Home
last modified time | relevance | path

Searched refs:cert (Results 1 – 25 of 140) sorted by relevance

123456

/dragonfly/contrib/wpa_supplicant/src/tls/
H A Dx509v3.c52 cert, cert->next); in x509_certificate_free()
59 os_free(cert); in x509_certificate_free()
75 cert = next; in x509_certificate_chain_free()
285 cert->public_key, cert->public_key_len); in x509_parse_public_key()
887 cert->ca, cert->path_len_constraint); in x509_parse_ext_basic_constraints()
1659 cert = os_zalloc(sizeof(*cert) + len); in x509_certificate_parse()
1663 cert->cert_start = (u8 *) (cert + 1); in x509_certificate_parse()
1745 cert->sign_value, cert->sign_value_len); in x509_certificate_parse()
1762 cert->sign_value, cert->sign_value_len, in x509_certificate_check_signature()
2072 for (cert = chain, idx = 0; cert; cert = cert->next, idx++) { in x509_certificate_chain_validate()
[all …]
H A Dtlsv1_cred.c66 p->next = cert; in tlsv1_add_cert_der()
70 *chain = cert; in tlsv1_add_cert_der()
164 if (cert) { in tlsv1_set_cert_chain()
172 cert); in tlsv1_set_cert_chain()
198 if (cert && os_strncmp(cert, "hash://", 7) == 0) { in tlsv1_set_ca_cert()
203 cert); in tlsv1_set_ca_cert()
210 cert); in tlsv1_set_ca_cert()
216 cert); in tlsv1_set_ca_cert()
226 if (cert && os_strncmp(cert, "probe://", 8) == 0) { in tlsv1_set_ca_cert()
261 return tlsv1_set_cert_chain(&cred->cert, cert, in tlsv1_set_cert()
[all …]
H A Dtlsv1_client_write.c27 struct x509_certificate *cert; in tls_client_cert_chain_der_len() local
32 cert = conn->cred->cert; in tls_client_cert_chain_der_len()
33 while (cert) { in tls_client_cert_chain_der_len()
34 len += 3 + cert->cert_len; in tls_client_cert_chain_der_len()
38 &cert->issuer); in tls_client_cert_chain_der_len()
295 cert = conn->cred ? conn->cred->cert : NULL; in tls_write_client_certificate()
296 while (cert) { in tls_write_client_certificate()
308 os_memcpy(pos, cert->cert_start, cert->cert_len); in tls_write_client_certificate()
309 pos += cert->cert_len; in tls_write_client_certificate()
314 &cert->issuer); in tls_write_client_certificate()
[all …]
H A Dtlsv1_server_write.c27 struct x509_certificate *cert; in tls_server_cert_chain_der_len() local
29 cert = conn->cred ? conn->cred->cert : NULL; in tls_server_cert_chain_der_len()
30 while (cert) { in tls_server_cert_chain_der_len()
31 len += 3 + cert->cert_len; in tls_server_cert_chain_der_len()
35 &cert->issuer); in tls_server_cert_chain_der_len()
228 cert = conn->cred->cert; in tls_write_server_certificate()
229 while (cert) { in tls_write_server_certificate()
241 os_memcpy(pos, cert->cert_start, cert->cert_len); in tls_write_server_certificate()
242 pos += cert->cert_len; in tls_write_server_certificate()
247 &cert->issuer); in tls_write_server_certificate()
[all …]
H A Dtlsv1_client_ocsp.c454 struct x509_certificate *cert; in tls_process_basic_ocsp_response() local
466 if (!cert) in tls_process_basic_ocsp_response()
469 last_cert->next = cert; in tls_process_basic_ocsp_response()
470 last_cert = cert; in tls_process_basic_ocsp_response()
472 last_cert = certs = cert; in tls_process_basic_ocsp_response()
687 struct x509_certificate *cert; in tls_process_ocsp_response() local
782 cert = conn->server_cert; in tls_process_ocsp_response()
783 while (cert) { in tls_process_ocsp_response()
784 if (!cert->ocsp_good && !cert->ocsp_revoked) { in tls_process_ocsp_response()
