| /third_party/mbedtls/tests/scripts/ |
| H A D | generate_tls13_compat_tests.py | 192 for _, cert, key in map(lambda sig_alg: CERTIFICATES[sig_alg], self._cert_sig_algs):
193 ret += ['-cert {cert} -key {key}'.format(cert=cert, key=key)]
304 ret = ['$G_NEXT_SRV_NO_CERT', '--http', '--disable-client-cert', '--debug=4']
306 for _, cert, key in map(lambda sig_alg: CERTIFICATES[sig_alg], self._cert_sig_algs):
307 ret += ['--x509certfile {cert} --x509keyfile {key}'.format(
308 cert=cert, ke
[all...] |
| /third_party/node/test/fixtures/x509-escaping/ |
| H A D | create-certs.js | 331 const cert = {
344 const pem = rfc5280.Certificate.encode(cert, 'pem', {
347 writeFileSync(`./alt-${i}-cert.pem`, `${pem}\n`);
372 value: 'good.example.com\nOCSP - URI:http://ca.nodejs.org/ca.cert',
485 const cert = {
498 const pem = rfc5280.Certificate.encode(cert, 'pem', {
501 writeFileSync(`./info-${i}-cert.pem`, `${pem}\n`);
626 const cert = {
639 const pem = rfc5280.Certificate.encode(cert, 'pem', {
642 writeFileSync(`./subj-${i}-cert
[all...] |
| /third_party/node/deps/openssl/openssl/crypto/ts/ |
| H A D | ts_conf.c | 50 BIO *cert = NULL; in TS_CONF_load_cert() local
53 if ((cert = BIO_new_file(file, "r")) == NULL) in TS_CONF_load_cert()
55 x = PEM_read_bio_X509_AUX(cert, NULL, NULL, NULL); in TS_CONF_load_cert()
59 BIO_free(cert); in TS_CONF_load_cert()
195 const char *cert, TS_RESP_CTX *ctx) in TS_CONF_set_signer_cert()
200 if (cert == NULL) { in TS_CONF_set_signer_cert()
201 cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT); in TS_CONF_set_signer_cert()
202 if (cert == NULL) { in TS_CONF_set_signer_cert()
207 if ((cert_obj = TS_CONF_load_cert(cert)) == NULL) in TS_CONF_set_signer_cert()
194 TS_CONF_set_signer_cert(CONF *conf, const char *section, const char *cert, TS_RESP_CTX *ctx) TS_CONF_set_signer_cert() argument
|
| /third_party/openssl/crypto/ts/ |
| H A D | ts_conf.c | 50 BIO *cert = NULL; in TS_CONF_load_cert() local
53 if ((cert = BIO_new_file(file, "r")) == NULL) in TS_CONF_load_cert()
55 x = PEM_read_bio_X509_AUX(cert, NULL, NULL, NULL); in TS_CONF_load_cert()
59 BIO_free(cert); in TS_CONF_load_cert()
195 const char *cert, TS_RESP_CTX *ctx) in TS_CONF_set_signer_cert()
200 if (cert == NULL) { in TS_CONF_set_signer_cert()
201 cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT); in TS_CONF_set_signer_cert()
202 if (cert == NULL) { in TS_CONF_set_signer_cert()
207 if ((cert_obj = TS_CONF_load_cert(cert)) == NULL) in TS_CONF_set_signer_cert()
194 TS_CONF_set_signer_cert(CONF *conf, const char *section, const char *cert, TS_RESP_CTX *ctx) TS_CONF_set_signer_cert() argument
|
| /third_party/rust/crates/rust-openssl/openssl/src/ |
| H A D | cms.rs | 71 /// Given the sender's private key, `pkey` and the recipient's certificate, `cert`,
74 pub fn decrypt<T>(&self, pkey: &PKeyRef<T>, cert: &X509) -> Result<Vec<u8>, ErrorStack> in decrypt()
80 let cert = cert.as_ptr(); in decrypt()
86 cert, in decrypt()
167 /// Given a signing cert `signcert`, private key `pkey`, a certificate stack `certs`,
295 // load cert with public key only in cms_encrypt_decrypt()
297 let pub_cert = X509::from_der(pub_cert_bytes).expect("failed to load pub cert"); in cms_encrypt_decrypt()
299 // load cert with private key in cms_encrypt_decrypt()
301 let priv_cert = Pkcs12::from_der(priv_cert_bytes).expect("failed to load priv cert"); in cms_encrypt_decrypt()
[all...] |
| /third_party/wpa_supplicant/wpa_supplicant-2.9/src/crypto/ |
| H A D | tls_wolfssl.c | 473 "SSL: use client cert DER blob failed"); in tls_connection_client_cert()
