| /openbsd/lib/libssl/ |
| H A D | ssl_sigalgs.c | 224 const struct ssl_sigalg *sigalg; in ssl_sigalgs_build() local
272 if (sigalg == NULL || pkey == NULL) in ssl_sigalg_pkey_ok()
274 if (sigalg->key_type != EVP_PKEY_id(pkey)) in ssl_sigalg_pkey_ok()
291 if (sigalg->key_type == EVP_PKEY_RSA && in ssl_sigalg_pkey_ok()
297 if (sigalg->group_nid == 0) in ssl_sigalg_pkey_ok()
328 const struct ssl_sigalg *sigalg; in ssl_sigalg_select() local
336 if (ssl_sigalg_pkey_ok(s, sigalg, pkey)) in ssl_sigalg_select()
337 return sigalg; in ssl_sigalg_select()
347 const struct ssl_sigalg *sigalg; in ssl_sigalg_for_peer() local
356 if (!ssl_sigalg_pkey_ok(s, sigalg, pkey)) { in ssl_sigalg_for_peer()
[all …]
|
| H A D | tls13_client.c | 634 const struct ssl_sigalg *sigalg; in tls13_server_certificate_verify_recv() local
676 ctx->hs->peer_sigalg = sigalg; in tls13_server_certificate_verify_recv()
800 const struct ssl_sigalg *sigalg; in tls13_client_check_certificate() local
813 *out_sigalg = sigalg; in tls13_client_check_certificate()
824 const struct ssl_sigalg *sigalg; in tls13_client_select_certificate() local
850 sigalg = NULL; in tls13_client_select_certificate()
854 *out_sigalg = sigalg; in tls13_client_select_certificate()
864 const struct ssl_sigalg *sigalg; in tls13_client_certificate_send() local
874 ctx->hs->our_sigalg = sigalg; in tls13_client_certificate_send()
911 const struct ssl_sigalg *sigalg; in tls13_client_certificate_verify_send() local
[all …]
|
| H A D | tls13_server.c | 570 const struct ssl_sigalg *sigalg; in tls13_server_check_certificate() local
590 *out_sigalg = sigalg; in tls13_server_check_certificate()
601 const struct ssl_sigalg *sigalg; in tls13_server_select_certificate() local
621 sigalg = NULL; in tls13_server_select_certificate()
625 *out_sigalg = sigalg; in tls13_server_select_certificate()
635 const struct ssl_sigalg *sigalg; in tls13_server_certificate_send() local
654 ctx->hs->our_sigalg = sigalg; in tls13_server_certificate_send()
713 const struct ssl_sigalg *sigalg; in tls13_server_certificate_verify_send() local
764 if (!CBB_add_u16(cbb, sigalg->value)) in tls13_server_certificate_verify_send()
943 const struct ssl_sigalg *sigalg; in tls13_client_certificate_verify_recv() local
[all …]
|
| H A D | s3_lib.c | 1905 const struct ssl_sigalg *sigalg; in _SSL_get_signature_nid() local
1910 *nid = EVP_MD_type(sigalg->md()); in _SSL_get_signature_nid()
1918 const struct ssl_sigalg *sigalg; in _SSL_get_peer_signature_nid() local
1923 *nid = EVP_MD_type(sigalg->md()); in _SSL_get_peer_signature_nid()
1931 const struct ssl_sigalg *sigalg; in SSL_get_signature_type_nid() local
1936 *nid = sigalg->key_type; in SSL_get_signature_type_nid()
1937 if (sigalg->key_type == EVP_PKEY_RSA && in SSL_get_signature_type_nid()
1938 (sigalg->flags & SIGALG_FLAG_RSA_PSS)) in SSL_get_signature_type_nid()
1948 const struct ssl_sigalg *sigalg; in SSL_get_peer_signature_type_nid() local
1953 *nid = sigalg->key_type; in SSL_get_peer_signature_type_nid()
[all …]
|
| H A D | ssl_clnt.c | 1359 const struct ssl_sigalg *sigalg; in ssl3_get_server_key_exchange() local
1388 if ((sigalg = ssl_sigalg_for_peer(s, pkey, in ssl3_get_server_key_exchange()
1393 s->s3->hs.peer_sigalg = sigalg; in ssl3_get_server_key_exchange()
