Lines Matching full:opt
179 cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv) in cms_verify_sd() argument
193 if (opt->missing_revoke_flag) in cms_verify_sd()
197 lock_strings(lock, &opt->pass_strings); in cms_verify_sd()
210 certs_strings(context, "anchors", anchors, lock, &opt->anchors_strings); in cms_verify_sd()
211 certs_strings(context, "store", store, lock, &opt->certificate_strings); in cms_verify_sd()
213 if (opt->pem_flag) { in cms_verify_sd()
229 if (pd.detached_data && opt->signed_content_string == NULL) { in cms_verify_sd()
253 if (opt->signed_content_string) { in cms_verify_sd()
254 ret = _hx509_map_file_os(opt->signed_content_string, &signeddata); in cms_verify_sd()
256 errx(1, "map_file: %s: %d", opt->signed_content_string, ret); in cms_verify_sd()
260 if (opt->content_info_flag) { in cms_verify_sd()
283 if (!opt->signer_allowed_flag) in cms_verify_sd()
285 if (opt->allow_wrong_oid_flag) in cms_verify_sd()
357 cms_create_sd(struct cms_create_sd_options *opt, int argc, char **argv) in cms_create_sd() argument
376 opt->pem_flag ? "pem" : "cms-signeddata"); in cms_create_sd()
383 lock_strings(lock, &opt->pass_strings); in cms_create_sd()
390 certs_strings(context, "store", store, lock, &opt->certificate_strings); in cms_create_sd()
391 certs_strings(context, "pool", pool, lock, &opt->pool_strings); in cms_create_sd()
393 if (opt->anchors_strings.num_strings) { in cms_create_sd()
397 certs_strings(context, "anchors", anchors, lock, &opt->anchors_strings); in cms_create_sd()
401 if (opt->detached_signature_flag) in cms_create_sd()
403 if (opt->id_by_name_flag) in cms_create_sd()
405 if (!opt->signer_flag) { in cms_create_sd()
410 if (opt->signer_flag) { in cms_create_sd()
418 if (opt->signer_string) in cms_create_sd()
419 hx509_query_match_friendly_name(q, opt->signer_string); in cms_create_sd()
426 if (!opt->embedded_certs_flag) in cms_create_sd()
428 if (opt->embed_leaf_only_flag) in cms_create_sd()
435 if (opt->peer_alg_strings.num_strings) in cms_create_sd()
436 peer_strings(context, &peer, &opt->peer_alg_strings); in cms_create_sd()
438 parse_oid(opt->content_type_string, &asn1_oid_id_pkcs7_data, &contentType); in cms_create_sd()
462 if (opt->content_info_flag) { in cms_create_sd()
473 if (opt->pem_flag) { in cms_create_sd()
478 opt->detached_signature_flag ? in cms_create_sd()
510 cms_unenvelope(struct cms_unenvelope_options *opt, int argc, char **argv) in cms_unenvelope() argument
522 lock_strings(lock, &opt->pass_strings); in cms_unenvelope()
531 if (opt->content_info_flag) { in cms_unenvelope()
550 certs_strings(context, "store", certs, lock, &opt->certificate_strings); in cms_unenvelope()
552 if (opt->allow_weak_crypto_flag) in cms_unenvelope()
577 cms_create_enveloped(struct cms_envelope_options *opt, int argc, char **argv) in cms_create_enveloped() argument
594 lock_strings(lock, &opt->pass_strings); in cms_create_enveloped()
603 certs_strings(context, "store", certs, lock, &opt->certificate_strings); in cms_create_enveloped()
605 if (opt->allow_weak_crypto_flag) in cms_create_enveloped()
608 if (opt->encryption_type_string) { in cms_create_enveloped()
609 enctype = hx509_crypto_enctype_by_name(opt->encryption_type_string); in cms_create_enveloped()
612 opt->encryption_type_string); in cms_create_enveloped()
626 parse_oid(opt->content_type_string, &asn1_oid_id_pkcs7_data, &contentType); in cms_create_enveloped()
638 if (opt->content_info_flag) { in cms_create_enveloped()
708 pcert_print(struct print_options *opt, int argc, char **argv) in pcert_print() argument
