Home
last modified time | relevance | path

Searched refs:issuer (Results 1 – 25 of 193) sorted by relevance

12345678

/freebsd/crypto/openssl/test/
H A Ddanetest.in55 issuer=
70 issuer=
85 issuer=
100 issuer=
115 issuer=
130 issuer=
145 issuer=
160 issuer=
175 issuer=
190 issuer=
[all …]
H A Ddane-cross.in26 issuer=CN = CA
49 issuer=CN = Root CA
71 issuer=CN = Cross Root
93 issuer=CN = Cross Root
H A Dca-and-certs.cnf36 authorityKeyIdentifier = keyid,issuer:always
86 authorityKeyIdentifier = keyid:always,issuer:always
89 issuerAltName = issuer:copy
H A Docspapitest.c195 X509 *issuer = NULL; in test_ocsp_url_svcloc_new() local
199 if (!TEST_true(get_cert(&issuer))) in test_ocsp_url_svcloc_new()
205 ext = OCSP_url_svcloc_new(X509_get_issuer_name(issuer), urls); in test_ocsp_url_svcloc_new()
212 X509_free(issuer); in test_ocsp_url_svcloc_new()
/freebsd/contrib/wpa/src/tls/
H A Dtlsv1_client_ocsp.c112 struct x509_certificate *issuer, in tls_process_ocsp_single_response() argument
174 issuer->subject_dn, issuer->subject_dn_len); in tls_process_ocsp_single_response()
175 hash_len = ocsp_hash_data(&alg.oid, issuer->subject_dn, in tls_process_ocsp_single_response()
176 issuer->subject_dn_len, hash); in tls_process_ocsp_single_response()
197 hash_len = ocsp_hash_data(&alg.oid, issuer->public_key, in tls_process_ocsp_single_response()
198 issuer->public_key_len, hash); in tls_process_ocsp_single_response()
313 struct x509_certificate *issuer, const u8 *resp, in tls_process_ocsp_responses() argument
330 if (tls_process_ocsp_single_response(conn, cert, issuer, in tls_process_ocsp_responses()
356 struct x509_certificate *issuer, *signer; in tls_process_basic_ocsp_response() local
576 issuer = srv_cert->next; in tls_process_basic_ocsp_response()
[all …]
/freebsd/crypto/openssl/doc/man3/
H A DX509_check_issued.pod12 int X509_check_issued(X509 *issuer, X509 *subject);
18 using (CA) certificate I<issuer>. This function takes into account not only
19 matching of the issuer field of I<subject> with the subject field of I<issuer>,
22 serial number, and issuer fields of I<issuer>, as far as present. It also checks
23 if the B<keyUsage> field (if present) of I<issuer> allows certificate signing.
25 if the I<issuer> or the I<subject> are incomplete certificates.
H A DX509_STORE_set_verify_cb_func.pod43 typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
46 X509 *x, X509 *issuer);
68 int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
142 component of I<ctx> with a subject name matching the issuer name of I<x>.
143 On success it assigns to I<*issuer> the first match that is currently valid,
145 If the function returns 1 the caller is responsible for freeing I<*issuer>.
148 to get the "best" candidate issuer certificate of the given certificate I<x>.
150 to I<*issuer> and then return 1.
156 certificate I<x> is issued by the issuer certificate I<issuer>.
158 been issued with I<issuer>) and 1 on success.
[all …]
H A DOCSP_cert_to_id.pod13 X509 *subject, X509 *issuer);
33 message digest B<dgst> for certificate B<subject> with issuer B<issuer>. If
37 issuer name B<issuerName>, issuer key hash B<issuerKey> and serial number
45 OCSP_id_issuer_cmp() compares only the issuer name of B<OCSP_CERTID> B<a> and B<b>.
47 OCSP_id_get0_info() returns the issuer name hash, hash OID, issuer key hash and
H A DX509_STORE_CTX_get_error.pod110 =item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
112 The issuer certificate of a locally looked up certificate could not be found.
136 unable to decode issuer public key>
204 unable to get local issuer certificate>
206 The issuer certificate could not be found: this occurs if the issuer certificate
224 issuer certificate doesn't have a public key>
226 The issuer certificate does not have a public key.
244 =item B<X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
246 The current candidate issuer certificate was rejected because its subject name
247 did not match the issuer name of the current certificate.
