| /openbsd/usr.sbin/rpki-client/ |
| H A D | gbr.c | 44 cms = cms_parse_validate(x509, fn, der, len, gbr_oid, &cmsz, &signtime); in gbr_parse()
55 if (!x509_get_aia(*x509, fn, &gbr->aia)) in gbr_parse()
57 if (!x509_get_aki(*x509, fn, &gbr->aki)) in gbr_parse()
59 if (!x509_get_sia(*x509, fn, &gbr->sia)) in gbr_parse()
61 if (!x509_get_ski(*x509, fn, &gbr->ski)) in gbr_parse()
70 if (!x509_get_notbefore(*x509, fn, &gbr->notbefore)) in gbr_parse()
72 if (!x509_get_notafter(*x509, fn, &gbr->notafter)) in gbr_parse()
75 if (!x509_inherits(*x509)) { in gbr_parse()
80 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) in gbr_parse()
87 X509_free(*x509); in gbr_parse()
[all …]
|
| H A D | parser.c | 188 X509_free(x509); in proc_parser_roa()
189 x509 = NULL; in proc_parser_roa()
199 X509_free(x509); in proc_parser_roa()
230 X509_free(x509); in proc_parser_spl()
231 x509 = NULL; in proc_parser_spl()
355 X509 *x509; in proc_parser_mft_pre() local
398 x509 = NULL; in proc_parser_mft_pre()
646 return X509_cmp(cert1->x509, cert2->x509) != 0; in proc_parser_ta_cmp()
731 x509 = NULL; in proc_parser_gbr()
770 x509 = NULL; in proc_parser_aspa()
[all …]
|
| H A D | filemode.c | 342 X509 *x509 = NULL; in proc_parser_file() local
423 x509 = cert->x509; in proc_parser_file()
576 aspa_print(x509, aspa); in proc_parser_file()
582 gbr_print(x509, gbr); in proc_parser_file()
588 mft_print(x509, mft); in proc_parser_file()
591 roa_print(x509, roa); in proc_parser_file()
594 rsc_print(x509, rsc); in proc_parser_file()
597 spl_print(x509, spl); in proc_parser_file()
600 tak_print(x509, tak); in proc_parser_file()
643 if (x509 == NULL) in proc_parser_file()
[all …]
|
| H A D | geofeed.c | 98 geofeed_parse(X509 **x509, const char *fn, int talid, char *buf, size_t len) in geofeed_parse() argument
226 if (!cms_parse_validate_detached(x509, fn, der, dersz, geofeed_oid, in geofeed_parse()
230 if (!x509_get_aia(*x509, fn, &geofeed->aia)) in geofeed_parse()
232 if (!x509_get_aki(*x509, fn, &geofeed->aki)) in geofeed_parse()
234 if (!x509_get_ski(*x509, fn, &geofeed->ski)) in geofeed_parse()
243 if (!x509_get_notbefore(*x509, fn, &geofeed->notbefore)) in geofeed_parse()
245 if (!x509_get_notafter(*x509, fn, &geofeed->notafter)) in geofeed_parse()
248 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) in geofeed_parse()
251 if (x509_any_inherits(*x509)) { in geofeed_parse()
268 X509_free(*x509); in geofeed_parse()
[all …]
|
| H A D | tak.c | 215 cms = cms_parse_validate(x509, fn, der, len, tak_oid, &cmsz, &signtime); in tak_parse()
223 if (!x509_get_aia(*x509, fn, &tak->aia)) in tak_parse()
225 if (!x509_get_aki(*x509, fn, &tak->aki)) in tak_parse()
227 if (!x509_get_sia(*x509, fn, &tak->sia)) in tak_parse()
229 if (!x509_get_ski(*x509, fn, &tak->ski)) in tak_parse()
238 if (!x509_get_notbefore(*x509, fn, &tak->notbefore)) in tak_parse()
240 if (!x509_get_notafter(*x509, fn, &tak->notafter)) in tak_parse()
