crypto/heimdal/kdc/kx509.c
158
hx509_cert cert = NULL;
crypto/heimdal/kdc/kx509.c
261
ret = hx509_ca_sign(context->hx509ctx, tbs, signer, &cert);
crypto/heimdal/kdc/kx509.c
268
ret = hx509_cert_binary(context->hx509ctx, cert, certificate);
crypto/heimdal/kdc/kx509.c
269
hx509_cert_free(cert);
crypto/heimdal/kdc/pkinit.c
1023
hx509_cert cert;
crypto/heimdal/kdc/pkinit.c
1036
&cert);
crypto/heimdal/kdc/pkinit.c
1047
cert,
crypto/heimdal/kdc/pkinit.c
1052
*kdc_cert = cert;
crypto/heimdal/kdc/pkinit.c
1071
cp->cert,
crypto/heimdal/kdc/pkinit.c
1108
hx509_cert cert;
crypto/heimdal/kdc/pkinit.c
1194
&cert);
crypto/heimdal/kdc/pkinit.c
1205
cert,
crypto/heimdal/kdc/pkinit.c
1214
*kdc_cert = cert;
crypto/heimdal/kdc/pkinit.c
1723
if (cp->cert == NULL) {
crypto/heimdal/kdc/pkinit.c
1732
cp->cert,
crypto/heimdal/kdc/pkinit.c
174
if (cp->cert)
crypto/heimdal/kdc/pkinit.c
1748
hx509_cert cert;
crypto/heimdal/kdc/pkinit.c
175
hx509_cert_free(cp->cert);
crypto/heimdal/kdc/pkinit.c
1753
pc->val[j].cert.data,
crypto/heimdal/kdc/pkinit.c
1754
pc->val[j].cert.length,
crypto/heimdal/kdc/pkinit.c
1755
&cert);
crypto/heimdal/kdc/pkinit.c
1758
ret = hx509_cert_cmp(cert, cp->cert);
crypto/heimdal/kdc/pkinit.c
1759
hx509_cert_free(cert);
crypto/heimdal/kdc/pkinit.c
1772
cp->cert,
crypto/heimdal/kdc/pkinit.c
1781
cp->cert,
crypto/heimdal/kdc/pkinit.c
1993
hx509_cert cert;
crypto/heimdal/kdc/pkinit.c
2008
&cert);
crypto/heimdal/kdc/pkinit.c
2011
if (hx509_cert_check_eku(context->hx509ctx, cert,
crypto/heimdal/kdc/pkinit.c
2015
ret = hx509_cert_get_subject(cert, &name);
crypto/heimdal/kdc/pkinit.c
2025
hx509_cert_free(cert);
crypto/heimdal/kdc/pkinit.c
545
hx509_cert cert;
crypto/heimdal/kdc/pkinit.c
550
pc->val[i].cert.data,
crypto/heimdal/kdc/pkinit.c
551
pc->val[i].cert.length,
crypto/heimdal/kdc/pkinit.c
552
&cert);
crypto/heimdal/kdc/pkinit.c
555
hx509_certs_add(context->hx509ctx, trust_anchors, cert);
crypto/heimdal/kdc/pkinit.c
556
hx509_cert_free(cert);
crypto/heimdal/kdc/pkinit.c
63
hx509_cert cert;
crypto/heimdal/kdc/pkinit.c
648
hx509_cert cert;
crypto/heimdal/kdc/pkinit.c
679
&cert);
crypto/heimdal/kdc/pkinit.c
684
cp->client_anchors, cert);
crypto/heimdal/kdc/pkinit.c
685
hx509_cert_free(cert);
crypto/heimdal/kdc/pkinit.c
748
&cp->cert);
crypto/heimdal/lib/asn1/check-gen.c
558
const char *cert;
crypto/heimdal/lib/asn1/check-gen.c
655
ret = decode_Certificate((unsigned char *)certs[i].cert,
crypto/heimdal/lib/hx509/ca.c
225
hx509_cert cert)
crypto/heimdal/lib/hx509/ca.c
232
ret = hx509_cert_get_subject(cert, &tbs->subject);
crypto/heimdal/lib/hx509/ca.c
241
ret = hx509_cert_get_serialnumber(cert, &tbs->serial);
crypto/heimdal/lib/hx509/ca.c
250
tbs->notBefore = hx509_cert_get_notBefore(cert);
crypto/heimdal/lib/hx509/ca.c
252
tbs->notAfter = hx509_cert_get_notAfter(cert);
crypto/heimdal/lib/hx509/ca.c
255
ret = hx509_cert_get_SPKI(context, cert, &tbs->spki);
crypto/heimdal/lib/hx509/ca.c
262
ret = _hx509_cert_get_keyusage(context, cert, &ku);
crypto/heimdal/lib/hx509/ca.c
270
ret = _hx509_cert_get_eku(context, cert, &eku);
crypto/heimdal/lib/hx509/cert.c
1000
const hx509_cert cert)
crypto/heimdal/lib/hx509/cert.c
1012
q.certificate = _hx509_get_cert(cert);
crypto/heimdal/lib/hx509/cert.c
1022
const Certificate *cert,
crypto/heimdal/lib/hx509/cert.c
1026
ret = _hx509_name_cmp(&cert->tbsCertificate.subject,
crypto/heimdal/lib/hx509/cert.c
1027
&cert->tbsCertificate.issuer, &diff);
crypto/heimdal/lib/hx509/cert.c
1033
ret = _hx509_self_signed_valid(context, &cert->signatureAlgorithm);
crypto/heimdal/lib/hx509/cert.c
1144
const Certificate *cert,
crypto/heimdal/lib/hx509/cert.c
1156
e = find_extension(cert, &asn1_oid_id_pkix_pe_proxyCertInfo, &i);
crypto/heimdal/lib/hx509/cert.c
1189
_hx509_path_append(hx509_context context, hx509_path *path, hx509_cert cert)
crypto/heimdal/lib/hx509/cert.c
1199
path->val[path->len] = hx509_cert_ref(cert);
crypto/heimdal/lib/hx509/cert.c
1240
hx509_cert cert,
crypto/heimdal/lib/hx509/cert.c
1250
ret = _hx509_path_append(context, path, cert);
crypto/heimdal/lib/hx509/cert.c
1254
current = hx509_cert_ref(cert);
crypto/heimdal/lib/hx509/cert.c
1519
const heim_bit_string *cert, heim_bit_string *subject)
crypto/heimdal/lib/hx509/cert.c
1523
if (cert == NULL) {
crypto/heimdal/lib/hx509/cert.c
1528
ret = der_copy_bit_string(cert, subject);
crypto/heimdal/lib/hx509/cert.c
191
_hx509_get_cert(hx509_cert cert)
crypto/heimdal/lib/hx509/cert.c
193
return cert->data;
crypto/heimdal/lib/hx509/cert.c
1975
hx509_cert cert,
crypto/heimdal/lib/hx509/cert.c
2017
cert, pool, &path);
crypto/heimdal/lib/hx509/cert.c
2197
if (cert->basename)
crypto/heimdal/lib/hx509/cert.c
2198
hx509_name_free(&cert->basename);
crypto/heimdal/lib/hx509/cert.c
220
hx509_cert_init(hx509_context context, const Certificate *c, hx509_cert *cert)
crypto/heimdal/lib/hx509/cert.c
2200
ret = _hx509_name_from_Name(&proxy_issuer, &cert->basename);
crypto/heimdal/lib/hx509/cert.c
224
*cert = malloc(sizeof(**cert));
crypto/heimdal/lib/hx509/cert.c
225
if (*cert == NULL)
crypto/heimdal/lib/hx509/cert.c
227
(*cert)->ref = 1;
crypto/heimdal/lib/hx509/cert.c
228
(*cert)->friendlyname = NULL;
crypto/heimdal/lib/hx509/cert.c
229
(*cert)->attrs.len = 0;
crypto/heimdal/lib/hx509/cert.c
230
(*cert)->attrs.val = NULL;
crypto/heimdal/lib/hx509/cert.c
231
(*cert)->private_key = NULL;
crypto/heimdal/lib/hx509/cert.c
232
(*cert)->basename = NULL;
crypto/heimdal/lib/hx509/cert.c
233
(*cert)->release = NULL;
crypto/heimdal/lib/hx509/cert.c
234
(*cert)->ctx = NULL;
crypto/heimdal/lib/hx509/cert.c
236
(*cert)->data = calloc(1, sizeof(*(*cert)->data));
crypto/heimdal/lib/hx509/cert.c
237
if ((*cert)->data == NULL) {
crypto/heimdal/lib/hx509/cert.c
238
free(*cert);
crypto/heimdal/lib/hx509/cert.c
241
ret = copy_Certificate(c, (*cert)->data);
crypto/heimdal/lib/hx509/cert.c
243
free((*cert)->data);
crypto/heimdal/lib/hx509/cert.c
244
free(*cert);
crypto/heimdal/lib/hx509/cert.c
245
*cert = NULL;
crypto/heimdal/lib/hx509/cert.c
2453
const hx509_cert cert,
crypto/heimdal/lib/hx509/cert.c
2472
ret = find_extension_subject_alt_name(cert->data, &i, &san);
crypto/heimdal/lib/hx509/cert.c
2498
name = &cert->data->tbsCertificate.subject;
crypto/heimdal/lib/hx509/cert.c
2546
hx509_cert cert,
crypto/heimdal/lib/hx509/cert.c
2553
if (hx509_cert_get_attribute(cert, oid) != NULL)
crypto/heimdal/lib/hx509/cert.c
2556
d = realloc(cert->attrs.val,
crypto/heimdal/lib/hx509/cert.c
2557
sizeof(cert->attrs.val[0]) * (cert->attrs.len + 1));
crypto/heimdal/lib/hx509/cert.c
2562
cert->attrs.val = d;
crypto/heimdal/lib/hx509/cert.c
2571
cert->attrs.val[cert->attrs.len] = a;
crypto/heimdal/lib/hx509/cert.c
2572
cert->attrs.len++;
crypto/heimdal/lib/hx509/cert.c
2591
hx509_cert_get_attribute(hx509_cert cert, const heim_oid *oid)
crypto/heimdal/lib/hx509/cert.c
2594
for (i = 0; i < cert->attrs.len; i++)
crypto/heimdal/lib/hx509/cert.c
2595
if (der_heim_oid_cmp(oid, &cert->attrs.val[i]->oid) == 0)
crypto/heimdal/lib/hx509/cert.c
2596
return cert->attrs.val[i];
crypto/heimdal/lib/hx509/cert.c
2612
hx509_cert_set_friendly_name(hx509_cert cert, const char *name)
crypto/heimdal/lib/hx509/cert.c
2614
if (cert->friendlyname)
crypto/heimdal/lib/hx509/cert.c
2615
free(cert->friendlyname);
crypto/heimdal/lib/hx509/cert.c
2616
cert->friendlyname = strdup(name);
crypto/heimdal/lib/hx509/cert.c
2617
if (cert->friendlyname == NULL)
crypto/heimdal/lib/hx509/cert.c
2634
hx509_cert_get_friendly_name(hx509_cert cert)
crypto/heimdal/lib/hx509/cert.c
2642
if (cert->friendlyname)
crypto/heimdal/lib/hx509/cert.c
2643
return cert->friendlyname;
crypto/heimdal/lib/hx509/cert.c
2645
a = hx509_cert_get_attribute(cert, &asn1_oid_id_pkcs_9_at_friendlyName);
crypto/heimdal/lib/hx509/cert.c
2649
ret = hx509_cert_get_subject(cert, &name);
