Home
last modified time | relevance | path

Searched refs:signer (Results 1 – 25 of 72) sorted by relevance

123

/netbsd/src/crypto/external/bsd/openssl/dist/crypto/ocsp/
Docsp_vfy.c30 static int ocsp_verify_signer(X509 *signer, int response, in ocsp_verify_signer() argument
42 if (!X509_STORE_CTX_init(ctx, st, signer, untrusted)) { in ocsp_verify_signer()
51 && X509_get_ext_by_NID(signer, NID_id_pkix_OCSP_noCheck, -1) >= 0) in ocsp_verify_signer()
77 X509 *signer, unsigned long flags) in ocsp_verify() argument
83 if ((skey = X509_get0_pubkey(signer)) == NULL) { in ocsp_verify()
88 ret = OCSP_REQUEST_verify(req, skey, signer->libctx, signer->propq); in ocsp_verify()
90 ret = OCSP_BASICRESP_verify(bs, skey, signer->libctx, signer->propq); in ocsp_verify()
101 X509 *signer, *x; in OCSP_basic_verify() local
104 int ret = ocsp_find_signer(&signer, bs, certs, flags); in OCSP_basic_verify()
113 if ((ret = ocsp_verify(NULL, bs, signer, flags)) <= 0) in OCSP_basic_verify()
[all …]
Docsp_srv.c168 X509 *signer, EVP_MD_CTX *ctx, in OCSP_basic_sign_ctx() argument
180 if (pkey == NULL || !X509_check_private_key(signer, pkey)) { in OCSP_basic_sign_ctx()
186 if (!OCSP_basic_add1_cert(brsp, signer) in OCSP_basic_sign_ctx()
193 if (!OCSP_RESPID_set_by_key(rid, signer)) in OCSP_basic_sign_ctx()
195 } else if (!OCSP_RESPID_set_by_name(rid, signer)) { in OCSP_basic_sign_ctx()
216 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, in OCSP_basic_sign() argument
227 signer->libctx, signer->propq, key, NULL)) { in OCSP_basic_sign()
231 i = OCSP_basic_sign_ctx(brsp, signer, ctx, certs, flags); in OCSP_basic_sign()
Docsp_cl.c81 X509 *signer, in OCSP_request_sign() argument
86 if (!OCSP_request_set1_name(req, X509_get_subject_name(signer))) in OCSP_request_sign()
92 if (!X509_check_private_key(signer, key)) { in OCSP_request_sign()
97 if (!OCSP_REQUEST_sign(req, key, dgst, signer->libctx, signer->propq)) in OCSP_request_sign()
102 if (!OCSP_request_add1_cert(req, signer) in OCSP_request_sign()
/netbsd/src/crypto/external/bsd/openssl/dist/crypto/ts/
Dts_rsp_verify.c20 X509 *signer, STACK_OF(X509) **chain);
37 static int ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
95 X509 *signer; in TS_RESP_verify_signature() local
128 signer = sk_X509_value(signers, 0); in TS_RESP_verify_signature()
136 if (!ts_verify_cert(store, untrusted, signer, &chain)) in TS_RESP_verify_signature()
146 j = PKCS7_signatureVerify(p7bio, token, si, signer); in TS_RESP_verify_signature()
153 *signer_out = signer; in TS_RESP_verify_signature()
154 X509_up_ref(signer); in TS_RESP_verify_signature()
172 X509 *signer, STACK_OF(X509) **chain) in ts_verify_cert() argument
184 if (!X509_STORE_CTX_init(cert_ctx, store, signer, untrusted)) in ts_verify_cert()
[all …]
/netbsd/src/crypto/external/bsd/openssl/dist/test/
Docspapitest.c115 X509 *signer = NULL, *tmp; in test_resp_signer() local
128 || !TEST_true(get_cert_and_key(&signer, &key)) in test_resp_signer()
129 || !TEST_true(sk_X509_push(extra_certs, signer)) in test_resp_signer()
130 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer()
134 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer()
142 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer()
146 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer()
152 X509_free(signer); in test_resp_signer()
/netbsd/src/crypto/external/bsd/openssl/dist/crypto/cms/
Dcms_sd.c306 X509 *signer, EVP_PKEY *pk, const EVP_MD *md, in CMS_add1_signer() argument
315 if (!X509_check_private_key(signer, pk)) { in CMS_add1_signer()
326 X509_check_purpose(signer, -1, -1); in CMS_add1_signer()
