Home
last modified time | relevance | path

Searched refs:signer (Results 1 – 25 of 58) sorted by relevance

123

/openssl/test/recipes/80-test_cmp_http_data/
H A Dtest_credentials.csv9 1,empty ref but correct cert, -section,, -ref,"""",BLANK,, -cert,signer.crt, -key,signer.p12, -keyp…
15 0,keypass missing arg, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,,BLANK,…
16 0,keypass empty string, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:,…
17 1,keypass no prefix, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,12345,BLA…
18 0,keypass prefix wrong, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,:12345…
19 0,wrong keypass, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:123456,B…
23 0,no keypass, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12,BLANK,,BLANK,,BLANK,,BLANK…
38 1,default sha256, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,B…
39 1,digest sha256, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,BL…
41 0,digest missing arg, -section,,BLANK,,BLANK,, -cert,signer.crt, -key,signer.p12, -keypass,pass:123…
[all …]
H A Dtest_commands.csv107 1,profile, -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,BLANK,, -pro…
108 0,profile wrong value, -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:12345,…
109 0,profile missing argument, -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:1…
110 0,profile extra argument, -section,, -cmd,cr,, -cert,signer.crt, -key,signer.p12, -keypass,pass:123…
112 1,geninfo int, -section,, -cmd,cr,, -cert,signer.crt,, -key,signer.p12,, -ke…
113 1,geninfo str, -section,, -cmd,cr,, -cert,signer.crt,, -key,signer.p12,, -ke…
114 1,geninfo empty str, -section,, -cmd,cr,, -cert,signer.crt,, -key,signer.p12,, -ke…
116 0,geninfo missing argument, -section,, -cmd,cr,, -cert,signer.crt,, -key,signer.p12,, -ke…
118 0,geninfo invalid OID number string, -section,, -cmd,cr,, -cert,signer.crt,, -key,signer.p12,, -ke…
119 1,geninfo unknown OID number string, -section,, -cmd,cr,, -cert,signer.crt,, -key,signer.p12,, -ke…
[all …]
H A Dtest_verification.csv31 0,wrong srvcert and -trusted ignored, -section,, -recipient,"""",BLANK,, -srvcert,signer.crt,-trust…
38 …DN,BLANK,,BLANK,, -trusted,signer.crt,BLANK,,BLANK, -unprotected_errors,BLANK,,,,, -secret,"""", -…
/openssl/crypto/ocsp/
H A Docsp_vfy.c88 ret = OCSP_REQUEST_verify(req, skey, signer->libctx, signer->propq); in ocsp_verify()
90 ret = OCSP_BASICRESP_verify(bs, skey, signer->libctx, signer->propq); in ocsp_verify()
101 X509 *signer, *x; in OCSP_basic_verify() local
171 X509 *signer; in ocsp_find_signer() local
175 *psigner = signer; in ocsp_find_signer()
180 *psigner = signer; in ocsp_find_signer()
225 X509 *signer, *sca; in ocsp_check_issuer() local
388 X509 *signer; in OCSP_request_verify() local
425 X509 *signer; in ocsp_req_find_signer() local
429 if (signer != NULL) { in ocsp_req_find_signer()
[all …]
H A Docsp_srv.c168 X509 *signer, EVP_MD_CTX *ctx, in OCSP_basic_sign_ctx() argument
180 if (pkey == NULL || !X509_check_private_key(signer, pkey)) { in OCSP_basic_sign_ctx()
186 if (!OCSP_basic_add1_cert(brsp, signer) in OCSP_basic_sign_ctx()
193 if (!OCSP_RESPID_set_by_key(rid, signer)) in OCSP_basic_sign_ctx()
195 } else if (!OCSP_RESPID_set_by_name(rid, signer)) { in OCSP_basic_sign_ctx()
216 X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, in OCSP_basic_sign() argument
227 signer->libctx, signer->propq, key, NULL)) { in OCSP_basic_sign()
231 i = OCSP_basic_sign_ctx(brsp, signer, ctx, certs, flags); in OCSP_basic_sign()
H A Docsp_cl.c81 X509 *signer, in OCSP_request_sign() argument
86 if (!OCSP_request_set1_name(req, X509_get_subject_name(signer))) in OCSP_request_sign()
92 if (!X509_check_private_key(signer, key)) { in OCSP_request_sign()
97 if (!OCSP_REQUEST_sign(req, key, dgst, signer->libctx, signer->propq)) in OCSP_request_sign()
102 if (!OCSP_request_add1_cert(req, signer) in OCSP_request_sign()
/openssl/crypto/ts/
H A Dts_rsp_verify.c20 X509 *signer, STACK_OF(X509) **chain);
95 X509 *signer; in TS_RESP_verify_signature() local
128 signer = sk_X509_value(signers, 0); in TS_RESP_verify_signature()
136 if (!ts_verify_cert(store, untrusted, signer, &chain)) in TS_RESP_verify_signature()
146 j = PKCS7_signatureVerify(p7bio, token, si, signer); in TS_RESP_verify_signature()