795 if (cert == conn->server_cert) in tls_process_ocsp_response()
[all …]
H A Dtlsv1_client_read.c295 cert->cert_len); in tls_peer_cert_event()
339 cert->cert_len); in tls_cert_chain_failure_event()
480 if (cert == NULL) { in tls_process_certificate()
492 chain = cert; in tls_process_certificate()
494 last->next = cert; in tls_process_certificate()
495 last = cert; in tls_process_certificate()
957 for (cert = conn->server_cert, depth = 0; cert; in tls_process_certificate_status()
958 cert = cert->next, depth++) { in tls_process_certificate_status()
974 for (cert = conn->server_cert, depth = 0; cert; in tls_process_certificate_status()
975 cert = cert->next, depth++) { in tls_process_certificate_status()
[all …]
/dragonfly/crypto/libressl/crypto/x509/
H A Dx509_verify.c92 cert->not_before = x509_verify_asn1_time_to_time_t(X509_get_notBefore(cert), 0); in x509_verify_cert_info_populate()
93 cert->not_after = x509_verify_asn1_time_to_time_t(X509_get_notAfter(cert), 1); in x509_verify_cert_info_populate()
174 X509_up_ref(cert); in x509_verify_chain_append()
176 X509_free(cert); in x509_verify_chain_append()
246 x509v3_cache_extensions(cert); in x509_verify_cert_cache_extensions()
283 cert)) != NULL) { in x509_verify_ctx_cert_is_root()
831 if (cert->not_before == -1) { in x509_verify_cert_times()
839 if (cert->not_after == -1) { in x509_verify_cert_times()
843 if (when > cert->not_after) { in x509_verify_cert_times()
862 if (cert->nc != NULL) { in x509_verify_validate_constraints()
[all …]
/dragonfly/contrib/ldns/
H A Ddane.c147 assert(cert != NULL); in ldns_dane_cert2rdf()
352 X509_free(*cert); in ldns_dane_get_nth_cert_from_validation_chain()
414 assert(cert != NULL); in ldns_dane_select_certificate()
447 cert, extra_certs, in ldns_dane_select_certificate()
515 X509* cert) in ldns_dane_create_tlsa_rr() argument
521 assert(cert != NULL); in ldns_dane_create_tlsa_rr()
629 X509* cert; in ldns_dane_match_any_cert_with_data() local
634 if (! cert) { in ldns_dane_match_any_cert_with_data()
643 X509_free(cert); in ldns_dane_match_any_cert_with_data()
758 cert, extra_certs, in ldns_dane_verify_rr()
[all …]
/dragonfly/crypto/libressl/ssl/
H A Dssl_cert.c180 ssl_cert_dup(SSL_CERT *cert) in ssl_cert_dup() argument
195 ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; in ssl_cert_dup()
197 ret->valid = cert->valid; in ssl_cert_dup()
198 ret->mask_k = cert->mask_k; in ssl_cert_dup()
199 ret->mask_a = cert->mask_a; in ssl_cert_dup()
201 if (cert->dhe_params != NULL) { in ssl_cert_dup()
305 return ssl->cert; in ssl_get0_cert()
307 return ctx->internal->cert; in ssl_get0_cert()
390 X509_up_ref(cert); in ssl_cert_add1_chain_cert()
400 X509 *cert; in ssl_verify_cert_chain() local
[all …]
/dragonfly/crypto/openssh/
H A Dsshkey.c103 int cert; member
293 if ((certs_only && !kt->cert) || (plain_only && kt->cert)) in sshkey_alg_list()
549 freezero(cert, sizeof(*cert)); in cert_free()
557 if ((cert = calloc(1, sizeof(*cert))) == NULL) in cert_new()
569 return cert; in cert_new()
588 k->cert = NULL; in sshkey_new()
821 if (!cert_compare(a->cert, b->cert)) in sshkey_equal()
1432 ret->cert = k->cert; in sshkey_read()
2301 key->cert->nprincipals, key->cert->nprincipals + 1, in cert_parse()
2984 cert = k->cert->certblob; /* for readability */ in sshkey_certify_custom()
[all …]
H A Dauth2-pubkeyfile.c155 for (i = 0; i < cert->nprincipals; i++) { in match_principals_option()