crypto/heimdal/lib/hx509/cert.c
2652
ret = hx509_name_to_string(name, &cert->friendlyname);
crypto/heimdal/lib/hx509/cert.c
2656
return cert->friendlyname;
crypto/heimdal/lib/hx509/cert.c
2668
cert->friendlyname = malloc(n.val[0].length + 1);
crypto/heimdal/lib/hx509/cert.c
2669
if (cert->friendlyname == NULL) {
crypto/heimdal/lib/hx509/cert.c
2676
cert->friendlyname[i] = n.val[0].data[i] & 0xff;
crypto/heimdal/lib/hx509/cert.c
2678
cert->friendlyname[i] = 'X';
crypto/heimdal/lib/hx509/cert.c
2680
cert->friendlyname[i] = '\0';
crypto/heimdal/lib/hx509/cert.c
2683
return cert->friendlyname;
crypto/heimdal/lib/hx509/cert.c
274
hx509_cert *cert)
crypto/heimdal/lib/hx509/cert.c
292
ret = hx509_cert_init(context, &t, cert);
crypto/heimdal/lib/hx509/cert.c
2945
_hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert cert)
crypto/heimdal/lib/hx509/cert.c
2947
Certificate *c = _hx509_get_cert(cert);
crypto/heimdal/lib/hx509/cert.c
298
_hx509_cert_set_release(hx509_cert cert,
crypto/heimdal/lib/hx509/cert.c
2991
_hx509_cert_private_key(cert) == NULL)
crypto/heimdal/lib/hx509/cert.c
3019
a = hx509_cert_get_attribute(cert, &asn1_oid_id_pkcs_9_at_localKeyId);
crypto/heimdal/lib/hx509/cert.c
302
cert->release = release;
crypto/heimdal/lib/hx509/cert.c
303
cert->ctx = ctx;
crypto/heimdal/lib/hx509/cert.c
3030
if (hx509_cert_cmp(q->path->val[i], cert) == 0)
crypto/heimdal/lib/hx509/cert.c
3034
const char *name = hx509_cert_get_friendly_name(cert);
crypto/heimdal/lib/hx509/cert.c
3041
ret = (*q->cmp_func)(context, cert, q->cmp_func_ctx);
crypto/heimdal/lib/hx509/cert.c
3074
hx509_cert_check_eku(context, cert, q->eku, 0))
crypto/heimdal/lib/hx509/cert.c
3080
ret = _hx509_cert_to_env(context, cert, &env);
crypto/heimdal/lib/hx509/cert.c
310
_hx509_cert_assign_key(hx509_cert cert, hx509_private_key private_key)
crypto/heimdal/lib/hx509/cert.c
312
if (cert->private_key)
crypto/heimdal/lib/hx509/cert.c
313
hx509_private_key_free(&cert->private_key);
crypto/heimdal/lib/hx509/cert.c
314
cert->private_key = _hx509_private_key_ref(private_key);
crypto/heimdal/lib/hx509/cert.c
3266
hx509_cert_check_eku(hx509_context context, hx509_cert cert,
crypto/heimdal/lib/hx509/cert.c
3273
ret = find_extension_eku(_hx509_get_cert(cert), &e);
crypto/heimdal/lib/hx509/cert.c
328
hx509_cert_free(hx509_cert cert)
crypto/heimdal/lib/hx509/cert.c
3303
Certificate *cert;
crypto/heimdal/lib/hx509/cert.c
3311
cert = _hx509_get_cert(c);
crypto/heimdal/lib/hx509/cert.c
3313
if (_hx509_cert_get_version(cert) < 3)
crypto/heimdal/lib/hx509/cert.c
3316
e = find_extension(cert, &asn1_oid_id_x509_ce_keyUsage, &i);
crypto/heimdal/lib/hx509/cert.c
332
if (cert == NULL)
crypto/heimdal/lib/hx509/cert.c
3328
hx509_cert cert,
crypto/heimdal/lib/hx509/cert.c
3335
ret = find_extension_eku(_hx509_get_cert(cert), e);
crypto/heimdal/lib/hx509/cert.c
335
if (cert->ref <= 0)
crypto/heimdal/lib/hx509/cert.c
337
if (--cert->ref > 0)
crypto/heimdal/lib/hx509/cert.c
340
if (cert->release)
crypto/heimdal/lib/hx509/cert.c
341
(cert->release)(cert, cert->ctx);
crypto/heimdal/lib/hx509/cert.c
3417
_hx509_cert_to_env(hx509_context context, hx509_cert cert, hx509_env *env)
crypto/heimdal/lib/hx509/cert.c
3428
asprintf(&buf, "%d", _hx509_cert_get_version(_hx509_get_cert(cert)));
crypto/heimdal/lib/hx509/cert.c
343
if (cert->private_key)
crypto/heimdal/lib/hx509/cert.c
3435
ret = hx509_cert_get_subject(cert, &name);
crypto/heimdal/lib/hx509/cert.c
344
hx509_private_key_free(&cert->private_key);
crypto/heimdal/lib/hx509/cert.c
3451
ret = hx509_cert_get_issuer(cert, &name);
crypto/heimdal/lib/hx509/cert.c
346
free_Certificate(cert->data);
crypto/heimdal/lib/hx509/cert.c
3467
ret = _hx509_cert_get_eku(context, cert, &eku);
crypto/heimdal/lib/hx509/cert.c
347
free(cert->data);
crypto/heimdal/lib/hx509/cert.c
349
for (i = 0; i < cert->attrs.len; i++) {
crypto/heimdal/lib/hx509/cert.c
350
der_free_octet_string(&cert->attrs.val[i]->data);
crypto/heimdal/lib/hx509/cert.c
3502
Certificate *c = _hx509_get_cert(cert);
crypto/heimdal/lib/hx509/cert.c
351
der_free_oid(&cert->attrs.val[i]->oid);
crypto/heimdal/lib/hx509/cert.c
352
free(cert->attrs.val[i]);
crypto/heimdal/lib/hx509/cert.c
354
free(cert->attrs.val);
crypto/heimdal/lib/hx509/cert.c
355
free(cert->friendlyname);
crypto/heimdal/lib/hx509/cert.c
356
if (cert->basename)
crypto/heimdal/lib/hx509/cert.c
3564
hx509_print_cert(hx509_context context, hx509_cert cert, FILE *out)
crypto/heimdal/lib/hx509/cert.c
357
hx509_name_free(&cert->basename);
crypto/heimdal/lib/hx509/cert.c
3573
ret = hx509_cert_get_issuer(cert, &name);
crypto/heimdal/lib/hx509/cert.c
358
memset(cert, 0, sizeof(*cert));
crypto/heimdal/lib/hx509/cert.c
3581
ret = hx509_cert_get_subject(cert, &name);
crypto/heimdal/lib/hx509/cert.c
359
free(cert);
crypto/heimdal/lib/hx509/cert.c
3592
ret = hx509_cert_get_serialnumber(cert, &serialNumber);
crypto/heimdal/lib/hx509/cert.c
3604
ret = hx509_cert_keyusage_print(context, cert, &str);
crypto/heimdal/lib/hx509/cert.c
373
hx509_cert_ref(hx509_cert cert)
crypto/heimdal/lib/hx509/cert.c
375
if (cert == NULL)
crypto/heimdal/lib/hx509/cert.c
377
if (cert->ref <= 0)
crypto/heimdal/lib/hx509/cert.c
379
cert->ref++;
crypto/heimdal/lib/hx509/cert.c
380
if (cert->ref == 0)
crypto/heimdal/lib/hx509/cert.c
382
return cert;
crypto/heimdal/lib/hx509/cert.c
587
find_extension(const Certificate *cert, const heim_oid *oid, size_t *idx)
crypto/heimdal/lib/hx509/cert.c
589
const TBSCertificate *c = &cert->tbsCertificate;
crypto/heimdal/lib/hx509/cert.c
659
find_extension_subject_alt_name(const Certificate *cert, size_t *i,
crypto/heimdal/lib/hx509/cert.c
667
e = find_extension(cert, &asn1_oid_id_x509_ce_subjectAltName, i);
crypto/heimdal/lib/hx509/cert.c
677
find_extension_eku(const Certificate *cert, ExtKeyUsage *eku)
crypto/heimdal/lib/hx509/cert.c
685
e = find_extension(cert, &asn1_oid_id_x509_ce_extKeyUsage, &i);
crypto/heimdal/lib/hx509/cert.c
750
hx509_cert cert,
crypto/heimdal/lib/hx509/cert.c
763
ret = find_extension_subject_alt_name(_hx509_get_cert(cert), &i, &sa);
crypto/heimdal/lib/hx509/cert.c
794
check_key_usage(hx509_context context, const Certificate *cert,
crypto/heimdal/lib/hx509/cert.c
804
if (_hx509_cert_get_version(cert) < 3)
crypto/heimdal/lib/hx509/cert.c
807
e = find_extension(cert, &asn1_oid_id_x509_ce_keyUsage, &i);
crypto/heimdal/lib/hx509/cert.c
827
_hx509_unparse_Name(&cert->tbsCertificate.subject, &name);
crypto/heimdal/lib/hx509/cert.c
844
_hx509_check_key_usage(hx509_context context, hx509_cert cert,
crypto/heimdal/lib/hx509/cert.c
847
return check_key_usage(context, _hx509_get_cert(cert), flags, req_present);
crypto/heimdal/lib/hx509/cert.c
853
check_basic_constraints(hx509_context context, const Certificate *cert,
crypto/heimdal/lib/hx509/cert.c
862
if (_hx509_cert_get_version(cert) < 3)
crypto/heimdal/lib/hx509/cert.c
865
e = find_extension(cert, &asn1_oid_id_x509_ce_basicConstraints, &i);
crypto/heimdal/lib/hx509/cert.c
873
ret = _hx509_unparse_Name(&cert->tbsCertificate.subject, &name);
crypto/heimdal/lib/hx509/cms.c
1010
cert,
crypto/heimdal/lib/hx509/cms.c
1030
ret = hx509_verify_path(context, ctx, cert, certs);
crypto/heimdal/lib/hx509/cms.c
1035
ret = hx509_certs_add(context, *signer_certs, cert);
crypto/heimdal/lib/hx509/cms.c
1042
if (cert)
crypto/heimdal/lib/hx509/cms.c
1043
hx509_cert_free(cert);
crypto/heimdal/lib/hx509/cms.c
1044
cert = NULL;
crypto/heimdal/lib/hx509/cms.c
1149
hx509_cert cert,
crypto/heimdal/lib/hx509/cms.c
1164
ret = hx509_certs_add(context, certs, cert);
crypto/heimdal/lib/hx509/cms.c
1191
sig_process(hx509_context context, void *ctx, hx509_cert cert)
crypto/heimdal/lib/hx509/cms.c
1206
if (_hx509_cert_private_key(cert) == NULL) {
crypto/heimdal/lib/hx509/cms.c
1218
_hx509_cert_private_key(cert),
