/openbsd/lib/libssl/ |
H A D | ssl_sigalgs.c | 224 const struct ssl_sigalg *sigalg; in ssl_sigalgs_build() local 272 if (sigalg == NULL || pkey == NULL) in ssl_sigalg_pkey_ok() 274 if (sigalg->key_type != EVP_PKEY_id(pkey)) in ssl_sigalg_pkey_ok() 291 if (sigalg->key_type == EVP_PKEY_RSA && in ssl_sigalg_pkey_ok() 297 if (sigalg->group_nid == 0) in ssl_sigalg_pkey_ok() 328 const struct ssl_sigalg *sigalg; in ssl_sigalg_select() local 336 if (ssl_sigalg_pkey_ok(s, sigalg, pkey)) in ssl_sigalg_select() 337 return sigalg; in ssl_sigalg_select() 347 const struct ssl_sigalg *sigalg; in ssl_sigalg_for_peer() local 356 if (!ssl_sigalg_pkey_ok(s, sigalg, pkey)) { in ssl_sigalg_for_peer() [all …]
|
H A D | tls13_client.c | 634 const struct ssl_sigalg *sigalg; in tls13_server_certificate_verify_recv() local 676 ctx->hs->peer_sigalg = sigalg; in tls13_server_certificate_verify_recv() 800 const struct ssl_sigalg *sigalg; in tls13_client_check_certificate() local 813 *out_sigalg = sigalg; in tls13_client_check_certificate() 824 const struct ssl_sigalg *sigalg; in tls13_client_select_certificate() local 850 sigalg = NULL; in tls13_client_select_certificate() 854 *out_sigalg = sigalg; in tls13_client_select_certificate() 864 const struct ssl_sigalg *sigalg; in tls13_client_certificate_send() local 874 ctx->hs->our_sigalg = sigalg; in tls13_client_certificate_send() 911 const struct ssl_sigalg *sigalg; in tls13_client_certificate_verify_send() local [all …]
|
H A D | tls13_server.c | 570 const struct ssl_sigalg *sigalg; in tls13_server_check_certificate() local 590 *out_sigalg = sigalg; in tls13_server_check_certificate() 601 const struct ssl_sigalg *sigalg; in tls13_server_select_certificate() local 621 sigalg = NULL; in tls13_server_select_certificate() 625 *out_sigalg = sigalg; in tls13_server_select_certificate() 635 const struct ssl_sigalg *sigalg; in tls13_server_certificate_send() local 654 ctx->hs->our_sigalg = sigalg; in tls13_server_certificate_send() 713 const struct ssl_sigalg *sigalg; in tls13_server_certificate_verify_send() local 764 if (!CBB_add_u16(cbb, sigalg->value)) in tls13_server_certificate_verify_send() 943 const struct ssl_sigalg *sigalg; in tls13_client_certificate_verify_recv() local [all …]
|
H A D | s3_lib.c | 1905 const struct ssl_sigalg *sigalg; in _SSL_get_signature_nid() local 1910 *nid = EVP_MD_type(sigalg->md()); in _SSL_get_signature_nid() 1918 const struct ssl_sigalg *sigalg; in _SSL_get_peer_signature_nid() local 1923 *nid = EVP_MD_type(sigalg->md()); in _SSL_get_peer_signature_nid() 1931 const struct ssl_sigalg *sigalg; in SSL_get_signature_type_nid() local 1936 *nid = sigalg->key_type; in SSL_get_signature_type_nid() 1937 if (sigalg->key_type == EVP_PKEY_RSA && in SSL_get_signature_type_nid() 1938 (sigalg->flags & SIGALG_FLAG_RSA_PSS)) in SSL_get_signature_type_nid() 1948 const struct ssl_sigalg *sigalg; in SSL_get_peer_signature_type_nid() local 1953 *nid = sigalg->key_type; in SSL_get_peer_signature_type_nid() [all …]
|