243 if (!x509_inherits(*x509)) { in tak_parse()
251 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) in tak_parse()
264 X509_free(*x509); in tak_parse()
[all …]
|
| H A D | aspa.c | 174 cms = cms_parse_validate(x509, fn, der, len, aspa_oid, &cmsz, in aspa_parse()
184 if (!x509_get_aia(*x509, fn, &aspa->aia)) in aspa_parse()
186 if (!x509_get_aki(*x509, fn, &aspa->aki)) in aspa_parse()
188 if (!x509_get_sia(*x509, fn, &aspa->sia)) in aspa_parse()
190 if (!x509_get_ski(*x509, fn, &aspa->ski)) in aspa_parse()
204 if (!x509_get_notbefore(*x509, fn, &aspa->notbefore)) in aspa_parse()
206 if (!x509_get_notafter(*x509, fn, &aspa->notafter)) in aspa_parse()
209 if (x509_any_inherits(*x509)) { in aspa_parse()
217 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) in aspa_parse()
227 X509_free(*x509); in aspa_parse()
[all …]
|
| H A D | rsc.c | 392 cms = cms_parse_validate(x509, fn, der, len, rsc_oid, &cmsz, in rsc_parse()
401 if (!x509_get_aia(*x509, fn, &rsc->aia)) in rsc_parse()
403 if (!x509_get_aki(*x509, fn, &rsc->aki)) in rsc_parse()
405 if (!x509_get_ski(*x509, fn, &rsc->ski)) in rsc_parse()
413 if (!x509_get_notbefore(*x509, fn, &rsc->notbefore)) in rsc_parse()
415 if (!x509_get_notafter(*x509, fn, &rsc->notafter)) in rsc_parse()
418 if (X509_get_ext_by_NID(*x509, NID_sinfo_access, -1) != -1) { in rsc_parse()
423 if (x509_any_inherits(*x509)) { in rsc_parse()
431 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) in rsc_parse()
441 X509_free(*x509); in rsc_parse()
[all …]
|
| H A D | roa.c | 248 cms = cms_parse_validate(x509, fn, der, len, roa_oid, &cmsz, &signtime); in roa_parse()
256 if (!x509_get_aia(*x509, fn, &roa->aia)) in roa_parse()
258 if (!x509_get_aki(*x509, fn, &roa->aki)) in roa_parse()
260 if (!x509_get_sia(*x509, fn, &roa->sia)) in roa_parse()
262 if (!x509_get_ski(*x509, fn, &roa->ski)) in roa_parse()
271 if (!x509_get_notbefore(*x509, fn, &roa->notbefore)) in roa_parse()
273 if (!x509_get_notafter(*x509, fn, &roa->notafter)) in roa_parse()
279 if (x509_any_inherits(*x509)) { in roa_parse()
284 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) in roa_parse()
308 X509_free(*x509); in roa_parse()
[all …]
|
| H A D | spl.c | 255 cms = cms_parse_validate(x509, fn, der, len, spl_oid, &cmsz, &signtime); in spl_parse()
263 if (!x509_get_aia(*x509, fn, &spl->aia)) in spl_parse()
265 if (!x509_get_aki(*x509, fn, &spl->aki)) in spl_parse()
267 if (!x509_get_sia(*x509, fn, &spl->sia)) in spl_parse()
269 if (!x509_get_ski(*x509, fn, &spl->ski)) in spl_parse()
278 if (!x509_get_notbefore(*x509, fn, &spl->notbefore)) in spl_parse()
280 if (!x509_get_notafter(*x509, fn, &spl->notafter)) in spl_parse()
286 if (x509_any_inherits(*x509)) { in spl_parse()
291 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) in spl_parse()
315 X509_free(*x509); in spl_parse()
[all …]
|
| H A D | mft.c | 429 cms = cms_parse_validate(x509, fn, der, len, mft_oid, &cmsz, &signtime); in mft_parse()
