| /openssl/doc/man3/ |
| H A D | SCT_new.pod | 38 SCT *SCT_new(void);
46 void SCT_free(SCT *sct);
47 void SCT_LIST_free(STACK_OF(SCT) *a);
59 uint64_t SCT_get_timestamp(const SCT *sct);
62 int SCT_get_signature_nid(const SCT *sct);
91 SCT_set_version() to set the SCT version.
157 The SCT extensions, base64 encoded.
161 The SCT signature, base64 encoded.
167 required for verifying the SCT.
169 SCT_free() frees the specified SCT.
[all …]
|
| H A D | SCT_validate.pod | 21 int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx);
22 int SCT_LIST_validate(const STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *ctx);
23 sct_validation_status_t SCT_get_validation_status(const SCT *sct);
27 SCT_validate() will check that an SCT is valid and verify its signature.
29 The result of the validation checks can be obtained by passing the SCT to
38 The certificate the SCT was issued for.
47 This is only required if the SCT was issued for a pre-certificate
53 A CTLOG_STORE that contains the CT log that issued this SCT.
72 failure. At a minimum, only one valid SCT may provide sufficient confidence
78 SCT fails validation, or 1 if the SCT passes validation.
[all …]
|
| H A D | SCT_print.pod | 12 void SCT_print(const SCT *sct, BIO *out, int indent, const CTLOG_STORE *logs);
13 void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
15 const char *SCT_validation_status_string(const SCT *sct);
19 SCT_print() prints a single Signed Certificate Timestamp (SCT) to a B<BIO> in
21 similar way. A separator can be specified to delimit each SCT in the output.
25 each SCT (if that log is in the CTLOG_STORE). Alternatively, NULL can be passed
28 SCT_validation_status_string() will return the validation status of an SCT as
30 beforehand in order to set the validation status of an SCT first.
35 the validation status of an B<SCT> object.
|
| H A D | o2i_SCT_LIST.pod | 12 STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
14 int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp);
15 SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len);
16 int i2o_SCT(const SCT *sct, unsigned char **out);
20 The SCT_LIST and SCT functions are very similar to the i2d and d2i family of
|
| H A D | CT_POLICY_EVAL_CTX_new.pod | 35 This policy may be, for example, that at least one valid SCT is available. To
36 determine this, an SCT's timestamp and signature must be verified.
43 the public key of the log that issued the SCT
47 the certificate that the SCT was issued for
51 the issuer certificate (if the SCT was issued for a pre-certificate)
96 The SCT timestamp will be compared to this time to check whether the SCT was
116 found in the TLS SCT extension or OCSP response.
|
| H A D | SSL_CTX_set_ct_validation_callback.pod | 16 const STACK_OF(SCT) *scts, void *arg);
60 Therefore, in applications that delay SCT policy enforcement until after
61 handshake completion, such delayed SCT checks should only be performed when the
101 When SCT processing is enabled, OCSP stapling will be enabled. This is because
110 be set if a custom client extension handler has been registered to handle SCT
|
| H A D | SSL_get0_peer_scts.pod | 11 const STACK_OF(SCT) *SSL_get0_peer_scts(SSL *s);
|
| H A D | CTLOG_STORE_get0_log_by_id.pod | 18 A Signed Certificate Timestamp (SCT) identifies the Certificate Transparency
|
| /openssl/include/openssl/ |
| H A D | ct.h.in | 44 generate_stack_macros("SCT")
141 * SCT functions *
145 * Creates a new, blank SCT.
148 SCT *SCT_new(void);
164 void SCT_free(SCT *sct);
178 * Set the version of an SCT.
209 * Set the log ID of an SCT.
370 STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
397 STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
419 * If the SCT is an unsupported version, only the SCT's 'sct' and 'sct_len'
[all …]
|
| H A D | types.h | 215 typedef struct sct_st SCT; typedef
|
| H A D | ssl.h.in | 2543 const STACK_OF(SCT) *scts, void *arg);
2550 * If a NULL |callback| is provided, SCT validation is disabled.
