/dragonfly/contrib/wpa_supplicant/src/tls/ |
H A D | x509v3.c | 52 cert, cert->next); in x509_certificate_free() 59 os_free(cert); in x509_certificate_free() 75 cert = next; in x509_certificate_chain_free() 285 cert->public_key, cert->public_key_len); in x509_parse_public_key() 887 cert->ca, cert->path_len_constraint); in x509_parse_ext_basic_constraints() 1659 cert = os_zalloc(sizeof(*cert) + len); in x509_certificate_parse() 1663 cert->cert_start = (u8 *) (cert + 1); in x509_certificate_parse() 1745 cert->sign_value, cert->sign_value_len); in x509_certificate_parse() 1762 cert->sign_value, cert->sign_value_len, in x509_certificate_check_signature() 2072 for (cert = chain, idx = 0; cert; cert = cert->next, idx++) { in x509_certificate_chain_validate() [all …]
|
H A D | tlsv1_cred.c | 66 p->next = cert; in tlsv1_add_cert_der() 70 *chain = cert; in tlsv1_add_cert_der() 164 if (cert) { in tlsv1_set_cert_chain() 172 cert); in tlsv1_set_cert_chain() 198 if (cert && os_strncmp(cert, "hash://", 7) == 0) { in tlsv1_set_ca_cert() 203 cert); in tlsv1_set_ca_cert() 210 cert); in tlsv1_set_ca_cert() 216 cert); in tlsv1_set_ca_cert() 226 if (cert && os_strncmp(cert, "probe://", 8) == 0) { in tlsv1_set_ca_cert() 261 return tlsv1_set_cert_chain(&cred->cert, cert, in tlsv1_set_cert() [all …]
|
H A D | tlsv1_client_write.c | 27 struct x509_certificate *cert; in tls_client_cert_chain_der_len() local 32 cert = conn->cred->cert; in tls_client_cert_chain_der_len() 33 while (cert) { in tls_client_cert_chain_der_len() 34 len += 3 + cert->cert_len; in tls_client_cert_chain_der_len() 38 &cert->issuer); in tls_client_cert_chain_der_len() 295 cert = conn->cred ? conn->cred->cert : NULL; in tls_write_client_certificate() 296 while (cert) { in tls_write_client_certificate() 308 os_memcpy(pos, cert->cert_start, cert->cert_len); in tls_write_client_certificate() 309 pos += cert->cert_len; in tls_write_client_certificate() 314 &cert->issuer); in tls_write_client_certificate() [all …]
|
H A D | tlsv1_server_write.c | 27 struct x509_certificate *cert; in tls_server_cert_chain_der_len() local 29 cert = conn->cred ? conn->cred->cert : NULL; in tls_server_cert_chain_der_len() 30 while (cert) { in tls_server_cert_chain_der_len() 31 len += 3 + cert->cert_len; in tls_server_cert_chain_der_len() 35 &cert->issuer); in tls_server_cert_chain_der_len() 228 cert = conn->cred->cert; in tls_write_server_certificate() 229 while (cert) { in tls_write_server_certificate() 241 os_memcpy(pos, cert->cert_start, cert->cert_len); in tls_write_server_certificate() 242 pos += cert->cert_len; in tls_write_server_certificate() 247 &cert->issuer); in tls_write_server_certificate() [all …]
|
H A D | tlsv1_client_ocsp.c | 454 struct x509_certificate *cert; in tls_process_basic_ocsp_response() local 466 if (!cert) in tls_process_basic_ocsp_response() 469 last_cert->next = cert; in tls_process_basic_ocsp_response() 470 last_cert = cert; in tls_process_basic_ocsp_response() 472 last_cert = certs = cert; in tls_process_basic_ocsp_response() 687 struct x509_certificate *cert; in tls_process_ocsp_response() local 782 cert = conn->server_cert; in tls_process_ocsp_response() 783 while (cert) { in tls_process_ocsp_response() 784 if (!cert->ocsp_good && !cert->ocsp_revoked) { in tls_process_ocsp_response() 795 if (cert == conn->server_cert) in tls_process_ocsp_response() [all …]
|
