Home
last modified time | relevance | path

Searched refs:cert (Results 1 – 25 of 143) sorted by relevance

123456

/dflybsd-src/contrib/wpa_supplicant/src/tls/
H A Dx509v3.c45 void x509_certificate_free(struct x509_certificate *cert) in x509_certificate_free() argument
47 if (cert == NULL) in x509_certificate_free()
49 if (cert->next) { in x509_certificate_free()
52 cert, cert->next); in x509_certificate_free()
54 x509_free_name(&cert->issuer); in x509_certificate_free()
55 x509_free_name(&cert->subject); in x509_certificate_free()
56 os_free(cert->public_key); in x509_certificate_free()
57 os_free(cert->sign_value); in x509_certificate_free()
58 os_free(cert->subject_dn); in x509_certificate_free()
59 os_free(cert); in x509_certificate_free()
[all …]
H A Dtlsv1_cred.c35 x509_certificate_chain_free(cred->cert); in tlsv1_cred_free()
48 struct x509_certificate *cert, *p; in tlsv1_add_cert_der() local
51 cert = x509_certificate_parse(buf, len); in tlsv1_add_cert_der()
52 if (cert == NULL) { in tlsv1_add_cert_der()
61 if (p && x509_name_compare(&cert->subject, &p->issuer) == 0) { in tlsv1_add_cert_der()
66 p->next = cert; in tlsv1_add_cert_der()
69 cert->next = *chain; in tlsv1_add_cert_der()
70 *chain = cert; in tlsv1_add_cert_der()
73 x509_name_string(&cert->subject, name, sizeof(name)); in tlsv1_add_cert_der()
158 const char *cert, const u8 *cert_blob, in tlsv1_set_cert_chain() argument
[all …]
H A Dtlsv1_client_write.c27 struct x509_certificate *cert; in tls_client_cert_chain_der_len() local
32 cert = conn->cred->cert; in tls_client_cert_chain_der_len()
33 while (cert) { in tls_client_cert_chain_der_len()
34 len += 3 + cert->cert_len; in tls_client_cert_chain_der_len()
35 if (x509_certificate_self_signed(cert)) in tls_client_cert_chain_der_len()
37 cert = x509_certificate_get_subject(conn->cred->trusted_certs, in tls_client_cert_chain_der_len()
38 &cert->issuer); in tls_client_cert_chain_der_len()
269 struct x509_certificate *cert; in tls_write_client_certificate() local
295 cert = conn->cred ? conn->cred->cert : NULL; in tls_write_client_certificate()
296 while (cert) { in tls_write_client_certificate()
[all …]
H A Dtlsv1_server_write.c27 struct x509_certificate *cert; in tls_server_cert_chain_der_len() local
29 cert = conn->cred ? conn->cred->cert : NULL; in tls_server_cert_chain_der_len()
30 while (cert) { in tls_server_cert_chain_der_len()
31 len += 3 + cert->cert_len; in tls_server_cert_chain_der_len()
32 if (x509_certificate_self_signed(cert)) in tls_server_cert_chain_der_len()
34 cert = x509_certificate_get_subject(conn->cred->trusted_certs, in tls_server_cert_chain_der_len()
35 &cert->issuer); in tls_server_cert_chain_der_len()
194 struct x509_certificate *cert; in tls_write_server_certificate() local
228 cert = conn->cred->cert; in tls_write_server_certificate()
229 while (cert) { in tls_write_server_certificate()
[all …]
H A Dtlsv1_client_ocsp.c111 struct x509_certificate *cert, in tls_process_ocsp_single_response() argument
233 if (serial_number_len != cert->serial_number_len || in tls_process_ocsp_single_response()
234 os_memcmp(serial_number, cert->serial_number, in tls_process_ocsp_single_response()
319 struct x509_certificate *cert, in tls_process_ocsp_responses() argument
339 if (tls_process_ocsp_single_response(conn, cert, issuer, in tls_process_ocsp_responses()
454 struct x509_certificate *cert; in tls_process_basic_ocsp_response() local
465 cert = x509_certificate_parse(hdr.payload, hdr.length); in tls_process_basic_ocsp_response()
466 if (!cert) in tls_process_basic_ocsp_response()
469 last_cert->next = cert; in tls_process_basic_ocsp_response()
470 last_cert = cert; in tls_process_basic_ocsp_response()
[all …]