328 X509_up_ref(signer); in CMS_add1_signer()
333 si->signer = signer; in CMS_add1_signer()
352 if (!ossl_cms_set1_SignerIdentifier(si->sid, signer, type, ctx)) in CMS_add1_signer()
437 if ((sc = OSSL_ESS_signing_cert_new_init(signer, in CMS_add1_signer()
443 if ((sc2 = OSSL_ESS_signing_cert_v2_new_init(md, signer, in CMS_add1_signer()
465 if (!CMS_add1_cert(cms, signer)) in CMS_add1_signer()
582 if (si->signer != NULL) { in STACK_OF()
[all …]
Dcms_smime.c269 X509 *signer; in cms_signerinfo_verify_cert() local
278 CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); in cms_signerinfo_verify_cert()
279 if (!X509_STORE_CTX_init(ctx, store, signer, certs)) { in cms_signerinfo_verify_cert()
313 X509 *signer; in CMS_verify() local
339 CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); in CMS_verify()
340 if (signer) in CMS_verify()
/netbsd/src/crypto/external/bsd/heimdal/dist/lib/hx509/
Drevoke.c69 hx509_cert signer; member
131 hx509_cert_free(ocsp->signer); in free_ocsp()
178 hx509_cert signer = NULL; in verify_ocsp() local
204 ret = hx509_certs_find(context, certs, &q, &signer); in verify_ocsp()
206 ret = hx509_certs_find(context, ocsp->certs, &q, &signer); in verify_ocsp()
215 if (hx509_cert_cmp(signer, parent) != 0) { in verify_ocsp()
217 Certificate *s = _hx509_get_cert(signer); in verify_ocsp()
238 ret = hx509_cert_check_eku(context, signer, in verify_ocsp()
245 signer, in verify_ocsp()
255 ocsp->signer = signer; in verify_ocsp()
[all …]
Dcrypto-ec.c140 const Certificate *signer, in ecdsa_verify_signature() argument
167 spi = &signer->tbsCertificate.subjectPublicKeyInfo; in ecdsa_verify_signature()
214 const hx509_private_key signer, in ecdsa_create_signature() argument
226 if (signer->ops && der_heim_oid_cmp(signer->ops->key_oid, ASN1_OID_ID_ECPUBLICKEY) != 0) in ecdsa_create_signature()
250 sig->length = ECDSA_size(signer->private_key.ecdsa); in ecdsa_create_signature()
262 sig->data, &siglen, signer->private_key.ecdsa); in ecdsa_create_signature()
283 ecdsa_available(const hx509_private_key signer, in ecdsa_available() argument
292 if (der_heim_oid_cmp(signer->ops->key_oid, &asn1_oid_id_ecPublicKey) != 0) in ecdsa_available()
300 group = EC_KEY_get0_group(signer->private_key.ecdsa); in ecdsa_available()
Dhxtool.c366 hx509_certs store, pool, anchors, signer = NULL; in cms_create_sd() local
423 ret = hx509_certs_filter(context, store, q, &signer); in cms_create_sd()
448 signer, in cms_create_sd()
482 if (signer) { in cms_create_sd()
483 ret = hx509_certs_iter_f(context, signer, print_signer, header); in cms_create_sd()
505 hx509_certs_free(&signer); in cms_create_sd()
1266 hx509_private_key *signer) in get_key() argument
1316 ret = read_private_key(fn, signer); in get_key()
1327 hx509_private_key signer; in request_create() local
1332 memset(&signer, 0, sizeof(signer)); in request_create()
[all …]
Dcrypto.c180 const Certificate *signer, in rsa_verify_signature() argument
196 spi = &signer->tbsCertificate.subjectPublicKeyInfo; in rsa_verify_signature()
292 const hx509_private_key signer, in rsa_create_signature() argument
304 if (signer->ops && der_heim_oid_cmp(signer->ops->key_oid, ASN1_OID_ID_PKCS1_RSAENCRYPTION) != 0) in rsa_create_signature()
310 sig_oid = signer->signature_alg; in rsa_create_signature()
371 sig->length = RSA_size(signer->private_key.rsa); in rsa_create_signature()
381 signer->private_key.rsa, in rsa_create_signature()
594 const Certificate *signer, in dsa_verify_signature() argument
606 spi = &signer->tbsCertificate.subjectPublicKeyInfo; in dsa_verify_signature()