[all …]
H A DX509V3_set_ctx.pod12 void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
27 If I<subject> or I<crl> is provided, I<issuer> should point to its issuer,
29 Note that if I<subject> is provided, I<issuer> may be the same as I<subject>,
38 X509V3_set_issuer_pkey() explicitly sets the issuer private key of
/freebsd/crypto/openssl/crypto/x509/
H A Dv3_akid.c52 if (!X509V3_add_value((akeyid->issuer || akeyid->serial) ? "keyid" : NULL, in STACK_OF()
60 if (akeyid->issuer) { in STACK_OF()
61 tmpextlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist); in STACK_OF()
100 char keyid = 0, issuer = 0; in v2i_AUTHORITY_KEYID() local
127 issuer = 1; in v2i_AUTHORITY_KEYID()
129 issuer = 2; in v2i_AUTHORITY_KEYID()
174 if ((keyid == 2 || issuer == 0) in v2i_AUTHORITY_KEYID()
182 if (issuer == 2 || (issuer == 1 && ikeyid == NULL)) { in v2i_AUTHORITY_KEYID()
202 akeyid->issuer = gens; in v2i_AUTHORITY_KEYID()
H A Dv3_purp.c905 int X509_check_issued(X509 *issuer, X509 *subject) in X509_check_issued() argument
909 if ((ret = ossl_x509_likely_issued(issuer, subject)) != X509_V_OK) in X509_check_issued()
911 return ossl_x509_signing_allowed(issuer, subject); in X509_check_issued()
915 int ossl_x509_likely_issued(X509 *issuer, X509 *subject) in ossl_x509_likely_issued() argument
919 if (X509_NAME_cmp(X509_get_subject_name(issuer), in ossl_x509_likely_issued()
924 if (!ossl_x509v3_cache_extensions(issuer) in ossl_x509_likely_issued()
928 ret = X509_check_akid(issuer, subject->akid); in ossl_x509_likely_issued()
933 return check_sig_alg_match(X509_get0_pubkey(issuer), subject); in ossl_x509_likely_issued()
943 int ossl_x509_signing_allowed(const X509 *issuer, const X509 *subject) in ossl_x509_signing_allowed() argument
946 if (ku_reject(issuer, KU_DIGITAL_SIGNATURE)) in ossl_x509_signing_allowed()
[all …]
H A Dx509_cmp.c33 return X509_NAME_cmp(ai->issuer, bi->issuer); in X509_issuer_and_serial_cmp()
47 f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0); in X509_issuer_and_serial_hash()
77 return X509_NAME_cmp(a->cert_info.issuer, b->cert_info.issuer); in X509_issuer_name_cmp()
87 return X509_NAME_cmp(a->crl.issuer, b->crl.issuer); in X509_CRL_cmp()
105 return a->cert_info.issuer; in X509_get_issuer_name()
110 return X509_NAME_hash_ex(x->cert_info.issuer, NULL, NULL, NULL); in X509_issuer_name_hash()
116 return X509_NAME_hash_old(x->cert_info.issuer); in X509_issuer_name_hash_old()
360 x.cert_info.issuer = (X509_NAME *)name; /* won't modify it */ in X509_find_by_issuer_and_serial()
H A Dx509_local.h70 const ASN1_INTEGER *ser, const X509_NAME *issuer);
127 int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
129 int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
158 int ossl_x509_likely_issued(X509 *issuer, X509 *subject);
159 int ossl_x509_signing_allowed(const X509 *issuer, const X509 *subject);
H A Dx509_vfy.c48 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