153 *signer_out = signer; in TS_RESP_verify_signature()
154 X509_up_ref(signer); in TS_RESP_verify_signature()
172 X509 *signer, STACK_OF(X509) **chain) in ts_verify_cert() argument
295 X509 *signer = NULL; in int_ts_RESP_verify_token() local
338 && !ts_check_signer_name(ctx->tsa_name, signer)) { in int_ts_RESP_verify_token()
[all …]
/openssl/test/
H A Docspapitest.c115 X509 *signer = NULL, *tmp; in test_resp_signer() local
128 || !TEST_true(get_cert_and_key(&signer, &key)) in test_resp_signer()
129 || !TEST_true(sk_X509_push(extra_certs, signer)) in test_resp_signer()
130 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer()
134 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer()
142 || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), in test_resp_signer()
146 || !TEST_int_eq(X509_cmp(tmp, signer), 0)) in test_resp_signer()
152 X509_free(signer); in test_resp_signer()
/openssl/crypto/cms/
H A Dcms_sd.c357 X509_check_purpose(signer, -1, -1); in CMS_add1_signer()
359 X509_up_ref(signer); in CMS_add1_signer()
364 si->signer = signer; in CMS_add1_signer()
613 if (si->signer != NULL) { in STACK_OF()
626 if (signer != NULL) { in CMS_SignerInfo_set1_signer_cert()
627 X509_up_ref(signer); in CMS_SignerInfo_set1_signer_cert()
631 X509_free(si->signer); in CMS_SignerInfo_set1_signer_cert()
632 si->signer = signer; in CMS_SignerInfo_set1_signer_cert()
664 if (si->signer != NULL) in CMS_set1_signers_certs()
700 if (signer != NULL) in CMS_SignerInfo_get0_algs()
[all …]
/openssl/doc/man3/
H A DCMS_get0_SignerInfos.pod8 - CMS signedData signer functions
20 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
27 CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier
37 CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
42 B<signer>.
52 CMS. It will then obtain the signer certificate by some unspecified means
56 Once all signer certificates have been set CMS_verify() can be used.
H A DPKCS7_verify.pod21 in which to search for signer's certificates.
33 PKCS7_get0_signers() retrieves the signer's certificates from I<p7>, it does
50 An attempt is made to locate all the signer's certificates, first looking in
53 If any signer's certificates cannot be located the operation fails.
55 Each signer's certificate is chain verified using the B<smimesign> purpose and
75 searched when locating the signer's certificates.
85 If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
89 the signer's certificates) must be contained in the trusted store.
99 signer cannot be found.
109 signer it cannot be trusted without additional evidence (such as a trusted
[all …]
H A DOCSP_resp_find_status.pod40 int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
116 signed and that the signer certificate can be validated. It takes I<st> as
118 The function first tries to find the signer certificate of the response
121 It fails if the signer certificate cannot be found.
124 success if I<flags> contains B<OCSP_NOVERIFY> or if the signer certificate
126 Otherwise the function continues by validating the signer certificate.
133 and uses them for constructing the validation path for the signer certificate.
135 if the signer certificate contains the B<id-pkix-ocsp-no-check> extension.
138 Otherwise it verifies that the signer certificate meets the OCSP issuer
H A DPKCS7_sign_add_signer.pod19 PKCS7_sign_add_signer() adds a signer with certificate I<signcert> and private
45 digest value from the B<PKCS7> structure: to add a signer to an existing structure.
54 If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
55 B<PKCS7> structure, the signer's certificate must still be supplied in the
75 I<cert>, which may be an end-entity (signer) certificate
H A DCMS_add1_signer.pod5 CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure
19 CMS_add1_signer() adds a signer with certificate B<signcert> and private
51 digest value from the CMS_ContentInfo structure: to add a signer to an existing
61 If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
62 CMS_ContentInfo structure, the signer's certificate must still be supplied in
H A DPKCS7_sign.pod38 If B<PKCS7_NOCERTS> is set the signer's certificate and the extra I<certs>
40 The signer's certificate must still be supplied in the I<signcert> parameter