1395 if (!EVP_DigestVerifyInit(md_ctx, &pctx, sigalg->md(), in ssl3_get_server_key_exchange()
1398 if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && in ssl3_get_server_key_exchange()
1969 const struct ssl_sigalg *sigalg, CBB *cert_verify) in ssl3_send_client_verify_sigalgs() argument
1990 if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && in ssl3_send_client_verify_sigalgs()
2009 if (!CBB_add_u16(cert_verify, sigalg->value)) in ssl3_send_client_verify_sigalgs()
2100 const struct ssl_sigalg *sigalg; in ssl3_send_client_verify() local
2112 if ((sigalg = ssl_sigalg_select(s, pkey)) == NULL) { in ssl3_send_client_verify()
[all …]
|
| H A D | ssl_srvr.c | 1415 const struct ssl_sigalg *sigalg = NULL; in ssl3_send_server_key_exchange() local
1481 &md, &sigalg)) == NULL) { in ssl3_send_server_key_exchange()
1485 s->s3->hs.our_sigalg = sigalg; in ssl3_send_server_key_exchange()
1489 if (!CBB_add_u16(&server_kex, sigalg->value)) { in ssl3_send_server_key_exchange()
1500 if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && in ssl3_send_server_key_exchange()
1855 const struct ssl_sigalg *sigalg = NULL; in ssl3_get_cert_verify() local
1931 if ((sigalg = ssl_sigalg_for_peer(s, pkey, in ssl3_get_cert_verify()
1936 s->s3->hs.peer_sigalg = sigalg; in ssl3_get_cert_verify()
1946 if (!EVP_DigestVerifyInit(mctx, &pctx, sigalg->md(), in ssl3_get_cert_verify()
1952 if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && in ssl3_get_cert_verify()
|
| /openbsd/usr.sbin/unbound/validator/ |
| H A D | val_utils.c | 533 if(sigalg) { in val_verify_DNSKEY_with_DS()
569 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_DS()
578 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_DS()
616 uint8_t sigalg[ALGO_NEEDS_MAX+1]; in val_verify_new_DNSKEYs() local
625 downprot?sigalg:NULL, LDNS_EDE_NONE, NULL, in val_verify_new_DNSKEYs()
677 if(sigalg) { in val_verify_DNSKEY_with_TA()
709 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_TA()
718 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_TA()
741 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_TA()
750 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_TA()
[all …]
|
| H A D | val_sigcrypt.h | 83 struct ub_packed_rrset_key* dnskey, uint8_t* sigalg);
90 void algo_needs_init_list(struct algo_needs* n, uint8_t* sigalg);
101 int fav_ds_algo, uint8_t* sigalg);
270 struct ub_packed_rrset_key* dnskey, uint8_t* sigalg,
|
| H A D | val_sigcrypt.c | 449 sigalg[total] = algo; in algo_needs_init_dnskey_add()
453 sigalg[total] = 0; in algo_needs_init_dnskey_add()
463 while( (algo=*sigalg++) != 0) { in algo_needs_init_list()
473 int fav_ds_algo, uint8_t* sigalg) in algo_needs_init_ds() argument
489 sigalg[total] = algo; in algo_needs_init_ds()
493 sigalg[total] = 0; in algo_needs_init_ds()
646 if(sigalg) { in dnskeyset_verify_rrset()
647 algo_needs_init_list(&needs, sigalg); in dnskeyset_verify_rrset()
662 if(!sigalg) in dnskeyset_verify_rrset()
667 } else if(sigalg && sec == sec_status_bogus) { in dnskeyset_verify_rrset()
[all …]
|
| H A D | val_utils.h | 155 struct ub_packed_rrset_key* ds_rrset, uint8_t* sigalg, char** reason,
179 struct ub_packed_rrset_key* ta_dnskey, uint8_t* sigalg, char** reason,
|
