| /openssl/test/ |
| H A D | danetest.in | 55 issuer=
70 issuer=
85 issuer=
100 issuer=
115 issuer=
130 issuer=
145 issuer=
160 issuer=
1690 issuer= CN = CA2
1739 issuer= CN = CA2
[all …]
|
| H A D | ca-and-certs.cnf | 36 authorityKeyIdentifier = keyid,issuer:always
86 authorityKeyIdentifier = keyid:always,issuer:always
89 issuerAltName = issuer:copy
|
| H A D | dane-cross.in | 26 issuer=CN = CA
49 issuer=CN = Root CA
71 issuer=CN = Cross Root
93 issuer=CN = Cross Root
|
| H A D | ocspapitest.c | 195 X509 *issuer = NULL; in test_ocsp_url_svcloc_new() local
199 if (!TEST_true(get_cert(&issuer))) in test_ocsp_url_svcloc_new()
205 ext = OCSP_url_svcloc_new(X509_get_issuer_name(issuer), urls); in test_ocsp_url_svcloc_new()
212 X509_free(issuer); in test_ocsp_url_svcloc_new()
|
| /openssl/doc/man3/ |
| H A D | X509_check_issued.pod | 12 int X509_check_issued(X509 *issuer, X509 *subject);
18 using (CA) certificate I<issuer>. This function takes into account not only
19 matching of the issuer field of I<subject> with the subject field of I<issuer>,
22 serial number, and issuer fields of I<issuer>, as far as present. It also checks
23 if the B<keyUsage> field (if present) of I<issuer> allows certificate signing.
25 if the I<issuer> or the I<subject> are incomplete certificates.
|
| H A D | OCSP_cert_to_id.pod | 13 X509 *subject, X509 *issuer);
33 message digest B<dgst> for certificate B<subject> with issuer B<issuer>. If
37 issuer name B<issuerName>, issuer key hash B<issuerKey> and serial number
44 OCSP_id_issuer_cmp() compares only the issuer name of B<OCSP_CERTID> B<a> and B<b>.
46 OCSP_id_get0_info() returns the issuer name hash, hash OID, issuer key hash and
|
| H A D | X509_STORE_set_verify_cb_func.pod | 43 typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
46 X509 *x, X509 *issuer);
152 to I<*issuer> and then return 1.
158 certificate I<x> is issued by the issuer certificate I<issuer>.
160 been issued with I<issuer>) and 1 on success.
161 I<If no function to get the issuer is provided, the internal default
169 I<If no function to get the issuer is provided, the internal default
176 I<If no function to get the issuer is provided, the internal default
182 I<If no function to get the issuer is provided, the internal default
188 I<If no function to get the issuer is provided, the internal default
[all …]
|
| H A D | X509V3_set_ctx.pod | 12 void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
27 If I<subject> or I<crl> is provided, I<issuer> should point to its issuer, for
29 I<issuer> may be the same pointer value as I<subject> (which usually is an
40 X509V3_set_issuer_pkey() explicitly sets the issuer private key of
42 This should be done in case the I<issuer> and I<subject> arguments to
|
| H A D | X509_STORE_CTX_get_error.pod | 134 unable to decode issuer public key>
202 unable to get local issuer certificate>
204 The issuer certificate could not be found: this occurs if the issuer certificate
242 =item B<X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
245 did not match the issuer name of the current certificate.
