| /third_party/openssl/crypto/ocsp/ |
| D | ocsp_vfy.c | 33 X509 *signer, *x; in OCSP_basic_verify() local
37 int i, ret = ocsp_find_signer(&signer, bs, certs, flags); in OCSP_basic_verify()
53 skey = X509_get0_pubkey(signer); in OCSP_basic_verify()
81 init_res = X509_STORE_CTX_init(ctx, st, signer, untrusted); in OCSP_basic_verify()
141 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, in OCSP_resp_get0_signer() argument
146 ret = ocsp_find_signer(signer, bs, extra_certs, 0); in OCSP_resp_get0_signer()
153 X509 *signer; in ocsp_find_signer() local
155 if ((signer = ocsp_find_signer_sk(certs, rid))) { in ocsp_find_signer()
156 *psigner = signer; in ocsp_find_signer()
160 (signer = ocsp_find_signer_sk(bs->certs, rid))) { in ocsp_find_signer()
[all …]
|
| D | ocsp_srv.c | 178 X509 *signer, EVP_MD_CTX *ctx, in OCSP_basic_sign_ctx() argument
191 if (pkey == NULL || !X509_check_private_key(signer, pkey)) { in OCSP_basic_sign_ctx()
198 if (!OCSP_basic_add1_cert(brsp, signer)) in OCSP_basic_sign_ctx()
209 if (!OCSP_RESPID_set_by_key(rid, signer)) in OCSP_basic_sign_ctx()
211 } else if (!OCSP_RESPID_set_by_name(rid, signer)) { in OCSP_basic_sign_ctx()
233 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, in OCSP_basic_sign() argument
247 i = OCSP_basic_sign_ctx(brsp, signer, ctx, certs, flags); in OCSP_basic_sign()
|
| D | ocsp_cl.c | 97 X509 *signer, in OCSP_request_sign() argument
105 if (!OCSP_request_set1_name(req, X509_get_subject_name(signer))) in OCSP_request_sign()
111 if (!X509_check_private_key(signer, key)) { in OCSP_request_sign()
121 if (!OCSP_request_add1_cert(req, signer)) in OCSP_request_sign()
|
| /third_party/node/deps/npm/node_modules/http-signature/lib/ |
| D | index.js | 4 var signer = require('./signer'); variable
17 sign: signer.signRequest,
18 signRequest: signer.signRequest,
19 createSigner: signer.createSigner,
20 isSigner: signer.isSigner,
|
| /third_party/openssl/crypto/ts/ |
| D | ts_rsp_verify.c | 18 X509 *signer, STACK_OF(X509) **chain);
37 static int ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
96 X509 *signer; in TS_RESP_verify_signature() local
129 signer = sk_X509_value(signers, 0); in TS_RESP_verify_signature()
131 if (!ts_verify_cert(store, certs, signer, &chain)) in TS_RESP_verify_signature()
141 j = PKCS7_signatureVerify(p7bio, token, si, signer); in TS_RESP_verify_signature()
148 *signer_out = signer; in TS_RESP_verify_signature()
149 X509_up_ref(signer); in TS_RESP_verify_signature()
166 X509 *signer, STACK_OF(X509) **chain) in ts_verify_cert() argument
178 if (!X509_STORE_CTX_init(cert_ctx, store, signer, untrusted)) in ts_verify_cert()
[all …]
|
| /third_party/openssl/test/ |
| D | ocspapitest.c | 111 X509 *signer = NULL, *tmp; in test_resp_signer() local
124 || !TEST_true(get_cert_and_key(&signer, &key)) in test_resp_signer()
125 || !TEST_true(sk_X509_push(extra_certs, signer)) in test_resp_signer()
126 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer()
130 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer()
138 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer()
142 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer()
148 X509_free(signer); in test_resp_signer()
|
| /third_party/openssl/crypto/cms/ |
| D | cms_sd.c | 242 X509 *signer, EVP_PKEY *pk, const EVP_MD *md, in CMS_add1_signer() argument
249 if (!X509_check_private_key(signer, pk)) { in CMS_add1_signer()
261 X509_check_purpose(signer, -1, -1); in CMS_add1_signer()
263 X509_up_ref(signer); in CMS_add1_signer()
267 si->signer = signer; in CMS_add1_signer()
286 if (!cms_set1_SignerIdentifier(si->sid, signer, type)) in CMS_add1_signer()
362 if (!CMS_add1_cert(cms, signer)) in CMS_add1_signer()
453 if (si->signer) { in STACK_OF()
459 if (!sk_X509_push(signers, si->signer)) { in STACK_OF()
468 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer) in CMS_SignerInfo_set1_signer_cert() argument
[all …]
|
| /third_party/openssl/crypto/pkcs7/ |
| D | pk7_smime.c | 208 X509 *signer; in PKCS7_verify() local
265 signer = sk_X509_value(signers, k); in PKCS7_verify()
267 if (!X509_STORE_CTX_init(cert_ctx, store, signer, in PKCS7_verify()
273 } else if (!X509_STORE_CTX_init(cert_ctx, store, signer, NULL)) { in PKCS7_verify()
350 signer = sk_X509_value(signers, i); in PKCS7_verify()
351 j = PKCS7_signatureVerify(p7bio, p7, si, signer); in PKCS7_verify()
379 X509 *signer; in STACK_OF() local
409 signer = NULL; in STACK_OF()
412 signer = X509_find_by_issuer_and_serial(certs, in STACK_OF()
414 if (!signer && !(flags & PKCS7_NOINTERN) in STACK_OF()
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/src/tls/ |
