/openssl/test/recipes/80-test_cmp_http_data/ |
H A D | test_credentials.csv | 9 1,empty ref but correct cert, -section,, -ref,"""",BLANK,, -cert,signer.crt, -key,signer.p12, -keyp… 15 0,keypass missing arg, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,,BLANK,… 16 0,keypass empty string, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:,… 17 1,keypass no prefix, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,12345,BLA… 18 0,keypass prefix wrong, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,:12345… 19 0,wrong keypass, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:123456,B… 23 0,no keypass, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12,BLANK,,BLANK,,BLANK,,BLANK… 38 1,default sha256, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,B… 39 1,digest sha256, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,BL… 41 0,digest missing arg, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:123… [all …]
|
H A D | test_commands.csv | 50 1,geninfo, -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,BLANK,, -gen… 51 0,geninfo missing argument, -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:1… 52 0,geninfo bad syntax: leading '.', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass… 53 0,geninfo bad syntax: missing ':', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass… 54 0,geninfo bad syntax: double ':', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,… 55 0,geninfo bad syntax: missing ':int', -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keyp…
|
H A D | test_verification.csv | 26 0,wrong srvcert, -section,, -recipient,"""",BLANK,, -srvcert,signer.crt, -trusted,"""",BLANK,,BLANK… 32 …A_DN,BLANK,,BLANK,, -trusted,signer.crt,BLANK,,BLANK, -unprotected_errors,BLANK, -secret,"""", -ce…
|
/openssl/crypto/ocsp/ |
H A D | ocsp_vfy.c | 88 ret = OCSP_REQUEST_verify(req, skey, signer->libctx, signer->propq); in ocsp_verify() 90 ret = OCSP_BASICRESP_verify(bs, skey, signer->libctx, signer->propq); in ocsp_verify() 101 X509 *signer, *x; in OCSP_basic_verify() local 171 X509 *signer; in ocsp_find_signer() local 175 *psigner = signer; in ocsp_find_signer() 180 *psigner = signer; in ocsp_find_signer() 225 X509 *signer, *sca; in ocsp_check_issuer() local 388 X509 *signer; in OCSP_request_verify() local 425 X509 *signer; in ocsp_req_find_signer() local 429 if (signer != NULL) { in ocsp_req_find_signer() [all …]
|
H A D | ocsp_srv.c | 168 X509 *signer, EVP_MD_CTX *ctx, in OCSP_basic_sign_ctx() argument 180 if (pkey == NULL || !X509_check_private_key(signer, pkey)) { in OCSP_basic_sign_ctx() 186 if (!OCSP_basic_add1_cert(brsp, signer) in OCSP_basic_sign_ctx() 193 if (!OCSP_RESPID_set_by_key(rid, signer)) in OCSP_basic_sign_ctx() 195 } else if (!OCSP_RESPID_set_by_name(rid, signer)) { in OCSP_basic_sign_ctx() 216 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, in OCSP_basic_sign() argument 227 signer->libctx, signer->propq, key, NULL)) { in OCSP_basic_sign() 231 i = OCSP_basic_sign_ctx(brsp, signer, ctx, certs, flags); in OCSP_basic_sign()
|
H A D | ocsp_cl.c | 81 X509 *signer, in OCSP_request_sign() argument 86 if (!OCSP_request_set1_name(req, X509_get_subject_name(signer))) in OCSP_request_sign() 92 if (!X509_check_private_key(signer, key)) { in OCSP_request_sign() 97 if (!OCSP_REQUEST_sign(req, key, dgst, signer->libctx, signer->propq)) in OCSP_request_sign() 102 if (!OCSP_request_add1_cert(req, signer) in OCSP_request_sign()