H A D | tlsv1_client_read.c | 295 cert->cert_len); in tls_peer_cert_event() 339 cert->cert_len); in tls_cert_chain_failure_event() 480 if (cert == NULL) { in tls_process_certificate() 492 chain = cert; in tls_process_certificate() 494 last->next = cert; in tls_process_certificate() 495 last = cert; in tls_process_certificate() 957 for (cert = conn->server_cert, depth = 0; cert; in tls_process_certificate_status() 958 cert = cert->next, depth++) { in tls_process_certificate_status() 974 for (cert = conn->server_cert, depth = 0; cert; in tls_process_certificate_status() 975 cert = cert->next, depth++) { in tls_process_certificate_status() [all …]
|
/dragonfly/crypto/libressl/crypto/x509/ |
H A D | x509_verify.c | 92 cert->not_before = x509_verify_asn1_time_to_time_t(X509_get_notBefore(cert), 0); in x509_verify_cert_info_populate() 93 cert->not_after = x509_verify_asn1_time_to_time_t(X509_get_notAfter(cert), 1); in x509_verify_cert_info_populate() 174 X509_up_ref(cert); in x509_verify_chain_append() 176 X509_free(cert); in x509_verify_chain_append() 246 x509v3_cache_extensions(cert); in x509_verify_cert_cache_extensions() 283 cert)) != NULL) { in x509_verify_ctx_cert_is_root() 831 if (cert->not_before == -1) { in x509_verify_cert_times() 839 if (cert->not_after == -1) { in x509_verify_cert_times() 843 if (when > cert->not_after) { in x509_verify_cert_times() 862 if (cert->nc != NULL) { in x509_verify_validate_constraints() [all …]
|
/dragonfly/contrib/ldns/ |
H A D | dane.c | 147 assert(cert != NULL); in ldns_dane_cert2rdf() 352 X509_free(*cert); in ldns_dane_get_nth_cert_from_validation_chain() 414 assert(cert != NULL); in ldns_dane_select_certificate() 447 cert, extra_certs, in ldns_dane_select_certificate() 515 X509* cert) in ldns_dane_create_tlsa_rr() argument 521 assert(cert != NULL); in ldns_dane_create_tlsa_rr() 629 X509* cert; in ldns_dane_match_any_cert_with_data() local 634 if (! cert) { in ldns_dane_match_any_cert_with_data() 643 X509_free(cert); in ldns_dane_match_any_cert_with_data() 758 cert, extra_certs, in ldns_dane_verify_rr() [all …]
|
/dragonfly/crypto/libressl/ssl/ |
H A D | ssl_cert.c | 180 ssl_cert_dup(SSL_CERT *cert) in ssl_cert_dup() argument 195 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; in ssl_cert_dup() 197 ret->valid = cert->valid; in ssl_cert_dup() 198 ret->mask_k = cert->mask_k; in ssl_cert_dup() 199 ret->mask_a = cert->mask_a; in ssl_cert_dup() 201 if (cert->dhe_params != NULL) { in ssl_cert_dup() 305 return ssl->cert; in ssl_get0_cert() 307 return ctx->internal->cert; in ssl_get0_cert() 390 X509_up_ref(cert); in ssl_cert_add1_chain_cert() 400 X509 *cert; in ssl_verify_cert_chain() local [all …]
|
/dragonfly/crypto/openssh/ |
H A D | sshkey.c | 103 int cert; member 293 if ((certs_only && !kt->cert) || (plain_only && kt->cert)) in sshkey_alg_list() 549 freezero(cert, sizeof(*cert)); in cert_free() 557 if ((cert = calloc(1, sizeof(*cert))) == NULL) in cert_new() 569 return cert; in cert_new() 588 k->cert = NULL; in sshkey_new() 821 if (!cert_compare(a->cert, b->cert)) in sshkey_equal() 1432 ret->cert = k->cert; in sshkey_read() 2301 key->cert->nprincipals, key->cert->nprincipals + 1, in cert_parse() 2984 cert = k->cert->certblob; /* for readability */ in sshkey_certify_custom() [all …]
|
