Home
last modified time | relevance | path

Searched refs:signer (Results 1 – 25 of 93) sorted by relevance

1234

/freebsd/crypto/openssl/test/recipes/80-test_cmp_http_data/
H A Dtest_credentials.csv3 …red, -section,, -ref,_PBM_REF, -secret,_PBM_SECRET, -cert,root.crt, -key,signer.p12, -keypass,pass…
6 0,wrong secret - correct cert, -section,,BLANK,, -secret,pass:wrong, -cert,signer.crt, -key,signer.…
9 1,empty ref but correct cert, -section,, -ref,"""",BLANK,, -cert,signer.crt, -key,signer.p12, -keyp…
10 1,wrong ref but correct cert, -section,, -ref,wrong,BLANK,, -cert,signer.crt, -key,signer.p12, -key…
12 1,valid cert and key and keypass, -section,,BLANK,,-secret,"""", -cert,signer.crt, -key,signer.p12,…
13 0,cert missing arg, -section,,BLANK,,BLANK,, -cert,, -key,signer.p12, -keypass,pass:12345,BLANK,,BL…
14 0,key missing arg, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,, -keypass,pass:12345,BLANK,,BLA…
15 0,keypass missing arg, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,,BLANK,…
16 0,keypass empty string, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:,…
17 1,keypass no prefix, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,12345,BLA…
[all …]
H A Dtest_commands.csv50 1,geninfo, -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,BLANK,, -gen…
51 0,geninfo missing argument, -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:1…
52 0,geninfo bad syntax: leading '.', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass…
53 0,geninfo bad syntax: missing ':', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass…
54 0,geninfo bad syntax: double ':', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,…
55 0,geninfo bad syntax: missing ':int', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keyp…
/freebsd/crypto/openssl/crypto/ocsp/
H A Docsp_vfy.c30 static int ocsp_verify_signer(X509 *signer, int response, in ocsp_verify_signer() argument
42 if (!X509_STORE_CTX_init(ctx, st, signer, untrusted)) { in ocsp_verify_signer()
51 && X509_get_ext_by_NID(signer, NID_id_pkix_OCSP_noCheck, -1) >= 0) in ocsp_verify_signer()
77 X509 *signer, unsigned long flags) in ocsp_verify() argument
83 if ((skey = X509_get0_pubkey(signer)) == NULL) { in ocsp_verify()
88 ret = OCSP_REQUEST_verify(req, skey, signer->libctx, signer->propq); in ocsp_verify()
90 ret = OCSP_BASICRESP_verify(bs, skey, signer->libctx, signer->propq); in ocsp_verify()
101 X509 *signer, *x; in OCSP_basic_verify() local
104 int ret = ocsp_find_signer(&signer, bs, certs, flags); in OCSP_basic_verify()
113 if ((ret = ocsp_verify(NULL, bs, signer, flags)) <= 0) in OCSP_basic_verify()
[all …]
H A Docsp_srv.c168 X509 *signer, EVP_MD_CTX *ctx, in OCSP_basic_sign_ctx() argument
180 if (pkey == NULL || !X509_check_private_key(signer, pkey)) { in OCSP_basic_sign_ctx()
186 if (!OCSP_basic_add1_cert(brsp, signer) in OCSP_basic_sign_ctx()
193 if (!OCSP_RESPID_set_by_key(rid, signer)) in OCSP_basic_sign_ctx()
195 } else if (!OCSP_RESPID_set_by_name(rid, signer)) { in OCSP_basic_sign_ctx()
216 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, in OCSP_basic_sign() argument
227 signer->libctx, signer->propq, key, NULL)) { in OCSP_basic_sign()
231 i = OCSP_basic_sign_ctx(brsp, signer, ctx, certs, flags); in OCSP_basic_sign()
H A Docsp_cl.c81 X509 *signer, in OCSP_request_sign() argument
86 if (!OCSP_request_set1_name(req, X509_get_subject_name(signer))) in OCSP_request_sign()
92 if (!X509_check_private_key(signer, key)) { in OCSP_request_sign()
97 if (!OCSP_REQUEST_sign(req, key, dgst, signer->libctx, signer->propq)) in OCSP_request_sign()
102 if (!OCSP_request_add1_cert(req, signer) in OCSP_request_sign()
/freebsd/crypto/openssl/crypto/ts/