| D | tlsv1_client_ocsp.c | 50 static int ocsp_responder_id_match(struct x509_certificate *signer, in ocsp_responder_id_match() argument
55 const u8 *addr[1] = { signer->public_key }; in ocsp_responder_id_match()
56 size_t len[1] = { signer->public_key_len }; in ocsp_responder_id_match()
63 return x509_name_compare(&signer->subject, name) == 0; in ocsp_responder_id_match()
356 struct x509_certificate *issuer, *signer; in tls_process_basic_ocsp_response() local
595 signer = issuer; in tls_process_basic_ocsp_response()
597 for (signer = certs; signer; signer = signer->next) { in tls_process_basic_ocsp_response()
598 if (!ocsp_responder_id_match(signer, &name, key_hash) || in tls_process_basic_ocsp_response()
601 !(signer->ext_key_usage & in tls_process_basic_ocsp_response()
603 x509_certificate_check_signature(issuer, signer) < in tls_process_basic_ocsp_response()
[all …]
|
| /third_party/openssl/doc/man3/ |
| D | CMS_get0_SignerInfos.pod | 8 - CMS signedData signer functions
20 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
27 CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier
37 CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
42 B<signer>.
52 CMS. It will then obtain the signer certificate by some unspecified means
56 Once all signer certificates have been set CMS_verify() can be used.
|
| D | PKCS7_verify.pod | 20 the signer's certificate. B<store> is a trusted certificate store (used for
28 PKCS7_get0_signers() retrieves the signer's certificates from B<p7>, it does
45 An attempt is made to locate all the signer's certificates, first looking in
47 contained in the B<p7> structure itself. If any signer's certificates cannot be
50 Each signer's certificate is chain verified using the B<smimesign> purpose and
64 searched when locating the signer's certificate. This means that all the signers
71 If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
75 the signer's certificate) must be contained in the trusted store.
83 in the B<certs> parameter. In this case if the signer is not one of the
85 signer cannot be found.
[all …]
|
| D | PKCS7_sign_add_signer.pod | 5 PKCS7_sign_add_signer - add a signer PKCS7 signed data structure
17 PKCS7_sign_add_signer() adds a signer with certificate B<signcert> and private
44 digest value from the PKCS7 structure: to add a signer to an existing structure.
53 If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
54 PKCS7 structure, the signer's certificate must still be supplied in the
|
| D | OCSP_resp_find_status.pod | 44 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
120 signed and that the signer certificate can be validated. It takes B<st> as
122 The function first tries to find the signer certificate of the response
125 It fails if the signer certificate cannot be found.
128 success if the B<flags> contain B<OCSP_NOVERIFY> or if the signer certificate
130 Otherwise the function continues by validating the signer certificate.
133 signer certificate unless the B<OCSP_NOCHAIN> flag is set. After successful path
135 Otherwise it verifies that the signer certificate meets the OCSP issuer
|
| D | CMS_add1_signer.pod | 5 CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure
19 CMS_add1_signer() adds a signer with certificate B<signcert> and private
51 digest value from the CMS_ContentInfo structure: to add a signer to an existing
61 If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
62 CMS_ContentInfo structure, the signer's certificate must still be supplied in
|
| D | OCSP_response_status.pod | 23 int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
26 int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
59 OCSP_basic_sign() signs OCSP response B<brsp> using certificate B<signer>, private key
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9/src/tls/ |
| D | tlsv1_client_ocsp.c | 50 static int ocsp_responder_id_match(struct x509_certificate *signer, in ocsp_responder_id_match() argument
55 const u8 *addr[1] = { signer->public_key }; in ocsp_responder_id_match()
56 size_t len[1] = { signer->public_key_len }; in ocsp_responder_id_match()
63 return x509_name_compare(&signer->subject, name) == 0; in ocsp_responder_id_match()
365 struct x509_certificate *issuer, *signer; in tls_process_basic_ocsp_response() local
626 signer = issuer; in tls_process_basic_ocsp_response()
628 for (signer = certs; signer; signer = signer->next) { in tls_process_basic_ocsp_response()
629 if (!ocsp_responder_id_match(signer, &name, key_hash) || in tls_process_basic_ocsp_response()