|
/openssl/crypto/ts/ |
H A D | ts_rsp_verify.c | 20 X509 *signer, STACK_OF(X509) **chain); 95 X509 *signer; in TS_RESP_verify_signature() local 128 signer = sk_X509_value(signers, 0); in TS_RESP_verify_signature() 136 if (!ts_verify_cert(store, untrusted, signer, &chain)) in TS_RESP_verify_signature() 146 j = PKCS7_signatureVerify(p7bio, token, si, signer); in TS_RESP_verify_signature() 153 *signer_out = signer; in TS_RESP_verify_signature() 154 X509_up_ref(signer); in TS_RESP_verify_signature() 172 X509 *signer, STACK_OF(X509) **chain) in ts_verify_cert() argument 295 X509 *signer = NULL; in int_ts_RESP_verify_token() local 338 && !ts_check_signer_name(ctx->tsa_name, signer)) { in int_ts_RESP_verify_token() [all …]
|
/openssl/test/ |
H A D | ocspapitest.c | 115 X509 *signer = NULL, *tmp; in test_resp_signer() local 128 || !TEST_true(get_cert_and_key(&signer, &key)) in test_resp_signer() 129 || !TEST_true(sk_X509_push(extra_certs, signer)) in test_resp_signer() 130 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer() 134 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer() 142 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer() 146 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer() 152 X509_free(signer); in test_resp_signer()
|
/openssl/crypto/pkcs7/ |
H A D | pk7_smime.c | 217 X509 *signer; in PKCS7_verify() local 276 signer = sk_X509_value(signers, k); in PKCS7_verify() 340 signer = sk_X509_value(signers, i); in PKCS7_verify() 341 j = PKCS7_signatureVerify(p7bio, p7, si, signer); in PKCS7_verify() 367 X509 *signer; in STACK_OF() local 397 signer = NULL; in STACK_OF() 400 signer = X509_find_by_issuer_and_serial(certs, in STACK_OF() 402 if (!signer && !(flags & PKCS7_NOINTERN) in STACK_OF() 404 signer = in STACK_OF() 407 if (!signer) { in STACK_OF() [all …]
|
/openssl/crypto/cms/ |
H A D | cms_sd.c | 355 X509_check_purpose(signer, -1, -1); in CMS_add1_signer() 357 X509_up_ref(signer); in CMS_add1_signer() 362 si->signer = signer; in CMS_add1_signer() 595 if (si->signer != NULL) { in STACK_OF() 608 if (signer != NULL) { in CMS_SignerInfo_set1_signer_cert() 609 X509_up_ref(signer); in CMS_SignerInfo_set1_signer_cert() 613 X509_free(si->signer); in CMS_SignerInfo_set1_signer_cert() 614 si->signer = signer; in CMS_SignerInfo_set1_signer_cert() 646 if (si->signer != NULL) in CMS_set1_signers_certs() 682 if (signer != NULL) in CMS_SignerInfo_get0_algs() [all …]
|
H A D | cms_smime.c | 268 X509 *signer; in cms_signerinfo_verify_cert() local 277 CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); in cms_signerinfo_verify_cert() 278 if (!X509_STORE_CTX_init(ctx, store, signer, certs)) { in cms_signerinfo_verify_cert() 312 X509 *signer; in CMS_verify() local 338 CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); in CMS_verify() 339 if (signer) in CMS_verify()
|
/openssl/doc/man3/ |
H A D | CMS_get0_SignerInfos.pod | 8 - CMS signedData signer functions 20 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer); 27 CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier 37 CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer 42 B<signer>. 52 CMS. It will then obtain the signer certificate by some unspecified means 56 Once all signer certificates have been set CMS_verify() can be used.