255 authority and issuer serial number mismatch>
257 The current candidate issuer certificate was rejected because its issuer name
332 Unable to get CRL issuer certificate.
410 =item B<X509_V_ERR_STORE_LOOKUP: issuer certificate lookup error>
437 The issuer certificate does not have a public key.
[all …]
|
| /openssl/crypto/ct/ |
| H A D | ct_policy.c | 65 X509_free(ctx->issuer); in CT_POLICY_EVAL_CTX_free()
78 int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer) in CT_POLICY_EVAL_CTX_set1_issuer() argument
80 if (!X509_up_ref(issuer)) in CT_POLICY_EVAL_CTX_set1_issuer()
82 ctx->issuer = issuer; in CT_POLICY_EVAL_CTX_set1_issuer()
104 return ctx->issuer; in CT_POLICY_EVAL_CTX_get0_issuer()
|
| /openssl/crypto/x509/ |
| H A D | v3_akid.c | 52 if (!X509V3_add_value((akeyid->issuer || akeyid->serial) ? "keyid" : NULL, in STACK_OF()
60 if (akeyid->issuer) { in STACK_OF()
61 tmpextlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist); in STACK_OF()
100 char keyid = 0, issuer = 0; in v2i_AUTHORITY_KEYID() local
131 } else if (strcmp(cnf->name, "issuer") == 0 && issuer == 0) { in v2i_AUTHORITY_KEYID()
132 issuer = 1; in v2i_AUTHORITY_KEYID()
134 issuer = 2; in v2i_AUTHORITY_KEYID()
196 if (issuer == 2 || (issuer == 1 && !ss && ikeyid == NULL)) { in v2i_AUTHORITY_KEYID()
216 akeyid->issuer = gens; in v2i_AUTHORITY_KEYID()
|
| H A D | v3_purp.c | 943 int X509_check_issued(X509 *issuer, X509 *subject) in X509_check_issued() argument
949 return ossl_x509_signing_allowed(issuer, subject); in X509_check_issued()
957 if (X509_NAME_cmp(X509_get_subject_name(issuer), in ossl_x509_likely_issued()
962 if (!ossl_x509v3_cache_extensions(issuer) in ossl_x509_likely_issued()
966 ret = X509_check_akid(issuer, subject->akid); in ossl_x509_likely_issued()
984 if (ku_reject(issuer, KU_DIGITAL_SIGNATURE)) in ossl_x509_signing_allowed()
986 } else if (ku_reject(issuer, KU_KEY_CERT_SIGN)) { in ossl_x509_signing_allowed()
998 if (akid->keyid && issuer->skid && in X509_check_akid()
1006 if (akid->issuer) { in X509_check_akid()
1012 GENERAL_NAMES *gens = akid->issuer; in X509_check_akid()
[all …]
|
| H A D | x509_local.h | 70 const ASN1_INTEGER *ser, const X509_NAME *issuer);
127 int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
129 int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
158 int ossl_x509_likely_issued(X509 *issuer, X509 *subject);
159 int ossl_x509_signing_allowed(const X509 *issuer, const X509 *subject);
|
| H A D | x509_cmp.c | 33 return X509_NAME_cmp(ai->issuer, bi->issuer); in X509_issuer_and_serial_cmp()
47 f = X509_NAME_oneline(a->cert_info.issuer, NULL, 0); in X509_issuer_and_serial_hash()
77 return X509_NAME_cmp(a->cert_info.issuer, b->cert_info.issuer); in X509_issuer_name_cmp()
87 return X509_NAME_cmp(a->crl.issuer, b->crl.issuer); in X509_CRL_cmp()
105 return a->cert_info.issuer; in X509_get_issuer_name()
110 return X509_NAME_hash_ex(x->cert_info.issuer, NULL, NULL, NULL); in X509_issuer_name_hash()
116 return X509_NAME_hash_old(x->cert_info.issuer); in X509_issuer_name_hash_old()
355 x.cert_info.issuer = (X509_NAME *)name; /* won't modify it */ in X509_find_by_issuer_and_serial()
|
| H A D | x509_vfy.c | 335 X509 *issuer, *rv = NULL; in find_issuer() local
338 issuer = sk_X509_value(sk, i); in find_issuer()
343 return issuer; in find_issuer()
346 rv = issuer; in find_issuer()
373 if (*issuer == NULL) in get_issuer_sk()
1499 X509 *issuer = NULL; in get_crl_delta() local
1539 X509 *issuer = NULL; in check_crl() local
1556 if (!ctx->check_issued(ctx, issuer, issuer) && in check_crl()
1561 if (issuer == NULL) in check_crl()
3077 X509 *curr, *issuer = NULL; in build_chain() local
[all …]
|
| H A D | x_crl.c | 31 const X509_NAME *issuer);
70 ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME),
119 rev->issuer = gens;
412 if (!rev->issuer) { in crl_revoked_issuer_match()
423 for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) { in crl_revoked_issuer_match()
424 GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i); in crl_revoked_issuer_match()
436 const X509_NAME *issuer) in def_crl_lookup() argument
463 if (crl_revoked_issuer_match(crl, issuer, rev)) { in def_crl_lookup()