crypto/heimdal/lib/hx509/cms.c
1242
ret = fill_CMSIdentifier(cert, sigctx->cmsidflag, &signer_info->sid);
crypto/heimdal/lib/hx509/cms.c
1350
_hx509_cert_private_key(cert), sigctx->peer,
crypto/heimdal/lib/hx509/cms.c
1356
_hx509_cert_private_key(cert),
crypto/heimdal/lib/hx509/cms.c
1381
cert,
crypto/heimdal/lib/hx509/cms.c
1385
_hx509_path_append(context, &path, cert);
crypto/heimdal/lib/hx509/cms.c
1409
cert_process(hx509_context context, void *ctx, hx509_cert cert)
crypto/heimdal/lib/hx509/cms.c
1422
ret = hx509_cert_binary(context, cert,
crypto/heimdal/lib/hx509/cms.c
172
fill_CMSIdentifier(const hx509_cert cert,
crypto/heimdal/lib/hx509/cms.c
181
ret = _hx509_find_extension_subject_key_id(_hx509_get_cert(cert),
crypto/heimdal/lib/hx509/cms.c
190
ret = hx509_cert_get_issuer(cert, &name);
crypto/heimdal/lib/hx509/cms.c
198
ret = hx509_cert_get_serialnumber(cert, &id->u.issuerAndSerialNumber.serialNumber);
crypto/heimdal/lib/hx509/cms.c
267
hx509_cert cert;
crypto/heimdal/lib/hx509/cms.c
300
ret = hx509_certs_find(context, certs, &q, &cert);
crypto/heimdal/lib/hx509/cms.c
319
*signer_cert = cert;
crypto/heimdal/lib/hx509/cms.c
359
hx509_cert cert;
crypto/heimdal/lib/hx509/cms.c
408
cert = NULL;
crypto/heimdal/lib/hx509/cms.c
417
time_now, &cert,
crypto/heimdal/lib/hx509/cms.c
427
cert, &key);
crypto/heimdal/lib/hx509/cms.c
429
hx509_cert_free(cert);
crypto/heimdal/lib/hx509/cms.c
432
cert = NULL;
crypto/heimdal/lib/hx509/cms.c
448
if (cert == NULL) {
crypto/heimdal/lib/hx509/cms.c
553
hx509_cert cert,
crypto/heimdal/lib/hx509/cms.c
577
ret = _hx509_check_key_usage(context, cert, 1 << 2, TRUE);
crypto/heimdal/lib/hx509/cms.c
661
ret = fill_CMSIdentifier(cert, cmsidflag, &ri->rid);
crypto/heimdal/lib/hx509/cms.c
670
&key, cert,
crypto/heimdal/lib/hx509/cms.c
791
hx509_cert cert = NULL;
crypto/heimdal/lib/hx509/cms.c
874
_hx509_verify_get_time(ctx), &cert,
crypto/heimdal/lib/hx509/cms.c
886
_hx509_verify_get_time(ctx), &cert,
crypto/heimdal/lib/hx509/collector.c
100
return hx509_certs_add(context, c->certs, cert);
crypto/heimdal/lib/hx509/collector.c
178
hx509_cert cert;
crypto/heimdal/lib/hx509/collector.c
193
ret = hx509_certs_find(context, certs, &q, &cert);
crypto/heimdal/lib/hx509/collector.c
197
_hx509_cert_assign_key(cert, value->private_key);
crypto/heimdal/lib/hx509/collector.c
198
hx509_cert_free(cert);
crypto/heimdal/lib/hx509/collector.c
98
hx509_cert cert)
crypto/heimdal/lib/hx509/crypto.c
1613
const hx509_cert cert,
crypto/heimdal/lib/hx509/crypto.c
1621
if (cert)
crypto/heimdal/lib/hx509/crypto.c
1622
signer = _hx509_get_cert(cert);
crypto/heimdal/lib/hx509/crypto.c
1699
const Certificate *cert,
crypto/heimdal/lib/hx509/crypto.c
1714
spi = &cert->tbsCertificate.subjectPublicKeyInfo;
crypto/heimdal/lib/hx509/crypto.c
2980
const Certificate *cert;
crypto/heimdal/lib/hx509/crypto.c
2999
cert = _hx509_get_cert(c);
crypto/heimdal/lib/hx509/crypto.c
3000
spi = &cert->tbsCertificate.subjectPublicKeyInfo;
crypto/heimdal/lib/hx509/hx_locl.h
92
hx509_cert cert;
crypto/heimdal/lib/hx509/hxtool.c
1751
hx509_cert signer = NULL, cert = NULL;
crypto/heimdal/lib/hx509/hxtool.c
1976
ret = hx509_ca_sign_self(context, tbs, private_key, &cert);
crypto/heimdal/lib/hx509/hxtool.c
1980
ret = hx509_ca_sign(context, tbs, signer, &cert);
crypto/heimdal/lib/hx509/hxtool.c
1986
ret = _hx509_cert_assign_key(cert, cert_key);
crypto/heimdal/lib/hx509/hxtool.c
1999
ret = hx509_certs_add(context, certs, cert);
crypto/heimdal/lib/hx509/hxtool.c
2014
hx509_cert_free(cert);
crypto/heimdal/lib/hx509/hxtool.c
2027
test_one_cert(hx509_context hxcontext, void *ctx, hx509_cert cert)
crypto/heimdal/lib/hx509/hxtool.c
2035
if (_hx509_cert_private_key(cert) == NULL)
crypto/heimdal/lib/hx509/hxtool.c
2039
NULL, cert, NULL, NULL, NULL, &sd);
crypto/heimdal/lib/hx509/hxtool.c
334
print_signer(hx509_context contextp, void *ctx, hx509_cert cert)
crypto/heimdal/lib/hx509/hxtool.c
341
ret = hx509_cert_get_subject(cert, &name);
crypto/heimdal/lib/hx509/hxtool.c
584
hx509_cert cert;
crypto/heimdal/lib/hx509/hxtool.c
621
ret = hx509_certs_find(context, certs, q, &cert);
crypto/heimdal/lib/hx509/hxtool.c
628
ret = hx509_cms_envelope_1(context, flags, cert, p, sz, enctype,
crypto/heimdal/lib/hx509/hxtool.c
633
hx509_cert_free(cert);
crypto/heimdal/lib/hx509/hxtool.c
661
print_certificate(hx509_context hxcontext, hx509_cert cert, int verbose)
crypto/heimdal/lib/hx509/hxtool.c
666
fn = hx509_cert_get_friendly_name(cert);
crypto/heimdal/lib/hx509/hxtool.c
670
_hx509_cert_private_key(cert) ? "yes" : "no");
crypto/heimdal/lib/hx509/hxtool.c
672
ret = hx509_print_cert(hxcontext, cert, NULL);
crypto/heimdal/lib/hx509/hxtool.c
684
hx509_validate_cert(hxcontext, vctx, cert);
crypto/heimdal/lib/hx509/hxtool.c
697
print_f(hx509_context hxcontext, void *ctx, hx509_cert cert)
crypto/heimdal/lib/hx509/hxtool.c
702
print_certificate(context, cert, s->verbose);
crypto/heimdal/lib/hx509/keyset.c
293
hx509_cert *cert)
crypto/heimdal/lib/hx509/keyset.c
295
*cert = NULL;
crypto/heimdal/lib/hx509/keyset.c
296
return (*certs->ops->iter)(context, certs, certs->ops_data, cursor, cert);
crypto/heimdal/lib/hx509/keyset.c
387
certs_iter(hx509_context context, void *ctx, hx509_cert cert)
crypto/heimdal/lib/hx509/keyset.c
390
return func(cert);
crypto/heimdal/lib/hx509/keyset.c
434
Certificate *cert;
crypto/heimdal/lib/hx509/keyset.c
438
cert = _hx509_get_cert(c);
crypto/heimdal/lib/hx509/keyset.c
440
_hx509_name_from_Name(&cert->tbsCertificate.subject, &n);
crypto/heimdal/lib/hx509/keyset.c
443
_hx509_name_from_Name(&cert->tbsCertificate.issuer, &n);
crypto/heimdal/lib/hx509/keyset.c
469
hx509_certs_add(hx509_context context, hx509_certs certs, hx509_cert cert)
crypto/heimdal/lib/hx509/keyset.c
478
return (*certs->ops->add)(context, certs, certs->ops_data, cert);
crypto/heimdal/lib/hx509/ks_dir.c
126
hx509_certs certs, void *data, void *iter, hx509_cert *cert)
crypto/heimdal/lib/hx509/ks_dir.c
131
*cert = NULL;
crypto/heimdal/lib/hx509/ks_dir.c
138
ret = hx509_certs_next_cert(context, d->certs, d->iter, cert);
crypto/heimdal/lib/hx509/ks_dir.c
145
if (*cert) {
crypto/heimdal/lib/hx509/ks_file.c
55
hx509_cert cert;
crypto/heimdal/lib/hx509/ks_file.c
58
ret = hx509_cert_init_data(context, data, len, &cert);
crypto/heimdal/lib/hx509/ks_file.c
606
hx509_certs certs, void *data, void *iter, hx509_cert *cert)
crypto/heimdal/lib/hx509/ks_file.c
609
return hx509_certs_next_cert(context, ksf->certs, iter, cert);
crypto/heimdal/lib/hx509/ks_file.c
62
ret = _hx509_collector_certs_add(context, c, cert);
crypto/heimdal/lib/hx509/ks_file.c
63
hx509_cert_free(cert);
crypto/heimdal/lib/hx509/ks_keychain.c
255
hx509_cert cert)
crypto/heimdal/lib/hx509/ks_keychain.c
306
_hx509_cert_assign_key(cert, key);
crypto/heimdal/lib/hx509/ks_keychain.c
416
hx509_cert cert;
crypto/heimdal/lib/hx509/ks_keychain.c
423
ret = hx509_cert_init_data(context, cssm.Data, cssm.Length, &cert);
crypto/heimdal/lib/hx509/ks_keychain.c
427
ret = hx509_certs_add(context, iter->certs, cert);
crypto/heimdal/lib/hx509/ks_keychain.c
428
hx509_cert_free(cert);
crypto/heimdal/lib/hx509/ks_keychain.c
466
hx509_certs certs, void *data, void *cursor, hx509_cert *cert)
crypto/heimdal/lib/hx509/ks_keychain.c
479
return hx509_certs_next_cert(context, iter->certs, iter->cursor, cert);
crypto/heimdal/lib/hx509/ks_keychain.c
481
*cert = NULL;
crypto/heimdal/lib/hx509/ks_keychain.c
504
ret = hx509_cert_init_data(context, ptr, len, cert);
crypto/heimdal/lib/hx509/ks_keychain.c
542
set_private_key(context, itemRef, *cert);
crypto/heimdal/lib/hx509/ks_mem.c
129
hx509_cert *cert)
crypto/heimdal/lib/hx509/ks_mem.c
135
*cert = NULL;
crypto/heimdal/lib/hx509/ks_mem.c
139
*cert = hx509_cert_ref(mem->certs.val[*iter]);
crypto/heimdal/lib/hx509/ks_null.c
63
