/openssl/test/ |
H A D | danetest.in | 55 issuer= 70 issuer= 85 issuer= 100 issuer= 115 issuer= 130 issuer= 145 issuer= 160 issuer= 1690 issuer= CN = CA2 1739 issuer= CN = CA2 [all …]
|
H A D | ca-and-certs.cnf | 36 authorityKeyIdentifier = keyid,issuer:always 86 authorityKeyIdentifier = keyid:always,issuer:always 89 issuerAltName = issuer:copy
|
H A D | dane-cross.in | 26 issuer=CN = CA 49 issuer=CN = Root CA 71 issuer=CN = Cross Root 93 issuer=CN = Cross Root
|
H A D | ocspapitest.c | 195 X509 *issuer = NULL; in test_ocsp_url_svcloc_new() local 199 if (!TEST_true(get_cert(&issuer))) in test_ocsp_url_svcloc_new() 205 ext = OCSP_url_svcloc_new(X509_get_issuer_name(issuer), urls); in test_ocsp_url_svcloc_new() 212 X509_free(issuer); in test_ocsp_url_svcloc_new()
|
/openssl/doc/man3/ |
H A D | X509_check_issued.pod | 12 int X509_check_issued(X509 *issuer, X509 *subject); 18 using (CA) certificate I<issuer>. This function takes into account not only 19 matching of the issuer field of I<subject> with the subject field of I<issuer>, 22 serial number, and issuer fields of I<issuer>, as far as present. It also checks 23 if the B<keyUsage> field (if present) of I<issuer> allows certificate signing. 25 if the I<issuer> or the I<subject> are incomplete certificates.
|
H A D | OCSP_cert_to_id.pod | 13 X509 *subject, X509 *issuer); 33 message digest B<dgst> for certificate B<subject> with issuer B<issuer>. If 37 issuer name B<issuerName>, issuer key hash B<issuerKey> and serial number 44 OCSP_id_issuer_cmp() compares only the issuer name of B<OCSP_CERTID> B<a> and B<b>. 46 OCSP_id_get0_info() returns the issuer name hash, hash OID, issuer key hash and
|
H A D | X509_STORE_set_verify_cb_func.pod | 43 typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer, 46 X509 *x, X509 *issuer); 152 to I<*issuer> and then return 1. 158 certificate I<x> is issued by the issuer certificate I<issuer>. 160 been issued with I<issuer>) and 1 on success. 161 I<If no function to get the issuer is provided, the internal default 169 I<If no function to get the issuer is provided, the internal default 176 I<If no function to get the issuer is provided, the internal default 182 I<If no function to get the issuer is provided, the internal default 188 I<If no function to get the issuer is provided, the internal default [all …]
|
H A D | X509V3_set_ctx.pod | 12 void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, 27 If I<subject> or I<crl> is provided, I<issuer> should point to its issuer, for 29 I<issuer> may be the same pointer value as I<subject> (which usually is an 40 X509V3_set_issuer_pkey() explicitly sets the issuer private key of 42 This should be done in case the I<issuer> and I<subject> arguments to
|
H A D | X509_STORE_CTX_get_error.pod | 134 unable to decode issuer public key> 202 unable to get local issuer certificate> 204 The issuer certificate could not be found: this occurs if the issuer certificate 242 =item B<X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch> 245 did not match the issuer name of the current certificate. 255 authority and issuer serial number mismatch> 257 The current candidate issuer certificate was rejected because its issuer name 332 Unable to get CRL issuer certificate. 410 =item B<X509_V_ERR_STORE_LOOKUP: issuer certificate lookup error> 437 The issuer certificate does not have a public key. [all …]
|
/openssl/crypto/ct/ |
H A D | ct_policy.c | 65 X509_free(ctx->issuer); in CT_POLICY_EVAL_CTX_free() 78 int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer) in CT_POLICY_EVAL_CTX_set1_issuer() argument 80 if (!X509_up_ref(issuer)) in CT_POLICY_EVAL_CTX_set1_issuer() 82 ctx->issuer = issuer; in CT_POLICY_EVAL_CTX_set1_issuer() 104 return ctx->issuer; in CT_POLICY_EVAL_CTX_get0_issuer()
|
