apps.c - OpenGrok cross reference for /third_party/openssl/apps/lib/apps.c

Lines Matching refs:cert
468     X509 *cert = NULL;
475         cert = X509_load_http(uri, NULL, NULL, 0 /* timeout */);
478                                   NULL, NULL, NULL, &cert, NULL, NULL, NULL);
479     if (cert == NULL) {
483     return cert;
653 static void warn_cert_msg(const char *uri, X509 *cert, const char *msg)
655     char *subj = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
662 static void warn_cert(const char *uri, X509 *cert, int warn_EE,
665     uint32_t ex_flags = X509_get_extension_flags(cert);
666     int res = X509_cmp_timeframe(vpm, X509_get0_notBefore(cert),
667                                  X509_get0_notAfter(cert));
670         warn_cert_msg(uri, cert, res > 0 ? "has expired" : "not yet valid");
672         warn_cert_msg(uri, cert, "is not a CA cert");
769  * Create cert store structure with certificates read from given file(s).
851  * If pcerts is non-NULL and *pcerts == NULL then a new cert list is allocated.
877         pparams != NULL ? "params" : pcert != NULL ? "cert" :
1060             failed = "cert";
2236 static int adapt_keyid_ext(X509 *cert, X509V3_CTX *ext_ctx,
2239     const STACK_OF(X509_EXTENSION) *exts = X509_get0_extensions(cert);
2253             X509_delete_ext(cert, idx);
2258         rv = !add_default || X509_add_ext(cert, new_ext, -1);
2264 /* Ensure RFC 5280 compliance, adapt keyIDs as needed, and sign the cert info */
2265 int do_X509_sign(X509 *cert, EVP_PKEY *pkey, const char *md,
2268     const STACK_OF(X509_EXTENSION) *exts = X509_get0_extensions(cert);
2275         if (!X509_set_version(cert, X509_VERSION_3))
2283         if (!adapt_keyid_ext(cert, ext_ctx, "subjectKeyIdentifier", "hash", 1))
2287         self_sign = X509_check_private_key(cert, pkey);
2289         if (!adapt_keyid_ext(cert, ext_ctx, "authorityKeyIdentifier",
2295         rv = (X509_sign_ctx(cert, mctx) > 0);