| /third_party/node/deps/openssl/openssl/crypto/cmp/ |
| H A D | cmp_client.c | 422 "received \"waiting\" status for cert when actually aiming to extract cert"); in get1_cert_status()
432 ossl_cmp_err(ctx, "received \"rejection\" status rather than cert"); in get1_cert_status()
437 "received \"revocationWarning\" - a revocation of the cert is imminent"); in get1_cert_status()
441 "received \"revocationNotification\" - a revocation of the cert has occurred"); in get1_cert_status()
457 if (crt == NULL) /* according to PKIStatus, we can expect a cert */ in get1_cert_status()
485 int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info, in OSSL_CMP_certConf_cb() argument
496 ossl_cmp_debug(ctx, "trying to build chain for newly enrolled cert"); in OSSL_CMP_certConf_cb()
497 chain = X509_build_chain(cert, ctx->untrusted, out_trusted, in OSSL_CMP_certConf_cb()
502 ossl_cmp_debug(ctx, "validating newly enrolled cert"); in OSSL_CMP_certConf_cb()
567 X509 *cert; cert_response() local
[all...] |
| /third_party/openssl/crypto/cmp/ |
| H A D | cmp_client.c | 425 "received \"waiting\" status for cert when actually aiming to extract cert"); in get1_cert_status()
435 ossl_cmp_err(ctx, "received \"rejection\" status rather than cert"); in get1_cert_status()
440 "received \"revocationWarning\" - a revocation of the cert is imminent"); in get1_cert_status()
444 "received \"revocationNotification\" - a revocation of the cert has occurred"); in get1_cert_status()
460 if (crt == NULL) /* according to PKIStatus, we can expect a cert */ in get1_cert_status()
488 int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info, in OSSL_CMP_certConf_cb() argument
499 ossl_cmp_debug(ctx, "trying to build chain for newly enrolled cert"); in OSSL_CMP_certConf_cb()
500 chain = X509_build_chain(cert, ctx->untrusted, out_trusted, in OSSL_CMP_certConf_cb()
505 ossl_cmp_debug(ctx, "validating newly enrolled cert"); in OSSL_CMP_certConf_cb()
570 X509 *cert; cert_response() local
[all...] |
| /third_party/node/deps/openssl/openssl/crypto/ocsp/ |
| H A D | ocsp_vfy.c | 22 static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
53 * Locally disable revocation status checking for OCSP responder cert. in ocsp_verify_signer()
303 static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, in ocsp_match_issuerid() argument
340 iname = X509_get_subject_name(cert); in ocsp_match_issuerid()
347 if (!X509_pubkey_digest(cert, dgst, md, NULL)) { in ocsp_match_issuerid()
360 ret = ocsp_match_issuerid(cert, tmpid, NULL); in ocsp_match_issuerid()
|
| /third_party/openssl/crypto/ocsp/ |
| H A D | ocsp_vfy.c | 22 static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
53 * Locally disable revocation status checking for OCSP responder cert. in ocsp_verify_signer()
303 static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, in ocsp_match_issuerid() argument
340 iname = X509_get_subject_name(cert); in ocsp_match_issuerid()
347 if (!X509_pubkey_digest(cert, dgst, md, NULL)) { in ocsp_match_issuerid()
360 ret = ocsp_match_issuerid(cert, tmpid, NULL); in ocsp_match_issuerid()
|
| /third_party/openssl/ohos_lite/include/openssl/ |
| H A D | ocsp.h | 185 int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
249 int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
256 int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
257 int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
258 int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
|
| /third_party/libwebsockets/lib/tls/mbedtls/ |
| H A D | mbedtls-server.c | 37 lwsl_notice("no client cert required\n"); in lws_tls_server_client_cert_verify_config()
