/openbsd-current/regress/usr.sbin/rpki-client/ |
H A D | constraints-dummy.c | 9 constraints_validate(const char *fn, const struct cert *cert) argument
|
/openbsd-current/regress/usr.bin/ssh/unittests/authopt/testdata/ |
H A D | mktestdata.sh | 7 rm -f *.cert 18 mv user_key-cert.pub "$output" 21 sign all_permit.cert -Opermit-agent-forwarding -Opermit-port-forwarding \ 23 sign no_permit.cert -Oclear 25 sign no_agentfwd.cert -Ono-agent-forwarding 26 sign no_portfwd.cert -Ono-port-forwarding 27 sign no_pty.cert -Ono-pty 28 sign no_user_rc.cert -Ono-user-rc 29 sign no_x11fwd.cert -Ono-X11-forwarding 31 sign only_agentfwd.cert [all...] |
/openbsd-current/usr.bin/dig/lib/dns/include/dns/ |
H A D | cert.h | 17 /* $Id: cert.h,v 1.3 2020/02/23 19:54:25 jung Exp $ */ 22 /*! \file dns/cert.h */ 27 dns_cert_totext(dns_cert_t cert, isc_buffer_t *target); 29 * Put a textual representation of certificate type 'cert' into 'target'. 32 *\li 'cert' is a valid cert.
|
/openbsd-current/usr.sbin/rpki-client/ |
H A D | filemode.c | 53 struct cert *cert; member in struct:uripath 67 uripath_add(const char *uri, struct cert *cert) argument 75 up->cert = cert; 80 static struct cert * 89 return up->cert; 127 * Parse the cert pointed at by the AIA URI while doing that also load 128 * the CRL of this cert 135 struct cert *cert = NULL; local 185 struct cert *cert; local 244 struct cert *cert; local 283 find_tal(struct cert *cert) argument 342 struct cert *cert = NULL; local [all...] |
H A D | validate.c | 46 c = as_check_covered(min, max, a->cert->as, a->cert->asz); 72 c = ip_addr_check_covered(afi, min, max, a->cert->ips, a->cert->ipsz); 88 valid_cert(const char *fn, struct auth *a, const struct cert *cert) argument 93 for (i = 0; i < cert->asz; i++) { 94 if (cert->as[i].type == CERT_AS_INHERIT) 97 if (cert->as[i].type == CERT_AS_ID) { 98 min = cert 132 valid_roa(const char *fn, struct cert *cert, struct roa *roa) argument 157 valid_spl(const char *fn, struct cert *cert, struct spl *spl) argument 440 valid_rsc(const char *fn, struct cert *cert, struct rsc *rsc) argument 510 valid_aspa(const char *fn, struct cert *cert, struct aspa *aspa) argument 527 valid_geofeed(const char *fn, struct cert *cert, struct geofeed *g) argument [all...] |
H A D | cert.c | 1 /* $OpenBSD: cert.c,v 1.148 2024/06/12 10:03:09 tb Exp $ */ 32 extern ASN1_OBJECT *certpol_oid; /* id-cp-ipAddr-asNumber cert policy */ 242 sbgp_assysnum(const char *fn, struct cert *cert, X509_EXTENSION *ext) argument 259 if (!sbgp_parse_assysnum(fn, asidentifiers, &cert->as, &cert->asz)) 466 sbgp_ipaddrblk(const char *fn, struct cert *cert, X509_EXTENSION *ext) argument 483 if (!sbgp_parse_ipaddrblk(fn, addrblk, &cert->ips, &cert 503 sbgp_sia(const char *fn, struct cert *cert, X509_EXTENSION *ext) argument 630 certificate_policies(const char *fn, struct cert *cert, X509_EXTENSION *ext) argument 732 struct cert *cert; local 794 struct cert *cert; local 1261 auth_insert(const char *fn, struct auth_tree *auths, struct cert *cert, struct auth *issuer) argument 1300 insert_brk(struct brk_tree *tree, struct cert *cert, int asid) argument 1334 cert_insert_brks(struct brk_tree *tree, struct cert *cert) argument [all...] |
H A D | gbr.c | 39 struct cert *cert = NULL; local 80 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) 89 cert_free(cert);
|
/openbsd-current/regress/usr.sbin/syslogd/ |
H A D | args-tls-key-empty.pl | 10 my $cert = "/etc/ssl/127.0.0.1:6514.crt"; 14 @cmd = (@sudo, "cp", "--", "127.0.0.1.crt", $cert); 18 my @cmd = (@sudo, "rm", "-f", "--", $key, $cert); 45 qr{Certfile $cert} => 1,
|
H A D | args-tls-cert-noexist.pl | 9 my $cert = "/etc/ssl/127.0.0.1.crt"; 11 my @cmd = (@sudo, "rm", "-f", "--", $cert); 15 my @cmd = (@sudo, "cp", "--", "127.0.0.1.crt", $cert); 44 qr{load server TLS cert: failed to open certificate file} => 1,
|
H A D | args-tls-cert-empty.pl | 9 my $cert = "/etc/ssl/127.0.0.1.crt"; 11 my @cmd = (@sudo, "cp", "--", "empty", $cert); 15 my @cmd = (@sudo, "cp", "--", "127.0.0.1.crt", $cert);
