| /third_party/openssl/test/recipes/80-test_cmp_http_data/ |
| D | test_credentials.csv | 3 …red, -section,, -ref,_PBM_REF, -secret,_PBM_SECRET, -cert,root.crt, -key,signer.p12, -keypass,pass…
6 0,wrong secret - correct cert, -section,,BLANK,, -secret,pass:wrong, -cert,signer.crt, -key,signer.…
9 1,empty ref but correct cert, -section,, -ref,"""",BLANK,, -cert,signer.crt, -key,signer.p12, -keyp…
10 1,wrong ref but correct cert, -section,, -ref,wrong,BLANK,, -cert,signer.crt, -key,signer.p12, -key…
12 1,valid cert and key and keypass, -section,,BLANK,,-secret,"""", -cert,signer.crt, -key,signer.p12,…
13 0,cert missing arg, -section,,BLANK,,BLANK,, -cert,, -key,signer.p12, -keypass,pass:12345,BLANK,,BL…
14 0,key missing arg, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,, -keypass,pass:12345,BLANK,,BLA…
15 0,keypass missing arg, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,,BLANK,…
16 0,keypass empty string, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:,…
17 1,keypass no prefix, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,12345,BLA…
[all …]
|
| D | test_commands.csv | 50 1,geninfo, -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,BLANK,, -gen…
51 0,geninfo missing argument, -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:1…
52 0,geninfo bad syntax: leading '.', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass…
53 0,geninfo bad syntax: missing ':', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass…
54 0,geninfo bad syntax: double ':', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,…
55 0,geninfo bad syntax: missing ':int', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keyp…
|
| /third_party/openssl/crypto/ocsp/ |
| D | ocsp_vfy.c | 30 static int ocsp_verify_signer(X509 *signer, int response, in ocsp_verify_signer() argument
42 if (!X509_STORE_CTX_init(ctx, st, signer, untrusted)) { in ocsp_verify_signer()
51 && X509_get_ext_by_NID(signer, NID_id_pkix_OCSP_noCheck, -1) >= 0) in ocsp_verify_signer()
77 X509 *signer, unsigned long flags) in ocsp_verify() argument
83 if ((skey = X509_get0_pubkey(signer)) == NULL) { in ocsp_verify()
88 ret = OCSP_REQUEST_verify(req, skey, signer->libctx, signer->propq); in ocsp_verify()
90 ret = OCSP_BASICRESP_verify(bs, skey, signer->libctx, signer->propq); in ocsp_verify()
101 X509 *signer, *x; in OCSP_basic_verify() local
104 int ret = ocsp_find_signer(&signer, bs, certs, flags); in OCSP_basic_verify()
113 if ((ret = ocsp_verify(NULL, bs, signer, flags)) <= 0) in OCSP_basic_verify()
[all …]
|
| D | ocsp_srv.c | 168 X509 *signer, EVP_MD_CTX *ctx, in OCSP_basic_sign_ctx() argument
180 if (pkey == NULL || !X509_check_private_key(signer, pkey)) { in OCSP_basic_sign_ctx()
186 if (!OCSP_basic_add1_cert(brsp, signer) in OCSP_basic_sign_ctx()
193 if (!OCSP_RESPID_set_by_key(rid, signer)) in OCSP_basic_sign_ctx()
195 } else if (!OCSP_RESPID_set_by_name(rid, signer)) { in OCSP_basic_sign_ctx()
216 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, in OCSP_basic_sign() argument
227 signer->libctx, signer->propq, key, NULL)) { in OCSP_basic_sign()
231 i = OCSP_basic_sign_ctx(brsp, signer, ctx, certs, flags); in OCSP_basic_sign()
|
| D | ocsp_cl.c | 81 X509 *signer, in OCSP_request_sign() argument
86 if (!OCSP_request_set1_name(req, X509_get_subject_name(signer))) in OCSP_request_sign()
92 if (!X509_check_private_key(signer, key)) { in OCSP_request_sign()