44 lwsl_notice("%s: vh %s requires client cert %d\n", __func__, vh->name, in lws_tls_server_client_cert_verify_config()
92 lwsl_err("%s: vhost %s matches SNI but no valid cert\n", in lws_mbedtls_sni_cb()
106 const char *cert, const char *private_key, in lws_tls_server_certs_load()
115 if ((!cert || !private_key) && (!mem_cert || !mem_privkey)) { in lws_tls_server_certs_load()
120 n = (int)lws_tls_generic_cert_checks(vhost, cert, private_key); in lws_tls_server_certs_load()
138 * the rights to read our own cert + key we saved. in lws_tls_server_certs_load()
143 * The passed memory-buffer cert image is in DER, and the in lws_tls_server_certs_load()
146 cert = NULL; in lws_tls_server_certs_load()
149 if (lws_tls_alloc_pem_to_der_file(vhost->context, cert, mem_cer in lws_tls_server_certs_load()
105 lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi, const char *cert, const char *private_key, const char *mem_cert, size_t mem_cert_len, const char *mem_privkey, size_t mem_privkey_len) lws_tls_server_certs_load() argument
[all...] |
| /third_party/node/src/quic/ |
| H A D | tlscontext.cc | 186 const auto addCert = [&](uv_buf_t cert) { in InitializeSecureContext()
188 crypto::BIOPointer bio = crypto::NodeBIO::NewFixed(cert.base, cert.len); in InitializeSecureContext()
194 for (auto& cert : options.certs) { in InitializeSecureContext()
195 if (!addCert(cert).IsJust()) { in InitializeSecureContext()
229 // TODO(@jasnell): Possibly handle other bits. Such a pfx, client cert engine, in InitializeSecureContext()
499 MaybeLocal<Object> TLSContext::cert(Environment* env) const { in cert() function in node::quic::TLSContext
|
| /third_party/node/deps/openssl/openssl/apps/ |
| H A D | smime.c | 52 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [cert...]\n"},
128 {"cert", 0, 0, "Recipient certs, used when encrypting"},
140 X509 *cert = NULL, *recip = NULL, *signer = NULL; in smime_main() local
452 cert = load_cert(*argv, FORMAT_UNDEF, in smime_main()
454 if (cert == NULL) in smime_main()
456 if (!sk_X509_push(encerts, cert)) in smime_main()
458 cert = NULL; in smime_main()
663 X509_free(cert); in smime_main()
|
| H A D | cms.c | 91 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [cert...]\n"},
160 {"recip", OPT_RECIP, '<', "Recipient cert file"},
161 {"cert...", OPT_PARAM, '.',
289 X509 *cert = NULL, *recip = NULL, *signer = NULL, *originator = NULL; in cms_main() local
619 cert = load_cert(opt_arg(), FORMAT_UNDEF, in cms_main()
621 if (cert == NULL) in cms_main()
623 if (!sk_X509_push(encerts, cert)) in cms_main()
625 cert = NULL; in cms_main()
831 cert = load_cert(*argv, FORMAT_UNDEF, in cms_main()
833 if (cert in cms_main()
[all...] |
| /third_party/openssl/apps/ |
| H A D | smime.c | 52 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [cert...]\n"},
128 {"cert", 0, 0, "Recipient certs, used when encrypting"},
140 X509 *cert = NULL, *recip = NULL, *signer = NULL; in smime_main() local
452 cert = load_cert(*argv, FORMAT_UNDEF, in smime_main()
454 if (cert == NULL) in smime_main()
456 sk_X509_push(encerts, cert); in smime_main()
457 cert = NULL; in smime_main()
662 X509_free(cert); in smime_main()
|
| H A D | cms.c | 91 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [cert...]\n"},
160 {"recip", OPT_RECIP, '<', "Recipient cert file"},
161 {"cert...", OPT_PARAM, '.',
289 X509 *cert = NULL, *recip = NULL, *signer = NULL, *originator = NULL; in cms_main() local
619 cert = load_cert(opt_arg(), FORMAT_UNDEF, in cms_main()
621 if (cert == NULL) in cms_main()
623 sk_X509_push(encerts, cert); in cms_main()
624 cert = NULL; in cms_main()
829 cert = load_cert(*argv, FORMAT_UNDEF, in cms_main()