H A Dtlsv1_client_read.c280 struct x509_certificate *cert) in tls_peer_cert_event() argument
294 cert_buf = wpabuf_alloc_copy(cert->cert_start, in tls_peer_cert_event()
295 cert->cert_len); in tls_peer_cert_event()
296 ev.peer_cert.cert = cert_buf; in tls_peer_cert_event()
312 x509_name_string(&cert->subject, subject, sizeof(subject)); in tls_peer_cert_event()
321 struct x509_certificate *cert, in tls_cert_chain_failure_event() argument
329 if (!conn->event_cb || !cert) in tls_cert_chain_failure_event()
334 x509_name_string(&cert->subject, subject, sizeof(subject)); in tls_cert_chain_failure_event()
338 cert_buf = wpabuf_alloc_copy(cert->cert_start, in tls_cert_chain_failure_event()
339 cert->cert_len); in tls_cert_chain_failure_event()
[all …]
/dflybsd-src/crypto/libressl/crypto/x509/
H A Dx509_verify.c33 static int x509_verify_cert_valid(struct x509_verify_ctx *ctx, X509 *cert,
35 static int x509_verify_cert_hostname(struct x509_verify_ctx *ctx, X509 *cert,
37 static void x509_verify_build_chains(struct x509_verify_ctx *ctx, X509 *cert,
39 static int x509_verify_cert_error(struct x509_verify_ctx *ctx, X509 *cert,
86 x509_verify_cert_info_populate(X509 *cert) in x509_verify_cert_info_populate() argument
92 cert->not_before = x509_verify_asn1_time_to_time_t(X509_get_notBefore(cert), 0); in x509_verify_cert_info_populate()
93 cert->not_after = x509_verify_asn1_time_to_time_t(X509_get_notAfter(cert), 1); in x509_verify_cert_info_populate()
162 x509_verify_chain_append(struct x509_verify_chain *chain, X509 *cert, in x509_verify_chain_append() argument
168 if (!x509_constraints_extract_names(chain->names, cert, in x509_verify_chain_append()
174 X509_up_ref(cert); in x509_verify_chain_append()
[all …]
/dflybsd-src/contrib/ldns/
H A Ddane.c134 ldns_dane_cert2rdf(ldns_rdf** rdf, X509* cert, in ldns_dane_cert2rdf() argument
147 assert(cert != NULL); in ldns_dane_cert2rdf()
152 len = (size_t)i2d_X509(cert, &buf); in ldns_dane_cert2rdf()
158 xpubkey = X509_get_X509_PUBKEY(cert); in ldns_dane_cert2rdf()
223 ldns_dane_pkix_validate(X509* cert, STACK_OF(X509)* extra_certs, in ldns_dane_pkix_validate() argument
238 cert, extra_certs) != 1) { in ldns_dane_pkix_validate()
257 ldns_dane_pkix_validate_and_get_chain(STACK_OF(X509)** chain, X509* cert, in ldns_dane_pkix_validate_and_get_chain() argument
276 cert, extra_certs) != 1) { in ldns_dane_pkix_validate_and_get_chain()
306 X509* cert, STACK_OF(X509)* extra_certs) in ldns_dane_pkix_get_chain() argument
322 cert, extra_certs) != 1) { in ldns_dane_pkix_get_chain()
[all …]
/dflybsd-src/crypto/libressl/ssl/
H A Dssl_cert.c180 ssl_cert_dup(SSL_CERT *cert) in ssl_cert_dup() argument
195 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; in ssl_cert_dup()
197 ret->valid = cert->valid; in ssl_cert_dup()
198 ret->mask_k = cert->mask_k; in ssl_cert_dup()
199 ret->mask_a = cert->mask_a; in ssl_cert_dup()
201 if (cert->dhe_params != NULL) { in ssl_cert_dup()
202 ret->dhe_params = DHparams_dup(cert->dhe_params); in ssl_cert_dup()
208 ret->dhe_params_cb = cert->dhe_params_cb; in ssl_cert_dup()
209 ret->dhe_params_auto = cert->dhe_params_auto; in ssl_cert_dup()
212 if (cert->pkeys[i].x509 != NULL) { in ssl_cert_dup()
[all …]
/dflybsd-src/crypto/openssh/
H A Dsshkey.c235 return impl->cert; in sshkey_type_is_cert()
261 (!impl->cert && strcasecmp(impl->shortname, name) == 0)) in sshkey_type_from_name()
331 if ((certs_only && !impl->cert) || (plain_only && impl->cert)) in sshkey_alg_list()
410 return !impl->cert; in sshkey_type_is_valid_ca()
570 cert_free(struct sshkey_cert *cert) in cert_free() argument
574 if (cert == NULL) in cert_free()
576 sshbuf_free(cert->certblob); in cert_free()
577 sshbuf_free(cert->critical); in cert_free()