57 static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
326 X509 *issuer, *rv = NULL; in find_issuer() local
329 issuer = sk_X509_value(sk, i); in find_issuer()
330 if (ctx->check_issued(ctx, x, issuer) in find_issuer()
332 || !sk_X509_contains(ctx->chain, issuer))) { in find_issuer()
333 if (ossl_x509_check_cert_time(ctx, issuer, -1)) in find_issuer()
334 return issuer; in find_issuer()
335 if (rv == NULL || ASN1_TIME_compare(X509_get0_notAfter(issuer), in find_issuer()
337 rv = issuer; in find_issuer()
[all …]
H A Dx_crl.c31 const X509_NAME *issuer);
70 ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME),
118 rev->issuer = gens;
410 if (!rev->issuer) { in crl_revoked_issuer_match()
421 for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) { in crl_revoked_issuer_match()
422 GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i); in crl_revoked_issuer_match()
434 const X509_NAME *issuer) in def_crl_lookup() argument
461 if (crl_revoked_issuer_match(crl, issuer, rev)) { in def_crl_lookup()
485 const X509_NAME *issuer), in X509_CRL_METHOD_new() argument
/freebsd/crypto/openssl/crypto/ct/
H A Dct_policy.c65 X509_free(ctx->issuer); in CT_POLICY_EVAL_CTX_free()
78 int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer) in CT_POLICY_EVAL_CTX_set1_issuer() argument
80 if (!X509_up_ref(issuer)) in CT_POLICY_EVAL_CTX_set1_issuer()
82 ctx->issuer = issuer; in CT_POLICY_EVAL_CTX_set1_issuer()
104 return ctx->issuer; in CT_POLICY_EVAL_CTX_get0_issuer()
/freebsd/crypto/openssl/demos/certs/
H A Docspquery.sh11 $OPENSSL ocsp -issuer intca.pem -cert client.pem -CAfile root.pem \
13 $OPENSSL ocsp -issuer intca.pem -cert server.pem -CAfile root.pem \
15 $OPENSSL ocsp -issuer intca.pem -cert rev.pem -CAfile root.pem \
19 $OPENSSL ocsp -issuer intca.pem \
/freebsd/crypto/openssl/crypto/cms/
H A Dcms_kari.c59 X509_NAME **issuer, in CMS_RecipientInfo_kari_get0_orig_id() argument
69 if (issuer) in CMS_RecipientInfo_kari_get0_orig_id()
70 *issuer = NULL; in CMS_RecipientInfo_kari_get0_orig_id()
80 if (issuer) in CMS_RecipientInfo_kari_get0_orig_id()
81 *issuer = oik->d.issuerAndSerialNumber->issuer; in CMS_RecipientInfo_kari_get0_orig_id()
117 X509_NAME **issuer, ASN1_INTEGER **sno) in CMS_RecipientEncryptedKey_get0_id() argument
122 if (issuer) in CMS_RecipientEncryptedKey_get0_id()
123 *issuer = rid->d.issuerAndSerialNumber->issuer; in CMS_RecipientEncryptedKey_get0_id()
139 if (issuer) in CMS_RecipientEncryptedKey_get0_id()
140 *issuer = NULL; in CMS_RecipientEncryptedKey_get0_id()
/freebsd/crypto/openssl/crypto/ess/
H A Dess_lib.c71 /* Setting the issuer/serial if requested. */ in ESS_CERT_ID_new_init()
83 if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) in ESS_CERT_ID_new_init()
180 if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) in ESS_CERT_ID_V2_new_init()
199 GENERAL_NAME *issuer; in ess_issuer_serial_cmp() local
201 if (is == NULL || cert == NULL || sk_GENERAL_NAME_num(is->issuer) != 1) in ess_issuer_serial_cmp()