156 if ((result = match_list(cert->principals[i], in match_principals_option()
173 auth_check_principals_line(char *cp, const struct sshkey_cert *cert, in auth_check_principals_line() argument
207 for (i = 0; i < cert->nprincipals; i++) { in auth_check_principals_line()
208 if (strcmp(cp, cert->principals[i]) != 0) in auth_check_principals_line()
211 loc, cert->principals[i]); in auth_check_principals_line()
224 const struct sshkey_cert *cert, struct sshauthopt **authoptsp) in auth_process_principals() argument
251 if (auth_check_principals_line(cp, cert, loc, authoptsp) == 0) in auth_process_principals()
310 if (!sshkey_equal(found, key->cert->signature_key) || in auth_check_authkey_line()
375 key->cert->key_id, in auth_check_authkey_line()
[all …]
H A Dauth2-pubkey.c174 (key->cert == NULL || key->cert->signature_type == NULL) ? in userauth_pubkey()
175 "(null)" : key->cert->signature_type); in userauth_pubkey()
185 ca_s = format_key(key->cert->signature_key); in userauth_pubkey()
353 const struct sshkey_cert *cert = key->cert; in match_principals_command() local
420 (unsigned long long)cert->serial); in match_principals_command()
429 "T", sshkey_ssh_name(cert->signature_key), in match_principals_command()
434 "i", cert->key_id, in match_principals_command()
504 if ((r = sshkey_in_file(key->cert->signature_key, in user_cert_trusted_ca()
518 key->cert, &principals_opts)) in user_cert_trusted_ca()
568 "%s CA %s via %s", key->cert->key_id, in user_cert_trusted_ca()
[all …]
/dragonfly/crypto/libressl/crypto/ct/
H A Dct_sct_ctx.c103 ct_x509_get_ext(X509 *cert, int nid, int *is_duplicated) in ct_x509_get_ext() argument
105 int ret = X509_get_ext_by_NID(cert, nid, -1); in ct_x509_get_ext()
109 X509_get_ext_by_NID(cert, nid, ret) >= 0; in ct_x509_get_ext()
120 ct_x509_cert_fixup(X509 *cert, X509 *presigner) in ct_x509_cert_fixup() argument
130 certidx = ct_x509_get_ext(cert, NID_authority_key_identifier, in ct_x509_cert_fixup()
145 if (!X509_set_issuer_name(cert, X509_get_issuer_name(presigner))) in ct_x509_cert_fixup()
150 X509_EXTENSION *certext = X509_get_ext(cert, certidx); in ct_x509_cert_fixup()
165 SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner) in SCT_CTX_set1_cert() argument
184 certderlen = i2d_X509(cert, &certder); in SCT_CTX_set1_cert()
190 idx = ct_x509_get_ext(cert, NID_ct_precert_scts, &sct_ext_is_dup); in SCT_CTX_set1_cert()
[all …]
H A Dct_policy.c95 X509_free(ctx->cert); in CT_POLICY_EVAL_CTX_free()
101 CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert) in CT_POLICY_EVAL_CTX_set1_cert() argument
103 if (!X509_up_ref(cert)) in CT_POLICY_EVAL_CTX_set1_cert()
105 ctx->cert = cert; in CT_POLICY_EVAL_CTX_set1_cert()
134 return ctx->cert; in CT_POLICY_EVAL_CTX_get0_cert()
/dragonfly/crypto/libressl/tls/
H A Dtls_keypair.c35 X509 *cert = NULL; in tls_keypair_pubkey_hash() local
46 if (tls_keypair_load_cert(keypair, error, &cert) == -1) in tls_keypair_pubkey_hash()
48 if (tls_cert_pubkey_hash(cert, &keypair->pubkey_hash) == -1) in tls_keypair_pubkey_hash()
54 X509_free(cert); in tls_keypair_pubkey_hash()
79 const uint8_t *cert, size_t len) in tls_keypair_set_cert_mem() argument
81 if (tls_set_mem(&keypair->cert_mem, &keypair->cert_len, cert, len) == -1) in tls_keypair_set_cert_mem()
136 X509 **cert) in tls_keypair_load_cert() argument