432 assert(*x509 != NULL); in mft_parse()
438 if (!x509_get_aia(*x509, fn, &mft->aia)) in mft_parse()
440 if (!x509_get_aki(*x509, fn, &mft->aki)) in mft_parse()
442 if (!x509_get_sia(*x509, fn, &mft->sia)) in mft_parse()
444 if (!x509_get_ski(*x509, fn, &mft->ski)) in mft_parse()
453 if (!x509_inherits(*x509)) { in mft_parse()
459 if (!x509_get_crl(*x509, fn, &crldp)) in mft_parse()
485 if ((cert = cert_parse_ee_cert(fn, talid, *x509)) == NULL) in mft_parse()
499 X509_free(*x509); in mft_parse()
[all …]
|
| H A D | validate.c | 318 assert(a->cert->x509 != NULL); in build_chain()
320 if (!sk_X509_push(*root, a->cert->x509)) in build_chain()
324 if (!sk_X509_push(*intermediates, a->cert->x509)) in build_chain()
352 pretty_revocation_time(X509 *x509, X509_CRL *crl, const char **errstr) in pretty_revocation_time() argument
359 if (X509_CRL_get0_by_cert(crl, &revoked, x509) != 1) in pretty_revocation_time()
376 valid_x509(char *file, X509_STORE_CTX *store_ctx, X509 *x509, struct auth *a, in valid_x509() argument
391 assert(x509 != NULL); in valid_x509()
392 if (!X509_STORE_CTX_init(store_ctx, NULL, x509, NULL)) in valid_x509()
422 pretty_revocation_time(x509, crl->x509_crl, errstr); in valid_x509()
|
| /openbsd/lib/libssl/ |
| H A D | ssl_seclevel.c | 305 ssl_cert_pubkey_security_bits(const X509 *x509) in ssl_cert_pubkey_security_bits() argument
309 if ((pkey = X509_get0_pubkey(x509)) == NULL) in ssl_cert_pubkey_security_bits()
320 security_bits = ssl_cert_pubkey_security_bits(x509); in ssl_security_cert_key()
323 return ssl_security(ssl, secop, security_bits, 0, x509); in ssl_security_cert_key()
364 if ((X509_get_extension_flags(x509) & EXFLAG_SS) != 0) in ssl_security_cert_sig()
395 if (!ssl_security_cert_key(ctx, ssl, x509, operation)) { in ssl_security_cert()
420 if (x509 == NULL) { in ssl_security_cert_chain()
421 x509 = sk_X509_value(sk, 0); in ssl_security_cert_chain()
426 if (!ssl_security_cert(NULL, ssl, x509, is_ee, out_error)) in ssl_security_cert_chain()
431 x509 = sk_X509_value(sk, i); in ssl_security_cert_chain()
[all …]
|
| H A D | ssl_cert.c | 213 if (cert->pkeys[i].x509 != NULL) { in ssl_cert_dup()
214 ret->pkeys[i].x509 = cert->pkeys[i].x509; in ssl_cert_dup()
215 X509_up_ref(ret->pkeys[i].x509); in ssl_cert_dup()
266 X509_free(ret->pkeys[i].x509); in ssl_cert_dup()
290 X509_free(c->pkeys[i].x509); in ssl_cert_free()
312 X509 *x509; in ssl_cert_set0_chain() local
323 x509 = sk_X509_value(chain, i); in ssl_cert_set0_chain()
324 if (!ssl_security_cert(ctx, ssl, x509, 0, &ssl_err)) { in ssl_cert_set0_chain()
|
| /openbsd/lib/libcrypto/x509/ |
| H A D | x509_siginfo.c | 28 x509_find_sigid_algs(const X509 *x509, int *out_md_nid, int *out_pkey_nid) in x509_find_sigid_algs() argument
36 X509_ALGOR_get0(&aobj, NULL, NULL, x509->sig_alg); in x509_find_sigid_algs()
44 X509_get_signature_info(X509 *x509, int *out_md_nid, int *out_pkey_nid, in X509_get_signature_info() argument
