| /freebsd/crypto/openssl/ssl/statem/ |
| H A D | statem_local.h | 133 __owur int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
189 RAW_EXTENSION *exts, X509 *x, size_t chainidx);
191 X509 *x, size_t chainidx, int fin);
195 X509 *x, size_t chainidx);
205 X509 *x, size_t chainidx);
207 X509 *x, size_t chainidx);
209 X509 *x, size_t chainidx);
211 int tls_parse_ctos_srp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
215 X509 *x, size_t chainidx);
217 X509 *x, size_t chainidx);
[all …]
|
| /freebsd/crypto/openssl/crypto/x509/ |
| H A D | x509_cmp.c | 19 int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) in X509_issuer_and_serial_cmp()
37 unsigned long X509_issuer_and_serial_hash(X509 *a) in X509_issuer_and_serial_hash()
75 int X509_issuer_name_cmp(const X509 *a, const X509 *b) in X509_issuer_name_cmp()
80 int X509_subject_name_cmp(const X509 *a, const X509 *b) in X509_subject_name_cmp()
103 X509_NAME *X509_get_issuer_name(const X509 *a) in X509_get_issuer_name()
108 unsigned long X509_issuer_name_hash(X509 *x) in X509_issuer_name_hash()
114 unsigned long X509_issuer_name_hash_old(X509 *x) in X509_issuer_name_hash_old()
120 X509_NAME *X509_get_subject_name(const X509 *a) in X509_get_subject_name()
125 ASN1_INTEGER *X509_get_serialNumber(X509 *a) in X509_get_serialNumber()
130 const ASN1_INTEGER *X509_get0_serialNumber(const X509 *a) in X509_get0_serialNumber()
[all …]
|
| H A D | x_x509.c | 39 X509 *ret = (X509 *)*pval; in x509_cb()
103 X509 *old = exarg; in x509_cb()
132 ASN1_SEQUENCE_ref(X509, x509_cb) = {
133 ASN1_EMBED(X509, cert_info, X509_CINF),
134 ASN1_EMBED(X509, sig_alg, X509_ALGOR),
135 ASN1_EMBED(X509, signature, ASN1_BIT_STRING)
136 } ASN1_SEQUENCE_END_ref(X509, X509)
138 IMPLEMENT_ASN1_FUNCTIONS(X509)
139 IMPLEMENT_ASN1_DUP_FUNCTION(X509)
146 int ossl_x509_set0_libctx(X509 *x, OSSL_LIB_CTX *libctx, const char *propq)
[all …]
|
| H A D | x509_set.c | 22 int X509_set_version(X509 *x, long version) in X509_set_version()
38 int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial) in X509_set_serialNumber()
50 int X509_set_issuer_name(X509 *x, const X509_NAME *name) in X509_set_issuer_name()
57 int X509_set_subject_name(X509 *x, const X509_NAME *name) in X509_set_subject_name()
78 int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm) in X509_set1_notBefore()
85 int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm) in X509_set1_notAfter()
92 int X509_set_pubkey(X509 *x, EVP_PKEY *pkey) in X509_set_pubkey()
99 int X509_up_ref(X509 *x) in X509_up_ref()
111 long X509_get_version(const X509 *x) in X509_get_version()
116 const ASN1_TIME *X509_get0_notBefore(const X509 *x) in X509_get0_notBefore()
[all …]
|
| H A D | v3_purp.c | 19 static int check_ssl_ca(const X509 *x);
20 static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,
22 static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,
24 static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x,
26 static int purpose_smime(const X509 *x, int require_ca);
27 static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x,
29 static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x,
31 static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,
33 static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,
35 static int no_check_purpose(const X509_PURPOSE *xp, const X509 *x,
[all …]
|
| H A D | x_x509a.c | 24 static X509_CERT_AUX *aux_get(X509 *x);
36 int X509_trusted(const X509 *x)
41 static X509_CERT_AUX *aux_get(X509 *x) in aux_get()
50 int X509_alias_set1(X509 *x, const unsigned char *name, int len) in X509_alias_set1()
67 int X509_keyid_set1(X509 *x, const unsigned char *id, int len) in X509_keyid_set1()
85 unsigned char *X509_alias_get0(X509 *x, int *len) in X509_alias_get0()
94 unsigned char *X509_keyid_get0(X509 *x, int *len) in X509_keyid_get0()
103 int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj) in X509_add1_trust_object()
124 int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj) in X509_add1_reject_object()
146 void X509_trust_clear(X509 *x) in X509_trust_clear()
[all …]
|
| H A D | x509_local.h | 42 int ossl_x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int depth);
127 int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
129 int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
133 int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
137 int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