143 X509_free(*cert); in tls_keypair_load_cert()
144 *cert = NULL; in tls_keypair_load_cert()
155 if ((*cert = PEM_read_bio_X509(cert_bio, NULL, tls_password_cb, in tls_keypair_load_cert()
/dragonfly/contrib/wpa_supplicant/src/crypto/
H A Dtls_openssl.c628 cert = NULL; in tls_cryptoapi_cert()
642 if (cert) in tls_cryptoapi_cert()
658 X509 *cert; in tls_cryptoapi_ca_cert() local
2162 ev.cert_fail.cert = cert; in openssl_tls_fail_event()
2221 ev.peer_cert.cert = cert; in openssl_tls_cert_event()
2224 if (cert) { in openssl_tls_cert_event()
3312 X509 *cert; in tls_parse_pkcs12() local
3330 if (cert) { in tls_parse_pkcs12()
3521 *cert = params.cert; in tls_engine_get_cert()
4747 if (cert && !sk_X509_push(certs, cert)) { in ocsp_resp_cb()
[all …]
H A Dtls_gnutls.c610 gnutls_datum_t cert, key; in tls_connection_set_params() local
945 if (cert) { in gnutls_tls_fail_event()
946 cert_buf = wpabuf_alloc_copy(cert->data, cert->size); in gnutls_tls_fail_event()
947 ev.cert_fail.cert = cert_buf; in gnutls_tls_fail_event()
1097 cert, match, in tls_match_suffix_helper()
1141 gnutls_x509_crt_t cert; in tls_connection_verify_peer() local
1283 gnutls_x509_crt_deinit(cert); in tls_connection_verify_peer()
1311 ev.peer_cert.cert = cert_buf; in tls_connection_verify_peer()
1339 gnutls_x509_crt_deinit(cert); in tls_connection_verify_peer()
1396 gnutls_x509_crt_deinit(cert); in tls_connection_verify_peer()
[all …]
/dragonfly/crypto/libressl/crypto/ts/
H A Dts_rsp_verify.c282 X509 *cert; in TS_check_signing_certs() local
289 cert = sk_X509_value(chain, 0); in TS_check_signing_certs()
291 if (TS_find_cert(cert_ids, cert) != 0) in TS_check_signing_certs()
301 cert = sk_X509_value(chain, i); in TS_check_signing_certs()
303 if (TS_find_cert(cert_ids, cert) < 0) in TS_check_signing_certs()
312 cert = sk_X509_value(chain, 0); in TS_check_signing_certs()
314 if (TS_find_cert_v2(cert_ids_v2, cert) != 0) in TS_check_signing_certs()
324 cert = sk_X509_value(chain, i); in TS_check_signing_certs()
326 if (TS_find_cert_v2(cert_ids_v2, cert) < 0) in TS_check_signing_certs()
378 if (!cert_ids || !cert) in TS_find_cert()
[all …]
/dragonfly/contrib/wpa_supplicant/wpa_supplicant/
H A Dnotify.c798 cert->depth, cert->subject, cert_hash ? " hash=" : "", in wpas_notify_certification()
800 cert->tod ? " tod=1" : ""); in wpas_notify_certification()
802 if (cert->cert) { in wpas_notify_certification()
804 size_t len = wpabuf_len(cert->cert) * 2 + 1; in wpas_notify_certification()
807 wpa_snprintf_hex(cert_hex, len, wpabuf_head(cert->cert), in wpas_notify_certification()
808 wpabuf_len(cert->cert)); in wpas_notify_certification()
812 cert->depth, cert->subject, cert_hex); in wpas_notify_certification()
819 "depth=%d %s", cert->depth, cert->altsubject[i]); in wpas_notify_certification()
822 wpas_dbus_signal_certification(wpa_s, cert->depth, cert->subject, in wpas_notify_certification()
823 cert->altsubject, cert->num_altsubject, in wpas_notify_certification()
[all …]
/dragonfly/crypto/libressl/crypto/pkcs12/
H A Dp12_crt.c85 PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert, in PKCS12_create() argument
108 if (!pkey && !cert && !ca) { in PKCS12_create()
113 if (pkey && cert) { in PKCS12_create()
114 if (!X509_check_private_key(cert, pkey)) in PKCS12_create()
116 X509_digest(cert, EVP_sha1(), keyid, &keyidlen); in PKCS12_create()
119 if (cert) { in PKCS12_create()