487 const X509_NAME *issuer), in X509_CRL_METHOD_new() argument
|
| /openssl/demos/certs/ |
| H A D | ocspquery.sh | 11 $OPENSSL ocsp -issuer intca.pem -cert client.pem -CAfile root.pem \
13 $OPENSSL ocsp -issuer intca.pem -cert server.pem -CAfile root.pem \
15 $OPENSSL ocsp -issuer intca.pem -cert rev.pem -CAfile root.pem \
19 $OPENSSL ocsp -issuer intca.pem \
|
| /openssl/crypto/cms/ |
| H A D | cms_kari.c | 59 X509_NAME **issuer, in CMS_RecipientInfo_kari_get0_orig_id() argument
69 if (issuer) in CMS_RecipientInfo_kari_get0_orig_id()
70 *issuer = NULL; in CMS_RecipientInfo_kari_get0_orig_id()
80 if (issuer) in CMS_RecipientInfo_kari_get0_orig_id()
81 *issuer = oik->d.issuerAndSerialNumber->issuer; in CMS_RecipientInfo_kari_get0_orig_id()
117 X509_NAME **issuer, ASN1_INTEGER **sno) in CMS_RecipientEncryptedKey_get0_id() argument
122 if (issuer) in CMS_RecipientEncryptedKey_get0_id()
123 *issuer = rid->d.issuerAndSerialNumber->issuer; in CMS_RecipientEncryptedKey_get0_id()
139 if (issuer) in CMS_RecipientEncryptedKey_get0_id()
140 *issuer = NULL; in CMS_RecipientEncryptedKey_get0_id()
|
| /openssl/crypto/ess/ |
| H A D | ess_lib.c | 83 if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) in ESS_CERT_ID_new_init()
180 if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) in ESS_CERT_ID_V2_new_init()
199 GENERAL_NAME *issuer; in ess_issuer_serial_cmp() local
201 if (is == NULL || cert == NULL || sk_GENERAL_NAME_num(is->issuer) != 1) in ess_issuer_serial_cmp()
204 issuer = sk_GENERAL_NAME_value(is->issuer, 0); in ess_issuer_serial_cmp()
205 if (issuer->type != GEN_DIRNAME in ess_issuer_serial_cmp()
206 || X509_NAME_cmp(issuer->d.dirn, X509_get_issuer_name(cert)) != 0) in ess_issuer_serial_cmp()
|
| /openssl/crypto/crmf/ |
| H A D | crmf_lib.c | 178 OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, in IMPLEMENT_CRMF_CTRL_FUNC()
183 if (issuer == NULL || serial == NULL) { in IMPLEMENT_CRMF_CTRL_FUNC()
191 if (!X509_NAME_set(&cid->issuer->d.directoryName, issuer)) in IMPLEMENT_CRMF_CTRL_FUNC()
193 cid->issuer->type = GEN_DIRNAME; in IMPLEMENT_CRMF_CTRL_FUNC()
562 return tmpl != NULL ? tmpl->issuer : NULL; in OSSL_CRMF_CERTTEMPLATE_get0_issuer()
574 return cid != NULL && cid->issuer->type == GEN_DIRNAME ? in OSSL_CRMF_CERTID_get0_issuer()
575 cid->issuer->d.directoryName : NULL; in OSSL_CRMF_CERTID_get0_issuer()
591 const X509_NAME *issuer, in OSSL_CRMF_CERTTEMPLATE_fill() argument
600 if (issuer != NULL && !X509_NAME_set((X509_NAME **)&tmpl->issuer, issuer)) in OSSL_CRMF_CERTTEMPLATE_fill()
|
| /openssl/apps/ |
| H A D | storeutl.c | 81 X509_NAME *subject = NULL, *issuer = NULL; in storeutl_main() local
169 && issuer != NULL)) { in storeutl_main()
175 if (issuer != NULL) { in storeutl_main()
180 issuer = parse_name(opt_arg(), MBSTRING_UTF8, 1, "issuer"); in storeutl_main()
181 if (issuer == NULL) in storeutl_main()
279 if (issuer == NULL || serial == NULL) { in storeutl_main()
285 if ((search = OSSL_STORE_SEARCH_by_issuer_serial(issuer, serial)) in storeutl_main()
330 X509_NAME_free(issuer); in storeutl_main()
|
| /openssl/doc/man1/ |
| H A D | openssl-crl.pod.in | 28 [B<-issuer>]
112 Output a hash of the issuer name. This can be use to lookup CRLs in
113 a directory by issuer name.
117 Outputs the "hash" of the CRL issuer name using the older algorithm
120 =item B<-issuer>
122 Output the issuer name.
|
| /openssl/crypto/ocsp/ |
| H A D | ocsp_lib.c | 23 const X509 *issuer) in OCSP_cert_to_id() argument
35 iname = X509_get_subject_name(issuer); in OCSP_cert_to_id()
38 ikey = X509_get0_pubkey_bitstr(issuer); in OCSP_cert_to_id()
|
| /openssl/demos/certs/apps/ |
| H A D | mkacerts.sh | 22 $OPENSSL x509 -nameopt oneline -subject -issuer >client.pem
29 $OPENSSL x509 -nameopt oneline -subject -issuer >server.pem
36 $OPENSSL x509 -nameopt oneline -subject -issuer >server2.pem
|
| /openssl/include/crypto/ |
| H A D | x509.h | 92 X509_NAME *issuer; /* CRL issuer name */ member
135 STACK_OF(GENERAL_NAME) *issuer;
164 X509_NAME *issuer; member
233 int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
235 int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
|