140 STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx,
158 int ossl_x509_likely_issued(X509 *issuer, X509 *subject);
159 int ossl_x509_signing_allowed(const X509 *issuer, const X509 *subject);
|
| H A D | x509_trust.c | 18 static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
19 static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
20 static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
22 static int obj_trust(int id, X509 *x, int flags);
23 static int (*default_trust) (int id, X509 *x, int flags) = obj_trust;
57 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, in X509_TRUST_set_default() argument
59 int (*oldtrust) (int, X509 *, int); in X509_TRUST_set_default()
65 int X509_check_trust(X509 *x, int id, int flags) in X509_check_trust()
123 int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int), in X509_TRUST_add() argument
217 static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags) in trust_1oidany()
[all …]
|
| H A D | x509_vfy.c | 48 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
49 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
57 static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
59 static int check_key_level(X509_STORE_CTX *ctx, X509 *cert);
60 static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert);
61 static int check_curve(X509 *cert);
63 static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
64 unsigned int *preasons, X509_CRL *crl, X509 *x);
66 X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);
70 static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,
[all …]
|
| /freebsd/crypto/openssl/crypto/ocsp/ |
| H A D | ocsp_vfy.c | 16 static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs,
17 STACK_OF(X509) *certs, unsigned long flags);
18 static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id);
19 static int ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain);
22 static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
24 static int ocsp_check_delegated(X509 *x);
25 static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req,
26 const X509_NAME *nm, STACK_OF(X509) *certs,
30 static int ocsp_verify_signer(X509 *signer, int response, in ocsp_verify_signer()
32 STACK_OF(X509) *untrusted, STACK_OF(X509) **chain) in ocsp_verify_signer()
[all …]
|
| /freebsd/crypto/openssl/include/openssl/ |
| H A D | x509.h | 75 SKM_DEFINE_STACK_OF_INTERNAL(X509, X509, X509)
77 #define sk_X509_value(sk, idx) ((X509 *)OPENSSL_sk_value(ossl_check_const_X509_sk_type(sk), (idx)))
78 #define sk_X509_new(cmp) ((STACK_OF(X509) *)OPENSSL_sk_new(ossl_check_X509_compfunc_type(cmp)))
79 #define sk_X509_new_null() ((STACK_OF(X509) *)OPENSSL_sk_new_null())
80 #define sk_X509_new_reserve(cmp, n) ((STACK_OF(X509) *)OPENSSL_sk_new_reserve(ossl_check_X509_compf…
84 #define sk_X509_delete(sk, i) ((X509 *)OPENSSL_sk_delete(ossl_check_X509_sk_type(sk), (i)))
85 #define sk_X509_delete_ptr(sk, ptr) ((X509 *)OPENSSL_sk_delete_ptr(ossl_check_X509_sk_type(sk), oss…
88 #define sk_X509_pop(sk) ((X509 *)OPENSSL_sk_pop(ossl_check_X509_sk_type(sk)))
89 #define sk_X509_shift(sk) ((X509 *)OPENSSL_sk_shift(ossl_check_X509_sk_type(sk)))
92 #define sk_X509_set(sk, idx, ptr) ((X509 *)OPENSSL_sk_set(ossl_check_X509_sk_type(sk), (idx), ossl_…
[all …]
|
| H A D | x509.h.in | 52 .generate_stack_macros("X509")
210 X509 *x509;
239 STACK_OF(X509) *certs;
317 int X509_verify(X509 *a, EVP_PKEY *r);
318 int X509_self_signed(X509 *cert, int verify_signature);
337 int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
338 int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
345 int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
347 int X509_digest(const X509 *data, const EVP_MD *type,
349 ASN1_OCTET_STRING *X509_digest_sig(const X509 *cert,
[all …]
|
| H A D | cms.h.in | 123 CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
124 STACK_OF(X509) *certs, BIO *data,
126 CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
127 STACK_OF(X509) *certs, BIO *data,
132 X509 *signcert, EVP_PKEY *pkey,
133 STACK_OF(X509) *certs, unsigned int flags);
164 int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
168 STACK_OF(X509) *certs,
171 STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
173 CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
[all …]
|
| H A D | x509_vfy.h | 152 int (*check_trust) (struct x509_trust_st *, X509 *, int);