60 if (!x509v3_cache_extensions(x509)) in X509_get_signature_info()
63 if (!x509_find_sigid_algs(x509, &md_nid, &pkey_nid)) in X509_get_signature_info()
78 if (!ameth->signature_info(x509->sig_alg, &md_nid, &pkey_nid, in X509_get_signature_info()
|
| H A D | x509_cmp.c | 321 X509 x, *x509 = NULL; in X509_find_by_issuer_and_serial() local
331 x509 = sk_X509_value(sk, i); in X509_find_by_issuer_and_serial()
332 if (X509_issuer_and_serial_cmp(x509, &x) == 0) in X509_find_by_issuer_and_serial()
333 return (x509); in X509_find_by_issuer_and_serial()
342 X509 *x509; in X509_find_by_subject() local
346 x509 = sk_X509_value(sk, i); in X509_find_by_subject()
347 if (X509_NAME_cmp(X509_get_subject_name(x509), name) == 0) in X509_find_by_subject()
348 return (x509); in X509_find_by_subject()
|
| H A D | x509_lu.c | 131 return X509_subject_name_cmp((*a)->data.x509, (*b)->data.x509); in x509_object_cmp()
193 X509_free(a->data.x509); in X509_OBJECT_free()
378 obj->data.x509 = x; in X509_STORE_add_cert()
412 return X509_up_ref(a->data.x509); in X509_OBJECT_up_ref_count()
441 stmp.data.x509 = &x509_s; in x509_object_idx_cnt()
496 return xo->data.x509; in X509_OBJECT_get0_X509()
530 x = obj->data.x509; in STACK_OF()
642 if (!X509_cmp(obj->data.x509, x->data.x509)) in X509_OBJECT_retrieve_match()
716 X509_get_subject_name(pobj->data.x509))) in X509_STORE_CTX_get1_issuer()
718 if (ctx->check_issued(ctx, x, pobj->data.x509)) { in X509_STORE_CTX_get1_issuer()
[all …]
|
| H A D | x_all.c | 79 d2i_X509_bio(BIO *bp, X509 **x509) in d2i_X509_bio() argument
81 return ASN1_item_d2i_bio(&X509_it, bp, x509); in d2i_X509_bio()
86 i2d_X509_bio(BIO *bp, X509 *x509) in i2d_X509_bio() argument
88 return ASN1_item_i2d_bio(&X509_it, bp, x509); in i2d_X509_bio()
93 d2i_X509_fp(FILE *fp, X509 **x509) in d2i_X509_fp() argument
95 return ASN1_item_d2i_fp(&X509_it, fp, x509); in d2i_X509_fp()
100 i2d_X509_fp(FILE *fp, X509 *x509) in i2d_X509_fp() argument
102 return ASN1_item_i2d_fp(&X509_it, fp, x509); in i2d_X509_fp()
|
| /openbsd/lib/libcrypto/pkcs7/ |
| H A D | pk7_lib.c | 306 PKCS7_add_certificate(PKCS7 *p7, X509 *x509) in PKCS7_add_certificate() argument
330 CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509); in PKCS7_add_certificate()
331 if (!sk_X509_push(*sk, x509)) { in PKCS7_add_certificate()
332 X509_free(x509); in PKCS7_add_certificate()
385 X509_get_issuer_name(x509))) in PKCS7_SIGNER_INFO_set()
443 if (!PKCS7_SIGNER_INFO_set(si, x509, pkey, dgst)) in PKCS7_add_signature()
509 PKCS7_add_recipient(PKCS7 *p7, X509 *x509) in PKCS7_add_recipient() argument
515 if (!PKCS7_RECIP_INFO_set(ri, x509)) in PKCS7_add_recipient()
560 X509_get_issuer_name(x509))) in PKCS7_RECIP_INFO_set()
568 pkey = X509_get_pubkey(x509); in PKCS7_RECIP_INFO_set()
[all …]
|
| /openbsd/usr.sbin/relayd/ |
| H A D | ssl.c | 180 X509 *x509 = NULL; in ssl_load_pkey() local