H A Dts_rsp_verify.c20 X509 *signer, STACK_OF(X509) **chain);
37 static int ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
95 X509 *signer; in TS_RESP_verify_signature() local
128 signer = sk_X509_value(signers, 0); in TS_RESP_verify_signature()
136 if (!ts_verify_cert(store, untrusted, signer, &chain)) in TS_RESP_verify_signature()
146 j = PKCS7_signatureVerify(p7bio, token, si, signer); in TS_RESP_verify_signature()
153 *signer_out = signer; in TS_RESP_verify_signature()
154 X509_up_ref(signer); in TS_RESP_verify_signature()
172 X509 *signer, STACK_OF(X509) **chain) in ts_verify_cert() argument
184 if (!X509_STORE_CTX_init(cert_ctx, store, signer, untrusted)) in ts_verify_cert()
[all …]
/freebsd/crypto/heimdal/lib/hx509/
H A Drevoke.c67 hx509_cert signer; member
129 hx509_cert_free(ocsp->signer); in free_ocsp()
176 hx509_cert signer = NULL; in verify_ocsp() local
202 ret = hx509_certs_find(context, certs, &q, &signer); in verify_ocsp()
204 ret = hx509_certs_find(context, ocsp->certs, &q, &signer); in verify_ocsp()
213 if (hx509_cert_cmp(signer, parent) != 0) { in verify_ocsp()
215 Certificate *s = _hx509_get_cert(signer); in verify_ocsp()
236 ret = hx509_cert_check_eku(context, signer, in verify_ocsp()
243 signer, in verify_ocsp()
253 ocsp->signer = signer; in verify_ocsp()
[all …]
H A Dcrypto.c337 const Certificate *signer, in ecdsa_verify_signature() argument
364 spi = &signer->tbsCertificate.subjectPublicKeyInfo; in ecdsa_verify_signature()
415 const hx509_private_key signer, in ecdsa_create_signature() argument
427 if (signer->ops && der_heim_oid_cmp(signer->ops->key_oid, ASN1_OID_ID_ECPUBLICKEY) != 0) in ecdsa_create_signature()
453 sig->length = ECDSA_size(signer->private_key.ecdsa); in ecdsa_create_signature()
465 sig->data, &siglen, signer->private_key.ecdsa); in ecdsa_create_signature()
486 ecdsa_available(const hx509_private_key signer, in ecdsa_available() argument
495 if (der_heim_oid_cmp(signer->ops->key_oid, &asn1_oid_id_ecPublicKey) != 0) in ecdsa_available()
503 group = EC_KEY_get0_group(signer->private_key.ecdsa); in ecdsa_available()
536 const Certificate *signer, in rsa_verify_signature() argument
[all …]
H A Dhxtool.c364 hx509_certs store, pool, anchors, signer = NULL; in cms_create_sd() local
421 ret = hx509_certs_filter(context, store, q, &signer); in cms_create_sd()
446 signer, in cms_create_sd()
480 if (signer) { in cms_create_sd()
481 ret = hx509_certs_iter_f(context, signer, print_signer, header); in cms_create_sd()
503 hx509_certs_free(&signer); in cms_create_sd()
1225 hx509_private_key *signer) in get_key() argument
1275 ret = read_private_key(fn, signer); in get_key()
1286 hx509_private_key signer; in request_create() local
1291 memset(&signer, 0, sizeof(signer)); in request_create()
[all …]
/freebsd/crypto/openssl/test/
H A Docspapitest.c115 X509 *signer = NULL, *tmp; in test_resp_signer() local
128 || !TEST_true(get_cert_and_key(&signer, &key)) in test_resp_signer()
129 || !TEST_true(sk_X509_push(extra_certs, signer)) in test_resp_signer()
130 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer()
134 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer()
142 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer()
146 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer()
152 X509_free(signer); in test_resp_signer()
/freebsd/crypto/openssl/crypto/cms/
H A Dcms_sd.c306 X509 *signer, EVP_PKEY *pk, const EVP_MD *md, in CMS_add1_signer() argument
315 if (!X509_check_private_key(signer, pk)) { in CMS_add1_signer()
326 X509_check_purpose(signer, -1, -1); in CMS_add1_signer()
328 X509_up_ref(signer); in CMS_add1_signer()
333 si->signer = signer; in CMS_add1_signer()