578 sshbuf_free(cert->extensions); in cert_free()
579 free(cert->key_id); in cert_free()
[all …]
H A Dauth2-pubkeyfile.c147 match_principals_option(const char *principal_list, struct sshkey_cert *cert) in match_principals_option() argument
154 for (i = 0; i < cert->nprincipals; i++) { in match_principals_option()
155 if ((result = match_list(cert->principals[i], in match_principals_option()
172 auth_check_principals_line(char *cp, const struct sshkey_cert *cert, in auth_check_principals_line() argument
206 for (i = 0; i < cert->nprincipals; i++) { in auth_check_principals_line()
207 if (strcmp(cp, cert->principals[i]) != 0) in auth_check_principals_line()
210 loc, cert->principals[i]); in auth_check_principals_line()
223 const struct sshkey_cert *cert, struct sshauthopt **authoptsp) in auth_process_principals() argument
250 if (auth_check_principals_line(cp, cert, loc, authoptsp) == 0) in auth_process_principals()
309 if (!sshkey_equal(found, key->cert->signature_key) || in auth_check_authkey_line()
[all …]
H A DREADME.DELETED137 ./regress/agent-pkcs11-cert.sh
145 ./regress/cert-hostkey.sh
148 ./regress/cert-file.sh
153 ./regress/cert-userkey.sh
214 ./regress/misc/fuzz-harness/testdata/id_dsa-cert.pub
219 ./regress/misc/fuzz-harness/testdata/id_ecdsa-cert.pub
220 ./regress/misc/fuzz-harness/testdata/id_ecdsa_sk-cert.pub
224 ./regress/misc/fuzz-harness/testdata/id_ed25519-cert.pub
227 ./regress/misc/fuzz-harness/testdata/id_ed25519_sk-cert.pub
229 ./regress/misc/fuzz-harness/testdata/id_rsa-cert.pub
[all …]
H A Dauth2-pubkey.c169 (key->cert == NULL || key->cert->signature_type == NULL) ? in userauth_pubkey()
170 "(null)" : key->cert->signature_type); in userauth_pubkey()
180 ca_s = format_key(key->cert->signature_key); in userauth_pubkey()
319 struct sshkey_cert *cert, struct sshauthopt **authoptsp) in match_principals_file() argument
333 success = auth_process_principals(f, file, cert, authoptsp); in match_principals_file()
348 const struct sshkey_cert *cert = key->cert; in match_principals_command() local
396 if ((ca_fp = sshkey_fingerprint(cert->signature_key, in match_principals_command()
406 if ((r = sshkey_to_base64(cert->signature_key, &catext)) != 0) { in match_principals_command()
415 (unsigned long long)cert->serial); in match_principals_command()
426 "T", sshkey_ssh_name(cert->signature_key), in match_principals_command()
[all …]
/dflybsd-src/crypto/libressl/crypto/ct/
H A Dct_sct_ctx.c103 ct_x509_get_ext(X509 *cert, int nid, int *is_duplicated) in ct_x509_get_ext() argument
105 int ret = X509_get_ext_by_NID(cert, nid, -1); in ct_x509_get_ext()
109 X509_get_ext_by_NID(cert, nid, ret) >= 0; in ct_x509_get_ext()
120 ct_x509_cert_fixup(X509 *cert, X509 *presigner) in ct_x509_cert_fixup() argument
130 certidx = ct_x509_get_ext(cert, NID_authority_key_identifier, in ct_x509_cert_fixup()
145 if (!X509_set_issuer_name(cert, X509_get_issuer_name(presigner))) in ct_x509_cert_fixup()
150 X509_EXTENSION *certext = X509_get_ext(cert, certidx); in ct_x509_cert_fixup()
165 SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner) in SCT_CTX_set1_cert() argument
172 int poison_idx = ct_x509_get_ext(cert, NID_ct_precert_poison, &poison_ext_is_dup); in SCT_CTX_set1_cert()
184 certderlen = i2d_X509(cert, &certder); in SCT_CTX_set1_cert()
[all …]
H A Dct_policy.c95 X509_free(ctx->cert); in CT_POLICY_EVAL_CTX_free()
101 CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert) in CT_POLICY_EVAL_CTX_set1_cert() argument
103 if (!X509_up_ref(cert)) in CT_POLICY_EVAL_CTX_set1_cert()
105 ctx->cert = cert; in CT_POLICY_EVAL_CTX_set1_cert()
134 return ctx->cert; in CT_POLICY_EVAL_CTX_get0_cert()
/dflybsd-src/crypto/libressl/tls/
H A Dtls_keypair.c35 X509 *cert = NULL; in tls_keypair_pubkey_hash() local