189 if ((x509 = PEM_read_bio_X509(in, NULL, in ssl_load_pkey()
194 if ((pkey = X509_get_pubkey(x509)) == NULL) { in ssl_load_pkey()
206 hash_x509(x509, hash, TLS_CERT_HASH_SIZE); in ssl_load_pkey()
215 *x509ptr = x509; in ssl_load_pkey()
217 X509_free(x509); in ssl_load_pkey()
228 if (x509 != NULL) in ssl_load_pkey()
229 X509_free(x509); in ssl_load_pkey()
|
| /openbsd/lib/libcrypto/pkcs12/ |
| H A D | p12_kiss.c | 229 X509 *x509; in parse_bag() local
262 if (!(x509 = PKCS12_certbag2x509(bag))) in parse_bag()
264 if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) { in parse_bag()
265 X509_free(x509); in parse_bag()
273 r = X509_alias_set1(x509, data, len); in parse_bag()
276 X509_free(x509); in parse_bag()
282 if (!sk_X509_push(ocerts, x509)) { in parse_bag()
283 X509_free(x509); in parse_bag()
|
| /openbsd/regress/usr.sbin/rpki-client/ |
| H A D | Makefile.inc | 29 SRCS_test-ip += test-ip.c ip.c io.c encoding.c print.c x509.c \
39 SRCS_test-cert+= test-cert.c cert.c cms.c crl.c x509.c ip.c as.c io.c \
52 SRCS_test-roa+= test-roa.c roa.c cms.c x509.c ip.c as.c io.c json.c \
58 SRCS_test-rsc+= test-rsc.c rsc.c cms.c x509.c ip.c as.c io.c \
64 SRCS_test-gbr+= test-gbr.c gbr.c cms.c crl.c x509.c ip.c io.c \
70 SRCS_test-geofeed+= test-geofeed.c geofeed.c cms.c x509.c ip.c io.c \
77 encoding.c print.c crl.c x509.c json.c cert.c as.c mft.c \
82 SRCS_test-aspa+= test-aspa.c aspa.c cms.c x509.c ip.c as.c io.c \
88 SRCS_test-tak+= test-tak.c tak.c cms.c x509.c ip.c as.c io.c \
94 SRCS_test-spl+= test-spl.c spl.c cms.c x509.c ip.c as.c io.c \
[all …]
|
| /openbsd/regress/lib/libcrypto/certs/ |
| H A D | verify_test.go | 72 cert, err := x509.ParseCertificate(block.Bytes)
77 roots := x509.NewCertPool()
81 intermediates := x509.NewCertPool()
88 opts := x509.VerifyOptions{
|
| /openbsd/lib/libcrypto/pem/ |
| H A D | pem_info.c | 137 if (xi->x509 != NULL) { in STACK_OF()
143 pp = &(xi->x509); in STACK_OF()
146 if (xi->x509 != NULL) { in STACK_OF()
152 pp = &(xi->x509); in STACK_OF()
269 if ((xi->x509 != NULL) || (xi->crl != NULL) || in STACK_OF()
371 if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp, xi->x509) <= 0)) in PEM_X509_INFO_write_bio()
|
| /openbsd/regress/lib/libssl/certs/ |
| H A D | make-certs.sh | 108 openssl req -new -days 3650 -nodes ${key_args} -sha256 -x509 \
122 openssl x509 -req -days 3650 -CA "${TMPDIR}/${issuer_file}.crt" \
136 openssl x509 -req -days 3650 -CA "${TMPDIR}/${issuer_file}.crt" \
165 openssl x509 -req -days 3650 -CA "${TMPDIR}/${issuer_file}.crt" \
187 openssl x509 -nameopt oneline -subject -issuer \
200 openssl x509 -nameopt oneline -subject -issuer -noout \
|
| /openbsd/regress/lib/libssl/interop/ |
| H A D | Makefile.inc | 48 -nodes -newkey rsa -keyout ${@:R}.key -x509 -out $@
53 -nodes -newkey rsa -keyout ${@:R}.key -x509 -out $@
61 openssl x509 -CAcreateserial -CAkey ca.key -CA ca.crt \
82 openssl x509 -CAcreateserial -CAkey ca.key -CA ca.crt \
|