| H A D | val_kentry.c | 305 struct ub_packed_rrset_key* rrset, uint8_t* sigalg, in key_entry_create_rrset() argument
326 if(sigalg) { in key_entry_create_rrset()
327 d->algo = (uint8_t*)regional_strdup(region, (char*)sigalg); in key_entry_create_rrset()
|
| H A D | val_kentry.h | 197 struct ub_packed_rrset_key* rrset, uint8_t* sigalg,
|
| /openbsd/sbin/unwind/libunbound/validator/ |
| H A D | val_utils.c | 533 if(sigalg) { in val_verify_DNSKEY_with_DS()
569 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_DS()
578 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_DS()
616 uint8_t sigalg[ALGO_NEEDS_MAX+1]; in val_verify_new_DNSKEYs() local
625 downprot?sigalg:NULL, LDNS_EDE_NONE, NULL, in val_verify_new_DNSKEYs()
677 if(sigalg) { in val_verify_DNSKEY_with_TA()
709 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_TA()
718 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_TA()
741 if(!sigalg || algo_needs_set_secure(&needs, in val_verify_DNSKEY_with_TA()
750 } else if(sigalg && sec == sec_status_bogus) { in val_verify_DNSKEY_with_TA()
[all …]
|
| H A D | val_sigcrypt.h | 83 struct ub_packed_rrset_key* dnskey, uint8_t* sigalg);
90 void algo_needs_init_list(struct algo_needs* n, uint8_t* sigalg);
101 int fav_ds_algo, uint8_t* sigalg);
270 struct ub_packed_rrset_key* dnskey, uint8_t* sigalg,
|
| H A D | val_sigcrypt.c | 449 sigalg[total] = algo; in algo_needs_init_dnskey_add()
453 sigalg[total] = 0; in algo_needs_init_dnskey_add()
463 while( (algo=*sigalg++) != 0) { in algo_needs_init_list()
473 int fav_ds_algo, uint8_t* sigalg) in algo_needs_init_ds() argument
489 sigalg[total] = algo; in algo_needs_init_ds()
493 sigalg[total] = 0; in algo_needs_init_ds()
646 if(sigalg) { in dnskeyset_verify_rrset()
647 algo_needs_init_list(&needs, sigalg); in dnskeyset_verify_rrset()
662 if(!sigalg) in dnskeyset_verify_rrset()
667 } else if(sigalg && sec == sec_status_bogus) { in dnskeyset_verify_rrset()
[all …]
|
| H A D | val_utils.h | 155 struct ub_packed_rrset_key* ds_rrset, uint8_t* sigalg, char** reason,
179 struct ub_packed_rrset_key* ta_dnskey, uint8_t* sigalg, char** reason,
|
| H A D | val_kentry.c | 305 struct ub_packed_rrset_key* rrset, uint8_t* sigalg, in key_entry_create_rrset() argument
326 if(sigalg) { in key_entry_create_rrset()
327 d->algo = (uint8_t*)regional_strdup(region, (char*)sigalg); in key_entry_create_rrset()
|
| H A D | val_kentry.h | 197 struct ub_packed_rrset_key* rrset, uint8_t* sigalg,
|
| /openbsd/lib/libkeynote/ |
| H A D | signature.c | 786 keynote_sign_assertion(struct assertion *as, char *sigalg, void *key, in keynote_sign_assertion() argument
811 alg = keynote_get_sig_algorithm(sigalg, &hashtype, &encoding, in keynote_sign_assertion()
828 sig = strchr(sigalg, ':'); in keynote_sign_assertion()
845 SHA1_Update(&shscontext, sigalg, (char *) sig - sigalg); in keynote_sign_assertion()
855 MD5_Update(&md5context, sigalg, (char *) sig - sigalg); in keynote_sign_assertion()
995 len = strlen(sigalg) + strlen(finalbuf) + 1; in keynote_sign_assertion()
1005 snprintf(as->as_signature, len, "%s%s", sigalg, finalbuf); in keynote_sign_assertion()
1064 if (sigalg == NULL || buf == NULL || key == NULL) in kn_sign_assertion()
1070 if (sigalg[0] == '\0' || sigalg[strlen(sigalg) - 1] != ':') in kn_sign_assertion()