41 though. This can reduce the size of the signatures if the signer's certificates
82 If a signer is specified it will use the default digest for the signing
H A DCMS_verify.pod102 If B<CMS_CADES> is set, each signer certificate is checked against the
112 in the I<certs> parameter. In this case if the signer certificate is not one
114 signer cannot be found.
119 can be achieved by setting and verifying the signer certificates manually
130 signer it cannot be trusted without additional evidence (such as a trusted
H A DOCSP_response_status.pod28 int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
31 int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, X509 *signer, EVP_MD_CTX *ctx,
76 OCSP_basic_sign() signs OCSP response I<brsp> using certificate I<signer>, private key
/openssl/crypto/pkcs7/
H A Dpk7_smime.c221 X509 *signer; in PKCS7_verify() local
288 signer = sk_X509_value(signers, k); in PKCS7_verify()
346 signer = sk_X509_value(signers, i); in PKCS7_verify()
347 j = PKCS7_signatureVerify(p7bio, p7, si, signer); in PKCS7_verify()
374 X509 *signer; in STACK_OF() local
405 signer = NULL; in STACK_OF()
407 signer = X509_find_by_issuer_and_serial(certs, in STACK_OF()
409 if (signer == NULL && (flags & PKCS7_NOINTERN) == 0) in STACK_OF()
410 signer = X509_find_by_issuer_and_serial(included_certs, in STACK_OF()
412 if (signer == NULL) { in STACK_OF()
[all …]
/openssl/doc/man1/
H A Dopenssl-smime.pod.in23 [B<-signer> I<file>]
238 signer certificates and will be used for chain building.
242 =item B<-signer> I<file>
322 signer using the same message digest or this operation will fail.
370 -signer mycert.pem
375 -signer mycert.pem
386 -signer mycert.pem -signer othercert.pem
390 openssl smime -sign -in in.txt -text -signer mycert.pem \
406 openssl smime -sign -in ml.txt -signer my.pem -text \
438 Add a signer to an existing message:
[all …]
H A Dopenssl-cms.pod.in79 [B<-signer> I<file>]
93 [B<-signer> I<file>]
448 =item B<-signer> I<file>
451 used multiple times if more than one signer is required.
457 signer certificates and will be used for chain building.
515 =item B<-signer> I<file>
782 -signer mycert.pem
787 -signer mycert.pem
798 -signer mycert.pem -signer othercert.pem -keyid
818 openssl cms -sign -in ml.txt -signer my.pem -text \
[all …]
/openssl/test/recipes/80-test_cmp_http_data/Mock/
H A Dtest.cnf32 newkey = signer.key
38 cert = signer.crt
39 key = signer.p12
/openssl/apps/
H A Dsmime.c169 X509 *cert = NULL, *recip = NULL, *signer = NULL; in smime_main() local
606 signer = load_cert(signerfile, FORMAT_UNDEF, "signer certificate"); in smime_main()
607 if (signer == NULL) in smime_main()
613 if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags)) in smime_main()
615 X509_free(signer); in smime_main()
616 signer = NULL; in smime_main()
693 X509_free(signer); in smime_main()
H A Dts.c51 const EVP_MD *md, const char *signer, const char *chain,
57 const char *inkey, const EVP_MD *md, const char *signer,
169 char *inkey = NULL, *signer = NULL, *chain = NULL, *CApath = NULL; in ts_main() local
262 signer = opt_arg(); in ts_main()
335 password, inkey, md, signer, chain, policy, in ts_main()
592 const EVP_MD *md, const char *signer, const char *chain, in reply_command() argument
614 passin, inkey, md, signer, chain, policy); in reply_command()
700 const char *inkey, const EVP_MD *md, const char *signer, in create_response() argument
720 if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) in create_response()
H A Dcms.c293 X509 *cert = NULL, *recip = NULL, *signer = NULL, *originator = NULL; in cms_main() local
867 if ((signer = load_cert(signerfile, FORMAT_UNDEF, in cms_main()
1056 srcms = CMS_sign_receipt(si, signer, key, other, flags); in cms_main()
1096 signer = load_cert(signerfile, FORMAT_UNDEF, "signer certificate"); in cms_main()
1097 if (signer == NULL) { in cms_main()
1113 si = CMS_add1_signer(cms, signer, key, sign_md, tflags); in cms_main()
1124 X509_free(signer); in cms_main()
1125 signer = NULL; in cms_main()
1292 X509_free(signer); in cms_main()
/openssl/doc/internal/man3/
H A Dossl_cmp_msg_protect.pod35 If signature-based message protection is used it adds first the CMP signer cert
48 because I<ctx->chain> may get adapted to cache the chain of the CMP signer cert.

Completed in 40 milliseconds

123