hx509_certs certs, void *data, void *iter, hx509_cert *cert)
crypto/heimdal/lib/hx509/ks_null.c
65
*cert = NULL;
crypto/heimdal/lib/hx509/ks_p11.c
1082
hx509_certs certs, void *data, void *cursor, hx509_cert *cert)
crypto/heimdal/lib/hx509/ks_p11.c
1085
return hx509_certs_next_cert(context, c->certs, c->cursor, cert);
crypto/heimdal/lib/hx509/ks_p11.c
706
p11_cert_release(hx509_cert cert, void *ctx)
crypto/heimdal/lib/hx509/ks_p11.c
721
hx509_cert cert;
crypto/heimdal/lib/hx509/ks_p11.c
731
query[1].ulValueLen, &cert);
crypto/heimdal/lib/hx509/ks_p11.c
741
_hx509_cert_set_release(cert, p11_cert_release, p);
crypto/heimdal/lib/hx509/ks_p11.c
750
cert,
crypto/heimdal/lib/hx509/ks_p11.c
761
hx509_cert_set_friendly_name(cert, str);
crypto/heimdal/lib/hx509/ks_p11.c
766
ret = _hx509_collector_certs_add(context, collector, cert);
crypto/heimdal/lib/hx509/ks_p11.c
767
hx509_cert_free(cert);
crypto/heimdal/lib/hx509/ks_p12.c
134
hx509_cert cert;
crypto/heimdal/lib/hx509/ks_p12.c
155
ret = hx509_cert_init_data(context, os.data, os.length, &cert);
crypto/heimdal/lib/hx509/ks_p12.c
160
ret = _hx509_collector_certs_add(context, c, cert);
crypto/heimdal/lib/hx509/ks_p12.c
162
hx509_cert_free(cert);
crypto/heimdal/lib/hx509/ks_p12.c
177
_hx509_set_cert_attribute(context, cert, oid,
crypto/heimdal/lib/hx509/ks_p12.c
182
hx509_cert_free(cert);
crypto/heimdal/lib/hx509/ks_p12.c
674
hx509_cert *cert)
crypto/heimdal/lib/hx509/ks_p12.c
677
return hx509_certs_next_cert(context, p12->certs, cursor, cert);
crypto/heimdal/lib/hx509/lock.c
133
hx509_lock_add_cert(hx509_context context, hx509_lock lock, hx509_cert cert)
crypto/heimdal/lib/hx509/lock.c
135
return hx509_certs_add(context, lock->certs, cert);
crypto/heimdal/lib/hx509/peer.c
116
hx509_cert cert)
crypto/heimdal/lib/hx509/peer.c
118
if (peer->cert)
crypto/heimdal/lib/hx509/peer.c
119
hx509_cert_free(peer->cert);
crypto/heimdal/lib/hx509/peer.c
120
peer->cert = hx509_cert_ref(cert);
crypto/heimdal/lib/hx509/peer.c
96
if (peer->cert)
crypto/heimdal/lib/hx509/peer.c
97
hx509_cert_free(peer->cert);
crypto/heimdal/lib/hx509/print.c
1023
cert,
crypto/heimdal/lib/hx509/print.c
888
hx509_cert cert)
crypto/heimdal/lib/hx509/print.c
890
Certificate *c = _hx509_get_cert(cert);
crypto/heimdal/lib/hx509/print.c
911
ret = hx509_cert_get_subject(cert, &subject);
crypto/heimdal/lib/hx509/print.c
918
ret = hx509_cert_get_issuer(cert, &issuer);
crypto/heimdal/lib/hx509/revoke.c
1189
hx509_cert cert,
crypto/heimdal/lib/hx509/revoke.c
1194
const Certificate *c = _hx509_get_cert(cert);
crypto/heimdal/lib/hx509/revoke.c
1258
ret = hx509_cert_get_subject(cert, &name);
crypto/heimdal/lib/hx509/revoke.c
1377
add_revoked(hx509_context context, void *ctx, hx509_cert cert)
crypto/heimdal/lib/hx509/revoke.c
1393
ret = hx509_cert_get_serialnumber(cert,
crypto/heimdal/lib/hx509/revoke.c
683
hx509_cert cert,
crypto/heimdal/lib/hx509/revoke.c
686
const Certificate *c = _hx509_get_cert(cert);
crypto/heimdal/lib/hx509/revoke.c
864
add_to_req(hx509_context context, void *ptr, hx509_cert cert)
crypto/heimdal/lib/hx509/revoke.c
869
Certificate *p, *c = _hx509_get_cert(cert);
crypto/heimdal/lib/hx509/softp11.c
1532
if (hx509_cert_have_private_key(o->cert) == 0) {
crypto/heimdal/lib/hx509/softp11.c
1550
_hx509_cert_private_key(o->cert),
crypto/heimdal/lib/hx509/softp11.c
1665
o->cert,
crypto/heimdal/lib/hx509/softp11.c
368
CK_KEY_TYPE key_type, hx509_cert cert)
crypto/heimdal/lib/hx509/softp11.c
379
if (_hx509_cert_private_key(cert) == NULL)
crypto/heimdal/lib/hx509/softp11.c
383
_hx509_cert_private_key(cert),
crypto/heimdal/lib/hx509/softp11.c
401
_hx509_cert_private_key(cert),
crypto/heimdal/lib/hx509/softp11.c
426
add_cert(hx509_context hxctx, void *ctx, hx509_cert cert)
crypto/heimdal/lib/hx509/softp11.c
447
hret = hx509_cert_binary(hxctx, cert, &cert_data);
crypto/heimdal/lib/hx509/softp11.c
454
hret = hx509_cert_get_issuer(cert, &name);
crypto/heimdal/lib/hx509/softp11.c
462
hret = hx509_cert_get_subject(cert, &name);
crypto/heimdal/lib/hx509/softp11.c
474
hret = hx509_cert_get_SPKI_AlgorithmIdentifier(context, cert, &alg);
crypto/heimdal/lib/hx509/softp11.c
493
o->cert = hx509_cert_ref(cert);
crypto/heimdal/lib/hx509/softp11.c
518
o->cert = hx509_cert_ref(cert);
crypto/heimdal/lib/hx509/softp11.c
542
add_pubkey_info(hxctx, o, key_type, cert);
crypto/heimdal/lib/hx509/softp11.c
546
if (hx509_cert_have_private_key(cert)) {
crypto/heimdal/lib/hx509/softp11.c
555
o->cert = hx509_cert_ref(cert);
crypto/heimdal/lib/hx509/softp11.c
585
add_pubkey_info(hxctx, o, key_type, cert);
crypto/heimdal/lib/hx509/softp11.c
61
hx509_cert cert;
crypto/heimdal/lib/hx509/softp11.c
736
char *cert, *id, *label;
crypto/heimdal/lib/hx509/softp11.c
749
cert = strtok_r(NULL, "\t", &s);
crypto/heimdal/lib/hx509/softp11.c
750
if (cert == NULL) {
crypto/heimdal/lib/hx509/softp11.c
755
st_logf("adding: %s: %s in file %s\n", id, label, cert);
crypto/heimdal/lib/hx509/softp11.c
757
ret = add_certificate(cert, pin, id, label);
crypto/heimdal/lib/krb5/krb5_locl.h
345
hx509_cert cert;
crypto/heimdal/lib/krb5/pkinit.c
100
free(cert);
crypto/heimdal/lib/krb5/pkinit.c
1087
ret = hx509_cert_check_eku(context->hx509ctx, host->cert,
crypto/heimdal/lib/krb5/pkinit.c
1100
host->cert,
crypto/heimdal/lib/krb5/pkinit.c
1149
ret = hx509_verify_hostname(context->hx509ctx, host->cert,
crypto/heimdal/lib/krb5/pkinit.c
1874
if (ctx->id->cert) {
crypto/heimdal/lib/krb5/pkinit.c
1875
hx509_cert_free(ctx->id->cert);
crypto/heimdal/lib/krb5/pkinit.c
1876
ctx->id->cert = NULL;
crypto/heimdal/lib/krb5/pkinit.c
1896
ret = find_cert(context, ctx->id, q, &ctx->id->cert);
crypto/heimdal/lib/krb5/pkinit.c
1904
ret = hx509_cert_get_subject(ctx->id->cert, &name);
crypto/heimdal/lib/krb5/pkinit.c
191
hx509_query *q, hx509_cert *cert)
crypto/heimdal/lib/krb5/pkinit.c
1913
ret = hx509_cert_get_serialnumber(ctx->id->cert, &i);
crypto/heimdal/lib/krb5/pkinit.c
221
ret = hx509_certs_find(context->hx509ctx, id->certs, q, cert);
crypto/heimdal/lib/krb5/pkinit.c
241
if (id->cert == NULL)
crypto/heimdal/lib/krb5/pkinit.c
2439
hx509_cert_free(ctx->id->cert);
crypto/heimdal/lib/krb5/pkinit.c
250
id->cert,
crypto/heimdal/lib/krb5/pkinit.c
2536
opt->opt_private->pk_init_ctx->id->cert = NULL;
crypto/heimdal/lib/krb5/pkinit.c
2540
hx509_cert cert = opt->opt_private->pk_init_ctx->id->cert;
crypto/heimdal/lib/krb5/pkinit.c
2547
if (cert) {
crypto/heimdal/lib/krb5/pkinit.c
2550
ret = hx509_cert_get_SPKI_AlgorithmIdentifier(hx509ctx, cert, &alg);
crypto/heimdal/lib/krb5/pkinit.c
2606
get_ms_san(hx509_context context, hx509_cert cert, char **upn)
crypto/heimdal/lib/krb5/pkinit.c
2614
cert,
crypto/heimdal/lib/krb5/pkinit.c
2631
find_ms_san(hx509_context context, hx509_cert cert, void *ctx)
crypto/heimdal/lib/krb5/pkinit.c
2636
ret = get_ms_san(context, cert, &upn);
crypto/heimdal/lib/krb5/pkinit.c
2660
hx509_cert cert = NULL;
crypto/heimdal/lib/krb5/pkinit.c
2701
ret = hx509_get_one_cert(context->hx509ctx, result, &cert);
crypto/heimdal/lib/krb5/pkinit.c
2709
ret = get_ms_san(context->hx509ctx, cert, &name);
crypto/heimdal/lib/krb5/pkinit.c
2728
ret = hx509_certs_add(context->hx509ctx, *res, cert);
crypto/heimdal/lib/krb5/pkinit.c
2736
hx509_cert_free(cert);
crypto/heimdal/lib/krb5/pkinit.c
58
hx509_cert cert;
crypto/heimdal/lib/krb5/pkinit.c
623
ctx->id->cert,
crypto/heimdal/lib/krb5/pkinit.c
943
ret = hx509_get_one_cert(context->hx509ctx, signer_certs, &(*signer)->cert);
crypto/heimdal/lib/krb5/pkinit.c
95
_krb5_pk_cert_free(struct krb5_pk_cert *cert)
crypto/heimdal/lib/krb5/pkinit.c
954
hx509_cert_free((*signer)->cert);
crypto/heimdal/lib/krb5/pkinit.c
97
if (cert->cert) {
crypto/heimdal/lib/krb5/pkinit.c
98
hx509_cert_free(cert->cert);
crypto/heimdal/lib/roken/resolve.c
331
rr->u.cert = malloc (sizeof(*rr->u.cert) + cert_len - 1);