46 if (tls_keypair_load_cert(keypair, error, &cert) == -1) in tls_keypair_pubkey_hash()
48 if (tls_cert_pubkey_hash(cert, &keypair->pubkey_hash) == -1) in tls_keypair_pubkey_hash()
54 X509_free(cert); in tls_keypair_pubkey_hash()
79 const uint8_t *cert, size_t len) in tls_keypair_set_cert_mem() argument
81 if (tls_set_mem(&keypair->cert_mem, &keypair->cert_len, cert, len) == -1) in tls_keypair_set_cert_mem()
136 X509 **cert) in tls_keypair_load_cert() argument
143 X509_free(*cert); in tls_keypair_load_cert()
144 *cert = NULL; in tls_keypair_load_cert()
155 if ((*cert = PEM_read_bio_X509(cert_bio, NULL, tls_password_cb, in tls_keypair_load_cert()
/dflybsd-src/contrib/wpa_supplicant/src/crypto/
H A Dtls_openssl.c369 const CERT_CONTEXT *cert; member
492 if (priv->cert) in cryptoapi_free_data()
493 CertFreeCertificateContext(priv->cert); in cryptoapi_free_data()
555 X509 *cert = NULL; in tls_cryptoapi_cert() local
575 priv->cert = cryptoapi_find_cert(name, CERT_SYSTEM_STORE_CURRENT_USER); in tls_cryptoapi_cert()
576 if (priv->cert == NULL) { in tls_cryptoapi_cert()
577 priv->cert = cryptoapi_find_cert( in tls_cryptoapi_cert()
580 if (priv->cert == NULL) { in tls_cryptoapi_cert()
586 cert = d2i_X509(NULL, in tls_cryptoapi_cert()
587 (const unsigned char **) &priv->cert->pbCertEncoded, in tls_cryptoapi_cert()
[all …]
H A Dtls_gnutls.c610 gnutls_datum_t cert, key; in tls_connection_set_params() local
612 cert.data = (unsigned char *) params->client_cert_blob; in tls_connection_set_params()
613 cert.size = params->client_cert_blob_len; in tls_connection_set_params()
619 conn->xcred, &cert, &key, GNUTLS_X509_FMT_DER, in tls_connection_set_params()
624 conn->xcred, &cert, &key, GNUTLS_X509_FMT_DER); in tls_connection_set_params()
631 conn->xcred, &cert, &key, GNUTLS_X509_FMT_PEM, in tls_connection_set_params()
636 conn->xcred, &cert, &key, GNUTLS_X509_FMT_PEM); in tls_connection_set_params()
929 const gnutls_datum_t *cert, int depth, in gnutls_tls_fail_event() argument
945 if (cert) { in gnutls_tls_fail_event()
946 cert_buf = wpabuf_alloc_copy(cert->data, cert->size); in gnutls_tls_fail_event()
[all …]
/dflybsd-src/crypto/libressl/crypto/ts/
H A Dts_rsp_verify.c77 static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
79 static int TS_find_cert_v2(STACK_OF(ESS_CERT_ID_V2) *cert_ids, X509 *cert);
80 static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509 *cert);
282 X509 *cert; in TS_check_signing_certs() local
289 cert = sk_X509_value(chain, 0); in TS_check_signing_certs()
291 if (TS_find_cert(cert_ids, cert) != 0) in TS_check_signing_certs()
301 cert = sk_X509_value(chain, i); in TS_check_signing_certs()
303 if (TS_find_cert(cert_ids, cert) < 0) in TS_check_signing_certs()
312 cert = sk_X509_value(chain, 0); in TS_check_signing_certs()
314 if (TS_find_cert_v2(cert_ids_v2, cert) != 0) in TS_check_signing_certs()
[all …]
/dflybsd-src/contrib/wpa_supplicant/wpa_supplicant/
H A Dnotify.c791 struct tls_cert_data *cert, in wpas_notify_certification() argument
798 cert->depth, cert->subject, cert_hash ? " hash=" : "", in wpas_notify_certification()
800 cert->tod ? " tod=1" : ""); in wpas_notify_certification()
802 if (cert->cert) { in wpas_notify_certification()
804 size_t len = wpabuf_len(cert->cert) * 2 + 1; in wpas_notify_certification()
807 wpa_snprintf_hex(cert_hex, len, wpabuf_head(cert->cert), in wpas_notify_certification()
808 wpabuf_len(cert->cert)); in wpas_notify_certification()
812 cert->depth, cert->subject, cert_hex); in wpas_notify_certification()
817 for (i = 0; i < cert->num_altsubject; i++) in wpas_notify_certification()
819 "depth=%d %s", cert->depth, cert->altsubject[i]); in wpas_notify_certification()
[all …]