476 wpa_printf(MSG_DEBUG, "SSL: use client cert blob OK"); in tls_connection_client_cert()
484 "SSL: use client cert PEM file failed"); in tls_connection_client_cert()
489 "SSL: use client cert DER file failed"); in tls_connection_client_cert()
493 wpa_printf(MSG_DEBUG, "SSL: use client cert file OK"); in tls_connection_client_cert()
576 static int tls_match_alt_subject_component(WOLFSSL_X509 *cert, int type, in tls_match_alt_subject_component() argument
584 ext = wolfSSL_X509_get_ext_d2i(cert, ALT_NAMES_OID, NULL, NULL); in tls_match_alt_subject_component()
601 static int tls_match_alt_subject(WOLFSSL_X509 *cert, const char *match) in tls_match_alt_subject() argument
636 if (tls_match_alt_subject_component(cert, type, pos, len) > 0) in tls_match_alt_subject()
676 static int tls_match_suffix_helper(WOLFSSL_X509 *cert, cons argument
746 tls_match_suffix(WOLFSSL_X509 *cert, const char *match, int full) tls_match_suffix() argument
813 get_x509_cert(WOLFSSL_X509 *cert) get_x509_cert() argument
833 struct wpabuf *cert = NULL; wolfssl_tls_fail_event() local
856 struct wpabuf *cert = NULL; wolfssl_tls_cert_event() local
1008 struct wpabuf *cert; tls_verify_cb() local
[all...] |
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/src/crypto/ |
| H A D | tls_wolfssl.c | 474 "SSL: use client cert DER blob failed"); in tls_connection_client_cert()
477 wpa_printf(MSG_DEBUG, "SSL: use client cert blob OK"); in tls_connection_client_cert()
485 "SSL: use client cert PEM file failed"); in tls_connection_client_cert()
490 "SSL: use client cert DER file failed"); in tls_connection_client_cert()
494 wpa_printf(MSG_DEBUG, "SSL: use client cert file OK"); in tls_connection_client_cert()
577 static int tls_match_alt_subject_component(WOLFSSL_X509 *cert, int type, in tls_match_alt_subject_component() argument
585 ext = wolfSSL_X509_get_ext_d2i(cert, ALT_NAMES_OID, NULL, NULL); in tls_match_alt_subject_component()
603 static int tls_match_alt_subject(WOLFSSL_X509 *cert, const char *match) in tls_match_alt_subject() argument
638 if (tls_match_alt_subject_component(cert, type, pos, len) > 0) in tls_match_alt_subject()
678 static int tls_match_suffix_helper(WOLFSSL_X509 *cert, cons argument
750 tls_match_suffix(WOLFSSL_X509 *cert, const char *match, int full) tls_match_suffix() argument
817 get_x509_cert(WOLFSSL_X509 *cert) get_x509_cert() argument
837 struct wpabuf *cert = NULL; wolfssl_tls_fail_event() local
860 struct wpabuf *cert = NULL; wolfssl_tls_cert_event() local
1015 struct wpabuf *cert; tls_verify_cb() local
[all...] |
| /third_party/node/lib/ |
| H A D | tls.js | 280 exports.checkServerIdentity = function checkServerIdentity(hostname, cert) {
281 const subject = cert.subject;
282 const altNames = cert.subjectaltname;
309 reason = `IP: ${hostname} is not in the cert's list: ` +
319 `Host: ${hostname}. is not in the cert's altnames: ${altNames}`;
330 reason = `Host: ${hostname}. is not cert's CN: ${cn}`;
337 return new ERR_TLS_CERT_ALTNAME_INVALID(reason, hostname, cert);
|
| /third_party/node/src/crypto/ |
| H A D | crypto_x509.h | 23 explicit ManagedX509(X509Pointer&& cert);
53 X509Pointer cert,
58 std::shared_ptr<ManagedX509> cert,
73 X509Pointer cert);
129 std::shared_ptr<ManagedX509> cert,
|
| H A D | crypto_spkac.cc | 118 ByteSource cert = ExportChallenge(input); in ExportChallenge()
119 if (!cert) in ExportChallenge()
123 Encode(env->isolate(), cert.data<char>(), cert.size(), BUFFER); in ExportChallenge()
|
| /third_party/libcoap/src/ |
| H A D | coap_gnutls.c | 637 int self_signed; /* 1 if cert self-signed, 0 otherwise */
