/freebsd/crypto/openssl/test/certs/ |
H A D | setup.sh | 81 ./mkcert.sh genca "CA" ca-key ca-cert root-key root-cert 112 ./mkcert.sh genca "CA" ca-key ca-cert-md5 root-key root-cert 119 ./mkcert.sh genca "CA" ca-key-768 ca-cert-768 root-key root-cert 158 ./mkcert.sh genee server.example ee-key ee-cert ca-key ca-cert 180 ./mkcert.sh genee server.example ee-key ee-cert-md5 ca-key ca-cert 193 ee-cert-ec-named-named ca-key-ec-named ca-cert-ec-named 216 ./mkcert.sh genpc pc2-key pc2-cert pc1-key pc1-cert \ 221 ./mkcert.sh genpc bad-pc3-key bad-pc3-cert pc1-key pc1-cert \ 225 ./mkcert.sh genpc bad-pc4-key bad-pc4-cert pc1-key pc1-cert \ 229 ./mkcert.sh genpc pc5-key pc5-cert pc1-key pc1-cert \ [all …]
|
H A D | mkcert.sh | 90 cert() { function 199 cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \ 216 cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \ 266 cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \ 300 cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \ 329 cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \ 346 cert "$cert" "$exts" -signkey "${key}.pem" \ 356 cert "$cert" "" -signkey "${key}.pem" -set_serial 1 -days -1 "$@" 389 cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \ 391 cat ${cert}.pem ${ca}.pem > ${cert}-chain.pem [all …]
|
/freebsd/crypto/openssl/test/recipes/ |
H A D | 25-test_req.t | 389 my $cert = shift @_; 402 my $cert = shift @_; 407 my $cert = shift @_; 412 my $cert = shift @_; 417 my $cert = shift @_; 430 generate_cert($cert); 449 strict_verify($cert, 1); 464 has_SKID($cert, 1); 465 has_AKID($cert, 0); 476 has_keyUsage($cert, 0); [all …]
|
/freebsd/crypto/heimdal/lib/hx509/ |
H A D | test_ca.in | 66 cert:FILE:cert-ee.pem \ 76 cert:FILE:cert-ee.pem \ 88 cert:FILE:cert-ee.pem \ 101 cert:FILE:cert-ee.pem \ 153 cert:FILE:cert-ee.pem \ 159 cert:FILE:cert-ee.pem \ 165 cert:FILE:cert-ee.pem \ 179 cert:FILE:cert-ee.pem \ 185 cert:FILE:cert-ee.pem \ 285 cert:FILE:cert-ee.pem \ [all …]
|
H A D | test_chain.in | 52 cert:FILE:$srcdir/data/test.crt \ 70 cert:FILE:$srcdir/data/sub-cert.crt \ 76 cert:FILE:$srcdir/data/sub-cert.crt \ 83 cert:FILE:$srcdir/data/sub-cert.crt \ 88 cert:FILE:$srcdir/data/sub-cert.crt \ 95 cert:FILE:$srcdir/data/sub-cert.crt \ 102 cert:FILE:$srcdir/data/sub-cert.crt \ 109 cert:FILE:$srcdir/data/sub-cert.crt \ 116 cert:FILE:$srcdir/data/sub-cert.crt \ 195 cert:FILE:$srcdir/data/secp160r2TestServer.cert.pem \ [all …]
|
H A D | cert.c | 224 *cert = malloc(sizeof(**cert)); in hx509_cert_init() 236 (*cert)->data = calloc(1, sizeof(*(*cert)->data)); in hx509_cert_init() 238 free(*cert); in hx509_cert_init() 244 free(*cert); in hx509_cert_init() 245 *cert = NULL; in hx509_cert_init() 341 (cert->release)(cert, cert->ctx); in hx509_cert_free() 358 memset(cert, 0, sizeof(*cert)); in hx509_cert_free() 359 free(cert); in hx509_cert_free() 379 cert->ref++; in hx509_cert_ref() 2557 sizeof(cert->attrs.val[0]) * (cert->attrs.len + 1)); in _hx509_set_cert_attribute() [all …]
|
H A D | test_cert.in | 61 FILE:${srcdir}/data/test.crt PEM-FILE:cert-pem.tmp || exit 1 63 ${hxtool} certificate-copy PEM-FILE:cert-pem.tmp DER-FILE:cert-der.tmp || exit 1 64 ${hxtool} certificate-copy DER-FILE:cert-der.tmp PEM-FILE:cert-pem2.tmp || exit 1 66 cmp cert-pem.tmp cert-pem2.tmp || exit 1 71 cert:FILE:$srcdir/data/n0ll.pem \ 76 cert:FILE:$srcdir/data/n0ll.pem \ 81 cert:FILE:$srcdir/data/win-u16-in-printablestring.der \