831 if (cert in cms_main()
[all...] |
| /third_party/wpa_supplicant/wpa_supplicant-2.9/src/crypto/ |
| H A D | tls_openssl_ocsp.c | 395 static int issuer_match(X509 *cert, X509 *issuer, CertID *certid) in issuer_match() argument
412 iname = X509_get_issuer_name(cert); in issuer_match()
486 enum ocsp_result check_ocsp_resp(SSL_CTX *ssl_ctx, SSL *ssl, X509 *cert, in check_ocsp_resp() argument
512 txt = integer_str(X509_get_serialNumber(cert)); in check_ocsp_resp()
577 "OpenSSL: BasicOCSPResponse cert %s", buf); in check_ocsp_resp()
792 X509_get_serialNumber(cert)) == 0 && in check_ocsp_resp()
793 issuer_match(cert, issuer, sresp->certID) == 0) { in check_ocsp_resp()
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/src/crypto/ |
| H A D | tls_openssl_ocsp.c | 395 static int issuer_match(X509 *cert, X509 *issuer, CertID *certid) in issuer_match() argument
412 iname = X509_get_issuer_name(cert); in issuer_match()
486 enum ocsp_result check_ocsp_resp(SSL_CTX *ssl_ctx, SSL *ssl, X509 *cert, in check_ocsp_resp() argument
512 txt = integer_str(X509_get_serialNumber(cert)); in check_ocsp_resp()
577 "OpenSSL: BasicOCSPResponse cert %s", buf); in check_ocsp_resp()
792 X509_get_serialNumber(cert)) == 0 && in check_ocsp_resp()
793 issuer_match(cert, issuer, sresp->certID) == 0) { in check_ocsp_resp()
|
| /third_party/rust/crates/rust-openssl/openssl/src/ssl/test/ |
| H A D | mod.rs | 44 static CERT: &[u8] = include_bytes!("../../../test/cert.pem");
221 let cert = x509.current_cert().unwrap(); in verify_callback()
222 let digest = cert.digest(MessageDigest::sha1()).unwrap(); in verify_callback()
243 let cert = x509.current_cert().unwrap(); in ssl_verify_callback()
244 let digest = cert.digest(MessageDigest::sha1()).unwrap(); in ssl_verify_callback()
289 let cert = s.ssl().peer_certificate().unwrap(); in peer_certificate()
290 let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); in peer_certificate()
338 ctx.set_certificate_file(Path::new("test/cert.pem"), SslFiletype::PEM) in test_connect_with_srtp_ctx()
394 ctx.set_certificate_file(Path::new("test/cert.pem"), SslFiletype::PEM) in test_connect_with_srtp_ssl()
650 let cert in add_extra_chain_cert()
[all...] |
| /third_party/libwebsockets/lib/tls/ |
| H A D | private-network.h | 135 const char *cert, const char *private_key,
139 lws_tls_generic_cert_checks(struct lws_vhost *vhost, const char *cert,
|
| /third_party/node/test/parallel/ |
| H A D | test-http2-create-client-secure-session.js | 38 function verifySecureSession(key, cert, ca, opts) {
39 const server = h2.createSecureServer({ cert, key });
85 loadKey('agent8-cert.pem'),
86 loadKey('fake-startcom-root-cert.pem'));
91 loadKey('agent1-cert.pem'),
92 loadKey('ca1-cert.pem'),
97 loadKey('agent8-cert.pem'),
98 loadKey('fake-startcom-root-cert.pem'),
|
| H A D | test-tls-securepair-server.js | 37 const cert = fixtures.readKey('rsa_cert.crt');
45 const sslcontext = tls.createSecureContext({ key, cert });
|
| H A D | test-tls-set-secure-context.js | 19 cert: fixtures.readKey('agent1-cert.pem'),
20 ca: fixtures.readKey('ca1-cert.pem')
24 cert: fixtures.readKey('agent2-cert.pem'),
25 ca: fixtures.readKey('ca2-cert.pem')
|
| /third_party/node/test/sequential/ |
| H A D | test-tls-securepair-client.js | 59 test('keys/agent4-key.pem', 'keys/agent4-cert.pem', check);
64 const cert = fixtures.readSync(certPath).toString();
68 '-cert', fixtures.path(certPath),
128 const sslcontext = tls.createSecureContext({ key, cert });
|
| /third_party/node/deps/openssl/openssl/crypto/ct/ |
| H A D | ct_local.h | 110 X509 *cert; member
131 * If *cert does not have a poison extension, presigner must be NULL.