H A D | auth2-pubkeyfile.c | 155 for (i = 0; i < cert->nprincipals; i++) { in match_principals_option() 156 if ((result = match_list(cert->principals[i], in match_principals_option() 173 auth_check_principals_line(char *cp, const struct sshkey_cert *cert, in auth_check_principals_line() argument 207 for (i = 0; i < cert->nprincipals; i++) { in auth_check_principals_line() 208 if (strcmp(cp, cert->principals[i]) != 0) in auth_check_principals_line() 211 loc, cert->principals[i]); in auth_check_principals_line() 224 const struct sshkey_cert *cert, struct sshauthopt **authoptsp) in auth_process_principals() argument 251 if (auth_check_principals_line(cp, cert, loc, authoptsp) == 0) in auth_process_principals() 310 if (!sshkey_equal(found, key->cert->signature_key) || in auth_check_authkey_line() 375 key->cert->key_id, in auth_check_authkey_line() [all …]
|
H A D | auth2-pubkey.c | 174 (key->cert == NULL || key->cert->signature_type == NULL) ? in userauth_pubkey() 175 "(null)" : key->cert->signature_type); in userauth_pubkey() 185 ca_s = format_key(key->cert->signature_key); in userauth_pubkey() 353 const struct sshkey_cert *cert = key->cert; in match_principals_command() local 420 (unsigned long long)cert->serial); in match_principals_command() 429 "T", sshkey_ssh_name(cert->signature_key), in match_principals_command() 434 "i", cert->key_id, in match_principals_command() 504 if ((r = sshkey_in_file(key->cert->signature_key, in user_cert_trusted_ca() 518 key->cert, &principals_opts)) in user_cert_trusted_ca() 568 "%s CA %s via %s", key->cert->key_id, in user_cert_trusted_ca() [all …]
|
/dragonfly/crypto/libressl/crypto/ct/ |
H A D | ct_sct_ctx.c | 103 ct_x509_get_ext(X509 *cert, int nid, int *is_duplicated) in ct_x509_get_ext() argument 105 int ret = X509_get_ext_by_NID(cert, nid, -1); in ct_x509_get_ext() 109 X509_get_ext_by_NID(cert, nid, ret) >= 0; in ct_x509_get_ext() 120 ct_x509_cert_fixup(X509 *cert, X509 *presigner) in ct_x509_cert_fixup() argument 130 certidx = ct_x509_get_ext(cert, NID_authority_key_identifier, in ct_x509_cert_fixup() 145 if (!X509_set_issuer_name(cert, X509_get_issuer_name(presigner))) in ct_x509_cert_fixup() 150 X509_EXTENSION *certext = X509_get_ext(cert, certidx); in ct_x509_cert_fixup() 165 SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner) in SCT_CTX_set1_cert() argument 184 certderlen = i2d_X509(cert, &certder); in SCT_CTX_set1_cert() 190 idx = ct_x509_get_ext(cert, NID_ct_precert_scts, &sct_ext_is_dup); in SCT_CTX_set1_cert() [all …]
|
H A D | ct_policy.c | 95 X509_free(ctx->cert); in CT_POLICY_EVAL_CTX_free() 101 CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert) in CT_POLICY_EVAL_CTX_set1_cert() argument 103 if (!X509_up_ref(cert)) in CT_POLICY_EVAL_CTX_set1_cert() 105 ctx->cert = cert; in CT_POLICY_EVAL_CTX_set1_cert() 134 return ctx->cert; in CT_POLICY_EVAL_CTX_get0_cert()
|
/dragonfly/crypto/libressl/tls/ |
H A D | tls_keypair.c | 35 X509 *cert = NULL; in tls_keypair_pubkey_hash() local 46 if (tls_keypair_load_cert(keypair, error, &cert) == -1) in tls_keypair_pubkey_hash() 48 if (tls_cert_pubkey_hash(cert, &keypair->pubkey_hash) == -1) in tls_keypair_pubkey_hash() 54 X509_free(cert); in tls_keypair_pubkey_hash() 79 const uint8_t *cert, size_t len) in tls_keypair_set_cert_mem() argument 81 if (tls_set_mem(&keypair->cert_mem, &keypair->cert_len, cert, len) == -1) in tls_keypair_set_cert_mem() 136 X509 **cert) in tls_keypair_load_cert() argument 143 X509_free(*cert); in tls_keypair_load_cert() 144 *cert = NULL; in tls_keypair_load_cert() 155 if ((*cert = PEM_read_bio_X509(cert_bio, NULL, tls_password_cb, in tls_keypair_load_cert()