|
/freebsd/contrib/wpa/src/tls/ |
H A D | x509v3.c | 52 cert, cert->next); in x509_certificate_free() 59 os_free(cert); in x509_certificate_free() 75 cert = next; in x509_certificate_chain_free() 279 cert->public_key, cert->public_key_len); in x509_parse_public_key() 867 cert->ca, cert->path_len_constraint); in x509_parse_ext_basic_constraints() 1733 cert = os_zalloc(sizeof(*cert) + len); in x509_certificate_parse() 1737 cert->cert_start = (u8 *) (cert + 1); in x509_certificate_parse() 1815 cert->sign_value, cert->sign_value_len); in x509_certificate_parse() 1832 cert->sign_value, cert->sign_value_len, in x509_certificate_check_signature() 2153 for (cert = chain, idx = 0; cert; cert = cert->next, idx++) { in x509_certificate_chain_validate() [all …]
|
/freebsd/crypto/openssh/regress/ |
H A D | cert-hostkey.sh | 19 *rsa*cert*) 65 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert 117 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert 168 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert 177 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert 189 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert 197 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert 208 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert 229 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert 295 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert [all …]
|
H A D | agent-pkcs11-cert.sh | 46 ${SSH_SOFTHSM_DIR}/EC-cert.pub \ 48 ${SSH_SOFTHSM_DIR}/RSA-cert.pub || 54 ${SSH_SOFTHSM_DIR}/EC-cert.pub \ 55 ${SSH_SOFTHSM_DIR}/RSA-cert.pub | sort > $OBJ/expect_list 61 ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub ; do 68 for x in ${SSH_SOFTHSM_DIR}/EC-cert.pub ${SSH_SOFTHSM_DIR}/RSA-cert.pub ; do 78 ${SSH_SOFTHSM_DIR}/EC-cert.pub \ 80 ${SSH_SOFTHSM_DIR}/RSA-cert.pub || 84 ${SSH_SOFTHSM_DIR}/EC-cert.pub \ 85 ${SSH_SOFTHSM_DIR}/RSA-cert.pub | sort > $OBJ/expect_list [all …]
|
/freebsd/crypto/openssl/test/recipes/80-test_cmp_http_data/ |
H A D | test_credentials.csv | 3 1,valid secret - wrong cert/key ignored, -section,, -ref,_PBM_REF, -secret,_PBM_SECRET, -cert,root.… 6 0,wrong secret - correct cert, -section,,BLANK,, -secret,pass:wrong, -cert,signer.crt, -key,signer.… 9 1,empty ref but correct cert, -section,, -ref,"""",BLANK,, -cert,signer.crt, -key,signer.p12, -keyp… 10 1,wrong ref but correct cert, -section,, -ref,wrong,BLANK,, -cert,signer.crt, -key,signer.p12, -key… 12 1,valid cert and key and keypass, -section,,BLANK,,-secret,"""", -cert,signer.crt, -key,signer.p12,… 13 0,cert missing arg, -section,,BLANK,,BLANK,, -cert,, -key,signer.p12, -keypass,pass:12345,BLANK,,BL… 21 0,no cert, -section,,BLANK,,BLANK,,BLANK,, -key,signer.p12, -keypass,pass:12345,BLANK,,BLANK,,BLANK… 24 0,wrong cert, -section,,BLANK,,BLANK,, -cert,trusted.crt, -key,signer.p12, -keypass,pass:12345,BLAN… 25 0,cert file does not exist, -section,,BLANK,,BLANK,, -cert,idontexist, -key,signer.p12, -keypass,pa… 26 0,cert file random content, -section,,BLANK,,BLANK,, -cert,random.bin, -key,signer.p12, -keypass,pa… [all …]
|