97 if (!OCSP_REQUEST_sign(req, key, dgst, signer->libctx, signer->propq)) in OCSP_request_sign()
102 if (!OCSP_request_add1_cert(req, signer) in OCSP_request_sign()
|
| /third_party/node/deps/openssl/openssl/crypto/ocsp/ |
| D | ocsp_vfy.c | 30 static int ocsp_verify_signer(X509 *signer, int response, in ocsp_verify_signer() argument
42 if (!X509_STORE_CTX_init(ctx, st, signer, untrusted)) { in ocsp_verify_signer()
51 && X509_get_ext_by_NID(signer, NID_id_pkix_OCSP_noCheck, -1) >= 0) in ocsp_verify_signer()
77 X509 *signer, unsigned long flags) in ocsp_verify() argument
83 if ((skey = X509_get0_pubkey(signer)) == NULL) { in ocsp_verify()
88 ret = OCSP_REQUEST_verify(req, skey, signer->libctx, signer->propq); in ocsp_verify()
90 ret = OCSP_BASICRESP_verify(bs, skey, signer->libctx, signer->propq); in ocsp_verify()
101 X509 *signer, *x; in OCSP_basic_verify() local
104 int ret = ocsp_find_signer(&signer, bs, certs, flags); in OCSP_basic_verify()
113 if ((ret = ocsp_verify(NULL, bs, signer, flags)) <= 0) in OCSP_basic_verify()
[all …]
|
| D | ocsp_srv.c | 168 X509 *signer, EVP_MD_CTX *ctx, in OCSP_basic_sign_ctx() argument
180 if (pkey == NULL || !X509_check_private_key(signer, pkey)) { in OCSP_basic_sign_ctx()
186 if (!OCSP_basic_add1_cert(brsp, signer) in OCSP_basic_sign_ctx()
193 if (!OCSP_RESPID_set_by_key(rid, signer)) in OCSP_basic_sign_ctx()
195 } else if (!OCSP_RESPID_set_by_name(rid, signer)) { in OCSP_basic_sign_ctx()
216 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, in OCSP_basic_sign() argument
227 signer->libctx, signer->propq, key, NULL)) { in OCSP_basic_sign()
231 i = OCSP_basic_sign_ctx(brsp, signer, ctx, certs, flags); in OCSP_basic_sign()
|
| D | ocsp_cl.c | 81 X509 *signer, in OCSP_request_sign() argument
86 if (!OCSP_request_set1_name(req, X509_get_subject_name(signer))) in OCSP_request_sign()
92 if (!X509_check_private_key(signer, key)) { in OCSP_request_sign()
97 if (!OCSP_REQUEST_sign(req, key, dgst, signer->libctx, signer->propq)) in OCSP_request_sign()
102 if (!OCSP_request_add1_cert(req, signer) in OCSP_request_sign()
|
| /third_party/mbedtls/library/ |
| D | pkcs7.c | 255 static void pkcs7_free_signer_info(mbedtls_pkcs7_signer_info *signer) in pkcs7_free_signer_info() argument
260 if (signer == NULL) { in pkcs7_free_signer_info()
264 name_cur = signer->issuer.next; in pkcs7_free_signer_info()
270 signer->issuer.next = NULL; in pkcs7_free_signer_info()
290 mbedtls_pkcs7_signer_info *signer, in pkcs7_get_signer_info() argument
305 ret = pkcs7_get_version(p, end_signer, &signer->version); in pkcs7_get_signer_info()
318 signer->issuer_raw.p = *p; in pkcs7_get_signer_info()
326 ret = mbedtls_x509_get_name(p, *p + len, &signer->issuer); in pkcs7_get_signer_info()
331 signer->issuer_raw.len = *p - signer->issuer_raw.p; in pkcs7_get_signer_info()
333 ret = mbedtls_x509_get_serial(p, end_issuer_and_sn, &signer->serial); in pkcs7_get_signer_info()
[all …]
|
| /third_party/openssl/crypto/ts/ |
| D | ts_rsp_verify.c | 20 X509 *signer, STACK_OF(X509) **chain);
37 static int ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
95 X509 *signer; in TS_RESP_verify_signature() local
128 signer = sk_X509_value(signers, 0); in TS_RESP_verify_signature()
136 if (!ts_verify_cert(store, untrusted, signer, &chain)) in TS_RESP_verify_signature()
146 j = PKCS7_signatureVerify(p7bio, token, si, signer); in TS_RESP_verify_signature()