|
/dragonfly/contrib/wpa_supplicant/src/crypto/ |
H A D | tls_openssl.c | 628 cert = NULL; in tls_cryptoapi_cert() 642 if (cert) in tls_cryptoapi_cert() 658 X509 *cert; in tls_cryptoapi_ca_cert() local 2162 ev.cert_fail.cert = cert; in openssl_tls_fail_event() 2221 ev.peer_cert.cert = cert; in openssl_tls_cert_event() 2224 if (cert) { in openssl_tls_cert_event() 3312 X509 *cert; in tls_parse_pkcs12() local 3330 if (cert) { in tls_parse_pkcs12() 3521 *cert = params.cert; in tls_engine_get_cert() 4747 if (cert && !sk_X509_push(certs, cert)) { in ocsp_resp_cb() [all …]
|
H A D | tls_gnutls.c | 610 gnutls_datum_t cert, key; in tls_connection_set_params() local 945 if (cert) { in gnutls_tls_fail_event() 946 cert_buf = wpabuf_alloc_copy(cert->data, cert->size); in gnutls_tls_fail_event() 947 ev.cert_fail.cert = cert_buf; in gnutls_tls_fail_event() 1097 cert, match, in tls_match_suffix_helper() 1141 gnutls_x509_crt_t cert; in tls_connection_verify_peer() local 1283 gnutls_x509_crt_deinit(cert); in tls_connection_verify_peer() 1311 ev.peer_cert.cert = cert_buf; in tls_connection_verify_peer() 1339 gnutls_x509_crt_deinit(cert); in tls_connection_verify_peer() 1396 gnutls_x509_crt_deinit(cert); in tls_connection_verify_peer() [all …]
|
/dragonfly/crypto/libressl/crypto/ts/ |
H A D | ts_rsp_verify.c | 282 X509 *cert; in TS_check_signing_certs() local 289 cert = sk_X509_value(chain, 0); in TS_check_signing_certs() 291 if (TS_find_cert(cert_ids, cert) != 0) in TS_check_signing_certs() 301 cert = sk_X509_value(chain, i); in TS_check_signing_certs() 303 if (TS_find_cert(cert_ids, cert) < 0) in TS_check_signing_certs() 312 cert = sk_X509_value(chain, 0); in TS_check_signing_certs() 314 if (TS_find_cert_v2(cert_ids_v2, cert) != 0) in TS_check_signing_certs() 324 cert = sk_X509_value(chain, i); in TS_check_signing_certs() 326 if (TS_find_cert_v2(cert_ids_v2, cert) < 0) in TS_check_signing_certs() 378 if (!cert_ids || !cert) in TS_find_cert() [all …]
|
/dragonfly/contrib/wpa_supplicant/wpa_supplicant/ |
H A D | notify.c | 798 cert->depth, cert->subject, cert_hash ? " hash=" : "", in wpas_notify_certification() 800 cert->tod ? " tod=1" : ""); in wpas_notify_certification() 802 if (cert->cert) { in wpas_notify_certification() 804 size_t len = wpabuf_len(cert->cert) * 2 + 1; in wpas_notify_certification() 807 wpa_snprintf_hex(cert_hex, len, wpabuf_head(cert->cert), in wpas_notify_certification() 808 wpabuf_len(cert->cert)); in wpas_notify_certification() 812 cert->depth, cert->subject, cert_hex); in wpas_notify_certification() 819 "depth=%d %s", cert->depth, cert->altsubject[i]); in wpas_notify_certification() 822 wpas_dbus_signal_certification(wpa_s, cert->depth, cert->subject, in wpas_notify_certification() 823 cert->altsubject, cert->num_altsubject, in wpas_notify_certification() [all …]
|
/dragonfly/crypto/libressl/crypto/pkcs12/ |
H A D | p12_crt.c | 85 PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert, in PKCS12_create() argument 108 if (!pkey && !cert && !ca) { in PKCS12_create() 113 if (pkey && cert) { in PKCS12_create() 114 if (!X509_check_private_key(cert, pkey)) in PKCS12_create() 116 X509_digest(cert, EVP_sha1(), keyid, &keyidlen); in PKCS12_create() 119 if (cert) { in PKCS12_create() 120 bag = PKCS12_add_cert(&bags, cert); in PKCS12_create() 188 PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert) in PKCS12_add_cert() argument 197 if (!(bag = PKCS12_x5092certbag(cert))) in PKCS12_add_cert() 203 name = (char *)X509_alias_get0(cert, &namelen); in PKCS12_add_cert() [all …]