120 bag = PKCS12_add_cert(&bags, cert); in PKCS12_create()
188 PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert) in PKCS12_add_cert() argument
197 if (!(bag = PKCS12_x5092certbag(cert))) in PKCS12_add_cert()
203 name = (char *)X509_alias_get0(cert, &namelen); in PKCS12_add_cert()
[all …]
H A Dp12_kiss.c84 PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, in PKCS12_parse() argument
92 if (cert != NULL) in PKCS12_parse()
93 *cert = NULL; in PKCS12_parse()
135 cert != NULL && *cert == NULL) { in PKCS12_parse()
138 *cert = x; in PKCS12_parse()
164 if (cert != NULL) in PKCS12_parse()
165 X509_free(*cert); in PKCS12_parse()
/dragonfly/contrib/wpa_supplicant/src/utils/
H A Dhttp_curl.c212 on = os_realloc_array(cert->othername, cert->num_othername + 1, in add_alt_name_othername()
246 n = os_realloc_array(cert->dnsname, cert->num_dnsname + 1, in add_alt_name_dns()
251 cert->dnsname = n; in add_alt_name_dns()
253 cert->num_dnsname++; in add_alt_name_dns()
935 X509 *cert; in http_parse_x509_certificate() local
989 X509_free(cert); in http_parse_x509_certificate()
996 X509 *cert; in curl_cb_ssl_verify() local
1016 if (!cert) { in curl_cb_ssl_verify()
1168 X509 *cert; in ocsp_resp_cb() local
1170 if (cert && !sk_X509_push(certs, cert)) { in ocsp_resp_cb()
[all …]
/dragonfly/crypto/libressl/apps/openssl/
H A Dcerthash.c305 X509 *cert = NULL; in certhash_cert() local
312 hash = X509_subject_name_hash(cert); in certhash_cert()
315 if (X509_digest(cert, digest, fingerprint, &len) != 1) { in certhash_cert()
323 X509_free(cert); in certhash_cert()
434 struct hashinfo *cert, *crl; in certhash_merge() local
445 for (cert = *certs; cert != NULL; cert = cert->next) { in certhash_merge()
446 if (cert->is_dup == 1) in certhash_merge()
448 certhash_findlink(*links, cert); in certhash_merge()
457 for (cert = *certs; cert != NULL; cert = cert->next) { in certhash_merge()
458 if (cert->is_dup == 1 || cert->reference != NULL) in certhash_merge()
[all …]
/dragonfly/crypto/libressl/crypto/cms/
H A Dcms_lib.c481 CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert) in CMS_add0_cert() argument
493 if (!X509_cmp(cch->d.certificate, cert)) { in CMS_add0_cert()
503 cch->d.certificate = cert; in CMS_add0_cert()
509 CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert) in CMS_add1_cert() argument
513 r = CMS_add0_cert(cms, cert); in CMS_add1_cert()
515 X509_up_ref(cert); in CMS_add1_cert()
655 cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert) in cms_ias_cert_cmp() argument
667 cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert) in cms_keyid_cert_cmp() argument
678 cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) in cms_set1_ias() argument
702 cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert) in cms_set1_keyid() argument
[all …]
/dragonfly/libexec/dma/
H A Dcrypto.c82 verify_server_fingerprint(const X509 *cert) in verify_server_fingerprint() argument
86 if(!X509_digest(cert, EVP_sha256(), fingerprint, &fingerprint_len)) { in verify_server_fingerprint()
113 X509 *cert; in smtp_init_crypto() local
199 cert = SSL_get_peer_certificate(config.ssl); in smtp_init_crypto()
200 if (cert == NULL) { in smtp_init_crypto()
205 if(config.fingerprint != NULL && verify_server_fingerprint(cert)) { in smtp_init_crypto()
206 X509_free(cert); in smtp_init_crypto()
209 X509_free(cert); in smtp_init_crypto()

123456