218 int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
225 int X509_trusted(const X509 *x);
226 int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj);
227 int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj);
228 void X509_trust_clear(X509 *x);
229 void X509_reject_clear(X509 *x);
230 STACK_OF(ASN1_OBJECT) *X509_get0_trust_objects(X509 *x);
231 STACK_OF(ASN1_OBJECT) *X509_get0_reject_objects(X509 *x);
233 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
[all …]
|
| H A D | pkcs7.h.in | 76 X509 *cert; /* get the pub-key from this */
87 STACK_OF(X509) *cert; /* [ 0 ] */
114 STACK_OF(X509) *cert; /* [ 0 ] */
269 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
273 int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
279 X509 *x509);
283 BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
285 PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
287 X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
291 PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
[all …]
|
| /freebsd/crypto/openssl/include/crypto/ |
| H A D | x509.h | 219 X509 *cert;
221 STACK_OF(X509) *untrusted;
233 int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
235 int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
239 int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
243 int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
246 STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx,
258 STACK_OF(X509) *chain;
266 X509 *current_cert;
268 X509 *current_issuer;
[all …]
|
| /freebsd/crypto/openssl/crypto/cmp/ |
| H A D | cmp_local.h | 64 X509 *srvCert; /* certificate used to identify the server */
65 X509 *validatedSrvCert; /* caches any already validated server cert */
68 STACK_OF(X509) *untrusted; /* untrusted (intermediate CA) certs */
78 X509 *cert; /* protection cert used to identify and sign for MSG_SIG_ALG */
79 STACK_OF(X509) *chain; /* (cached) chain of protection cert including it */
99 STACK_OF(X509) *extraCertsOut; /* to be included in request messages */
114 X509 *oldCert; /* cert to be updated (via KUR) or to be revoked (via RR) */
125 X509 *newCert; /* newly enrolled cert received from the CA */
126 STACK_OF(X509) *newChain; /* chain of newly enrolled cert received */
127 STACK_OF(X509) *caPubs; /* CA certs received from server (in IP message) */
[all …]
|
| /freebsd/contrib/ldns/ldns/ |
| H A D | dane.h | 146 ldns_status ldns_dane_cert2rdf(ldns_rdf** rdf, X509* cert,
179 ldns_status ldns_dane_select_certificate(X509** selected_cert,
180 X509* cert, STACK_OF(X509)* extra_certs,
201 X509* cert);
243 X509* cert, STACK_OF(X509)* extra_certs,
280 X509* cert, STACK_OF(X509)* extra_certs,
|
| /freebsd/crypto/openssl/doc/man3/ |
| H A D | X509_cmp.pod | 8 - compare X509 certificates and related values
14 int X509_cmp(const X509 *a, const X509 *b);
16 int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
17 int X509_issuer_name_cmp(const X509 *a, const X509 *b);
18 int X509_subject_name_cmp(const X509 *a, const X509 *b);
24 This set of functions are used to compare X509 objects, including X509
25 certificates, X509 CRL objects and various values in an X509 certificate.
27 The X509_cmp() function compares two B<X509> objects indicated by parameters
29 values of two B<X509> objects and the canonical (DER) encoding values.
41 values in the given B<X509> objects I<a> and I<b>.
[all …]
|
| H A D | X509_new.pod | 7 X509_chain_up_ref - X509 certificate ASN1 allocation functions
13 X509 *X509_new(void);
14 X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
15 void X509_free(X509 *a);
16 int X509_up_ref(X509 *a);
17 STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x);
21 The X509 ASN1 allocation routines allocate and free an
22 X509 structure, which represents an X509 certificate.
24 X509_new_ex() allocates and initializes a X509 structure with a
26 count of B<1>. Many X509 functions such as X509_check_purpose(), and
[all …]
|
| H A D | i2d_re_X509_tbs.pod | 7 - X509 encode and decode functions
13 X509 *d2i_X509_AUX(X509 **px, const unsigned char **in, long len);
14 int i2d_X509_AUX(const X509 *x, unsigned char **out);
15 int i2d_re_X509_tbs(X509 *x, unsigned char **out);
21 The X509 encode and decode routines encode and parse an
22 B<X509> structure, which represents an X509 certificate.
25 consist of an X509 certificate followed by auxiliary trust information.