H A D | test_commands.csv | 16 1,revreason unspecified, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -… 18 1,revreason keyCompromise, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem,… 20 1,revreason CACompromise, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, … 22 1,revreason affiliationChanged, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert… 24 1,revreason superseded, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -r… 28 1,revreason certificateHold, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pe… 29 1,revreason removeFromCRL, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem,… 30 0,revreason 7 (invalid), -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -… 34 1,revreason AACompromise, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, … 42 0,revreason 11 (invalid), -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, … [all …]
|
/freebsd/crypto/openssh/regress/unittests/authopt/testdata/ |
H A D | mktestdata.sh | 7 rm -f *.cert 18 mv user_key-cert.pub "$output" 23 sign no_permit.cert -Oclear 25 sign no_agentfwd.cert -Ono-agent-forwarding 26 sign no_portfwd.cert -Ono-port-forwarding 27 sign no_pty.cert -Ono-pty 28 sign no_user_rc.cert -Ono-user-rc 29 sign no_x11fwd.cert -Ono-X11-forwarding 33 sign only_pty.cert -Oclear -Opermit-pty 37 sign force_command.cert -Oforce-command="foo" [all …]
|
/freebsd/contrib/ldns/ |
H A D | dane.c | 147 assert(cert != NULL); in ldns_dane_cert2rdf() 352 X509_free(*cert); in ldns_dane_get_nth_cert_from_validation_chain() 414 assert(cert != NULL); in ldns_dane_select_certificate() 447 cert, extra_certs, in ldns_dane_select_certificate() 515 X509* cert) in ldns_dane_create_tlsa_rr() argument 521 assert(cert != NULL); in ldns_dane_create_tlsa_rr() 629 X509* cert; in ldns_dane_match_any_cert_with_data() local 634 if (! cert) { in ldns_dane_match_any_cert_with_data() 643 X509_free(cert); in ldns_dane_match_any_cert_with_data() 758 cert, extra_certs, in ldns_dane_verify_rr() [all …]
|
/freebsd/crypto/openssl/crypto/ess/ |
H A D | ess_lib.c | 18 static ESS_CERT_ID *ESS_CERT_ID_new_init(const X509 *cert, 21 const X509 *cert, 42 X509 *cert = sk_X509_value(certs, i); in OSSL_ESS_signing_cert_new_init() local 44 if ((cid = ESS_CERT_ID_new_init(cert, 1)) == NULL in OSSL_ESS_signing_cert_new_init() 57 static ESS_CERT_ID *ESS_CERT_ID_new_init(const X509 *cert, in ESS_CERT_ID_new_init() argument 66 if (!X509_digest(cert, EVP_sha1(), cert_sha1, NULL)) in ESS_CERT_ID_new_init() 119 X509 *cert = sk_X509_value(certs, i); in OSSL_ESS_signing_cert_v2_new_init() local 164 if (!X509_digest(cert, hash_alg, hash, &hash_len)) in ESS_CERT_ID_V2_new_init() 220 const X509 *cert; in find() local 255 cert = sk_X509_value(certs, i); in find() [all …]
|
/freebsd/crypto/openssl/ssl/ |
H A D | ssl_cert.c | 96 ret->key = &ret->pkeys[cert->key - cert->pkeys]; in ssl_cert_dup() 142 cert->pkeys[i].serverinfo, cert->pkeys[i].serverinfo_length); in ssl_cert_dup() 153 cert->conf_sigalgslen * sizeof(*cert->conf_sigalgs)); in ssl_cert_dup() 164 cert->client_sigalgslen * sizeof(*cert->client_sigalgs)); in ssl_cert_dup() 169 if (cert->ctype) { in ssl_cert_dup() 170 ret->ctype = OPENSSL_memdup(cert->ctype, cert->ctype_len); in ssl_cert_dup() 186 if (cert->chain_store) { in ssl_cert_dup() 264 CERT_PKEY *cpk = s != NULL ? s->cert->key : ctx->cert->key; in ssl_cert_set0_chain() 300 CERT_PKEY *cpk = s ? s->cert->key : ctx->cert->key; in ssl_cert_add0_chain_cert() 876 CERT *c = s ? s->cert : ctx->cert; in ssl_build_cert_chain() [all …]