|
/openbsd-current/regress/usr.bin/ssh/ |
H A D | cert-hostkey.sh | 1 # $OpenBSD: cert-hostkey.sh,v 1.27 2021/09/30 05:26:26 dtucker Exp $ 6 rm -f $OBJ/known_hosts-cert* $OBJ/host_ca_key* $OBJ/host_revoked_* 19 *rsa*cert*) 20 types="rsa-sha2-256-cert-v01@openssh.com,$i,$types" 21 types="rsa-sha2-512-cert-v01@openssh.com,$types";; 26 *cert*) types="$i,$types";; 44 printf "@cert-authority $HOSTS " 64 kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig 65 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert [all...] |
H A D | agent-pkcs11-cert.sh | 1 # $OpenBSD: agent-pkcs11-cert.sh,v 1.1 2023/12/18 14:50:08 djm Exp $ 42 # Note: deliberately contains non-cert keys and non-matching cert on commandline 46 ${SSH_SOFTHSM_DIR}/EC-cert.pub \ 48 ${SSH_SOFTHSM_DIR}/RSA-cert.pub || 54 ${SSH_SOFTHSM_DIR}/EC-cert.pub \ 55 ${SSH_SOFTHSM_DIR}/RSA-cert.pub | sort > $OBJ/expect_list 61 ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub ; do 68 for x in ${SSH_SOFTHSM_DIR}/EC-cert [all...] |
/openbsd-current/regress/lib/libcrypto/CA/ |
H A D | Makefile | 16 # Vanna Vanna make me a root cert 21 root.cert.pem: root.cnf root.key.pem \ 23 # generate root cert 25 -new -x509 -days 365 -sha256 -extensions v3_ca -out root.cert.pem 38 intermediate.cert.pem: root.cnf root.cert.pem intermediate.csr.pem \ 43 -in intermediate.csr.pem -out intermediate.cert.pem 47 run-verify-intermediate: root.cert.pem intermediate.cert.pem 49 openssl verify -CAfile root.cert [all...] |
/openbsd-current/regress/usr.bin/openssl/x509/ |
H A D | create-libressl-test-certs.pl | 11 my @ca = cert( 20 my @leafcert = cert( 34 @leafcert = cert( 48 my @caO = cert( 56 my @caX = cert( 66 my @subcaR = cert( 75 @leafcert = cert( 88 sub cert { CERT_create(not_after => 10*365*86400+time(), @_) } subroutine
|
H A D | Makefile | 34 REGRESS_TARGETS += test-verify-unusual-wildcard-cert 35 REGRESS_TARGETS += test-openssl-verify-common-wildcard-cert 47 test-verify-unusual-wildcard-cert: 48 # openssl verify, unusual wildcard cert 52 test-openssl-verify-common-wildcard-cert: 53 # openssl verify, common wildcard cert
|
/openbsd-current/regress/lib/libssl/verify/ |
H A D | create-libressl-test-certs.pl | 11 my @ca = cert( 20 my @leafcert = cert( 34 @leafcert = cert( 48 my @caO = cert( 56 my @caX = cert( 66 my @subcaR = cert( 75 @leafcert = cert( 88 sub cert { CERT_create(not_after => 10*365*86400+time(), @_) } subroutine
|
H A D | verify.c | 34 const char *cert; member in struct:peer_config 48 .description = "unusual wildcard cert, no CA given to client", 52 .cert = NULL, 58 .cert = "server-unusual-wildcard.pem", 66 .description = "unusual wildcard cert, CA given to client", 70 .cert = NULL, 76 .cert = "server-unusual-wildcard.pem", 83 .description = "common wildcard cert, no CA given to client", 87 .cert = NULL, 93 .cert [all...] |
/openbsd-current/lib/libcrypto/ct/ |
H A D | ct_policy.c | 96 X509_free(ctx->cert); 103 CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert) argument 105 if (!X509_up_ref(cert)) 107 ctx->cert = cert; 140 return ctx->cert;
|
/openbsd-current/lib/libssl/ |
H A D | ssl_cert.c | 181 ssl_cert_dup(SSL_CERT *cert) argument 193 * same as ret->key = ret->pkeys + (cert->key - cert->pkeys), 196 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; 198 ret->valid = cert->valid; 199 ret->mask_k = cert->mask_k; 200 ret->mask_a = cert->mask_a; 202 if (cert->dhe_params != NULL) { 203 ret->dhe_params = DHparams_dup(cert 354 ssl_cert_add0_chain_cert(SSL_CTX *ctx, SSL *ssl, X509 *cert) argument 382 ssl_cert_add1_chain_cert(SSL_CTX *ctx, SSL *ssl, X509 *cert) argument 397 X509 *cert; local [all...] |
/openbsd-current/lib/libcrypto/x509/ |