715 s.verbose = opt->content_flag; in pcert_print()
718 lock_strings(lock, &opt->pass_strings); in pcert_print()
724 if (opt->never_fail_flag) { in pcert_print()
730 if (opt->info_flag) in pcert_print()
751 pcert_validate(struct validate_options *opt, int argc, char **argv) in pcert_validate() argument
758 lock_strings(lock, &opt->pass_strings); in pcert_validate()
781 certificate_copy(struct certificate_copy_options *opt, int argc, char **argv) in certificate_copy() argument
788 lock_strings(inlock, &opt->in_pass_strings); in certificate_copy()
790 if (opt->out_pass_string) { in certificate_copy()
792 ret = hx509_lock_command_string(outlock, opt->out_pass_string); in certificate_copy()
795 opt->out_pass_string, ret); in certificate_copy()
860 pcert_verify(struct verify_options *opt, int argc, char **argv) in pcert_verify() argument
870 if (opt->missing_revoke_flag) in pcert_verify()
886 if (opt->allow_proxy_certificate_flag) in pcert_verify()
889 if (opt->time_string) { in pcert_verify()
896 p = strptime (opt->time_string, "%Y-%m-%d", &tm); in pcert_verify()
899 opt->time_string); in pcert_verify()
906 if (opt->hostname_string) in pcert_verify()
907 v.hostname = opt->hostname_string; in pcert_verify()
908 if (opt->max_depth_integer) in pcert_verify()
909 hx509_verify_set_max_depth(ctx, opt->max_depth_integer); in pcert_verify()
990 query(struct query_options *opt, int argc, char **argv) in query() argument
1003 lock_strings(lock, &opt->pass_strings); in query()
1018 if (opt->friendlyname_string) in query()
1019 hx509_query_match_friendly_name(q, opt->friendlyname_string); in query()
1021 if (opt->eku_string) { in query()
1024 parse_oid(opt->eku_string, NULL, &oid); in query()
1032 if (opt->private_key_flag) in query()
1035 if (opt->keyEncipherment_flag) in query()
1038 if (opt->digitalSignature_flag) in query()
1041 if (opt->expr_string) in query()
1042 hx509_query_match_expr(context, q, opt->expr_string); in query()
1050 if (opt->print_flag) in query()
1063 ocsp_fetch(struct ocsp_fetch_options *opt, int argc, char **argv) in ocsp_fetch() argument
1075 lock_strings(lock, &opt->pass_strings); in ocsp_fetch()
1078 if (!opt->nonce_flag) in ocsp_fetch()
1081 if (opt->url_path_string) in ocsp_fetch()
1082 url = opt->url_path_string; in ocsp_fetch()
1087 certs_strings(context, "ocsp-pool", pool, lock, &opt->pool_strings); in ocsp_fetch()
1132 ocsp_print(struct ocsp_print_options *opt, int argc, char **argv) in ocsp_print() argument
1163 ocsp_verify(struct ocsp_verify_options *opt, int argc, char **argv) in ocsp_verify() argument
1172 if (opt->ocsp_file_string == NULL) in ocsp_verify()
1175 ret = _hx509_map_file_os(opt->ocsp_file_string, &os); in ocsp_verify()
1281 request_create(struct request_create_options *opt, int argc, char **argv) in request_create() argument
1293 get_key(opt->key_string, in request_create()
1294 opt->generate_key_string, in request_create()
1295 opt->key_bits_integer, in request_create()
1300 if (opt->subject_string) { in request_create()
1303 ret = hx509_parse_name(context, opt->subject_string, &name); in request_create()
1308 if (opt->verbose_flag) { in request_create()
1316 for (i = 0; i < opt->email_strings.num_strings; i++) { in request_create()
1318 opt->email_strings.strings[i]); in request_create()
1323 for (i = 0; i < opt->dnsname_strings.num_strings; i++) { in request_create()
1325 opt->dnsname_strings.strings[i]); in request_create()
1360 request_print(struct request_print_options *opt, int argc, char **argv) in request_print() argument