204 issuer = sk_GENERAL_NAME_value(is->issuer, 0); in ess_issuer_serial_cmp()
205 if (issuer->type != GEN_DIRNAME in ess_issuer_serial_cmp()
206 || X509_NAME_cmp(issuer->d.dirn, X509_get_issuer_name(cert)) != 0) in ess_issuer_serial_cmp()
/freebsd/crypto/openssl/crypto/crmf/
H A Dcrmf_lib.c177 OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, in IMPLEMENT_CRMF_CTRL_FUNC()
182 if (issuer == NULL || serial == NULL) { in IMPLEMENT_CRMF_CTRL_FUNC()
190 if (!X509_NAME_set(&cid->issuer->d.directoryName, issuer)) in IMPLEMENT_CRMF_CTRL_FUNC()
192 cid->issuer->type = GEN_DIRNAME; in IMPLEMENT_CRMF_CTRL_FUNC()
550 return tmpl != NULL ? tmpl->issuer : NULL; in OSSL_CRMF_CERTTEMPLATE_get0_issuer()
562 return cid != NULL && cid->issuer->type == GEN_DIRNAME ? in OSSL_CRMF_CERTID_get0_issuer()
563 cid->issuer->d.directoryName : NULL; in OSSL_CRMF_CERTID_get0_issuer()
579 const X509_NAME *issuer, in OSSL_CRMF_CERTTEMPLATE_fill() argument
588 if (issuer != NULL && !X509_NAME_set((X509_NAME **)&tmpl->issuer, issuer)) in OSSL_CRMF_CERTTEMPLATE_fill()
/freebsd/crypto/openssl/doc/man1/
H A Dopenssl-crl.pod.in28 [B<-issuer>]
115 Output a hash of the issuer name. This can be use to lookup CRLs in
116 a directory by issuer name.
120 Outputs the "hash" of the CRL issuer name using the older algorithm
123 =item B<-issuer>
125 Output the issuer name.
/freebsd/crypto/openssl/apps/
H A Dstoreutl.c81 X509_NAME *subject = NULL, *issuer = NULL; in storeutl_main() local
172 if (issuer != NULL) { in storeutl_main()
177 issuer = parse_name(opt_arg(), MBSTRING_UTF8, 1, "issuer"); in storeutl_main()
178 if (issuer == NULL) in storeutl_main()
278 if (issuer == NULL || serial == NULL) { in storeutl_main()
284 if ((search = OSSL_STORE_SEARCH_by_issuer_serial(issuer, serial)) in storeutl_main()
329 X509_NAME_free(issuer); in storeutl_main()
H A Docsp.c60 const EVP_MD *cert_id_md, X509 *issuer,
63 const EVP_MD *cert_id_md, X509 *issuer,
206 {"issuer", OPT_ISSUER, '<', "Issuer certificate"},
230 X509 *issuer = NULL, *cert = NULL; in ocsp_main() local
428 issuer = load_cert(opt_arg(), FORMAT_UNDEF, "issuer certificate"); in ocsp_main()
429 if (issuer == NULL) in ocsp_main()
435 if (!sk_X509_push(issuers, issuer)) in ocsp_main()
445 if (!add_ocsp_cert(&req, cert, cert_id_md, issuer, ids)) in ocsp_main()
454 if (!add_ocsp_serial(&req, opt_arg(), cert_id_md, issuer, id in ocsp_main()
904 add_ocsp_cert(OCSP_REQUEST ** req,X509 * cert,const EVP_MD * cert_id_md,X509 * issuer,STACK_OF (OCSP_CERTID)* ids) add_ocsp_cert() argument
930 add_ocsp_serial(OCSP_REQUEST ** req,char * serial,const EVP_MD * cert_id_md,X509 * issuer,STACK_OF (OCSP_CERTID)* ids) add_ocsp_serial() argument
[all...]
/freebsd/crypto/openssl/crypto/ocsp/
H A Docsp_lib.c23 const X509 *issuer) in OCSP_cert_to_id() argument
35 iname = X509_get_subject_name(issuer); in OCSP_cert_to_id()
38 ikey = X509_get0_pubkey_bitstr(issuer); in OCSP_cert_to_id()

12345678