42 in the B<X509> structure internally to improve encoding performance
46 If, after modification, the B<X509> object is re-signed with X509_sign(),
48 TBSCertificate portion of the B<X509> can be manually renewed by calling
[all …]
|
| /freebsd/crypto/openssl/test/ |
| H A D | v3nametest.c | 85 static int set_cn(X509 *crt, ...) in set_cn()
124 static int set_altname(X509 *crt, ...) in set_altname()
174 static int set_cn1(X509 *crt, const char *name) in set_cn1()
179 static int set_cn_and_email(X509 *crt, const char *name) in set_cn_and_email()
185 static int set_cn2(X509 *crt, const char *name) in set_cn2()
191 static int set_cn3(X509 *crt, const char *name) in set_cn3()
197 static int set_email1(X509 *crt, const char *name) in set_email1()
202 static int set_email2(X509 *crt, const char *name) in set_email2()
208 static int set_email3(X509 *crt, const char *name) in set_email3()
214 static int set_email_and_cn(X509 *crt, const char *name) in set_email_and_cn()
[all …]
|
| /freebsd/contrib/ldns/ |
| H A D | dane.c | 134 ldns_dane_cert2rdf(ldns_rdf** rdf, X509* cert, in ldns_dane_cert2rdf()
223 ldns_dane_pkix_validate(X509* cert, STACK_OF(X509)* extra_certs, in ldns_dane_pkix_validate()
257 ldns_dane_pkix_validate_and_get_chain(STACK_OF(X509)** chain, X509* cert, in ldns_dane_pkix_validate_and_get_chain()
258 STACK_OF(X509)* extra_certs, X509_STORE* store) in ldns_dane_pkix_validate_and_get_chain()
305 ldns_dane_pkix_get_chain(STACK_OF(X509)** chain, in ldns_dane_pkix_get_chain()
306 X509* cert, STACK_OF(X509)* extra_certs) in ldns_dane_pkix_get_chain()
345 X509** cert, STACK_OF(X509)* chain, int n, bool ca) in ldns_dane_get_nth_cert_from_validation_chain()
366 ldns_dane_pkix_get_last_self_signed(X509** out_cert, in ldns_dane_pkix_get_last_self_signed()
367 X509* cert, STACK_OF(X509)* extra_certs) in ldns_dane_pkix_get_last_self_signed()
405 ldns_dane_select_certificate(X509** selected_cert, in ldns_dane_select_certificate()
[all …]
|
| /freebsd/crypto/openssl/crypto/ess/ |
| H A D | ess_lib.c | 18 static ESS_CERT_ID *ESS_CERT_ID_new_init(const X509 *cert,
21 const X509 *cert,
24 ESS_SIGNING_CERT *OSSL_ESS_signing_cert_new_init(const X509 *signcert, in OSSL_ESS_signing_cert_new_init()
25 const STACK_OF(X509) *certs, in OSSL_ESS_signing_cert_new_init()
42 X509 *cert = sk_X509_value(certs, i); in OSSL_ESS_signing_cert_new_init()
57 static ESS_CERT_ID *ESS_CERT_ID_new_init(const X509 *cert, in ESS_CERT_ID_new_init()
100 const X509 *signcert, in OSSL_ESS_signing_cert_v2_new_init()
102 STACK_OF(X509) *certs, in OSSL_ESS_signing_cert_v2_new_init()
119 X509 *cert = sk_X509_value(certs, i); in OSSL_ESS_signing_cert_v2_new_init()
137 const X509 *cer in ESS_CERT_ID_V2_new_init()
[all...] |
| /freebsd/crypto/openssl/crypto/pkcs12/ |
| H A D | p12_kiss.c | 18 EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
21 int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
24 EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
33 int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, in PKCS12_parse()
34 STACK_OF(X509) **ca) in PKCS12_parse()
36 STACK_OF(X509) *ocerts = NULL; in PKCS12_parse()
37 X509 *x = NULL; in PKCS12_parse()
137 EVP_PKEY **pkey, STACK_OF(X509) *ocerts) in parse_pk12()
172 int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts) in parse_bags()
185 EVP_PKEY **pkey, STACK_OF(X509) *ocerts) in parse_bag()
[all …]
|