1383 info(void *opt, int argc, char **argv) in info() argument
1416 random_data(void *opt, int argc, char **argv) in random_data() argument
1449 crypto_available(struct crypto_available_options *opt, int argc, char **argv) in crypto_available() argument
1455 if (opt->type_string) { in crypto_available()
1456 if (strcmp(opt->type_string, "all") == 0) in crypto_available()
1458 else if (strcmp(opt->type_string, "digest") == 0) in crypto_available()
1460 else if (strcmp(opt->type_string, "public-sig") == 0) in crypto_available()
1462 else if (strcmp(opt->type_string, "secret") == 0) in crypto_available()
1465 errx(1, "unknown type: %s", opt->type_string); in crypto_available()
1485 crypto_select(struct crypto_select_options *opt, int argc, char **argv) in crypto_select() argument
1492 if (opt->type_string) { in crypto_select()
1493 if (strcmp(opt->type_string, "digest") == 0) in crypto_select()
1495 else if (strcmp(opt->type_string, "public-sig") == 0) in crypto_select()
1497 else if (strcmp(opt->type_string, "secret") == 0) in crypto_select()
1500 errx(1, "unknown type: %s", opt->type_string); in crypto_select()
1503 if (opt->peer_cmstype_strings.num_strings) in crypto_select()
1504 peer_strings(context, &peer, &opt->peer_cmstype_strings); in crypto_select()
1521 hxtool_hex(struct hex_options *opt, int argc, char **argv) in hxtool_hex() argument
1524 if (opt->decode_flag) { in hxtool_hex()
1560 https_server(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) in https_server() argument
1566 https_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) in https_client() argument
1572 peap_server(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) in peap_server() argument
1578 pkinit_kdc(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) in pkinit_kdc() argument
1580 opt->pkinit++; in pkinit_kdc()
1585 pkinit_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) in pkinit_client() argument
1589 opt->pkinit++; in pkinit_client()
1603 email_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt) in email_client() argument
1667 const struct certificate_sign_options *opt) in eval_types() argument
1676 for (i = 0; i < opt->type_strings.num_strings; i++) { in eval_types()
1677 const char *type = opt->type_strings.strings[i]; in eval_types()
1696 if (opt->pk_init_principal_string) { in eval_types()
1701 opt->pk_init_principal_string); in eval_types()
1706 if (opt->ms_upn_string) { in eval_types()
1710 ret = hx509_ca_tbs_add_san_ms_upn(contextp, tbs, opt->ms_upn_string); in eval_types()
1716 for (i = 0; i < opt->hostname_strings.num_strings; i++) { in eval_types()
1717 const char *hostname = opt->hostname_strings.strings[i]; in eval_types()
1724 for (i = 0; i < opt->email_strings.num_strings; i++) { in eval_types()
1725 const char *email = opt->email_strings.strings[i]; in eval_types()
1737 if (opt->jid_string) { in eval_types()
1738 ret = hx509_ca_tbs_add_san_jid(contextp, tbs, opt->jid_string); in eval_types()
1747 hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) in hxtool_ca() argument
1760 if (opt->ca_certificate_string == NULL && !opt->self_signed_flag) in hxtool_ca()
1762 …if (opt->ca_private_key_string == NULL && opt->generate_key_string == NULL && opt->self_signed_fla… in hxtool_ca()
1764 if (opt->certificate_string == NULL) in hxtool_ca()
1767 if (opt->template_certificate_string) { in hxtool_ca()
1768 if (opt->template_fields_string == NULL) in hxtool_ca()
1772 if (opt->lifetime_string) { in hxtool_ca()
1773 delta = parse_time(opt->lifetime_string, "day"); in hxtool_ca()