crypto/heimdal/lib/roken/resolve.c
332
if (rr->u.cert == NULL) {
crypto/heimdal/lib/roken/resolve.c
337
rr->u.cert->type = (p[0] << 8) | p[1];
crypto/heimdal/lib/roken/resolve.c
338
rr->u.cert->tag = (p[2] << 8) | p[3];
crypto/heimdal/lib/roken/resolve.c
339
rr->u.cert->algorithm = p[4];
crypto/heimdal/lib/roken/resolve.c
340
rr->u.cert->cert_len = cert_len;
crypto/heimdal/lib/roken/resolve.c
341
memcpy (rr->u.cert->cert_data, p + 5, cert_len);
crypto/heimdal/lib/roken/resolve.h
197
struct rk_cert_record *cert;
crypto/krb5/src/include/k5-int.h
2367
krb5_data *cert,
crypto/krb5/src/include/krb5/certauth_plugin.h
122
const uint8_t *cert, size_t cert_len,
crypto/krb5/src/kdc/do_as_req.c
138
krb5_data cert;
crypto/krb5/src/kdc/do_as_req.c
144
cert = make_data(pa->contents, pa->length);
crypto/krb5/src/kdc/do_as_req.c
146
return krb5_db_get_s4u_x509_principal(context, &cert, req->client,
crypto/krb5/src/plugins/certauth/test/main.c
116
c = memchr(cert, *cntag, c_left);
crypto/krb5/src/plugins/certauth/test/main.c
118
c_left = cert_len - (c - cert);
crypto/krb5/src/plugins/certauth/test/main.c
140
const uint8_t *cert, size_t cert_len,
crypto/krb5/src/plugins/certauth/test/main.c
161
if (!has_cn(context, cert, cert_len, name)) {
crypto/krb5/src/plugins/certauth/test/main.c
189
const uint8_t *cert, size_t cert_len,
crypto/krb5/src/plugins/certauth/test/main.c
44
const uint8_t *cert, size_t cert_len,
crypto/krb5/src/plugins/certauth/test/main.c
94
has_cn(krb5_context context, const uint8_t *cert, size_t cert_len,
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
1313
X509 *cert = NULL;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
1333
cert = (X509 *) PEM_read_bio_X509(tmp, NULL, NULL, NULL);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
1334
if (cert == NULL) {
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
1339
*retcert = cert;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
1699
cert_sig_alg(X509 *cert)
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
1702
EVP_PKEY *pkey = X509_get_pubkey(cert);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
1796
p7s->cert = cert_stack;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
2159
X509 *cert;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
2161
cert = X509_STORE_CTX_get_current_cert(cert_ctx);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
2162
reqctx->received_cert = X509_dup(cert);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
2308
X509 *cert,
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
2335
if (cert == NULL) {
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
2340
X509_NAME_oneline(X509_get_subject_name(cert),
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
2343
l = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
2347
if (!(ext = X509_get_ext(cert, l)) || !(ialt = X509V3_EXT_d2i(ext))) {
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
3358
X509 *cert = X509_STORE_CTX_get_current_cert(ctx);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
3363
X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf));
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4171
id_cryptoctx->creds[0]->cert = x;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4249
id_cryptoctx->creds[cindex]->cert = x;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4415
CK_BYTE_PTR cert = NULL, cert_id = NULL;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4444
cert = k5alloc(attrs[0].ulValueLen + 1, &ret);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4445
if (cert == NULL)
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4451
attrs[0].pValue = cert;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4463
cp = (unsigned char *)cert;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4476
cred->cert = x;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4486
free(cert);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4612
if (cred->cert != NULL)
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4613
X509_free(cred->cert);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4852
pkinit_req_crypto_context req_cryptoctx, X509 *cert,
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4864
ret = rfc2253_name(X509_get_subject_name(cert), &md->subject_dn);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4867
ret = rfc2253_name(X509_get_issuer_name(cert), &md->issuer_dn);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4873
cert, &md->sans, &md->upns, NULL);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4879
req_cryptoctx, cert, &md->ku_bits,
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4915
id_cryptoctx->creds[i]->cert, &md_list[i]);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4946
idctx->my_cert = ci->cert;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
4947
ci->cert = NULL;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
5417
X509 *cert = req_cryptoctx->received_cert;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
5425
X509_NAME_set(&is->issuer, X509_get_issuer_name(cert));
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
5427
is->serial = ASN1_INTEGER_dup(X509_get_serialNumber(cert));
crypto/krb5/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
64
X509 *cert;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_srv.c
1144
const uint8_t *cert, size_t cert_len,
crypto/krb5/src/plugins/preauth/pkinit/pkinit_srv.c
1172
const uint8_t *cert, size_t cert_len,
crypto/krb5/src/plugins/preauth/pkinit/pkinit_srv.c
1232
const uint8_t *cert, size_t cert_len,
crypto/krb5/src/plugins/preauth/pkinit/pkinit_srv.c
329
uint8_t *cert;
crypto/krb5/src/plugins/preauth/pkinit/pkinit_srv.c
336
ret = crypto_encode_der_cert(context, reqctx->cryptoctx, &cert, &cert_len);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_srv.c
359
ret = h->vt.authorize(context, h->moddata, cert, cert_len, client,
crypto/krb5/src/plugins/preauth/pkinit/pkinit_srv.c
386
free(cert);
crypto/krb5/src/plugins/preauth/pkinit/pkinit_trace.h
200
#define TRACE_PKINIT_SAN_CERT_COUNT(c, count, princ, upns, dns, cert) \
crypto/krb5/src/plugins/preauth/pkinit/pkinit_trace.h
203
upns, dns, cert)
crypto/krb5/src/plugins/preauth/pkinit/pkinit_trace.h
204
#define TRACE_PKINIT_SAN_CERT_NONE(c, cert) \
crypto/krb5/src/plugins/preauth/pkinit/pkinit_trace.h
205
TRACE(c, "PKINIT client found no SANs in certificate {str}", cert)
crypto/krb5/src/plugins/tls/k5tls/openssl.c
297
const char *cert = NULL, *errstr, *expected_name;
crypto/krb5/src/plugins/tls/k5tls/openssl.c
321
count = BIO_get_mem_data(bio, &cert);
crypto/krb5/src/plugins/tls/k5tls/openssl.c
323
TRACE_TLS_CERT_ERROR(context, depth, count, cert, err, errstr);
crypto/openssh/auth-options.c
507
if (k == NULL || !sshkey_type_is_cert(k->type) || k->cert == NULL ||
crypto/openssh/auth-options.c
508
k->cert->type != SSH2_CERT_TYPE_USER)
crypto/openssh/auth-options.c
515
if (cert_option_list(ret, k->cert->critical,
crypto/openssh/auth-options.c
520
if (cert_option_list(ret, k->cert->extensions,
crypto/openssh/auth.c
242
cafp = sshkey_fingerprint(key->cert->signature_key,
crypto/openssh/auth.c
246
key->cert->key_id,
crypto/openssh/auth.c
247
(unsigned long long)key->cert->serial,
crypto/openssh/auth.c
248
sshkey_type(key->cert->signature_key),
crypto/openssh/auth2-hostbased.c
112
(key->cert == NULL || key->cert->signature_type == NULL) ?
crypto/openssh/auth2-hostbased.c
113
"(null)" : key->cert->signature_type);
crypto/openssh/auth2-hostbased.c
235
if ((fp = sshkey_fingerprint(key->cert->signature_key,
crypto/openssh/auth2-hostbased.c
239
"%s CA %s from %s@%s", key->cert->key_id,
crypto/openssh/auth2-hostbased.c
240
sshkey_type(key->cert->signature_key), fp,
crypto/openssh/auth2-pubkey.c
174
(key->cert == NULL || key->cert->signature_type == NULL) ?