/openssl/crypto/x509/ |
H A D | v3_akid.c | 52 if (!X509V3_add_value((akeyid->issuer || akeyid->serial) ? "keyid" : NULL, in STACK_OF() 60 if (akeyid->issuer) { in STACK_OF() 61 tmpextlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist); in STACK_OF() 100 char keyid = 0, issuer = 0; in v2i_AUTHORITY_KEYID() local 131 } else if (strcmp(cnf->name, "issuer") == 0 && issuer == 0) { in v2i_AUTHORITY_KEYID() 132 issuer = 1; in v2i_AUTHORITY_KEYID() 134 issuer = 2; in v2i_AUTHORITY_KEYID() 196 if (issuer == 2 || (issuer == 1 && !ss && ikeyid == NULL)) { in v2i_AUTHORITY_KEYID() 216 akeyid->issuer = gens; in v2i_AUTHORITY_KEYID()
|
H A D | v3_purp.c | 943 int X509_check_issued(X509 *issuer, X509 *subject) in X509_check_issued() argument 949 return ossl_x509_signing_allowed(issuer, subject); in X509_check_issued() 957 if (X509_NAME_cmp(X509_get_subject_name(issuer), in ossl_x509_likely_issued() 962 if (!ossl_x509v3_cache_extensions(issuer) in ossl_x509_likely_issued() 966 ret = X509_check_akid(issuer, subject->akid); in ossl_x509_likely_issued() 984 if (ku_reject(issuer, KU_DIGITAL_SIGNATURE)) in ossl_x509_signing_allowed() 986 } else if (ku_reject(issuer, KU_KEY_CERT_SIGN)) { in ossl_x509_signing_allowed() 998 if (akid->keyid && issuer->skid && in X509_check_akid() 1006 if (akid->issuer) { in X509_check_akid() 1012 GENERAL_NAMES *gens = akid->issuer; in X509_check_akid() [all …]
|
H A D | x509_local.h | 70 const ASN1_INTEGER *ser, const X509_NAME *issuer); 127 int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x); 129 int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer); 158 int ossl_x509_likely_issued(X509 *issuer, X509 *subject); 159 int ossl_x509_signing_allowed(const X509 *issuer, const X509 *subject);
|
H A D | x509_cmp.c | 33 return X509_NAME_cmp(ai->issuer, bi->issuer); in X509_issuer_and_serial_cmp() 47 f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0); in X509_issuer_and_serial_hash() 77 return X509_NAME_cmp(a->cert_info.issuer, b->cert_info.issuer); in X509_issuer_name_cmp() 87 return X509_NAME_cmp(a->crl.issuer, b->crl.issuer); in X509_CRL_cmp() 105 return a->cert_info.issuer; in X509_get_issuer_name() 110 return X509_NAME_hash_ex(x->cert_info.issuer, NULL, NULL, NULL); in X509_issuer_name_hash() 116 return X509_NAME_hash_old(x->cert_info.issuer); in X509_issuer_name_hash_old() 355 x.cert_info.issuer = (X509_NAME *)name; /* won't modify it */ in X509_find_by_issuer_and_serial()
|
H A D | x509_vfy.c | 335 X509 *issuer, *rv = NULL; in find_issuer() local 338 issuer = sk_X509_value(sk, i); in find_issuer() 343 return issuer; in find_issuer() 346 rv = issuer; in find_issuer() 373 if (*issuer == NULL) in get_issuer_sk() 1499 X509 *issuer = NULL; in get_crl_delta() local 1539 X509 *issuer = NULL; in check_crl() local 1556 if (!ctx->check_issued(ctx, issuer, issuer) && in check_crl() 1561 if (issuer == NULL) in check_crl() 3077 X509 *curr, *issuer = NULL; in build_chain() local [all …]
|
H A D | x_crl.c | 31 const X509_NAME *issuer); 70 ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME), 119 rev->issuer = gens; 412 if (!rev->issuer) { in crl_revoked_issuer_match() 423 for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) { in crl_revoked_issuer_match() 424 GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i); in crl_revoked_issuer_match() 436 const X509_NAME *issuer) in def_crl_lookup() argument 463 if (crl_revoked_issuer_match(crl, issuer, rev)) { in def_crl_lookup() 487 const X509_NAME *issuer), in X509_CRL_METHOD_new() argument
|
/openssl/demos/certs/ |
H A D | ocspquery.sh | 11 $OPENSSL ocsp -issuer intca.pem -cert client.pem -CAfile root.pem \ 13 $OPENSSL ocsp -issuer intca.pem -cert server.pem -CAfile root.pem \ 15 $OPENSSL ocsp -issuer intca.pem -cert rev.pem -CAfile root.pem \ 19 $OPENSSL ocsp -issuer intca.pem \