2582 * least one valid SCT, or else handshake termination will be requested. The
2595 const STACK_OF(SCT) *SSL_get0_peer_scts(SSL *s);
|
| /openssl/crypto/ct/ |
| H A D | ct_sct.c | 22 SCT *SCT_new(void) in SCT_new()
24 SCT *sct = OPENSSL_zalloc(sizeof(*sct)); in SCT_new()
34 void SCT_free(SCT *sct) in SCT_free()
46 void SCT_LIST_free(STACK_OF(SCT) *a) in SCT_LIST_free()
120 int SCT_set_signature_nid(SCT *sct, int nid) in SCT_set_signature_nid()
187 sct_version_t SCT_get_version(const SCT *sct) in SCT_get_version()
203 uint64_t SCT_get_timestamp(const SCT *sct) in SCT_get_timestamp()
208 int SCT_get_signature_nid(const SCT *sct) in SCT_get_signature_nid()
237 int SCT_is_complete(const SCT *sct) in SCT_is_complete()
255 sct_source_t SCT_get_source(const SCT *sct) in SCT_get_source()
[all …]
|
| H A D | ct_x509v3.c | 26 static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list, in i2r_SCT_LIST()
33 static int set_sct_list_source(STACK_OF(SCT) *s, sct_source_t source) in set_sct_list_source()
49 static STACK_OF(SCT) *x509_ext_d2i_SCT_LIST(STACK_OF(SCT) **a, in STACK_OF() argument
53 STACK_OF(SCT) *s = d2i_SCT_LIST(a, pp, len); in STACK_OF()
63 static STACK_OF(SCT) *ocsp_ext_d2i_SCT_LIST(STACK_OF(SCT) **a, in STACK_OF() argument
67 STACK_OF(SCT) *s = d2i_SCT_LIST(a, pp, len); in STACK_OF()
|
| H A D | ct_oct.c | 70 SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len) in o2i_SCT()
72 SCT *sct = NULL; in o2i_SCT()
153 int i2o_SCT_signature(const SCT *sct, unsigned char **out) in i2o_SCT_signature()
198 int i2o_SCT(const SCT *sct, unsigned char **out) in i2o_SCT()
253 STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, in STACK_OF() argument
256 STACK_OF(SCT) *sk = NULL; in STACK_OF()
275 SCT *sct; in STACK_OF()
284 SCT *sct; in STACK_OF()
317 int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp) in i2o_SCT_LIST()
370 STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, in STACK_OF() argument
[all …]
|
| H A D | ct_prn.c | 19 static void SCT_signature_algorithms_print(const SCT *sct, BIO *out) in SCT_signature_algorithms_print()
50 const char *SCT_validation_status_string(const SCT *sct) in SCT_validation_status_string()
70 void SCT_print(const SCT *sct, BIO *out, int indent, in SCT_print()
114 void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent, in SCT_LIST_print()
121 SCT *sct = sk_SCT_value(sct_list, i); in SCT_LIST_print()
|
| H A D | ct_local.h | 177 __owur int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct);
183 __owur int SCT_is_complete(const SCT *sct);
191 __owur int SCT_signature_is_complete(const SCT *sct);
201 __owur int i2o_SCT_signature(const SCT *sct, unsigned char **out);
212 __owur int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len);
|
| H A D | ct_vfy.c | 29 static int sct_ctx_update(EVP_MD_CTX *ctx, const SCT_CTX *sctx, const SCT *sct) in sct_ctx_update()
96 int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct) in SCT_CTX_verify()
|
| H A D | ct_b64.c | 61 SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64, in SCT_new_from_base64()
66 SCT *sct = SCT_new(); in SCT_new_from_base64()
|
| /openssl/test/ |
| H A D | ct_test.c | 48 STACK_OF(SCT) *sct_list;
126 static int compare_sct_list_printout(STACK_OF(SCT) *sct, in compare_sct_list_printout()
183 static int assert_validity(CT_TEST_FIXTURE *fixture, STACK_OF(SCT) *scts, in assert_validity()
194 SCT *sct_i = sk_SCT_value(scts, i); in assert_validity()
228 STACK_OF(SCT) *scts = NULL; in execute_cert_test()
229 SCT *sct = NULL; in execute_cert_test()
283 SCT *sct_i = sk_SCT_value(scts, i); in execute_cert_test()
447 SCT *sct = NULL; in test_encode_tls_sct()
|
| /openssl/fuzz/ |
| H A D | ct.c | 32 STACK_OF(SCT) *scts = d2i_SCT_LIST(NULL, pp, len); in FuzzerTestOneInput()
|
| /openssl/ssl/ |
| H A D | ssl_lib.c | 6247 static int ct_move_scts(STACK_OF(SCT) **dst, STACK_OF(SCT) *src, in ct_move_scts()
6251 SCT *sct = NULL; in ct_move_scts()
6286 STACK_OF(SCT) *scts = o2i_SCT_LIST(NULL, &p, s->ext.scts_len); in ct_extract_tls_extension_scts()
6311 STACK_OF(SCT) *scts = NULL; in ct_extract_ocsp_response_scts()
6361 STACK_OF(SCT) *scts = in ct_extract_x509v3_extension_scts()
6378 const STACK_OF(SCT) *SSL_get0_peer_scts(SSL *s) in STACK_OF() argument
6399 const STACK_OF(SCT) *scts, void *unused_arg) in ct_permissive()
6405 const STACK_OF(SCT) *scts, void *unused_arg) in ct_strict()
6411 SCT *sct = sk_SCT_value(scts, i); in ct_strict()
6495 const STACK_OF(SCT) *scts; in ssl_validate_ct()
|
| H A D | ssl_local.h | 1710 STACK_OF(SCT) *scts;
|
| /openssl/util/ |
| H A D | indent.pro | 370 -T SCT
|
| /openssl/apps/ |
| H A D | s_client.c | 3457 const STACK_OF(SCT) *scts = SSL_get0_peer_scts(s); in print_stuff()
3466 SCT *sct = sk_SCT_value(scts, i); in print_stuff()
|