|
/freebsd/crypto/openssl/crypto/cmp/ |
H A D | cmp_vfy.c | 45 pubkey = X509_get_pubkey(cert); in verify_signature() 112 if (ctx == NULL || cert == NULL) { in OSSL_CMP_validate_cert_path() 206 static int already_checked(const X509 *cert, in already_checked() argument 232 int self_issued = X509_check_issued(cert, cert) == X509_V_OK; in cert_acceptable() 249 if (already_checked(cert, already_checked1) in cert_acceptable() 271 if (!ossl_x509v3_cache_extensions(cert)) { in cert_acceptable() 275 if (!verify_signature(ctx, msg, cert)) { in cert_acceptable() 374 X509 *cert = sk_X509_value(certs, i); in check_msg_with_certs() local 376 if (!ossl_assert(cert != NULL)) in check_msg_with_certs() 385 if (!X509_up_ref(cert)) in check_msg_with_certs() [all …]
|
/freebsd/crypto/openssl/crypto/ocsp/ |
H A D | ocsp_srv.c | 157 int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert) in OCSP_basic_add1_cert() argument 236 int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert) in OCSP_RESPID_set_by_name() argument 246 int OCSP_RESPID_set_by_key_ex(OCSP_RESPID *respid, X509 *cert, in OCSP_RESPID_set_by_key_ex() argument 258 if (!X509_pubkey_digest(cert, sha1, md, NULL)) in OCSP_RESPID_set_by_key_ex() 279 int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert) in OCSP_RESPID_set_by_key() argument 281 if (cert == NULL) in OCSP_RESPID_set_by_key() 283 return OCSP_RESPID_set_by_key_ex(respid, cert, cert->libctx, cert->propq); in OCSP_RESPID_set_by_key() 303 if (!X509_pubkey_digest(cert, sha1, md, NULL)) in OCSP_RESPID_match_ex() 322 int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert) in OCSP_RESPID_match() argument 324 if (cert == NULL) in OCSP_RESPID_match() [all …]
|
/freebsd/crypto/openssl/test/ssl-tests/ |
H A D | 20-cert-select.cnf.in | 16 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 18 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), 20 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 26 "PSS.Certificate" => test_pem("server-pss-cert.pem"), 28 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), 32 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), 38 "Certificate" => test_pem("server-pss-cert.pem"), 70 "RequestCAFile" => test_pem("root-cert.pem"), 94 "RequestCAFile" => test_pem("root-cert.pem"), 118 "RequestCAFile" => test_pem("root-cert.pem"), [all …]
|
/freebsd/crypto/openssl/test/ |
H A D | localetest.c | 97 X509 *cert = NULL; in setup_tests() local 110 cert = d2i_X509(NULL, &p, sizeof(der_bytes)); in setup_tests() 111 if (!TEST_ptr(cert)) in setup_tests() 114 cert_pubkey = X509_get_X509_PUBKEY(cert); in setup_tests() 116 X509_free(cert); in setup_tests() 121 X509_free(cert); in setup_tests() 125 X509_free(cert); in setup_tests()
|
/freebsd/crypto/openssl/fuzz/ |
H A D | server.c | 527 X509 *cert; in FuzzerTestOneInput() local 563 OPENSSL_assert(cert != NULL); in FuzzerTestOneInput() 564 ret = SSL_CTX_use_certificate(ctx, cert); in FuzzerTestOneInput() 566 X509_free(cert); in FuzzerTestOneInput() 585 cert = PEM_read_bio_X509(bio_buf, NULL, NULL, NULL); in FuzzerTestOneInput() 586 OPENSSL_assert(cert != NULL); in FuzzerTestOneInput() 588 ret = SSL_CTX_use_certificate(ctx, cert); in FuzzerTestOneInput() 590 X509_free(cert); in FuzzerTestOneInput() 610 OPENSSL_assert(cert != NULL); in FuzzerTestOneInput() 612 ret = SSL_CTX_use_certificate(ctx, cert); in FuzzerTestOneInput() [all …]