|
H A D | PKCS7_verify.pod | 20 the signer's certificate. B<store> is a trusted certificate store (used for 28 PKCS7_get0_signers() retrieves the signer's certificates from B<p7>, it does 45 An attempt is made to locate all the signer's certificates, first looking in 47 contained in the B<p7> structure itself. If any signer's certificates cannot be 50 Each signer's certificate is chain verified using the B<smimesign> purpose and 64 searched when locating the signer's certificate. This means that all the signers 71 If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified. 75 the signer's certificate) must be contained in the trusted store. 83 in the B<certs> parameter. In this case if the signer is not one of the 85 signer cannot be found. [all …]
|
H A D | PKCS7_sign_add_signer.pod | 5 PKCS7_sign_add_signer - add a signer PKCS7 signed data structure 17 PKCS7_sign_add_signer() adds a signer with certificate B<signcert> and private 44 digest value from the PKCS7 structure: to add a signer to an existing structure. 53 If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the 54 PKCS7 structure, the signer's certificate must still be supplied in the
|
H A D | OCSP_resp_find_status.pod | 40 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, 116 signed and that the signer certificate can be validated. It takes I<st> as 118 The function first tries to find the signer certificate of the response 121 It fails if the signer certificate cannot be found. 124 success if I<flags> contains B<OCSP_NOVERIFY> or if the signer certificate 126 Otherwise the function continues by validating the signer certificate. 133 and uses them for constructing the validation path for the signer certificate. 135 if the signer certificate contains the B<id-pkix-ocsp-no-check> extension. 138 Otherwise it verifies that the signer certificate meets the OCSP issuer
|
H A D | CMS_add1_signer.pod | 5 CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure 19 CMS_add1_signer() adds a signer with certificate B<signcert> and private 51 digest value from the CMS_ContentInfo structure: to add a signer to an existing 61 If B<CMS_NOCERTS> is set the signer's certificate will not be included in the 62 CMS_ContentInfo structure, the signer's certificate must still be supplied in
|
H A D | OCSP_response_status.pod | 28 int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key, 31 int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx, 75 OCSP_basic_sign() signs OCSP response I<brsp> using certificate I<signer>, private key
|
H A D | CMS_verify.pod | 93 If B<CMS_CADES> is set, each signer certificate is checked against the 103 in the I<certs> parameter. In this case if the signer is not one of the 105 signer cannot be found. 121 signer it cannot be trusted without additional evidence (such as a trusted
|
H A D | OCSP_REQUEST_new.pod | 19 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, 39 B<signer>, private key B<key>, digest B<dgst> and additional certificates
|
/openssl/doc/man1/ |
H A D | openssl-smime.pod.in | 23 [B<-signer> I<file>] 239 =item B<-signer> I<file> 327 signer using the same message digest or this operation will fail. 375 -signer mycert.pem 380 -signer mycert.pem 386 -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem 391 -signer mycert.pem -signer othercert.pem 395 openssl smime -sign -in in.txt -text -signer mycert.pem \ 411 openssl smime -sign -in ml.txt -signer my.pem -text \ 443 Add a signer to an existing message: [all …]
|
H A D | openssl-cms.pod.in | 79 [B<-signer> I<file>] 93 [B<-signer> I<file>] 448 =item B<-signer> I<file> 451 used multiple times if more than one signer is required. 514 =item B<-signer> I<file> 781 -signer mycert.pem 786 -signer mycert.pem 797 -signer mycert.pem -signer othercert.pem -keyid 817 openssl cms -sign -in ml.txt -signer my.pem -text \ 849 Add a signer to an existing message: [all …]
|
/openssl/test/recipes/80-test_cmp_http_data/Mock/ |
H A D | test.cnf | 32 newkey = signer.key 38 cert = signer.crt 39 key = signer.p12
|
/openssl/apps/ |
H A D | smime.c | 140 X509 *cert = NULL, *recip = NULL, *signer = NULL; in smime_main() local 576 signer = load_cert(signerfile, FORMAT_UNDEF, "signer certificate"); in smime_main() 577 if (signer == NULL) in smime_main() 583 if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags)) in smime_main() 585 X509_free(signer); in smime_main() 586 signer = NULL; in smime_main() 663 X509_free(signer); in smime_main()
|
H A D | ts.c | 51 const EVP_MD *md, const char *signer, const char *chain, 57 const char *inkey, const EVP_MD *md, const char *signer, 169 char *inkey = NULL, *signer = NULL, *chain = NULL, *CApath = NULL; in ts_main() local 262 signer = opt_arg(); in ts_main() 335 password, inkey, md, signer, chain, policy, in ts_main() 590 const EVP_MD *md, const char *signer, const char *chain, in reply_command() argument 612 passin, inkey, md, signer, chain, policy); in reply_command() 698 const char *inkey, const EVP_MD *md, const char *signer, in create_response() argument 718 if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) in create_response()
|
H A D | cms.c | 290 X509 *cert = NULL, *recip = NULL, *signer = NULL, *originator = NULL; in cms_main() local 872 if ((signer = load_cert(signerfile, FORMAT_UNDEF, in cms_main() 1060 srcms = CMS_sign_receipt(si, signer, key, other, flags); in cms_main() 1100 signer = load_cert(signerfile, FORMAT_UNDEF, "signer certificate"); in cms_main() 1101 if (signer == NULL) { in cms_main() 1117 si = CMS_add1_signer(cms, signer, key, sign_md, tflags); in cms_main() 1128 X509_free(signer); in cms_main() 1129 signer = NULL; in cms_main() 1296 X509_free(signer); in cms_main()
|