H A D | ssl_clnt.c | 1359 const struct ssl_sigalg *sigalg; in ssl3_get_server_key_exchange() local 1388 if ((sigalg = ssl_sigalg_for_peer(s, pkey, in ssl3_get_server_key_exchange() 1393 s->s3->hs.peer_sigalg = sigalg; in ssl3_get_server_key_exchange() 1395 if (!EVP_DigestVerifyInit(md_ctx, &pctx, sigalg->md(), in ssl3_get_server_key_exchange() 1398 if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && in ssl3_get_server_key_exchange() 1969 const struct ssl_sigalg *sigalg, CBB *cert_verify) in ssl3_send_client_verify_sigalgs() argument 1990 if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && in ssl3_send_client_verify_sigalgs() 2009 if (!CBB_add_u16(cert_verify, sigalg->value)) in ssl3_send_client_verify_sigalgs() 2100 const struct ssl_sigalg *sigalg; in ssl3_send_client_verify() local 2112 if ((sigalg = ssl_sigalg_select(s, pkey)) == NULL) { in ssl3_send_client_verify() [all …]
|
H A D | ssl_srvr.c | 1415 const struct ssl_sigalg *sigalg = NULL; in ssl3_send_server_key_exchange() local 1481 &md, &sigalg)) == NULL) { in ssl3_send_server_key_exchange() 1485 s->s3->hs.our_sigalg = sigalg; in ssl3_send_server_key_exchange() 1489 if (!CBB_add_u16(&server_kex, sigalg->value)) { in ssl3_send_server_key_exchange() 1500 if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && in ssl3_send_server_key_exchange() 1855 const struct ssl_sigalg *sigalg = NULL; in ssl3_get_cert_verify() local 1931 if ((sigalg = ssl_sigalg_for_peer(s, pkey, in ssl3_get_cert_verify() 1936 s->s3->hs.peer_sigalg = sigalg; in ssl3_get_cert_verify() 1946 if (!EVP_DigestVerifyInit(mctx, &pctx, sigalg->md(), in ssl3_get_cert_verify() 1952 if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && in ssl3_get_cert_verify()
|
/openbsd/usr.sbin/unbound/validator/ |
H A D | val_utils.c | 533 if(sigalg) { in val_verify_DNSKEY_with_DS() 569 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_DS() 578 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_DS() 616 uint8_t sigalg[ALGO_NEEDS_MAX+1]; in val_verify_new_DNSKEYs() local 625 downprot?sigalg:NULL, LDNS_EDE_NONE, NULL, in val_verify_new_DNSKEYs() 677 if(sigalg) { in val_verify_DNSKEY_with_TA() 709 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_TA() 718 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_TA() 741 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_TA() 750 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_TA() [all …]
|
H A D | val_sigcrypt.h | 83 struct ub_packed_rrset_key* dnskey, uint8_t* sigalg); 90 void algo_needs_init_list(struct algo_needs* n, uint8_t* sigalg); 101 int fav_ds_algo, uint8_t* sigalg); 270 struct ub_packed_rrset_key* dnskey, uint8_t* sigalg,
|
H A D | val_sigcrypt.c | 449 sigalg[total] = algo; in algo_needs_init_dnskey_add() 453 sigalg[total] = 0; in algo_needs_init_dnskey_add() 463 while( (algo=*sigalg++) != 0) { in algo_needs_init_list() 473 int fav_ds_algo, uint8_t* sigalg) in algo_needs_init_ds() argument 489 sigalg[total] = algo; in algo_needs_init_ds() 493 sigalg[total] = 0; in algo_needs_init_ds() 646 if(sigalg) { in dnskeyset_verify_rrset() 647 algo_needs_init_list(&needs, sigalg); in dnskeyset_verify_rrset() 662 if(!sigalg) in dnskeyset_verify_rrset() 667 } else if(sigalg && sec == sec_status_bogus) { in dnskeyset_verify_rrset() [all …]
|
H A D | val_utils.h | 155 struct ub_packed_rrset_key* ds_rrset, uint8_t* sigalg, char** reason, 179 struct ub_packed_rrset_key* ta_dnskey, uint8_t* sigalg, char** reason,
|