132 * If *cert does not have a poison extension, it may have a single SCT
134 * If either *cert or *presigner have an AKID (NID_authority_key_identifier)
138 __owur int SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner);
|
| /third_party/openssl/crypto/ct/ |
| H A D | ct_local.h | 110 X509 *cert; member
131 * If *cert does not have a poison extension, presigner must be NULL.
132 * If *cert does not have a poison extension, it may have a single SCT
134 * If either *cert or *presigner have an AKID (NID_authority_key_identifier)
138 __owur int SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner);
|
| /third_party/node/deps/openssl/openssl/ssl/statem/ |
| H A D | statem_srvr.c | 199 * cert. in ossl_statem_server_read_transition()
344 && s->cert->psk_identity_hint) in send_server_key_exchange()
369 /* don't request cert unless asked for it: */ in send_certificate_request()
378 * if SSL_VERIFY_CLIENT_ONCE is set, don't request cert in send_certificate_request()
384 * never request cert in anonymous ciphersuites (see in send_certificate_request()
2095 if (s->s3.tmp.cert != NULL) { in tls_handle_status_request()
2100 s->cert->key = s->s3.tmp.cert; in tls_handle_status_request()
2220 /* Let cert callback update server certificates if required */ in tls_post_process_client_hello()
2221 if (!s->hit && s->cert in tls_post_process_client_hello()
2475 CERT *cert = s->cert; tls_construct_server_key_exchange() local
[all...] |
| /third_party/openssl/ssl/statem/ |
| H A D | statem_srvr.c | 198 * cert. in ossl_statem_server_read_transition()
343 && s->cert->psk_identity_hint) in send_server_key_exchange()
368 /* don't request cert unless asked for it: */ in send_certificate_request()
377 * if SSL_VERIFY_CLIENT_ONCE is set, don't request cert in send_certificate_request()
383 * never request cert in anonymous ciphersuites (see in send_certificate_request()
2075 if (s->s3.tmp.cert != NULL) { in tls_handle_status_request()
2080 s->cert->key = s->s3.tmp.cert; in tls_handle_status_request()
2200 /* Let cert callback update server certificates if required */ in tls_post_process_client_hello()
2201 if (!s->hit && s->cert in tls_post_process_client_hello()
2454 CERT *cert = s->cert; tls_construct_server_key_exchange() local
[all...] |
| /third_party/node/deps/openssl/openssl/apps/lib/ |
| H A D | s_cb.c | 62 BIO_puts(bio_err, "<no cert>\n"); in verify_callback()
139 * Now we know that a key and cert have been set against the SSL in set_cert_stuff()
151 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, in set_cert_key_stuff() argument
156 if (cert == NULL) in set_cert_key_stuff()
158 if (SSL_CTX_use_certificate(ctx, cert) <= 0) { in set_cert_key_stuff()
171 * Now we know that a key and cert have been set against the SSL context in set_cert_key_stuff()
662 {"cert type", TLSEXT_TYPE_cert_type},
864 X509 *cert; member
934 rv = SSL_check_chain(ssl, exc->cert, exc->key, exc->chain); in set_cert_cb()
935 BIO_printf(bio_err, "Checking cert chai in set_cert_cb()
[all...] |
| /third_party/openssl/apps/lib/ |
| H A D | s_cb.c | 62 BIO_puts(bio_err, "<no cert>\n"); in verify_callback()
139 * Now we know that a key and cert have been set against the SSL in set_cert_stuff()
151 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, in set_cert_key_stuff() argument
156 if (cert == NULL) in set_cert_key_stuff()
158 if (SSL_CTX_use_certificate(ctx, cert) <= 0) { in set_cert_key_stuff()
171 * Now we know that a key and cert have been set against the SSL context in set_cert_key_stuff()
662 {"cert type", TLSEXT_TYPE_cert_type},
864 X509 *cert; member
934 rv = SSL_check_chain(ssl, exc->cert, exc->key, exc->chain); in set_cert_cb()
935 BIO_printf(bio_err, "Checking cert chai in set_cert_cb()
[all...] |