1077 alg = keynote_get_sig_algorithm(sigalg, &hashtype, &encoding, in kn_sign_assertion()
[all …]
|
| /openbsd/usr.bin/ssh/ |
| H A D | serverloop.c | 641 const char *sigalg, *kex_rsa_sigalg = NULL; in server_input_hostkeys_prove() local
682 sigalg = NULL; in server_input_hostkeys_prove()
685 sigalg = kex_rsa_sigalg; in server_input_hostkeys_prove()
687 sigalg = "rsa-sha2-512"; in server_input_hostkeys_prove()
689 sigalg = "rsa-sha2-256"; in server_input_hostkeys_prove()
692 sshkey_type(key), ndx, sigalg == NULL ? "default" : sigalg); in server_input_hostkeys_prove()
699 sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), sigalg)) != 0 || in server_input_hostkeys_prove()
|
| H A D | monitor.c | 1160 char *sigalg = NULL, *fp = NULL; in mm_answer_keyverify() local
1169 (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0) in mm_answer_keyverify()
1177 if (*sigalg == '\0') { in mm_answer_keyverify()
1178 free(sigalg); in mm_answer_keyverify()
1179 sigalg = NULL; in mm_answer_keyverify()
1210 sigalg, ssh->compat, &sig_details); in mm_answer_keyverify()
1212 sshkey_type(key), sigalg == NULL ? "default" : sigalg, in mm_answer_keyverify()
1265 free(sigalg); in mm_answer_keyverify()
|
| H A D | kex.c | 259 const char *sigalg; in kex_set_server_sig_algs() local
275 if ((sigalg = sshkey_sigalg_by_name(alg)) == NULL) in kex_set_server_sig_algs()
277 if (!kex_has_any_alg(sigalg, sigalgs)) in kex_set_server_sig_algs()
281 kex_has_any_alg(sigalg, ssh->kex->server_sig_algs)) in kex_set_server_sig_algs()
283 xextendf(&ssh->kex->server_sig_algs, ",", "%s", sigalg); in kex_set_server_sig_algs()
|
| /openbsd/usr.sbin/unbound/testcode/ |
| H A D | unitverify.c | 159 setup_sigalg(struct ub_packed_rrset_key* dnskey, uint8_t* sigalg) in setup_sigalg() argument
168 sigalg[n++] = algo; in setup_sigalg()
171 sigalg[n] = 0; in setup_sigalg()
182 uint8_t sigalg[ALGO_NEEDS_MAX+1]; in verifytest_rrset() local
189 setup_sigalg(dnskey, sigalg); /* check all algorithms in the dnskey */ in verifytest_rrset()
191 sec = dnskeyset_verify_rrset(env, ve, rrset, dnskey, sigalg, &reason, NULL, in verifytest_rrset()
|
| /openbsd/lib/libcrypto/rsa/ |
| H A D | rsa_ameth.c | 506 rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig, in rsa_sig_print() argument
509 if (OBJ_obj2nid(sigalg->algorithm) == EVP_PKEY_RSA_PSS) { in rsa_sig_print()
511 RSA_PSS_PARAMS *pss = rsa_pss_decode(sigalg); in rsa_sig_print()
764 X509_ALGOR *sigalg, EVP_PKEY *pkey) in rsa_pss_to_ctx() argument
772 if (OBJ_obj2nid(sigalg->algorithm) != EVP_PKEY_RSA_PSS) { in rsa_pss_to_ctx()
777 pss = rsa_pss_decode(sigalg); in rsa_pss_to_ctx()
882 X509_ALGOR *sigalg, ASN1_BIT_STRING *sig, EVP_PKEY *pkey) in rsa_item_verify() argument
885 if (OBJ_obj2nid(sigalg->algorithm) != EVP_PKEY_RSA_PSS) { in rsa_item_verify()
889 if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) { in rsa_item_verify()
|
| /openbsd/lib/libcrypto/asn1/ |
| H A D | t_x509.c | 337 X509_signature_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig) in X509_signature_print() argument
342 if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) in X509_signature_print()
345 sig_nid = OBJ_obj2nid(sigalg->algorithm); in X509_signature_print()
352 return ameth->sig_print(bp, sigalg, sig, 9, 0); in X509_signature_print()
|