153 *signer_out = signer; in TS_RESP_verify_signature()
154 X509_up_ref(signer); in TS_RESP_verify_signature()
172 X509 *signer, STACK_OF(X509) **chain) in ts_verify_cert() argument
184 if (!X509_STORE_CTX_init(cert_ctx, store, signer, untrusted)) in ts_verify_cert()
[all …]
|
| /third_party/node/deps/openssl/openssl/crypto/ts/ |
| D | ts_rsp_verify.c | 20 X509 *signer, STACK_OF(X509) **chain);
37 static int ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
95 X509 *signer; in TS_RESP_verify_signature() local
128 signer = sk_X509_value(signers, 0); in TS_RESP_verify_signature()
136 if (!ts_verify_cert(store, untrusted, signer, &chain)) in TS_RESP_verify_signature()
146 j = PKCS7_signatureVerify(p7bio, token, si, signer); in TS_RESP_verify_signature()
153 *signer_out = signer; in TS_RESP_verify_signature()
154 X509_up_ref(signer); in TS_RESP_verify_signature()
172 X509 *signer, STACK_OF(X509) **chain) in ts_verify_cert() argument
184 if (!X509_STORE_CTX_init(cert_ctx, store, signer, untrusted)) in ts_verify_cert()
[all …]
|
| /third_party/rust/crates/rust-openssl/openssl/src/ |
| D | sign.rs | 679 let mut signer = Signer::new(MessageDigest::sha256(), &pkey).unwrap(); in rsa_sign() localVariable
680 assert_eq!(signer.rsa_padding().unwrap(), Padding::PKCS1); in rsa_sign()
681 signer.set_rsa_padding(Padding::PKCS1).unwrap(); in rsa_sign()
682 signer.update(&Vec::from_hex(INPUT).unwrap()).unwrap(); in rsa_sign()
683 let result = signer.sign_to_vec().unwrap(); in rsa_sign()
716 let mut signer = Signer::new(ty, &pkey).unwrap(); in test_hmac() localVariable
717 signer.update(data).unwrap(); in test_hmac()
718 assert_eq!(signer.sign_to_vec().unwrap(), *res); in test_hmac()
822 let mut signer = Signer::new_without_digest(&pkey).unwrap(); in test_cmac() localVariable
825 signer.update(data as &[u8]).unwrap(); in test_cmac()
[all …]
|
| /third_party/openssl/test/ |
| D | ocspapitest.c | 115 X509 *signer = NULL, *tmp; in test_resp_signer() local
128 || !TEST_true(get_cert_and_key(&signer, &key)) in test_resp_signer()
129 || !TEST_true(sk_X509_push(extra_certs, signer)) in test_resp_signer()
130 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer()
134 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer()
142 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer()
146 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer()
152 X509_free(signer); in test_resp_signer()
|
| /third_party/openssl/crypto/cms/ |
| D | cms_sd.c | 306 X509 *signer, EVP_PKEY *pk, const EVP_MD *md, in CMS_add1_signer() argument
315 if (!X509_check_private_key(signer, pk)) { in CMS_add1_signer()
326 X509_check_purpose(signer, -1, -1); in CMS_add1_signer()
328 X509_up_ref(signer); in CMS_add1_signer()
333 si->signer = signer; in CMS_add1_signer()
352 if (!ossl_cms_set1_SignerIdentifier(si->sid, signer, type, ctx)) in CMS_add1_signer()
429 if ((sc = OSSL_ESS_signing_cert_new_init(signer, in CMS_add1_signer()
435 if ((sc2 = OSSL_ESS_signing_cert_v2_new_init(md, signer, in CMS_add1_signer()
457 if (!CMS_add1_cert(cms, signer)) in CMS_add1_signer()
570 if (si->signer != NULL) { in STACK_OF()
[all …]
|
| /third_party/node/deps/openssl/openssl/crypto/cms/ |
| D | cms_sd.c | 306 X509 *signer, EVP_PKEY *pk, const EVP_MD *md, in CMS_add1_signer() argument
315 if (!X509_check_private_key(signer, pk)) { in CMS_add1_signer()
326 X509_check_purpose(signer, -1, -1); in CMS_add1_signer()