715 const hx509_private_key signer, in evp_md_create_signature() argument
[all …]
Dtest_cms.in83 --no-signer \
91 --no-signer-allowed \
93 sd.data sd.data.out > signer.tmp || exit 1
95 grep "unsigned" signer.tmp > /dev/null || exit 1
101 sd.data sd.data.out 2> signer.tmp && exit 1
102 grep "No signers where found" signer.tmp > /dev/null || exit 1
217 --signer=friendlyname-test \
Dhxtool-commands.in46 long = "signer"
49 argument = "signer-friendly-name"
98 long = "signer"
160 long = "signer-allowed"
162 help = "allow no signer"
750 long = "signer"
752 help = "signer certificate"
/netbsd/src/crypto/external/bsd/openssl/dist/crypto/pkcs7/
Dpk7_smime.c217 X509 *signer; in PKCS7_verify() local
276 signer = sk_X509_value(signers, k); in PKCS7_verify()
278 if (!X509_STORE_CTX_init(cert_ctx, store, signer, in PKCS7_verify()
285 } else if (!X509_STORE_CTX_init(cert_ctx, store, signer, NULL)) { in PKCS7_verify()
360 signer = sk_X509_value(signers, i); in PKCS7_verify()
361 j = PKCS7_signatureVerify(p7bio, p7, si, signer); in PKCS7_verify()
389 X509 *signer; in STACK_OF() local
419 signer = NULL; in STACK_OF()
422 signer = X509_find_by_issuer_and_serial(certs, in STACK_OF()
424 if (!signer && !(flags & PKCS7_NOINTERN) in STACK_OF()
[all …]
/netbsd/src/external/bsd/wpa/dist/src/tls/
Dtlsv1_client_ocsp.c50 static int ocsp_responder_id_match(struct x509_certificate *signer, in ocsp_responder_id_match() argument
55 const u8 *addr[1] = { signer->public_key }; in ocsp_responder_id_match()
56 size_t len[1] = { signer->public_key_len }; in ocsp_responder_id_match()
63 return x509_name_compare(&signer->subject, name) == 0; in ocsp_responder_id_match()
356 struct x509_certificate *issuer, *signer; in tls_process_basic_ocsp_response() local
595 signer = issuer; in tls_process_basic_ocsp_response()
597 for (signer = certs; signer; signer = signer->next) { in tls_process_basic_ocsp_response()
598 if (!ocsp_responder_id_match(signer, &name, key_hash) || in tls_process_basic_ocsp_response()
601 !(signer->ext_key_usage & in tls_process_basic_ocsp_response()
603 x509_certificate_check_signature(issuer, signer) < in tls_process_basic_ocsp_response()
[all …]
/netbsd/src/crypto/external/bsd/netpgp/dist/src/lib/
Dvalidate.c182 const pgp_pubkey_t *signer) in check_binary_sig() argument
232 return pgp_check_sig(hashout, n, sig, signer); in check_binary_sig()
239 const pgp_key_t *signer; in pgp_validate_key_cb() local
302 signer = pgp_getkeybyid(io, key->keyring, in pgp_validate_key_cb()
305 if (!signer) { in pgp_validate_key_cb()
315 if (sigkey == &signer->enckey) { in pgp_validate_key_cb()
329 pgp_get_pubkey(signer), in pgp_validate_key_cb()
335 pgp_get_pubkey(signer), in pgp_validate_key_cb()
348 pgp_get_pubkey(signer), in pgp_validate_key_cb()
356 pgp_get_pubkey(signer), in pgp_validate_key_cb()
[all …]
Dsignature.c469 const pgp_pubkey_t * signer) in pgp_check_sig() argument
480 &signer->key.dsa); in pgp_check_sig()
486 &signer->key.ecdsa); in pgp_check_sig()
492 &signer->key.rsa); in pgp_check_sig()
506 const pgp_pubkey_t *signer) in hash_and_check_sig() argument
512 return pgp_check_sig(hashout, n, sig, signer); in hash_and_check_sig()
518 const pgp_pubkey_t *signer, in finalise_sig() argument
522 return hash_and_check_sig(hash, sig, signer); in finalise_sig()
541 const pgp_pubkey_t *signer, in pgp_check_useridcert_sig() argument
554 return finalise_sig(&hash, sig, signer, raw_packet); in pgp_check_useridcert_sig()
[all …]
/netbsd/src/external/bsd/wpa/dist/src/crypto/
Dtls_openssl_ocsp.c500 X509 *signer, *tmp_cert; in check_ocsp_resp() local