crypto/openssh/auth2-pubkey.c
175
"(null)" : key->cert->signature_type);
crypto/openssh/auth2-pubkey.c
185
ca_s = format_key(key->cert->signature_key);
crypto/openssh/auth2-pubkey.c
324
struct sshkey_cert *cert, struct sshauthopt **authoptsp)
crypto/openssh/auth2-pubkey.c
358
cert, &opts);
crypto/openssh/auth2-pubkey.c
384
const struct sshkey_cert *cert = key->cert;
crypto/openssh/auth2-pubkey.c
432
if ((ca_fp = sshkey_fingerprint(cert->signature_key,
crypto/openssh/auth2-pubkey.c
442
if ((r = sshkey_to_base64(cert->signature_key, &catext)) != 0) {
crypto/openssh/auth2-pubkey.c
451
(unsigned long long)cert->serial);
crypto/openssh/auth2-pubkey.c
462
"T", sshkey_ssh_name(cert->signature_key),
crypto/openssh/auth2-pubkey.c
467
"i", cert->key_id,
crypto/openssh/auth2-pubkey.c
487
ok = auth_process_principals(f, "(command)", cert, authoptsp);
crypto/openssh/auth2-pubkey.c
533
if ((ca_fp = sshkey_fingerprint(key->cert->signature_key,
crypto/openssh/auth2-pubkey.c
537
if ((r = sshkey_in_file(key->cert->signature_key,
crypto/openssh/auth2-pubkey.c
540
sshkey_type(key->cert->signature_key), ca_fp,
crypto/openssh/auth2-pubkey.c
551
key->cert, &principals_opts))
crypto/openssh/auth2-pubkey.c
601
"%s CA %s via %s", key->cert->key_id,
crypto/openssh/auth2-pubkey.c
602
(unsigned long long)key->cert->serial,
crypto/openssh/auth2-pubkey.c
603
sshkey_type(key->cert->signature_key), ca_fp,
crypto/openssh/auth2-pubkey.c
803
auth_key_is_revoked(key->cert->signature_key))
crypto/openssh/auth2-pubkeyfile.c
147
match_principals_option(const char *principal_list, struct sshkey_cert *cert)
crypto/openssh/auth2-pubkeyfile.c
154
for (i = 0; i < cert->nprincipals; i++) {
crypto/openssh/auth2-pubkeyfile.c
155
if ((result = match_list(cert->principals[i],
crypto/openssh/auth2-pubkeyfile.c
172
auth_check_principals_line(char *cp, const struct sshkey_cert *cert,
crypto/openssh/auth2-pubkeyfile.c
206
for (i = 0; i < cert->nprincipals; i++) {
crypto/openssh/auth2-pubkeyfile.c
207
if (strcmp(cp, cert->principals[i]) != 0)
crypto/openssh/auth2-pubkeyfile.c
210
loc, cert->principals[i]);
crypto/openssh/auth2-pubkeyfile.c
223
const struct sshkey_cert *cert, struct sshauthopt **authoptsp)
crypto/openssh/auth2-pubkeyfile.c
250
if (auth_check_principals_line(cp, cert, loc, authoptsp) == 0)
crypto/openssh/auth2-pubkeyfile.c
309
if (!sshkey_equal(found, key->cert->signature_key) ||
crypto/openssh/auth2-pubkeyfile.c
363
!match_principals_option(keyopts->cert_principals, key->cert)) {
crypto/openssh/auth2-pubkeyfile.c
374
key->cert->key_id,
crypto/openssh/auth2-pubkeyfile.c
375
(unsigned long long)key->cert->serial,
crypto/openssh/authfile.c
322
struct sshkey *key = NULL, *cert = NULL;
crypto/openssh/authfile.c
344
(r = sshkey_load_cert(filename, &cert)) != 0)
crypto/openssh/authfile.c
348
if (sshkey_equal_public(key, cert) == 0) {
crypto/openssh/authfile.c
354
(r = sshkey_cert_copy(cert, key)) != 0)
crypto/openssh/authfile.c
363
sshkey_free(cert);
crypto/openssh/authfile.c
422
sshkey_compare(key->cert->signature_key, pub))) {
crypto/openssh/hostfile.c
327
sshkey_equal_public(k->cert->signature_key,
crypto/openssh/hostfile.c
378
if (sshkey_equal_public(k->cert->signature_key,
crypto/openssh/krl.c
1165
rki.key_id = key->cert->key_id;
crypto/openssh/krl.c
1176
if (key->cert->serial == 0)
crypto/openssh/krl.c
1180
rs.lo = rs.hi = key->cert->serial;
crypto/openssh/krl.c
1184
key->cert->serial, ers->lo, ers->hi));
crypto/openssh/krl.c
1235
if ((r = revoked_certs_for_ca_key(krl, key->cert->signature_key,
crypto/openssh/krl.c
1250
KRL_DBG(("%llu no match", key->cert->serial));
crypto/openssh/krl.c
1264
if ((r = is_key_revoked(krl, key->cert->signature_key)) != 0)
crypto/openssh/krl.c
458
if (key->cert->serial == 0) {
crypto/openssh/krl.c
460
key->cert->signature_key,
crypto/openssh/krl.c
461
key->cert->key_id);
crypto/openssh/krl.c
464
key->cert->signature_key,
crypto/openssh/krl.c
465
key->cert->serial);
crypto/openssh/regress/misc/fuzz-harness/agent_fuzz_helper.c
63
struct sshkey *cert;
crypto/openssh/regress/misc/fuzz-harness/agent_fuzz_helper.c
78
cert = pubkey_or_die(certpath);
crypto/openssh/regress/misc/fuzz-harness/agent_fuzz_helper.c
83
if ((r = sshkey_cert_copy(cert, id->key)) != 0) {
crypto/openssh/regress/misc/fuzz-harness/agent_fuzz_helper.c
87
sshkey_free(cert);
crypto/openssh/regress/misc/fuzz-harness/authkeys_fuzz.cc
35
static struct sshkey *key, *cert;
crypto/openssh/regress/misc/fuzz-harness/authkeys_fuzz.cc
39
(cert = sshkey_new(KEY_UNSPEC)) == NULL)
crypto/openssh/regress/misc/fuzz-harness/authkeys_fuzz.cc
46
sshkey_read(cert, &tmp) != 0)
crypto/openssh/regress/misc/fuzz-harness/authkeys_fuzz.cc
50
if (cp == NULL || pw == NULL || key == NULL || cert == NULL)
crypto/openssh/regress/misc/fuzz-harness/authkeys_fuzz.cc
72
(void) auth_check_authkey_line(pw, cert, tmp, "127.0.0.1", "localhost",
crypto/openssh/regress/unittests/authopt/tests.c
292
struct sshkey *cert;
crypto/openssh/regress/unittests/authopt/tests.c
300
sshkey_free(cert); \
crypto/openssh/regress/unittests/authopt/tests.c
305
cert = load_key("no_" keybase ".cert"); \
crypto/openssh/regress/unittests/authopt/tests.c
308
opts = sshauthopt_from_cert(cert); \
crypto/openssh/regress/unittests/authopt/tests.c
312
cert = load_key("only_" keybase ".cert"); \
crypto/openssh/regress/unittests/authopt/tests.c
316
opts = sshauthopt_from_cert(cert); \
crypto/openssh/regress/unittests/authopt/tests.c
328
cert = load_key("all_permit.cert");
crypto/openssh/regress/unittests/authopt/tests.c
330
opts = sshauthopt_from_cert(cert);
crypto/openssh/regress/unittests/authopt/tests.c
335
cert = load_key("no_permit.cert");
crypto/openssh/regress/unittests/authopt/tests.c
338
opts = sshauthopt_from_cert(cert);
crypto/openssh/regress/unittests/authopt/tests.c
343
cert = load_key("force_command.cert");
crypto/openssh/regress/unittests/authopt/tests.c
347
opts = sshauthopt_from_cert(cert);
crypto/openssh/regress/unittests/authopt/tests.c
352
cert = load_key("sourceaddr.cert");
crypto/openssh/regress/unittests/authopt/tests.c
356
opts = sshauthopt_from_cert(cert);
crypto/openssh/regress/unittests/authopt/tests.c
364
cert = load_key(keybase ".cert"); \
crypto/openssh/regress/unittests/authopt/tests.c
365
opts = sshauthopt_from_cert(cert); \
crypto/openssh/regress/unittests/authopt/tests.c
367
sshkey_free(cert); \
crypto/openssh/regress/unittests/authopt/tests.c
379
struct sshkey *cert;
crypto/openssh/regress/unittests/authopt/tests.c
391
cert = load_key(keyname ".cert"); \
crypto/openssh/regress/unittests/authopt/tests.c
392
cert_opts = sshauthopt_from_cert(cert); \
crypto/openssh/regress/unittests/authopt/tests.c
409
sshkey_free(cert); \
crypto/openssh/regress/unittests/sshkey/test_file.c
117
ASSERT_STRING_EQ(k2->cert->signature_type, "ssh-rsa");
crypto/openssh/regress/unittests/sshkey/test_file.c
126
ASSERT_STRING_EQ(k2->cert->signature_type, "rsa-sha2-512");
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
423
ASSERT_PTR_NE(k1->cert, NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
424
k1->cert->type = SSH2_CERT_TYPE_USER;
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
425
k1->cert->serial = 1234;
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
426
k1->cert->key_id = strdup("estragon");
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
427
ASSERT_PTR_NE(k1->cert->key_id, NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
428
k1->cert->principals = calloc(4, sizeof(*k1->cert->principals));
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
429
ASSERT_PTR_NE(k1->cert->principals, NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
430
k1->cert->principals[0] = strdup("estragon");
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
431
k1->cert->principals[1] = strdup("vladimir");
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
432
k1->cert->principals[2] = strdup("pozzo");
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
433
k1->cert->principals[3] = strdup("lucky");
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
434
ASSERT_PTR_NE(k1->cert->principals[0], NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
435
ASSERT_PTR_NE(k1->cert->principals[1], NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
436
ASSERT_PTR_NE(k1->cert->principals[2], NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
437
ASSERT_PTR_NE(k1->cert->principals[3], NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
438
k1->cert->nprincipals = 4;
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
439
k1->cert->valid_after = 0;
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
440
k1->cert->valid_before = (u_int64_t)-1;
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
441
sshbuf_free(k1->cert->critical);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
442
k1->cert->critical = sshbuf_new();
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
443
ASSERT_PTR_NE(k1->cert->critical, NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
444
sshbuf_free(k1->cert->extensions);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
445
k1->cert->extensions = sshbuf_new();
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
446