1775 errx(1, "Invalid lifetime: %s", opt->lifetime_string); in hxtool_ca()
1778 if (opt->ca_certificate_string) { in hxtool_ca()
1782 ret = hx509_certs_init(context, opt->ca_certificate_string, 0, in hxtool_ca()
1786 "hx509_certs_init: %s", opt->ca_certificate_string); in hxtool_ca()
1793 if (!opt->issue_proxy_flag) in hxtool_ca()
1801 } else if (opt->self_signed_flag) { in hxtool_ca()
1802 if (opt->generate_key_string == NULL in hxtool_ca()
1803 && opt->ca_private_key_string == NULL) in hxtool_ca()
1806 if (opt->req_string) in hxtool_ca()
1811 if (opt->ca_private_key_string) { in hxtool_ca()
1813 ret = read_private_key(opt->ca_private_key_string, &private_key); in hxtool_ca()
1821 if (opt->self_signed_flag) in hxtool_ca()
1825 if (opt->req_string) { in hxtool_ca()
1828 ret = _hx509_request_parse(context, opt->req_string, &req); in hxtool_ca()
1830 hx509_err(context, 1, ret, "parse_request: %s", opt->req_string); in hxtool_ca()
1840 if (opt->generate_key_string) { in hxtool_ca()
1849 if (opt->issue_ca_flag) in hxtool_ca()
1852 if (opt->key_bits_integer) in hxtool_ca()
1854 opt->key_bits_integer); in hxtool_ca()
1866 if (opt->self_signed_flag) in hxtool_ca()
1870 if (opt->certificate_private_key_string) { in hxtool_ca()
1871 ret = read_private_key(opt->certificate_private_key_string, &cert_key); in hxtool_ca()
1876 if (opt->subject_string) { in hxtool_ca()
1879 ret = hx509_parse_name(context, opt->subject_string, &subject); in hxtool_ca()
1892 if (opt->template_certificate_string) { in hxtool_ca()
1897 ret = hx509_certs_init(context, opt->template_certificate_string, 0, in hxtool_ca()
1901 "hx509_certs_init: %s", opt->template_certificate_string); in hxtool_ca()
1909 flags = parse_units(opt->template_fields_string, in hxtool_ca()
1919 if (opt->serial_number_string) { in hxtool_ca()
1922 ret = der_parse_hex_heim_integer(opt->serial_number_string, in hxtool_ca()
1944 if (opt->crl_uri_string) { in hxtool_ca()
1946 opt->crl_uri_string, NULL); in hxtool_ca()
1951 eval_types(context, tbs, opt); in hxtool_ca()
1953 if (opt->issue_ca_flag) { in hxtool_ca()
1954 ret = hx509_ca_tbs_set_ca(context, tbs, opt->path_length_integer); in hxtool_ca()
1958 if (opt->issue_proxy_flag) { in hxtool_ca()
1959 ret = hx509_ca_tbs_set_proxy(context, tbs, opt->path_length_integer); in hxtool_ca()
1963 if (opt->domain_controller_flag) { in hxtool_ca()
1975 if (opt->self_signed_flag) { in hxtool_ca()
1994 ret = hx509_certs_init(context, opt->certificate_string, in hxtool_ca()
2057 test_crypto(struct test_crypto_options *opt, int argc, char ** argv) in test_crypto() argument
2065 lock_strings(lock, &opt->pass_strings); in test_crypto()
2092 statistic_print(struct statistic_print_options*opt, int argc, char **argv) in statistic_print() argument
2099 if (opt->type_integer) in statistic_print()
2100 type = opt->type_integer; in statistic_print()
2111 crl_sign(struct crl_sign_options *opt, int argc, char **argv) in crl_sign() argument
2120 lock_strings(lock, &opt->pass_strings); in crl_sign()
2126 if (opt->signer_string == NULL) in crl_sign()
2133 ret = hx509_certs_init(context, opt->signer_string, 0, in crl_sign()
2137 "hx509_certs_init: %s", opt->signer_string); in crl_sign()
2152 if (opt->lifetime_string) { in crl_sign()
2155 delta = parse_time(opt->lifetime_string, "day"); in crl_sign()
2157 errx(1, "Invalid lifetime: %s", opt->lifetime_string); in crl_sign()
2184 if (opt->crl_file_string) in crl_sign()
2185 rk_dumpdata(opt->crl_file_string, os.data, os.length); in crl_sign()
2201 help(void *opt, int argc, char **argv) in help() argument