H A D | val_kentry.c | 305 struct ub_packed_rrset_key* rrset, uint8_t* sigalg, in key_entry_create_rrset() argument 326 if(sigalg) { in key_entry_create_rrset() 327 d->algo = (uint8_t*)regional_strdup(region, (char*)sigalg); in key_entry_create_rrset()
|
H A D | val_kentry.h | 197 struct ub_packed_rrset_key* rrset, uint8_t* sigalg,
|
/openbsd/sbin/unwind/libunbound/validator/ |
H A D | val_utils.c | 533 if(sigalg) { in val_verify_DNSKEY_with_DS() 569 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_DS() 578 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_DS() 616 uint8_t sigalg[ALGO_NEEDS_MAX+1]; in val_verify_new_DNSKEYs() local 625 downprot?sigalg:NULL, LDNS_EDE_NONE, NULL, in val_verify_new_DNSKEYs() 677 if(sigalg) { in val_verify_DNSKEY_with_TA() 709 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_TA() 718 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_TA() 741 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_TA() 750 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_TA() [all …]
|
H A D | val_sigcrypt.h | 83 struct ub_packed_rrset_key* dnskey, uint8_t* sigalg); 90 void algo_needs_init_list(struct algo_needs* n, uint8_t* sigalg); 101 int fav_ds_algo, uint8_t* sigalg); 270 struct ub_packed_rrset_key* dnskey, uint8_t* sigalg,
|
H A D | val_sigcrypt.c | 449 sigalg[total] = algo; in algo_needs_init_dnskey_add() 453 sigalg[total] = 0; in algo_needs_init_dnskey_add() 463 while( (algo=*sigalg++) != 0) { in algo_needs_init_list() 473 int fav_ds_algo, uint8_t* sigalg) in algo_needs_init_ds() argument 489 sigalg[total] = algo; in algo_needs_init_ds() 493 sigalg[total] = 0; in algo_needs_init_ds() 646 if(sigalg) { in dnskeyset_verify_rrset() 647 algo_needs_init_list(&needs, sigalg); in dnskeyset_verify_rrset() 662 if(!sigalg) in dnskeyset_verify_rrset() 667 } else if(sigalg && sec == sec_status_bogus) { in dnskeyset_verify_rrset() [all …]
|
H A D | val_utils.h | 155 struct ub_packed_rrset_key* ds_rrset, uint8_t* sigalg, char** reason, 179 struct ub_packed_rrset_key* ta_dnskey, uint8_t* sigalg, char** reason,
|
H A D | val_kentry.c | 305 struct ub_packed_rrset_key* rrset, uint8_t* sigalg, in key_entry_create_rrset() argument 326 if(sigalg) { in key_entry_create_rrset() 327 d->algo = (uint8_t*)regional_strdup(region, (char*)sigalg); in key_entry_create_rrset()
|
H A D | val_kentry.h | 197 struct ub_packed_rrset_key* rrset, uint8_t* sigalg,
|
/openbsd/lib/libkeynote/ |
H A D | signature.c | 786 keynote_sign_assertion(struct assertion *as, char *sigalg, void *key, in keynote_sign_assertion() argument 811 alg = keynote_get_sig_algorithm(sigalg, &hashtype, &encoding, in keynote_sign_assertion() 828 sig = strchr(sigalg, ':'); in keynote_sign_assertion() 845 SHA1_Update(&shscontext, sigalg, (char *) sig - sigalg); in keynote_sign_assertion() 855 MD5_Update(&md5context, sigalg, (char *) sig - sigalg); in keynote_sign_assertion() 995 len = strlen(sigalg) + strlen(finalbuf) + 1; in keynote_sign_assertion() 1005 snprintf(as->as_signature, len, "%s%s", sigalg, finalbuf); in keynote_sign_assertion() 1064 if (sigalg == NULL || buf == NULL || key == NULL) in kn_sign_assertion() 1070 if (sigalg[0] == '\0' || sigalg[strlen(sigalg) - 1] != ':') in kn_sign_assertion() 1077 alg = keynote_get_sig_algorithm(sigalg, &hashtype, &encoding, in kn_sign_assertion() [all …]