ASSERT_PTR_NE(k1->cert->extensions, NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
447
put_opt(k1->cert->critical, "force-command", "/usr/bin/true");
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
448
put_opt(k1->cert->critical, "source-address", "127.0.0.1");
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
449
put_opt(k1->cert->extensions, "permit-X11-forwarding", NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
450
put_opt(k1->cert->extensions, "permit-agent-forwarding", NULL);
crypto/openssh/regress/unittests/sshkey/test_sshkey.c
451
ASSERT_INT_EQ(sshkey_from_private(k2, &k1->cert->signature_key), 0);
crypto/openssh/ssh-add.c
174
struct sshkey *public, *cert = NULL;
crypto/openssh/ssh-add.c
199
if ((r = sshkey_load_public(certpath, &cert, &comment)) != 0) {
crypto/openssh/ssh-add.c
205
if (!sshkey_equal_public(cert, public))
crypto/openssh/ssh-add.c
209
if (delete_one(agent_fd, cert, comment, certpath, qflag) == 0)
crypto/openssh/ssh-add.c
213
sshkey_free(cert);
crypto/openssh/ssh-add.c
251
struct sshkey *private, *cert;
crypto/openssh/ssh-add.c
405
if ((r = sshkey_load_public(certpath, &cert, NULL)) != 0) {
crypto/openssh/ssh-add.c
412
if (!sshkey_equal_public(cert, private)) {
crypto/openssh/ssh-add.c
415
sshkey_free(cert);
crypto/openssh/ssh-add.c
422
sshkey_free(cert);
crypto/openssh/ssh-add.c
425
if ((r = sshkey_cert_copy(cert, private)) != 0) {
crypto/openssh/ssh-add.c
427
sshkey_free(cert);
crypto/openssh/ssh-add.c
430
sshkey_free(cert);
crypto/openssh/ssh-add.c
436
private->cert->key_id);
crypto/openssh/ssh-add.c
442
private->cert->key_id);
crypto/openssh/ssh-agent.c
419
if (key->cert == NULL || key->cert->signature_key == NULL)
crypto/openssh/ssh-agent.c
421
if (!sshkey_equal(key->cert->signature_key, dch->keys[i]))
crypto/openssh/ssh-agent.c
426
key->cert->key_id, hostname, reason);
crypto/openssh/ssh-keygen.c
1889
public->cert->type = cert_key_type;
crypto/openssh/ssh-keygen.c
1890
public->cert->serial = (u_int64_t)cert_serial;
crypto/openssh/ssh-keygen.c
1891
public->cert->key_id = xstrdup(cert_key_id);
crypto/openssh/ssh-keygen.c
1892
public->cert->nprincipals = n;
crypto/openssh/ssh-keygen.c
1893
public->cert->principals = plist;
crypto/openssh/ssh-keygen.c
1894
public->cert->valid_after = cert_valid_from;
crypto/openssh/ssh-keygen.c
1895
public->cert->valid_before = cert_valid_to;
crypto/openssh/ssh-keygen.c
1896
prepare_options_buf(public->cert->critical, OPTIONS_CRITICAL);
crypto/openssh/ssh-keygen.c
1897
prepare_options_buf(public->cert->extensions,
crypto/openssh/ssh-keygen.c
1900
&public->cert->signature_key)) != 0)
crypto/openssh/ssh-keygen.c
1933
sshkey_format_cert_validity(public->cert,
crypto/openssh/ssh-keygen.c
1937
out, public->cert->key_id,
crypto/openssh/ssh-keygen.c
1938
(unsigned long long)public->cert->serial,
crypto/openssh/ssh-keygen.c
2161
ca_fp = sshkey_fingerprint(key->cert->signature_key,
crypto/openssh/ssh-keygen.c
2165
sshkey_format_cert_validity(key->cert, valid, sizeof(valid));
crypto/openssh/ssh-keygen.c
2171
sshkey_type(key->cert->signature_key), ca_fp,
crypto/openssh/ssh-keygen.c
2172
key->cert->signature_type);
crypto/openssh/ssh-keygen.c
2173
printf(" Key ID: \"%s\"\n", key->cert->key_id);
crypto/openssh/ssh-keygen.c
2174
printf(" Serial: %llu\n", (unsigned long long)key->cert->serial);
crypto/openssh/ssh-keygen.c
2177
if (key->cert->nprincipals == 0)
crypto/openssh/ssh-keygen.c
2180
for (i = 0; i < key->cert->nprincipals; i++)
crypto/openssh/ssh-keygen.c
2182
key->cert->principals[i]);
crypto/openssh/ssh-keygen.c
2186
if (sshbuf_len(key->cert->critical) == 0)
crypto/openssh/ssh-keygen.c
2190
show_options(key->cert->critical, 1);
crypto/openssh/ssh-keygen.c
2193
if (sshbuf_len(key->cert->extensions) == 0)
crypto/openssh/ssh-keygen.c
2197
show_options(key->cert->extensions, 0);
crypto/openssh/sshconnect.c
1496
if ((cafp = sshkey_fingerprint(host_key->cert->signature_key,
crypto/openssh/sshconnect.c
1502
sshkey_format_cert_validity(host_key->cert,
crypto/openssh/sshconnect.c
1507
(unsigned long long)host_key->cert->serial,
crypto/openssh/sshconnect.c
1508
host_key->cert->key_id,
crypto/openssh/sshconnect.c
1509
sshkey_ssh_name(host_key->cert->signature_key), cafp,
crypto/openssh/sshconnect.c
1511
for (i = 0; i < host_key->cert->nprincipals; i++) {
crypto/openssh/sshconnect.c
1513
host_key->cert->principals[i]);
crypto/openssh/sshconnect2.c
1687
if (key && key->cert &&
crypto/openssh/sshconnect2.c
1688
key->cert->type != SSH2_CERT_TYPE_USER) {
crypto/openssh/sshconnect2.c
1710
if (!sshkey_is_cert(key) || key->cert == NULL ||
crypto/openssh/sshconnect2.c
1711
key->cert->type != SSH2_CERT_TYPE_USER) {
crypto/openssh/sshkey.c
1456
switch (k->cert->type) {
crypto/openssh/sshkey.c
1538
if (to_key == NULL || (from = from_key->cert) == NULL)
crypto/openssh/sshkey.c
1591
cert_free(to_key->cert);
crypto/openssh/sshkey.c
1592
to_key->cert = to;
crypto/openssh/sshkey.c
1876
if ((ret = sshbuf_putb(key->cert->certblob, certbuf)) != 0)
crypto/openssh/sshkey.c
1880
if ((ret = sshbuf_get_u64(b, &key->cert->serial)) != 0 ||
crypto/openssh/sshkey.c
1881
(ret = sshbuf_get_u32(b, &key->cert->type)) != 0 ||
crypto/openssh/sshkey.c
1882
(ret = sshbuf_get_cstring(b, &key->cert->key_id, &kidlen)) != 0 ||
crypto/openssh/sshkey.c
1884
(ret = sshbuf_get_u64(b, &key->cert->valid_after)) != 0 ||
crypto/openssh/sshkey.c
1885
(ret = sshbuf_get_u64(b, &key->cert->valid_before)) != 0 ||
crypto/openssh/sshkey.c
1896
signed_len = sshbuf_len(key->cert->certblob) - sshbuf_len(b);
crypto/openssh/sshkey.c
1903
if (key->cert->type != SSH2_CERT_TYPE_USER &&
crypto/openssh/sshkey.c
1904
key->cert->type != SSH2_CERT_TYPE_HOST) {
crypto/openssh/sshkey.c
1914
if (key->cert->nprincipals >= SSHKEY_CERT_MAX_PRINCIPALS) {
crypto/openssh/sshkey.c
1923
oprincipals = key->cert->principals;
crypto/openssh/sshkey.c
1924
key->cert->principals = recallocarray(key->cert->principals,
crypto/openssh/sshkey.c
1925
key->cert->nprincipals, key->cert->nprincipals + 1,
crypto/openssh/sshkey.c
1926
sizeof(*key->cert->principals));
crypto/openssh/sshkey.c
1927
if (key->cert->principals == NULL) {
crypto/openssh/sshkey.c
1929
key->cert->principals = oprincipals;
crypto/openssh/sshkey.c
1933
key->cert->principals[key->cert->nprincipals++] = principal;
crypto/openssh/sshkey.c
1940
if ((ret = sshbuf_putb(key->cert->critical, crit)) != 0 ||
crypto/openssh/sshkey.c
1942
(ret = sshbuf_putb(key->cert->extensions, exts)) != 0))
crypto/openssh/sshkey.c
1951
sshbuf_reset(key->cert->critical);
crypto/openssh/sshkey.c
1959
sshbuf_reset(key->cert->extensions);
crypto/openssh/sshkey.c
1966
if (sshkey_from_blob_internal(ca, &key->cert->signature_key, 0) != 0) {
crypto/openssh/sshkey.c
1970
if (!sshkey_type_is_valid_ca(key->cert->signature_key->type)) {
crypto/openssh/sshkey.c
1974
if ((ret = sshkey_verify(key->cert->signature_key, sig, slen,
crypto/openssh/sshkey.c
1975
sshbuf_ptr(key->cert->certblob), signed_len, NULL, 0, NULL)) != 0)
crypto/openssh/sshkey.c
1978
&key->cert->signature_type)) != 0)
crypto/openssh/sshkey.c
2139
if (key->cert == NULL || key->cert->signature_type == NULL)
crypto/openssh/sshkey.c
2141
if (match_pattern_list(key->cert->signature_type, allowed, 0) != 1)
crypto/openssh/sshkey.c
2161
if (!impl->cert)
crypto/openssh/sshkey.c
2258
if ((k->cert = cert_new()) == NULL)
crypto/openssh/sshkey.c
2270
cert_free(k->cert);
crypto/openssh/sshkey.c
2271
k->cert = NULL;
crypto/openssh/sshkey.c
2287
struct sshbuf *cert = NULL;
crypto/openssh/sshkey.c
2290
if (k == NULL || k->cert == NULL ||
crypto/openssh/sshkey.c
2291
k->cert->certblob == NULL || ca == NULL)
crypto/openssh/sshkey.c
2305
alg = k->cert->signature_type;
crypto/openssh/sshkey.c
2306
else if (k->cert->signature_type != NULL &&
crypto/openssh/sshkey.c
2307
strcmp(alg, k->cert->signature_type) != 0)
crypto/openssh/sshkey.c
2320
cert = k->cert->certblob; /* for readability */
crypto/openssh/sshkey.c
2321
sshbuf_reset(cert);
crypto/openssh/sshkey.c
2322
if ((ret = sshbuf_put_cstring(cert, sshkey_ssh_name(k))) != 0)
crypto/openssh/sshkey.c
2327
if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0)
crypto/openssh/sshkey.c
233
return impl->cert;
crypto/openssh/sshkey.c
2331
if ((ret = impl->funcs->serialize_public(k, cert,
crypto/openssh/sshkey.c
2336
if ((ret = sshbuf_put_u64(cert, k->cert->serial)) != 0 ||
crypto/openssh/sshkey.c
2337
(ret = sshbuf_put_u32(cert, k->cert->type)) != 0 ||
crypto/openssh/sshkey.c
2338
(ret = sshbuf_put_cstring(cert, k->cert->key_id)) != 0)
crypto/openssh/sshkey.c
2345
for (i = 0; i < k->cert->nprincipals; i++) {
crypto/openssh/sshkey.c
2347
k->cert->principals[i])) != 0)
crypto/openssh/sshkey.c
2350
if ((ret = sshbuf_put_stringb(cert, principals)) != 0 ||
crypto/openssh/sshkey.c
2351
(ret = sshbuf_put_u64(cert, k->cert->valid_after)) != 0 ||
crypto/openssh/sshkey.c
2352
(ret = sshbuf_put_u64(cert, k->cert->valid_before)) != 0 ||
crypto/openssh/sshkey.c
2353
(ret = sshbuf_put_stringb(cert, k->cert->critical)) != 0 ||
crypto/openssh/sshkey.c
2354
(ret = sshbuf_put_stringb(cert, k->cert->extensions)) != 0 ||
crypto/openssh/sshkey.c
2355
(ret = sshbuf_put_string(cert, NULL, 0)) != 0 || /* Reserved */
crypto/openssh/sshkey.c
2356
(ret = sshbuf_put_string(cert, ca_blob, ca_len)) != 0)