|
H A D | p12_kiss.c | 84 PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, in PKCS12_parse() argument 92 if (cert != NULL) in PKCS12_parse() 93 *cert = NULL; in PKCS12_parse() 135 cert != NULL && *cert == NULL) { in PKCS12_parse() 138 *cert = x; in PKCS12_parse() 164 if (cert != NULL) in PKCS12_parse() 165 X509_free(*cert); in PKCS12_parse()
|
/dragonfly/contrib/wpa_supplicant/src/utils/ |
H A D | http_curl.c | 212 on = os_realloc_array(cert->othername, cert->num_othername + 1, in add_alt_name_othername() 246 n = os_realloc_array(cert->dnsname, cert->num_dnsname + 1, in add_alt_name_dns() 251 cert->dnsname = n; in add_alt_name_dns() 253 cert->num_dnsname++; in add_alt_name_dns() 935 X509 *cert; in http_parse_x509_certificate() local 989 X509_free(cert); in http_parse_x509_certificate() 996 X509 *cert; in curl_cb_ssl_verify() local 1016 if (!cert) { in curl_cb_ssl_verify() 1168 X509 *cert; in ocsp_resp_cb() local 1170 if (cert && !sk_X509_push(certs, cert)) { in ocsp_resp_cb() [all …]
|
/dragonfly/crypto/libressl/apps/openssl/ |
H A D | certhash.c | 305 X509 *cert = NULL; in certhash_cert() local 312 hash = X509_subject_name_hash(cert); in certhash_cert() 315 if (X509_digest(cert, digest, fingerprint, &len) != 1) { in certhash_cert() 323 X509_free(cert); in certhash_cert() 434 struct hashinfo *cert, *crl; in certhash_merge() local 445 for (cert = *certs; cert != NULL; cert = cert->next) { in certhash_merge() 446 if (cert->is_dup == 1) in certhash_merge() 448 certhash_findlink(*links, cert); in certhash_merge() 457 for (cert = *certs; cert != NULL; cert = cert->next) { in certhash_merge() 458 if (cert->is_dup == 1 || cert->reference != NULL) in certhash_merge() [all …]
|
/dragonfly/crypto/libressl/crypto/cms/ |
H A D | cms_lib.c | 481 CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert) in CMS_add0_cert() argument 493 if (!X509_cmp(cch->d.certificate, cert)) { in CMS_add0_cert() 503 cch->d.certificate = cert; in CMS_add0_cert() 509 CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert) in CMS_add1_cert() argument 513 r = CMS_add0_cert(cms, cert); in CMS_add1_cert() 515 X509_up_ref(cert); in CMS_add1_cert() 655 cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert) in cms_ias_cert_cmp() argument 667 cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert) in cms_keyid_cert_cmp() argument 678 cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) in cms_set1_ias() argument 702 cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert) in cms_set1_keyid() argument [all …]
|
/dragonfly/libexec/dma/ |
H A D | crypto.c | 82 verify_server_fingerprint(const X509 *cert) in verify_server_fingerprint() argument 86 if(!X509_digest(cert, EVP_sha256(), fingerprint, &fingerprint_len)) { in verify_server_fingerprint() 113 X509 *cert; in smtp_init_crypto() local 199 cert = SSL_get_peer_certificate(config.ssl); in smtp_init_crypto() 200 if (cert == NULL) { in smtp_init_crypto() 205 if(config.fingerprint != NULL && verify_server_fingerprint(cert)) { in smtp_init_crypto() 206 X509_free(cert); in smtp_init_crypto() 209 X509_free(cert); in smtp_init_crypto()
|