/dflybsd-src/contrib/wpa_supplicant/src/utils/
H A Dhttp_curl.c56 int (*cert_cb)(void *ctx, struct http_cert *cert);
179 static void debug_dump_cert(const char *title, X509 *cert) in debug_dump_cert() argument
189 X509_print_ex(out, cert, XN_FLAG_COMPAT, X509_FLAG_COMPAT); in debug_dump_cert()
204 static void add_alt_name_othername(struct http_ctx *ctx, struct http_cert *cert, in add_alt_name_othername() argument
212 on = os_realloc_array(cert->othername, cert->num_othername + 1, in add_alt_name_othername()
216 cert->othername = on; in add_alt_name_othername()
217 on = &on[cert->num_othername]; in add_alt_name_othername()
232 cert->num_othername++; in add_alt_name_othername()
236 static void add_alt_name_dns(struct http_ctx *ctx, struct http_cert *cert, in add_alt_name_dns() argument
246 n = os_realloc_array(cert->dnsname, cert->num_dnsname + 1, in add_alt_name_dns()
[all …]
/dflybsd-src/crypto/libressl/crypto/pkcs12/
H A Dp12_crt.c85 PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert, in PKCS12_create() argument
108 if (!pkey && !cert && !ca) { in PKCS12_create()
113 if (pkey && cert) { in PKCS12_create()
114 if (!X509_check_private_key(cert, pkey)) in PKCS12_create()
116 X509_digest(cert, EVP_sha1(), keyid, &keyidlen); in PKCS12_create()
119 if (cert) { in PKCS12_create()
120 bag = PKCS12_add_cert(&bags, cert); in PKCS12_create()
188 PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert) in PKCS12_add_cert() argument
197 if (!(bag = PKCS12_x5092certbag(cert))) in PKCS12_add_cert()
203 name = (char *)X509_alias_get0(cert, &namelen); in PKCS12_add_cert()
[all …]
/dflybsd-src/crypto/libressl/apps/openssl/
H A Dcerthash.c305 X509 *cert = NULL; in certhash_cert() local
309 if ((cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)) == NULL) in certhash_cert()
312 hash = X509_subject_name_hash(cert); in certhash_cert()
315 if (X509_digest(cert, digest, fingerprint, &len) != 1) { in certhash_cert()
323 X509_free(cert); in certhash_cert()
434 struct hashinfo *cert, *crl; in certhash_merge() local
445 for (cert = *certs; cert != NULL; cert = cert->next) { in certhash_merge()
446 if (cert->is_dup == 1) in certhash_merge()
448 certhash_findlink(*links, cert); in certhash_merge()
457 for (cert = *certs; cert != NULL; cert = cert->next) { in certhash_merge()
[all …]
/dflybsd-src/crypto/libressl/crypto/cms/
H A Dcms_lib.c481 CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert) in CMS_add0_cert() argument
493 if (!X509_cmp(cch->d.certificate, cert)) { in CMS_add0_cert()
503 cch->d.certificate = cert; in CMS_add0_cert()
509 CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert) in CMS_add1_cert() argument
513 r = CMS_add0_cert(cms, cert); in CMS_add1_cert()
515 X509_up_ref(cert); in CMS_add1_cert()
655 cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert) in cms_ias_cert_cmp() argument
659 ret = X509_NAME_cmp(ias->issuer, X509_get_issuer_name(cert)); in cms_ias_cert_cmp()
663 return ASN1_INTEGER_cmp(ias->serialNumber, X509_get_serialNumber(cert)); in cms_ias_cert_cmp()
667 cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert) in cms_keyid_cert_cmp() argument
[all …]
/dflybsd-src/libexec/dma/
H A Dcrypto.c82 verify_server_fingerprint(const X509 *cert) in verify_server_fingerprint() argument
86 if(!X509_digest(cert, EVP_sha256(), fingerprint, &fingerprint_len)) { in verify_server_fingerprint()
113 X509 *cert; in smtp_init_crypto() local
199 cert = SSL_get_peer_certificate(config.ssl); in smtp_init_crypto()
200 if (cert == NULL) { in smtp_init_crypto()
205 if(config.fingerprint != NULL && verify_server_fingerprint(cert)) { in smtp_init_crypto()
206 X509_free(cert); in smtp_init_crypto()
209 X509_free(cert); in smtp_init_crypto()

123456