSL *ssl, X509 *cert) argument
397 X509 *cert; local
[all...]
/openbsd-current/lib/libcrypto/x509/
H A Dx509_verify.c34 static int x509_verify_cert_valid(struct x509_verify_ctx *ctx, X509 *cert,
36 static int x509_verify_cert_hostname(struct x509_verify_ctx *ctx, X509 *cert,
38 static void x509_verify_build_chains(struct x509_verify_ctx *ctx, X509 *cert,
40 static int x509_verify_cert_error(struct x509_verify_ctx *ctx, X509 *cert,
152 x509_verify_chain_append(struct x509_verify_chain *chain, X509 *cert, argument
158 if (!x509_constraints_extract_names(chain->names, cert,
164 X509_up_ref(cert);
165 if (!sk_X509_push(chain->certs, cert)) {
166 X509_free(cert);
232 x509_verify_cert_cache_extensions(X509 *cert) argument
238 x509_verify_cert_self_signed(X509 *cert) argument
245 x509_verify_check_chain_end(X509 *cert, int full_chain) argument
253 x509_verify_ctx_cert_is_root(struct x509_verify_ctx *ctx, X509 *cert, int full_chain) argument
434 X509 *cert = sk_X509_value(ctx->xsc->chain, depth); local
564 x509_verify_consider_candidate(struct x509_verify_ctx *ctx, X509 *cert, int is_root_cert, X509 *candidate, struct x509_verify_chain *current_chain, int full_chain, char *name) argument
632 x509_verify_cert_error(struct x509_verify_ctx *ctx, X509 *cert, size_t depth, int error, int ok) argument
647 x509_verify_build_chains(struct x509_verify_ctx *ctx, X509 *cert, struct x509_verify_chain *current_chain, int full_chain, char *name) argument
749 x509_verify_cert_hostname(struct x509_verify_ctx *ctx, X509 *cert, char *name) argument
815 x509_verify_cert_times(X509 *cert, time_t *cmp_time, int *error) argument
847 x509_verify_validate_constraints(X509 *cert, struct x509_verify_chain *current_chain, int *error) argument
887 x509_verify_cert_extensions(struct x509_verify_ctx *ctx, X509 *cert, int need_ca) argument
917 x509_verify_cert_valid(struct x509_verify_ctx *ctx, X509 *cert, struct x509_verify_chain *current_chain) argument
[all...]
/openbsd-current/sbin/isakmpd/
H A Dx509.c48 #include "cert.h"
88 X509 *cert; member in struct:x509_hash
102 x509_generate_kn(int id, X509 *cert) argument
123 cert));
125 issuer = X509_get_issuer_name(cert);
126 subject = X509_get_subject_name(cert);
128 /* Missing or self-signed, ignore cert but don't report failure. */
132 if (!x509_cert_get_key(cert, &key)) {
134 "x509_generate_kn: failed to get public key from cert"));
171 X509_STORE_CTX_init(csc, x509_cas, cert, NUL
529 struct x509_hash *cert; local
569 x509_hash_enter(X509 *cert) argument
609 X509 *cert; local
846 X509 *cert = (X509 *) scert; local
914 X509 *cert; local
937 x509_hash_lookup(X509 *cert) argument
951 x509_cert_free(void *cert) argument
1074 x509_cert_obtain(u_int8_t *id, size_t id_len, void *data, u_int8_t **cert, u_int32_t *certlen) argument
1148 X509 *cert = scert; local
1273 X509 *cert = scert; local
1311 x509_printable(void *cert) argument
1328 x509_from_printable(char *cert) argument
[all...]
/openbsd-current/regress/lib/libcrypto/x509/
H A Dcallback.pl86 if (!@Mfail && !$Lfail && $mline =~ /error 0 cert/ && $lline =~ /error 0 cert/) {
/openbsd-current/regress/lib/libssl/interop/
H A DMakefile17 SUBDIR += cert
/openbsd-current/lib/libtls/
H A Dtls_keypair.c35 X509 *cert = NULL; local
46 if (tls_keypair_load_cert(keypair, error, &cert) == -1)
48 if (tls_cert_pubkey_hash(cert, &keypair->pubkey_hash) == -1)
54 X509_free(cert);
79 const uint8_t *cert, size_t len)
81 if (tls_set_mem(&keypair->cert_mem, &keypair->cert_len, cert, len) == -1)
136 X509 **cert)
143 X509_free(*cert);
144 *cert = NULL;
157 if ((*cert
78 tls_keypair_set_cert_mem(struct tls_keypair *keypair, struct tls_error *error, const uint8_t *cert, size_t len) argument
135 tls_keypair_load_cert(struct tls_keypair *keypair, struct tls_error *error, X509 **cert) argument
[all...]
/openbsd-current/usr.sbin/relayd/
H A Dssl.c103 X509 *cert = NULL; local
111 if ((cert = PEM_read_bio_X509(in, NULL,
121 if (!X509_NAME_oneline(X509_get_subject_name(cert),
123 !X509_NAME_oneline(X509_get_issuer_name(cert),
127 if ((cert = X509_dup(cert)) == NULL)
131 X509_set_pubkey(cert, pkey);
132 X509_set_issuer_name(cert, X509_get_subject_name(cacert));
135 if (!X509_sign(cert, capkey, EVP_sha256())) {
144 X509_print_fp(stdout, cert);
[all...]

Completed in 158 milliseconds

123456789