352 if (!ossl_cms_set1_SignerIdentifier(si->sid, signer, type, ctx)) in CMS_add1_signer()
437 if ((sc = OSSL_ESS_signing_cert_new_init(signer, in CMS_add1_signer()
443 if ((sc2 = OSSL_ESS_signing_cert_v2_new_init(md, signer, in CMS_add1_signer()
465 if (!CMS_add1_cert(cms, signer)) in CMS_add1_signer()
582 if (si->signer != NULL) { in STACK_OF()
[all …]
/freebsd/crypto/openssl/crypto/pkcs7/
H A Dpk7_smime.c217 X509 *signer; in PKCS7_verify() local
276 signer = sk_X509_value(signers, k); in PKCS7_verify()
278 if (!X509_STORE_CTX_init(cert_ctx, store, signer, in PKCS7_verify()
285 } else if (!X509_STORE_CTX_init(cert_ctx, store, signer, NULL)) { in PKCS7_verify()
360 signer = sk_X509_value(signers, i); in PKCS7_verify()
361 j = PKCS7_signatureVerify(p7bio, p7, si, signer); in PKCS7_verify()
389 X509 *signer; in STACK_OF() local
419 signer = NULL; in STACK_OF()
422 signer = X509_find_by_issuer_and_serial(certs, in STACK_OF()
424 if (!signer && !(flags & PKCS7_NOINTERN) in STACK_OF()
[all …]
/freebsd/contrib/wpa/src/tls/
H A Dtlsv1_client_ocsp.c50 static int ocsp_responder_id_match(struct x509_certificate *signer, in ocsp_responder_id_match() argument
55 const u8 *addr[1] = { signer->public_key }; in ocsp_responder_id_match()
56 size_t len[1] = { signer->public_key_len }; in ocsp_responder_id_match()
63 return x509_name_compare(&signer->subject, name) == 0; in ocsp_responder_id_match()
356 struct x509_certificate *issuer, *signer; in tls_process_basic_ocsp_response() local
595 signer = issuer; in tls_process_basic_ocsp_response()
597 for (signer = certs; signer; signer = signer->next) { in tls_process_basic_ocsp_response()
598 if (!ocsp_responder_id_match(signer, &name, key_hash) || in tls_process_basic_ocsp_response()
601 !(signer->ext_key_usage & in tls_process_basic_ocsp_response()
603 x509_certificate_check_signature(issuer, signer) < in tls_process_basic_ocsp_response()
[all …]
/freebsd/crypto/openssl/doc/man3/
H A DPKCS7_verify.pod21 in which to search for signer's certificates.
31 PKCS7_get0_signers() retrieves the signer's certificates from I<p7>, it does
48 An attempt is made to locate all the signer's certificates, first looking in
51 If any signer's certificates cannot be located the operation fails.
53 Each signer's certificate is chain verified using the B<smimesign> purpose and
73 searched when locating the signer's certificates.
74 This means that all the signer's certificates must be in the I<certs> parameter.
83 If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
87 the signer's certificates) must be contained in the trusted store.
95 in the I<certs> parameter. In this case if the signer's certificate is not one
[all …]
H A DCMS_get0_SignerInfos.pod8 - CMS signedData signer functions
20 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
27 CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier
37 CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
42 B<signer>.
52 CMS. It will then obtain the signer certificate by some unspecified means
56 Once all signer certificates have been set CMS_verify() can be used.
H A DOCSP_resp_find_status.pod40 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
116 signed and that the signer certificate can be validated. It takes I<st> as
118 The function first tries to find the signer certificate of the response
121 It fails if the signer certificate cannot be found.
124 success if I<flags> contains B<OCSP_NOVERIFY> or if the signer certificate
126 Otherwise the function continues by validating the signer certificate.
133 and uses them for constructing the validation path for the signer certificate.
135 if the signer certificate contains the B<id-pkix-ocsp-no-check> extension.