328 X509_up_ref(signer); in CMS_add1_signer()
333 si->signer = signer; in CMS_add1_signer()
352 if (!ossl_cms_set1_SignerIdentifier(si->sid, signer, type, ctx)) in CMS_add1_signer()
429 if ((sc = OSSL_ESS_signing_cert_new_init(signer, in CMS_add1_signer()
435 if ((sc2 = OSSL_ESS_signing_cert_v2_new_init(md, signer, in CMS_add1_signer()
457 if (!CMS_add1_cert(cms, signer)) in CMS_add1_signer()
570 if (si->signer != NULL) { in STACK_OF()
[all …]
|
| /third_party/openssl/crypto/pkcs7/ |
| D | pk7_smime.c | 217 X509 *signer; in PKCS7_verify() local
276 signer = sk_X509_value(signers, k); in PKCS7_verify()
278 if (!X509_STORE_CTX_init(cert_ctx, store, signer, in PKCS7_verify()
285 } else if (!X509_STORE_CTX_init(cert_ctx, store, signer, NULL)) { in PKCS7_verify()
360 signer = sk_X509_value(signers, i); in PKCS7_verify()
361 j = PKCS7_signatureVerify(p7bio, p7, si, signer); in PKCS7_verify()
389 X509 *signer; in STACK_OF() local
419 signer = NULL; in STACK_OF()
422 signer = X509_find_by_issuer_and_serial(certs, in STACK_OF()
424 if (!signer && !(flags & PKCS7_NOINTERN) in STACK_OF()
[all …]
|
| /third_party/node/deps/openssl/openssl/crypto/pkcs7/ |
| D | pk7_smime.c | 217 X509 *signer; in PKCS7_verify() local
276 signer = sk_X509_value(signers, k); in PKCS7_verify()
278 if (!X509_STORE_CTX_init(cert_ctx, store, signer, in PKCS7_verify()
285 } else if (!X509_STORE_CTX_init(cert_ctx, store, signer, NULL)) { in PKCS7_verify()
360 signer = sk_X509_value(signers, i); in PKCS7_verify()
361 j = PKCS7_signatureVerify(p7bio, p7, si, signer); in PKCS7_verify()
389 X509 *signer; in STACK_OF() local
419 signer = NULL; in STACK_OF()
422 signer = X509_find_by_issuer_and_serial(certs, in STACK_OF()
424 if (!signer && !(flags & PKCS7_NOINTERN) in STACK_OF()
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/src/tls/ |
| D | tlsv1_client_ocsp.c | 50 static int ocsp_responder_id_match(struct x509_certificate *signer, in ocsp_responder_id_match() argument
55 const u8 *addr[1] = { signer->public_key }; in ocsp_responder_id_match()
56 size_t len[1] = { signer->public_key_len }; in ocsp_responder_id_match()
63 return x509_name_compare(&signer->subject, name) == 0; in ocsp_responder_id_match()
356 struct x509_certificate *issuer, *signer; in tls_process_basic_ocsp_response() local
595 signer = issuer; in tls_process_basic_ocsp_response()
597 for (signer = certs; signer; signer = signer->next) { in tls_process_basic_ocsp_response()
598 if (!ocsp_responder_id_match(signer, &name, key_hash) || in tls_process_basic_ocsp_response()
601 !(signer->ext_key_usage & in tls_process_basic_ocsp_response()
603 x509_certificate_check_signature(issuer, signer) < in tls_process_basic_ocsp_response()
[all …]
|
| /third_party/openssl/doc/man3/ |
| D | PKCS7_verify.pod | 21 in which to search for signer's certificates.
31 PKCS7_get0_signers() retrieves the signer's certificates from I<p7>, it does
48 An attempt is made to locate all the signer's certificates, first looking in
51 If any signer's certificates cannot be located the operation fails.
53 Each signer's certificate is chain verified using the B<smimesign> purpose and
73 searched when locating the signer's certificates.
74 This means that all the signer's certificates must be in the I<certs> parameter.
83 If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
87 the signer's certificates) must be contained in the trusted store.