610 signer = ocsp_find_signer(certs, rd->responderID); in check_ocsp_resp()
611 if (!signer) in check_ocsp_resp()
612 signer = ocsp_find_signer(untrusted, rd->responderID); in check_ocsp_resp()
615 if (!signer) { in check_ocsp_resp()
621 skey = X509_get_pubkey(signer); in check_ocsp_resp()
635 X509_NAME_oneline(X509_get_subject_name(signer), buf, sizeof(buf)); in check_ocsp_resp()
641 if (!ctx || !X509_STORE_CTX_init(ctx, store, signer, untrusted)) in check_ocsp_resp()
659 X509_check_purpose(signer, -1, 0); in check_ocsp_resp()
660 if ((X509_get_extension_flags(signer) & EXFLAG_XKUSAGE) && in check_ocsp_resp()
[all …]
/netbsd/src/crypto/external/bsd/heimdal/dist/lib/hx509/data/
Dgen-req.sh159 -signer test.crt \
169 -signer test.crt \
180 -signer test.crt \
193 -signer test.crt \
204 -signer test.crt \
215 -signer test.crt \
/netbsd/src/crypto/external/bsd/openssl/dist/apps/
Dsmime.c140 X509 *cert = NULL, *recip = NULL, *signer = NULL; in smime_main() local
584 signer = load_cert(signerfile, FORMAT_UNDEF, "signer certificate"); in smime_main()
585 if (signer == NULL) in smime_main()
591 if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags)) in smime_main()
593 X509_free(signer); in smime_main()
594 signer = NULL; in smime_main()
671 X509_free(signer); in smime_main()
Dts.c51 const EVP_MD *md, const char *signer, const char *chain,
57 const char *inkey, const EVP_MD *md, const char *signer,
169 char *inkey = NULL, *signer = NULL, *chain = NULL, *CApath = NULL; in ts_main() local
259 signer = opt_arg(); in ts_main()
331 password, inkey, md, signer, chain, policy, in ts_main()
589 const EVP_MD *md, const char *signer, const char *chain, in reply_command() argument
611 passin, inkey, md, signer, chain, policy); in reply_command()
697 const char *inkey, const EVP_MD *md, const char *signer, in create_response() argument
717 if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) in create_response()
Dcms.c289 X509 *cert = NULL, *recip = NULL, *signer = NULL, *originator = NULL; in cms_main() local
874 if ((signer = load_cert(signerfile, FORMAT_UNDEF, in cms_main()
1048 srcms = CMS_sign_receipt(si, signer, key, other, flags); in cms_main()
1088 signer = load_cert(signerfile, FORMAT_UNDEF, "signer certificate"); in cms_main()
1089 if (signer == NULL) { in cms_main()
1105 si = CMS_add1_signer(cms, signer, key, sign_md, tflags); in cms_main()
1116 X509_free(signer); in cms_main()
1117 signer = NULL; in cms_main()
1279 X509_free(signer); in cms_main()
/netbsd/src/crypto/external/bsd/heimdal/dist/kdc/
Dkx509.c177 hx509_cert signer = NULL; in build_certificate() local
240 ret = hx509_certs_find(context->hx509ctx, certs, q, &signer); in build_certificate()
322 ret = hx509_ca_sign(context->hx509ctx, tbs, signer, &cert); in build_certificate()
323 hx509_cert_free(signer); in build_certificate()
345 if (signer) in build_certificate()
346 hx509_cert_free(signer); in build_certificate()
/netbsd/src/crypto/external/bsd/openssh/dist/
Dsshsig.h40 sshsig_signer *signer, void *signer_ctx);
61 struct sshbuf **out, sshsig_signer *signer, void *signer_ctx);
Dsshsig.c169 sshsig_signer *signer, void *signer_ctx) in sshsig_wrap_sign() argument
203 if (signer != NULL) { in sshsig_wrap_sign()
204 if ((r = signer(key, &sig, &slen, in sshsig_wrap_sign()
453 struct sshbuf **out, sshsig_signer *signer, void *signer_ctx) in sshsig_signb() argument
467 sig_namespace, out, signer, signer_ctx)) != 0) in sshsig_signb()
581 sshsig_signer *signer, void *signer_ctx) in sshsig_sign_fd() argument
595 sig_namespace, out, signer, signer_ctx)) != 0) in sshsig_sign_fd()

123