|
/freebsd/crypto/openssh/regress/unittests/sshkey/ |
H A D | test_sshkey.c | 419 ASSERT_PTR_NE(k1->cert, NULL); in sshkey_tests() 420 k1->cert->type = SSH2_CERT_TYPE_USER; in sshkey_tests() 421 k1->cert->serial = 1234; in sshkey_tests() 422 k1->cert->key_id = strdup("estragon"); in sshkey_tests() 424 k1->cert->principals = calloc(4, sizeof(*k1->cert->principals)); in sshkey_tests() 434 k1->cert->nprincipals = 4; in sshkey_tests() 435 k1->cert->valid_after = 0; in sshkey_tests() 437 sshbuf_free(k1->cert->critical); in sshkey_tests() 438 k1->cert->critical = sshbuf_new(); in sshkey_tests() 440 sshbuf_free(k1->cert->extensions); in sshkey_tests() [all …]
|
/freebsd/crypto/openssl/crypto/pkcs12/ |
H A D | p12_crt.c | 18 X509 *cert, 63 if (pkey == NULL && cert == NULL && ca == NULL) { in PKCS12_create_ex() 68 if (pkey && cert) { in PKCS12_create_ex() 69 if (!X509_check_private_key(cert, pkey)) in PKCS12_create_ex() 75 if (cert) { in PKCS12_create_ex() 77 name = (char *)X509_alias_get0(cert, &namelen); in PKCS12_create_ex() 82 pkeyid = X509_keyid_get0(cert, &pkeyidlen); in PKCS12_create_ex() 157 X509 *cert, in pkcs12_add_cert_bag() argument 166 if ((bag = PKCS12_SAFEBAG_create_cert(cert)) == NULL) in pkcs12_add_cert_bag() 195 name = (char *)X509_alias_get0(cert, &namelen); in PKCS12_add_cert() [all …]
|
/freebsd/crypto/openssh/ |
H A D | sshkey.c | 331 if ((certs_only && !impl->cert) || (plain_only && impl->cert)) in sshkey_alg_list() 585 freezero(cert, sizeof(*cert)); in cert_free() 593 if ((cert = calloc(1, sizeof(*cert))) == NULL) in cert_new() 605 return cert; in cert_new() 722 if (!cert_compare(a->cert, b->cert)) in sshkey_equal() 1820 key->cert->nprincipals, key->cert->nprincipals + 1, in cert_parse() 2034 if (key->cert == NULL || key->cert->signature_type == NULL) in sshkey_check_cert_sigtype() 2215 cert = k->cert->certblob; /* for readability */ in sshkey_certify_custom() 2231 if ((ret = sshbuf_put_u64(cert, k->cert->serial)) != 0 || in sshkey_certify_custom() 2232 (ret = sshbuf_put_u32(cert, k->cert->type)) != 0 || in sshkey_certify_custom() [all …]
|
/freebsd/crypto/openssl/crypto/ct/ |
H A D | ct_sct_ctx.c | 63 static int ct_x509_get_ext(X509 *cert, int nid, int *is_duplicated) in ct_x509_get_ext() argument 65 int ret = X509_get_ext_by_NID(cert, nid, -1); in ct_x509_get_ext() 68 *is_duplicated = ret >= 0 && X509_get_ext_by_NID(cert, nid, ret) >= 0; in ct_x509_get_ext() 78 __owur static int ct_x509_cert_fixup(X509 *cert, X509 *presigner) in ct_x509_cert_fixup() argument 88 certidx = ct_x509_get_ext(cert, NID_authority_key_identifier, in ct_x509_cert_fixup() 103 if (!X509_set_issuer_name(cert, X509_get_issuer_name(presigner))) in ct_x509_cert_fixup() 108 X509_EXTENSION *certext = X509_get_ext(cert, certidx); in ct_x509_cert_fixup() 122 int SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner) in SCT_CTX_set1_cert() argument 141 certderlen = i2d_X509(cert, &certder); in SCT_CTX_set1_cert() 147 idx = ct_x509_get_ext(cert, NID_ct_precert_scts, &sct_ext_is_dup); in SCT_CTX_set1_cert() [all …]
|