|
/openbsd/usr.bin/ssh/ |
H A D | serverloop.c | 641 const char *sigalg, *kex_rsa_sigalg = NULL; in server_input_hostkeys_prove() local 682 sigalg = NULL; in server_input_hostkeys_prove() 685 sigalg = kex_rsa_sigalg; in server_input_hostkeys_prove() 687 sigalg = "rsa-sha2-512"; in server_input_hostkeys_prove() 689 sigalg = "rsa-sha2-256"; in server_input_hostkeys_prove() 692 sshkey_type(key), ndx, sigalg == NULL ? "default" : sigalg); in server_input_hostkeys_prove() 699 sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), sigalg)) != 0 || in server_input_hostkeys_prove()
|
H A D | monitor.c | 1160 char *sigalg = NULL, *fp = NULL; in mm_answer_keyverify() local 1169 (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0) in mm_answer_keyverify() 1177 if (*sigalg == '\0') { in mm_answer_keyverify() 1178 free(sigalg); in mm_answer_keyverify() 1179 sigalg = NULL; in mm_answer_keyverify() 1210 sigalg, ssh->compat, &sig_details); in mm_answer_keyverify() 1212 sshkey_type(key), sigalg == NULL ? "default" : sigalg, in mm_answer_keyverify() 1265 free(sigalg); in mm_answer_keyverify()
|
H A D | kex.c | 259 const char *sigalg; in kex_set_server_sig_algs() local 275 if ((sigalg = sshkey_sigalg_by_name(alg)) == NULL) in kex_set_server_sig_algs() 277 if (!kex_has_any_alg(sigalg, sigalgs)) in kex_set_server_sig_algs() 281 kex_has_any_alg(sigalg, ssh->kex->server_sig_algs)) in kex_set_server_sig_algs() 283 xextendf(&ssh->kex->server_sig_algs, ",", "%s", sigalg); in kex_set_server_sig_algs()
|
/openbsd/usr.sbin/unbound/testcode/ |
H A D | unitverify.c | 159 setup_sigalg(struct ub_packed_rrset_key* dnskey, uint8_t* sigalg) in setup_sigalg() argument 168 sigalg[n++] = algo; in setup_sigalg() 171 sigalg[n] = 0; in setup_sigalg() 182 uint8_t sigalg[ALGO_NEEDS_MAX+1]; in verifytest_rrset() local 189 setup_sigalg(dnskey, sigalg); /* check all algorithms in the dnskey */ in verifytest_rrset() 191 sec = dnskeyset_verify_rrset(env, ve, rrset, dnskey, sigalg, &reason, NULL, in verifytest_rrset()
|
/openbsd/lib/libcrypto/rsa/ |
H A D | rsa_ameth.c | 506 rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig, in rsa_sig_print() argument 509 if (OBJ_obj2nid(sigalg->algorithm) == EVP_PKEY_RSA_PSS) { in rsa_sig_print() 511 RSA_PSS_PARAMS *pss = rsa_pss_decode(sigalg); in rsa_sig_print() 764 X509_ALGOR *sigalg, EVP_PKEY *pkey) in rsa_pss_to_ctx() argument 772 if (OBJ_obj2nid(sigalg->algorithm) != EVP_PKEY_RSA_PSS) { in rsa_pss_to_ctx() 777 pss = rsa_pss_decode(sigalg); in rsa_pss_to_ctx() 882 X509_ALGOR *sigalg, ASN1_BIT_STRING *sig, EVP_PKEY *pkey) in rsa_item_verify() argument 885 if (OBJ_obj2nid(sigalg->algorithm) != EVP_PKEY_RSA_PSS) { in rsa_item_verify() 889 if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) { in rsa_item_verify()
|
/openbsd/lib/libcrypto/asn1/ |
H A D | t_x509.c | 337 X509_signature_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig) in X509_signature_print() argument 342 if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) in X509_signature_print() 345 sig_nid = OBJ_obj2nid(sigalg->algorithm); in X509_signature_print() 352 return ameth->sig_print(bp, sigalg, sig, 9, 0); in X509_signature_print()
|