632 !(signer->ext_key_usage & in tls_process_basic_ocsp_response()
634 x509_certificate_check_signature(issuer, signer) < in tls_process_basic_ocsp_response()
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/src/crypto/ |
| D | tls_openssl_ocsp.c | 506 X509 *signer, *tmp_cert; in check_ocsp_resp() local
616 signer = ocsp_find_signer(certs, rd->responderID); in check_ocsp_resp()
617 if (!signer) in check_ocsp_resp()
618 signer = ocsp_find_signer(untrusted, rd->responderID); in check_ocsp_resp()
621 if (!signer) { in check_ocsp_resp()
627 skey = X509_get_pubkey(signer); in check_ocsp_resp()
641 X509_NAME_oneline(X509_get_subject_name(signer), buf, sizeof(buf)); in check_ocsp_resp()
646 if (!X509_STORE_CTX_init(&ctx, store, signer, untrusted)) in check_ocsp_resp()
664 X509_check_purpose(signer, -1, 0); in check_ocsp_resp()
665 if ((signer->ex_flags & EXFLAG_XKUSAGE) && in check_ocsp_resp()
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9/src/crypto/ |
| D | tls_openssl_ocsp.c | 506 X509 *signer, *tmp_cert; in check_ocsp_resp() local
616 signer = ocsp_find_signer(certs, rd->responderID); in check_ocsp_resp()
617 if (!signer) in check_ocsp_resp()
618 signer = ocsp_find_signer(untrusted, rd->responderID); in check_ocsp_resp()
621 if (!signer) { in check_ocsp_resp()
627 skey = X509_get_pubkey(signer); in check_ocsp_resp()
641 X509_NAME_oneline(X509_get_subject_name(signer), buf, sizeof(buf)); in check_ocsp_resp()
646 if (!X509_STORE_CTX_init(&ctx, store, signer, untrusted)) in check_ocsp_resp()
664 X509_check_purpose(signer, -1, 0); in check_ocsp_resp()
665 if ((signer->ex_flags & EXFLAG_XKUSAGE) && in check_ocsp_resp()
[all …]
|
| /third_party/openssl/doc/man1/ |
| D | smime.pod | 54 [B<-signer file>]
237 When signing a message the signer's certificate is normally included
273 =item B<-signer file>
276 used multiple times if more than one signer is required. If a message is being
290 the B<-recip> or B<-signer> file. When signing this option can be used
354 This version of the program only allows one signer per message but it
364 signer. This means that attributes must be present in at least one existing
365 signer using the same message digest or this operation will fail.
413 -signer mycert.pem
418 -signer mycert.pem
[all …]
|
| D | cms.pod | 83 [B<-signer file>]
327 When signing a message the signer's certificate is normally included
381 =item B<-signer file>
384 used multiple times if more than one signer is required. If a message is being
455 the B<-recip> or B<-signer> file. When signing this option can be used
524 This version of the program only allows one signer per message but it
534 signer. This means that attributes must be present in at least one existing
535 signer using the same message digest or this operation will fail.
615 -signer mycert.pem
620 -signer mycert.pem
[all …]
|
| /third_party/node/deps/npm/node_modules/sshpk/bin/ |
| D | sshpk-sign | 109 var signer;
111 signer = key.createSign(hash);
160 inFile.pipe(signer);
164 sig = signer.sign();
|
| /third_party/node/deps/npm/node_modules/sshpk/lib/formats/ |
| D | openssh-cert.js | 187 var signer = key.createSign(hashAlgo);
188 signer.write(blob);
189 sig.signature = signer.sign();
193 function signAsync(cert, signer, done) { argument
205 signer(blob, function (err, signature) {
|
| /third_party/openssl/apps/ |
| D | smime.c | 119 X509 *cert = NULL, *recip = NULL, *signer = NULL; in smime_main() local
518 signer = load_cert(signerfile, FORMAT_PEM, in smime_main()
520 if (signer == NULL) in smime_main()
525 if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags)) in smime_main()
527 X509_free(signer); in smime_main()
528 signer = NULL; in smime_main()
605 X509_free(signer); in smime_main()
|
| D | ts.c | 51 const EVP_MD *md, const char *signer, const char *chain,
57 const char *inkey, const EVP_MD *md, const char *signer,
160 char *inkey = NULL, *signer = NULL, *chain = NULL, *CApath = NULL; in ts_main() local
245 signer = opt_arg(); in ts_main()
305 password, inkey, md, signer, chain, policy, in ts_main()
558 const EVP_MD *md, const char *signer, const char *chain, in reply_command() argument
580 passin, inkey, md, signer, chain, policy); in reply_command()
666 const char *inkey, const EVP_MD *md, const char *signer, in create_response() argument
686 if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) in create_response()
|
| /third_party/openssl/include/openssl/ |
| D | ocsp.h | 188 X509 *signer,
199 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
251 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
254 X509 *signer, EVP_MD_CTX *ctx,
|