647 gnutls_x509_crt_t cert; in get_san_or_cn() local
672 G_CHECK(gnutls_x509_crt_init(&cert), "gnutls_x509_crt_init"); in get_san_or_cn()
674 /* Interested only in first cert in chain */ in get_san_or_cn()
675 G_CHECK(gnutls_x509_crt_import(cert, &cert_info->cert_list[0], in get_san_or_cn()
678 cert_info->self_signed = gnutls_x509_crt_check_issuer(cert, cert); in get_san_or_cn()
682 ret = gnutls_x509_crt_get_subject_alt_name(cert, 0, dn, &size, NULL); in get_san_or_cn()
685 gnutls_x509_crt_deinit(cert); in get_san_or_cn()
691 G_CHECK(gnutls_x509_crt_get_dn(cert, d in get_san_or_cn()
884 gnutls_x509_crt_t cert; cert_verify_gnutls() local
1090 gnutls_datum_t cert; setup_pki_credentials() local
1236 gnutls_datum_t cert; setup_pki_credentials() local
[all...] |
| /third_party/node/test/parallel/ |
| H A D | test-tls-client-mindhsize.js | 11 const cert = fixtures.readKey('agent2-cert.pem');
23 cert: cert,
|
| H A D | test-tls-dhe.js | 39 const cert = fixtures.readKey('agent2-cert.pem');
58 cert,
99 } = new X509Certificate(cert);
|
| /third_party/skia/third_party/externals/microhttpd/src/testcurl/https/ |
| H A D | test_https_multi_daemon.c | 98 FILE *cert; in main() local
110 if ((cert = setup_ca_cert ()) == NULL) in main()
128 fclose (cert); in main()
|
| H A D | test_https_time_out.c | 107 gnutls_datum_t cert; in main() local
132 if (0 != setup_session (&session, &key, &cert, &xcred)) in main()
138 teardown_session (session, &key, &cert, xcred); in main()
|
| /third_party/openssl/test/ |
| H A D | fatalerrtest.c | 16 static char *cert = NULL; variable
33 &sctx, &cctx, cert, privkey))) in test_fatalerr()
94 if (!TEST_ptr(cert = test_get_argument(0)) in setup_tests()
|
| H A D | verify_extra_test.c | 183 X509 *cert = load_cert_from_file(filename); /* may result in NULL */ in test_self_signed() local
188 ret = TEST_int_eq(X509_self_signed(cert, 1), expected); in test_self_signed()
190 if (cert != NULL) { in test_self_signed()
192 ret = ret && TEST_true(sk_X509_push(trusted, cert)); in test_self_signed()
193 ret = ret && TEST_true(X509_STORE_CTX_init(ctx, NULL, cert, NULL)); in test_self_signed()
200 X509_free(cert); in test_self_signed()
221 /* Verifying a cert where we have no trusted certs should fail */ in test_store_ctx()
310 || !TEST_ptr(sroot_cert = test_mk_file_path(certs_dir, "sroot-cert.pem")) in setup_tests()
311 || !TEST_ptr(ca_cert = test_mk_file_path(certs_dir, "ca-cert.pem")) in setup_tests()
312 || !TEST_ptr(ee_cert = test_mk_file_path(certs_dir, "ee-cert in setup_tests()
[all...] |
| /third_party/libwebsockets/lib/tls/ |
| H A D | tls-network.c | 93 lwsl_vhost_notice(v, " vhost %s: cert expiry: %dd", v->name, in lws_tls_check_cert_lifetime()
96 lwsl_vhost_info(v, " vhost %s: no cert", v->name); in lws_tls_check_cert_lifetime()
121 * LWS_TLS_EXTANT_NO : skip adding the cert
122 * LWS_TLS_EXTANT_YES : use the cert and private key paths normally
126 lws_tls_generic_cert_checks(struct lws_vhost *vhost, const char *cert, in lws_tls_generic_cert_checks() argument
132 * The user code can choose to either pass the cert and in lws_tls_generic_cert_checks()
136 * set up the cert himself using the user callback in lws_tls_generic_cert_checks()
142 if (!cert || !private_key) in lws_tls_generic_cert_checks()
145 n = (int)lws_tls_use_any_upgrade_check_extant(cert); in lws_tls_generic_cert_checks()
154 lwsl_vhost_notice(vhost, "Ignoring missing %s or %s", cert, private_ke in lws_tls_generic_cert_checks()
[all...] |
| /third_party/node/deps/openssl/openssl/apps/ |