138 Otherwise it verifies that the signer certificate meets the OCSP issuer
H A DCMS_add1_signer.pod5 CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure
19 CMS_add1_signer() adds a signer with certificate B<signcert> and private
51 digest value from the CMS_ContentInfo structure: to add a signer to an existing
61 If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
62 CMS_ContentInfo structure, the signer's certificate must still be supplied in
H A DPKCS7_sign_add_signer.pod19 PKCS7_sign_add_signer() adds a signer with certificate I<signcert> and private
45 digest value from the B<PKCS7> structure: to add a signer to an existing structure.
54 If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
55 B<PKCS7> structure, the signer's certificate must still be supplied in the
75 I<cert>, which may be an end-entity (signer) certificate
/freebsd/crypto/openssl/doc/man1/
H A Dopenssl-smime.pod.in23 [B<-signer> I<file>]
198 When signing a message, the signer's certificate is normally included.
239 =item B<-signer> I<file>
242 used multiple times if more than one signer is required. If a message is being
256 the B<-recip> or B<-signer> file. When signing this option can be used
308 This version of the program only allows one signer per message but it
318 signer. This means that attributes must be present in at least one existing
319 signer using the same message digest or this operation will fail.
367 -signer mycert.pem
372 -signer mycert.pem
[all …]
H A Dopenssl-cms.pod.in78 [B<-signer> I<file>]
92 [B<-signer> I<file>]
194 By default, validation of signer certificates and their chain
346 the B<-recip> or B<-signer> file. When signing this option can be used
442 =item B<-signer> I<file>
445 used multiple times if more than one signer is required.
470 When signing a message the signer's certificate is normally included
508 =item B<-signer> I<file>
546 When used with B<-verify>, require and check signer certificate digest.
647 This version of the program only allows one signer per message but it
[all …]
/freebsd/contrib/wpa/src/crypto/
H A Dtls_openssl_ocsp.c500 X509 *signer, *tmp_cert; in check_ocsp_resp() local
610 signer = ocsp_find_signer(certs, rd->responderID); in check_ocsp_resp()
611 if (!signer) in check_ocsp_resp()
612 signer = ocsp_find_signer(untrusted, rd->responderID); in check_ocsp_resp()
615 if (!signer) { in check_ocsp_resp()
621 skey = X509_get_pubkey(signer); in check_ocsp_resp()
635 X509_NAME_oneline(X509_get_subject_name(signer), buf, sizeof(buf)); in check_ocsp_resp()
641 if (!ctx || !X509_STORE_CTX_init(ctx, store, signer, untrusted)) in check_ocsp_resp()
659 X509_check_purpose(signer, -1, 0); in check_ocsp_resp()
660 if ((X509_get_extension_flags(signer) & EXFLAG_XKUSAGE) && in check_ocsp_resp()
[all …]
/freebsd/contrib/libfido2/src/
H A Dtpm.c77 tpm_sha256_name_t signer; /* full tpm path of signing key */
219 x->signer.size = htobe16(x->signer.size); in bswap_sha1_certinfo()
324 expected.signer = actual->signer; in check_sha1_certinfo()
325 expected.signer.size = sizeof(expected.signer.alg) + in check_sha1_certinfo()
326 sizeof(expected.signer.body); in check_sha1_certinfo()
/freebsd/crypto/heimdal/kdc/
H A Dkx509.c159 hx509_cert signer = NULL; in build_certificate() local
192 ret = hx509_certs_find(context->hx509ctx, certs, q, &signer); in build_certificate()
261 ret = hx509_ca_sign(context->hx509ctx, tbs, signer, &cert); in build_certificate()
262 hx509_cert_free(signer); in build_certificate()
279 if (signer) in build_certificate()
280 hx509_cert_free(signer); in build_certificate()
/freebsd/crypto/openssl/test/recipes/80-test_cmp_http_data/Mock/
H A Dtest.cnf32 newkey = signer.key
38 cert = signer.crt
39 key = signer.p12
/freebsd/crypto/openssh/
H A Dsshsig.h40 sshsig_signer *signer, void *signer_ctx);
61 struct sshbuf **out, sshsig_signer *signer, void *signer_ctx);

1234