H A D | x509_verify.c | 34 static int x509_verify_cert_valid(struct x509_verify_ctx *ctx, X509 *cert, 36 static int x509_verify_cert_hostname(struct x509_verify_ctx *ctx, X509 *cert, 38 static void x509_verify_build_chains(struct x509_verify_ctx *ctx, X509 *cert, 40 static int x509_verify_cert_error(struct x509_verify_ctx *ctx, X509 *cert, 152 x509_verify_chain_append(struct x509_verify_chain *chain, X509 *cert, argument 158 if (!x509_constraints_extract_names(chain->names, cert, 164 X509_up_ref(cert); 165 if (!sk_X509_push(chain->certs, cert)) { 166 X509_free(cert); 232 x509_verify_cert_cache_extensions(X509 *cert) argument 238 x509_verify_cert_self_signed(X509 *cert) argument 245 x509_verify_check_chain_end(X509 *cert, int full_chain) argument 253 x509_verify_ctx_cert_is_root(struct x509_verify_ctx *ctx, X509 *cert, int full_chain) argument 434 X509 *cert = sk_X509_value(ctx->xsc->chain, depth); local 564 x509_verify_consider_candidate(struct x509_verify_ctx *ctx, X509 *cert, int is_root_cert, X509 *candidate, struct x509_verify_chain *current_chain, int full_chain, char *name) argument 632 x509_verify_cert_error(struct x509_verify_ctx *ctx, X509 *cert, size_t depth, int error, int ok) argument 647 x509_verify_build_chains(struct x509_verify_ctx *ctx, X509 *cert, struct x509_verify_chain *current_chain, int full_chain, char *name) argument 749 x509_verify_cert_hostname(struct x509_verify_ctx *ctx, X509 *cert, char *name) argument 815 x509_verify_cert_times(X509 *cert, time_t *cmp_time, int *error) argument 847 x509_verify_validate_constraints(X509 *cert, struct x509_verify_chain *current_chain, int *error) argument 887 x509_verify_cert_extensions(struct x509_verify_ctx *ctx, X509 *cert, int need_ca) argument 917 x509_verify_cert_valid(struct x509_verify_ctx *ctx, X509 *cert, struct x509_verify_chain *current_chain) argument [all...] |
/openbsd-current/sbin/isakmpd/ |
H A D | x509.c | 48 #include "cert.h" 88 X509 *cert; member in struct:x509_hash 102 x509_generate_kn(int id, X509 *cert) argument 123 cert)); 125 issuer = X509_get_issuer_name(cert); 126 subject = X509_get_subject_name(cert); 128 /* Missing or self-signed, ignore cert but don't report failure. */ 132 if (!x509_cert_get_key(cert, &key)) { 134 "x509_generate_kn: failed to get public key from cert")); 171 X509_STORE_CTX_init(csc, x509_cas, cert, NUL 529 struct x509_hash *cert; local 569 x509_hash_enter(X509 *cert) argument 609 X509 *cert; local 846 X509 *cert = (X509 *) scert; local 914 X509 *cert; local 937 x509_hash_lookup(X509 *cert) argument 951 x509_cert_free(void *cert) argument 1074 x509_cert_obtain(u_int8_t *id, size_t id_len, void *data, u_int8_t **cert, u_int32_t *certlen) argument 1148 X509 *cert = scert; local 1273 X509 *cert = scert; local 1311 x509_printable(void *cert) argument 1328 x509_from_printable(char *cert) argument [all...] |
/openbsd-current/regress/lib/libcrypto/x509/ |
H A D | callback.pl | 86 if (!@Mfail && !$Lfail && $mline =~ /error 0 cert/ && $lline =~ /error 0 cert/) {
|
/openbsd-current/regress/lib/libssl/interop/ |
H A D | Makefile | 17 SUBDIR += cert
|
/openbsd-current/lib/libtls/ |
H A D | tls_keypair.c | 35 X509 *cert = NULL; local 46 if (tls_keypair_load_cert(keypair, error, &cert) == -1) 48 if (tls_cert_pubkey_hash(cert, &keypair->pubkey_hash) == -1) 54 X509_free(cert); 79 const uint8_t *cert, size_t len) 81 if (tls_set_mem(&keypair->cert_mem, &keypair->cert_len, cert, len) == -1) 136 X509 **cert) 143 X509_free(*cert); 144 *cert = NULL; 157 if ((*cert 78 tls_keypair_set_cert_mem(struct tls_keypair *keypair, struct tls_error *error, const uint8_t *cert, size_t len) argument 135 tls_keypair_load_cert(struct tls_keypair *keypair, struct tls_error *error, X509 **cert) argument [all...] |
/openbsd-current/usr.sbin/relayd/ |
H A D | ssl.c | 103 X509 *cert = NULL; local 111 if ((cert = PEM_read_bio_X509(in, NULL, 121 if (!X509_NAME_oneline(X509_get_subject_name(cert), 123 !X509_NAME_oneline(X509_get_issuer_name(cert), 127 if ((cert = X509_dup(cert)) == NULL) 131 X509_set_pubkey(cert, pkey); 132 X509_set_issuer_name(cert, X509_get_subject_name(cacert)); 135 if (!X509_sign(cert, capkey, EVP_sha256())) { 144 X509_print_fp(stdout, cert); [all...] |