| H A D | sess_id.c | 41 {"cert", OPT_CERT, '-', "Output certificate "},
55 int cert = 0, noout = 0, text = 0, ret = 1, i, num = 0; in sess_id_main() local
89 cert = ++num; in sess_id_main()
133 if (cert) { in sess_id_main()
141 if (!noout && !cert) { in sess_id_main()
|
| /third_party/openssl/apps/ |
| H A D | sess_id.c | 41 {"cert", OPT_CERT, '-', "Output certificate "},
55 int cert = 0, noout = 0, text = 0, ret = 1, i, num = 0; in sess_id_main() local
89 cert = ++num; in sess_id_main()
133 if (cert) { in sess_id_main()
141 if (!noout && !cert) { in sess_id_main()
|
| /third_party/node/deps/openssl/openssl/crypto/x509/ |
| H A D | x_x509.c | 163 X509 *cert = NULL;
165 cert = (X509 *)ASN1_item_new_ex(X509_it(), libctx, propq);
166 if (!ossl_x509_set0_libctx(cert, libctx, propq)) {
167 X509_free(cert);
168 cert = NULL;
170 return cert;
|
| /third_party/node/deps/openssl/openssl/crypto/cmp/ |
| H A D | cmp_protect.c | 138 /* Add first ctx->cert and its chain if using signature-based protection */ in ossl_cmp_msg_add_extraCerts()
140 && ctx->cert != NULL && ctx->pkey != NULL) { in ossl_cmp_msg_add_extraCerts()
147 "trying to build chain for own CMP signer cert"); in ossl_cmp_msg_add_extraCerts()
148 ctx->chain = X509_build_chain(ctx->cert, ctx->untrusted, NULL, 0, in ossl_cmp_msg_add_extraCerts()
152 "success building chain for own CMP signer cert"); in ossl_cmp_msg_add_extraCerts()
157 "could not build chain for own CMP signer cert"); in ossl_cmp_msg_add_extraCerts()
164 /* make sure that at least our own signer cert is included first */ in ossl_cmp_msg_add_extraCerts()
165 if (!ossl_x509_add_cert_new(&msg->extraCerts, ctx->cert, prepend)) in ossl_cmp_msg_add_extraCerts()
167 ossl_cmp_debug(ctx, "fallback: adding just own CMP signer cert"); in ossl_cmp_msg_add_extraCerts()
284 } else if (ctx->cert ! in ossl_cmp_msg_protect()
[all...] |
| /third_party/openssl/crypto/cmp/ |
| H A D | cmp_protect.c | 138 /* Add first ctx->cert and its chain if using signature-based protection */ in ossl_cmp_msg_add_extraCerts()
140 && ctx->cert != NULL && ctx->pkey != NULL) { in ossl_cmp_msg_add_extraCerts()
147 "trying to build chain for own CMP signer cert"); in ossl_cmp_msg_add_extraCerts()
148 ctx->chain = X509_build_chain(ctx->cert, ctx->untrusted, NULL, 0, in ossl_cmp_msg_add_extraCerts()
152 "success building chain for own CMP signer cert"); in ossl_cmp_msg_add_extraCerts()
157 "could not build chain for own CMP signer cert"); in ossl_cmp_msg_add_extraCerts()
164 /* make sure that at least our own signer cert is included first */ in ossl_cmp_msg_add_extraCerts()
165 if (!ossl_x509_add_cert_new(&msg->extraCerts, ctx->cert, prepend)) in ossl_cmp_msg_add_extraCerts()
167 ossl_cmp_debug(ctx, "fallback: adding just own CMP signer cert"); in ossl_cmp_msg_add_extraCerts()
284 } else if (ctx->cert ! in ossl_cmp_msg_protect()
[all...] |
| /third_party/openssl/crypto/x509/ |
| H A D | x_x509.c | 163 X509 *cert = NULL;
165 cert = (X509 *)ASN1_item_new_ex(X509_it(), libctx, propq);
166 if (!ossl_x509_set0_libctx(cert, libctx, propq)) {
167 X509_free(cert);
168 cert = NULL;
170 return cert;
|
| /third_party/node/deps/openssl/openssl/ssl/ |
| H A D | ssl_conf.c | 435 c = cctx->ctx->cert; in cmd_Certificate()
439 c = cctx->ssl->cert; in cmd_Certificate()
476 CERT *cert; in do_store() local
483 cert = cctx->ctx->cert; in do_store()
486 cert = cctx->ssl->cert; in do_store()
495 st = verify_store ? &cert->verify_store : &cert->chain_store; in do_store()
725 SSL_CONF_CMD(Certificate, "cert", SSL_CONF_FLAG_CERTIFICAT
[all...] |