95 in the I<certs> parameter. In this case if the signer's certificate is not one
[all …]
|
| D | CMS_get0_SignerInfos.pod | 8 - CMS signedData signer functions
20 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
27 CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier
37 CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
42 B<signer>.
52 CMS. It will then obtain the signer certificate by some unspecified means
56 Once all signer certificates have been set CMS_verify() can be used.
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9/src/tls/ |
| D | tlsv1_client_ocsp.c | 50 static int ocsp_responder_id_match(struct x509_certificate *signer, in ocsp_responder_id_match() argument
55 const u8 *addr[1] = { signer->public_key }; in ocsp_responder_id_match()
56 size_t len[1] = { signer->public_key_len }; in ocsp_responder_id_match()
63 return x509_name_compare(&signer->subject, name) == 0; in ocsp_responder_id_match()
365 struct x509_certificate *issuer, *signer; in tls_process_basic_ocsp_response() local
626 signer = issuer; in tls_process_basic_ocsp_response()
628 for (signer = certs; signer; signer = signer->next) { in tls_process_basic_ocsp_response()
629 if (!ocsp_responder_id_match(signer, &name, key_hash) || in tls_process_basic_ocsp_response()
632 !(signer->ext_key_usage & in tls_process_basic_ocsp_response()
634 x509_certificate_check_signature(issuer, signer) < in tls_process_basic_ocsp_response()
[all …]
|
| /third_party/openssl/doc/man1/ |
| D | openssl-smime.pod.in | 23 [B<-signer> I<file>]
198 When signing a message the signer's certificate is normally included
239 =item B<-signer> I<file>
242 used multiple times if more than one signer is required. If a message is being
264 the B<-recip> or B<-signer> file. When signing this option can be used
316 This version of the program only allows one signer per message but it
326 signer. This means that attributes must be present in at least one existing
327 signer using the same message digest or this operation will fail.
375 -signer mycert.pem
380 -signer mycert.pem
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9/src/crypto/ |
| D | tls_openssl_ocsp.c | 506 X509 *signer, *tmp_cert; in check_ocsp_resp() local
616 signer = ocsp_find_signer(certs, rd->responderID); in check_ocsp_resp()
617 if (!signer) in check_ocsp_resp()
618 signer = ocsp_find_signer(untrusted, rd->responderID); in check_ocsp_resp()
621 if (!signer) { in check_ocsp_resp()
627 skey = X509_get_pubkey(signer); in check_ocsp_resp()
641 X509_NAME_oneline(X509_get_subject_name(signer), buf, sizeof(buf)); in check_ocsp_resp()
646 if (!X509_STORE_CTX_init(&ctx, store, signer, untrusted)) in check_ocsp_resp()
664 X509_check_purpose(signer, -1, 0); in check_ocsp_resp()
665 if ((signer->ex_flags & EXFLAG_XKUSAGE) && in check_ocsp_resp()
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/src/crypto/ |
| D | tls_openssl_ocsp.c | 506 X509 *signer, *tmp_cert; in check_ocsp_resp() local
616 signer = ocsp_find_signer(certs, rd->responderID); in check_ocsp_resp()
617 if (!signer) in check_ocsp_resp()
618 signer = ocsp_find_signer(untrusted, rd->responderID); in check_ocsp_resp()
621 if (!signer) { in check_ocsp_resp()
627 skey = X509_get_pubkey(signer); in check_ocsp_resp()
641 X509_NAME_oneline(X509_get_subject_name(signer), buf, sizeof(buf)); in check_ocsp_resp()
646 if (!X509_STORE_CTX_init(&ctx, store, signer, untrusted)) in check_ocsp_resp()
664 X509_check_purpose(signer, -1, 0); in check_ocsp_resp()
665 if ((signer->ex_flags & EXFLAG_XKUSAGE) && in check_ocsp_resp()
[all …]
|
| /third_party/node/deps/npm/node_modules/sigstore/dist/ |
| D | sign.js | 37 this.signer = options.signer || this.signWithEphemeralKey.bind(this);
41 const sigMaterial = await this.signer(payload);
61 const sigMaterial = await this.signer(paeBuffer);
|