|
/openssl/crypto/cms/ |
H A D | cms_kari.c | 59 X509_NAME **issuer, in CMS_RecipientInfo_kari_get0_orig_id() argument 69 if (issuer) in CMS_RecipientInfo_kari_get0_orig_id() 70 *issuer = NULL; in CMS_RecipientInfo_kari_get0_orig_id() 80 if (issuer) in CMS_RecipientInfo_kari_get0_orig_id() 81 *issuer = oik->d.issuerAndSerialNumber->issuer; in CMS_RecipientInfo_kari_get0_orig_id() 117 X509_NAME **issuer, ASN1_INTEGER **sno) in CMS_RecipientEncryptedKey_get0_id() argument 122 if (issuer) in CMS_RecipientEncryptedKey_get0_id() 123 *issuer = rid->d.issuerAndSerialNumber->issuer; in CMS_RecipientEncryptedKey_get0_id() 139 if (issuer) in CMS_RecipientEncryptedKey_get0_id() 140 *issuer = NULL; in CMS_RecipientEncryptedKey_get0_id()
|
/openssl/crypto/ess/ |
H A D | ess_lib.c | 83 if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) in ESS_CERT_ID_new_init() 180 if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) in ESS_CERT_ID_V2_new_init() 199 GENERAL_NAME *issuer; in ess_issuer_serial_cmp() local 201 if (is == NULL || cert == NULL || sk_GENERAL_NAME_num(is->issuer) != 1) in ess_issuer_serial_cmp() 204 issuer = sk_GENERAL_NAME_value(is->issuer, 0); in ess_issuer_serial_cmp() 205 if (issuer->type != GEN_DIRNAME in ess_issuer_serial_cmp() 206 || X509_NAME_cmp(issuer->d.dirn, X509_get_issuer_name(cert)) != 0) in ess_issuer_serial_cmp()
|
/openssl/crypto/crmf/ |
H A D | crmf_lib.c | 178 OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, in IMPLEMENT_CRMF_CTRL_FUNC() 183 if (issuer == NULL || serial == NULL) { in IMPLEMENT_CRMF_CTRL_FUNC() 191 if (!X509_NAME_set(&cid->issuer->d.directoryName, issuer)) in IMPLEMENT_CRMF_CTRL_FUNC() 193 cid->issuer->type = GEN_DIRNAME; in IMPLEMENT_CRMF_CTRL_FUNC() 562 return tmpl != NULL ? tmpl->issuer : NULL; in OSSL_CRMF_CERTTEMPLATE_get0_issuer() 574 return cid != NULL && cid->issuer->type == GEN_DIRNAME ? in OSSL_CRMF_CERTID_get0_issuer() 575 cid->issuer->d.directoryName : NULL; in OSSL_CRMF_CERTID_get0_issuer() 591 const X509_NAME *issuer, in OSSL_CRMF_CERTTEMPLATE_fill() argument 600 if (issuer != NULL && !X509_NAME_set((X509_NAME **)&tmpl->issuer, issuer)) in OSSL_CRMF_CERTTEMPLATE_fill()
|
/openssl/apps/ |
H A D | storeutl.c | 81 X509_NAME *subject = NULL, *issuer = NULL; in storeutl_main() local 169 && issuer != NULL)) { in storeutl_main() 175 if (issuer != NULL) { in storeutl_main() 180 issuer = parse_name(opt_arg(), MBSTRING_UTF8, 1, "issuer"); in storeutl_main() 181 if (issuer == NULL) in storeutl_main() 279 if (issuer == NULL || serial == NULL) { in storeutl_main() 285 if ((search = OSSL_STORE_SEARCH_by_issuer_serial(issuer, serial)) in storeutl_main() 330 X509_NAME_free(issuer); in storeutl_main()
|
/openssl/doc/man1/ |
H A D | openssl-crl.pod.in | 28 [B<-issuer>] 112 Output a hash of the issuer name. This can be use to lookup CRLs in 113 a directory by issuer name. 117 Outputs the "hash" of the CRL issuer name using the older algorithm 120 =item B<-issuer> 122 Output the issuer name.
|
/openssl/crypto/ocsp/ |
H A D | ocsp_lib.c | 23 const X509 *issuer) in OCSP_cert_to_id() argument 35 iname = X509_get_subject_name(issuer); in OCSP_cert_to_id() 38 ikey = X509_get0_pubkey_bitstr(issuer); in OCSP_cert_to_id()
|
/openssl/demos/certs/apps/ |
H A D | mkacerts.sh | 22 $OPENSSL x509 -nameopt oneline -subject -issuer >client.pem 29 $OPENSSL x509 -nameopt oneline -subject -issuer >server.pem 36 $OPENSSL x509 -nameopt oneline -subject -issuer >server2.pem
|
/openssl/include/crypto/ |
H A D | x509.h | 92 X509_NAME *issuer; /* CRL issuer name */ member 135 STACK_OF(GENERAL_NAME) *issuer; 164 X509_NAME *issuer; member 233 int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x); 235 int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
|