crypto/openssh/sshkey.c
2360
if ((ret = signer(ca, &sig_blob, &sig_len, sshbuf_ptr(cert),
crypto/openssh/sshkey.c
2361
sshbuf_len(cert), alg, sk_provider, sk_pin, 0, signer_ctx)) != 0)
crypto/openssh/sshkey.c
2370
if (k->cert->signature_type == NULL) {
crypto/openssh/sshkey.c
2371
k->cert->signature_type = sigtype;
crypto/openssh/sshkey.c
2375
if ((ret = sshbuf_put_string(cert, sig_blob, sig_len)) != 0)
crypto/openssh/sshkey.c
2380
sshbuf_reset(cert);
crypto/openssh/sshkey.c
2422
if (k->cert->type != SSH2_CERT_TYPE_HOST) {
crypto/openssh/sshkey.c
2427
if (k->cert->type != SSH2_CERT_TYPE_USER) {
crypto/openssh/sshkey.c
2432
if (verify_time < k->cert->valid_after) {
crypto/openssh/sshkey.c
2436
if (verify_time >= k->cert->valid_before) {
crypto/openssh/sshkey.c
2440
if (k->cert->nprincipals == 0) {
crypto/openssh/sshkey.c
2447
for (i = 0; i < k->cert->nprincipals; i++) {
crypto/openssh/sshkey.c
2449
if (match_pattern(k->cert->principals[i],
crypto/openssh/sshkey.c
2454
} else if (strcmp(name, k->cert->principals[i]) == 0) {
crypto/openssh/sshkey.c
2494
if (sshbuf_len(key->cert->critical) != 0) {
crypto/openssh/sshkey.c
2507
sshkey_format_cert_validity(const struct sshkey_cert *cert, char *s, size_t l)
crypto/openssh/sshkey.c
2512
if (cert->valid_after == 0 &&
crypto/openssh/sshkey.c
2513
cert->valid_before == 0xffffffffffffffffULL)
crypto/openssh/sshkey.c
2516
if (cert->valid_after != 0)
crypto/openssh/sshkey.c
2517
format_absolute_time(cert->valid_after, from, sizeof(from));
crypto/openssh/sshkey.c
2518
if (cert->valid_before != 0xffffffffffffffffULL)
crypto/openssh/sshkey.c
2519
format_absolute_time(cert->valid_before, to, sizeof(to));
crypto/openssh/sshkey.c
2521
if (cert->valid_after == 0)
crypto/openssh/sshkey.c
2523
else if (cert->valid_before == 0xffffffffffffffffULL)
crypto/openssh/sshkey.c
2564
if (key->cert == NULL ||
crypto/openssh/sshkey.c
2565
sshbuf_len(key->cert->certblob) == 0) {
crypto/openssh/sshkey.c
2569
if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0)
crypto/openssh/sshkey.c
260
if (allow_short && !impl->cert && impl->shortname != NULL &&
crypto/openssh/sshkey.c
343
if ((certs_only && !impl->cert) || (plain_only && impl->cert))
crypto/openssh/sshkey.c
422
return !impl->cert;
crypto/openssh/sshkey.c
674
cert_free(struct sshkey_cert *cert)
crypto/openssh/sshkey.c
678
if (cert == NULL)
crypto/openssh/sshkey.c
680
sshbuf_free(cert->certblob);
crypto/openssh/sshkey.c
681
sshbuf_free(cert->critical);
crypto/openssh/sshkey.c
682
sshbuf_free(cert->extensions);
crypto/openssh/sshkey.c
683
free(cert->key_id);
crypto/openssh/sshkey.c
684
for (i = 0; i < cert->nprincipals; i++)
crypto/openssh/sshkey.c
685
free(cert->principals[i]);
crypto/openssh/sshkey.c
686
free(cert->principals);
crypto/openssh/sshkey.c
687
sshkey_free(cert->signature_key);
crypto/openssh/sshkey.c
688
free(cert->signature_type);
crypto/openssh/sshkey.c
689
freezero(cert, sizeof(*cert));
crypto/openssh/sshkey.c
695
struct sshkey_cert *cert;
crypto/openssh/sshkey.c
697
if ((cert = calloc(1, sizeof(*cert))) == NULL)
crypto/openssh/sshkey.c
699
if ((cert->certblob = sshbuf_new()) == NULL ||
crypto/openssh/sshkey.c
700
(cert->critical = sshbuf_new()) == NULL ||
crypto/openssh/sshkey.c
701
(cert->extensions = sshbuf_new()) == NULL) {
crypto/openssh/sshkey.c
702
cert_free(cert);
crypto/openssh/sshkey.c
705
cert->key_id = NULL;
crypto/openssh/sshkey.c
706
cert->principals = NULL;
crypto/openssh/sshkey.c
707
cert->signature_key = NULL;
crypto/openssh/sshkey.c
708
cert->signature_type = NULL;
crypto/openssh/sshkey.c
709
return cert;
crypto/openssh/sshkey.c
734
if ((k->cert = cert_new()) == NULL) {
crypto/openssh/sshkey.c
797
cert_free(k->cert);
crypto/openssh/sshkey.c
858
if (!cert_compare(a->cert, b->cert))
crypto/openssh/sshkey.c
891
if (key->cert == NULL)
crypto/openssh/sshkey.c
893
if (sshbuf_len(key->cert->certblob) == 0)
crypto/openssh/sshkey.c
896
if ((ret = sshbuf_putb(b, key->cert->certblob)) != 0)
crypto/openssh/sshkey.h
153
struct sshkey_cert *cert;
crypto/openssh/sshkey.h
199
int cert;
crypto/openssh/sshsig.c
839
char **principalsp, const struct sshkey *cert, uint64_t verify_time)
crypto/openssh/sshsig.c
857
if ((r = sshkey_cert_check_authority(cert, 0, 1, 0,
crypto/openssh/sshsig.c
864
for (i = 0; i < cert->cert->nprincipals; i++) {
crypto/openssh/sshsig.c
865
if (match_pattern(cert->cert->principals[i], cp)) {
crypto/openssh/sshsig.c
868
cert->cert->principals[i])) != 0) {
crypto/openssh/sshsig.c
920
sshkey_equal_public(sign_key->cert->signature_key, found_key)) {
crypto/openssl/apps/cmp.c
1099
typedef int (*add_X509_fn_t)(void *ctx, const X509 *cert);
crypto/openssl/apps/cmp.c
1103
X509 *cert;
crypto/openssl/apps/cmp.c
1108
if ((cert = load_cert_pwd(file, pass, desc)) == NULL)
crypto/openssl/apps/cmp.c
1110
ok = (*set1_fn)(ctx, cert);
crypto/openssl/apps/cmp.c
1111
X509_free(cert);
crypto/openssl/apps/cmp.c
1468
X509 *cert;
crypto/openssl/apps/cmp.c
1472
if (!load_cert_certs(opt_tls_cert, &cert, &certs, 0, opt_tls_keypass,
crypto/openssl/apps/cmp.c
1478
ok = SSL_CTX_use_certificate(ssl_ctx, cert) > 0;
crypto/openssl/apps/cmp.c
1479
X509_free(cert);
crypto/openssl/apps/cmp.c
1492
cert = sk_X509_value(untrusted, i);
crypto/openssl/apps/cmp.c
1493
if (!SSL_CTX_add1_chain_cert(ssl_ctx, cert)) {
crypto/openssl/apps/cmp.c
1536
cert = sk_X509_value(tls_extra, i);
crypto/openssl/apps/cmp.c
1538
res = SSL_CTX_add_extra_chain_cert(ssl_ctx, cert);
crypto/openssl/apps/cmp.c
1540
X509_free(cert);
crypto/openssl/apps/cmp.c
1650
X509 *cert;
crypto/openssl/apps/cmp.c
1655
if (!load_cert_certs(opt_cert, &cert, &certs, 0, opt_keypass,
crypto/openssl/apps/cmp.c
1660
ok = OSSL_CMP_CTX_set1_cert(ctx, cert);
crypto/openssl/apps/cmp.c
1661
X509_free(cert);
crypto/openssl/apps/cmp.c
2423
static int write_cert(BIO *bio, X509 *cert)
crypto/openssl/apps/cmp.c
2425
if ((opt_certform == FORMAT_PEM && PEM_write_bio_X509(bio, cert))
crypto/openssl/apps/cmp.c
2426
|| (opt_certform == FORMAT_ASN1 && i2d_X509_bio(bio, cert)))
crypto/openssl/apps/cmp.c
2536
static int save_cert_or_delete(X509 *cert, const char *file, const char *desc)
crypto/openssl/apps/cmp.c
2540
if (cert == NULL) {
crypto/openssl/apps/cmp.c
2548
if (!X509_add_cert(certs, cert, X509_ADD_FLAG_UP_REF)) {
crypto/openssl/apps/cmp.c
853
X509 *cert;
crypto/openssl/apps/cmp.c
856
cert = load_cert_pass(uri, FORMAT_UNDEF, 0, pass_string, desc);
crypto/openssl/apps/cmp.c
858
return cert;
crypto/openssl/apps/cms.c
1377
X509_free(cert);
crypto/openssl/apps/cms.c
356
X509 *cert = NULL, *recip = NULL, *signer = NULL, *originator = NULL;
crypto/openssl/apps/cms.c
702
cert = load_cert(opt_arg(), FORMAT_UNDEF,
crypto/openssl/apps/cms.c
704
if (cert == NULL)
crypto/openssl/apps/cms.c
706
if (!sk_X509_push(encerts, cert))
crypto/openssl/apps/cms.c
708
cert = NULL;
crypto/openssl/apps/cms.c
907
cert = load_cert(*argv, FORMAT_UNDEF,
crypto/openssl/apps/cms.c
909
if (cert == NULL)
crypto/openssl/apps/cms.c
911
if (!sk_X509_push(encerts, cert))
crypto/openssl/apps/cms.c
913
cert = NULL;
crypto/openssl/apps/crl2pkcs7.c
154
p7s->cert = cert_stack;
crypto/openssl/apps/include/apps.h
263
int cert_matches_key(const X509 *cert, const EVP_PKEY *pkey);
crypto/openssl/apps/include/cmp_mock_srv.h
25
int ossl_cmp_mock_srv_set1_refCert(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
crypto/openssl/apps/include/cmp_mock_srv.h
26
int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
crypto/openssl/apps/include/cmp_mock_srv.h
33
int ossl_cmp_mock_srv_set1_newWithNew(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
crypto/openssl/apps/include/cmp_mock_srv.h
34
int ossl_cmp_mock_srv_set1_newWithOld(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
crypto/openssl/apps/include/cmp_mock_srv.h
35
int ossl_cmp_mock_srv_set1_oldWithNew(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
crypto/openssl/apps/include/s_apps.h
31
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
crypto/openssl/apps/lib/apps.c
2292
static int adapt_keyid_ext(X509 *cert, X509V3_CTX *ext_ctx,
crypto/openssl/apps/lib/apps.c
2295
const STACK_OF(X509_EXTENSION) *exts = X509_get0_extensions(cert);
crypto/openssl/apps/lib/apps.c
2309
X509_delete_ext(cert, idx);
crypto/openssl/apps/lib/apps.c
2314
rv = !add_default || X509_add_ext(cert, new_ext, -1);
crypto/openssl/apps/lib/apps.c
2320
int cert_matches_key(const X509 *cert, const EVP_PKEY *pkey)
crypto/openssl/apps/lib/apps.c
2325
match = X509_check_private_key(cert, pkey);
crypto/openssl/apps/lib/apps.c
2331
int do_X509_sign(X509 *cert, int force_v1, EVP_PKEY *pkey, const char *md,
crypto/openssl/apps/lib/apps.c
2339
if (!X509_set_version(cert, X509_VERSION_3))
crypto/openssl/apps/lib/apps.c
2347
if (!adapt_keyid_ext(cert, ext_ctx, "subjectKeyIdentifier", "hash", 1))
crypto/openssl/apps/lib/apps.c
2350
self_sign = cert_matches_key(cert, pkey);
crypto/openssl/apps/lib/apps.c
2351
if (!adapt_keyid_ext(cert, ext_ctx, "authorityKeyIdentifier",
crypto/openssl/apps/lib/apps.c
2358
rv = (X509_sign_ctx(cert, mctx) > 0);
crypto/openssl/apps/lib/apps.c
443
X509 *cert = NULL;
crypto/openssl/apps/lib/apps.c
450
cert = X509_load_http(uri, NULL, NULL, 0 /* timeout */);
crypto/openssl/apps/lib/apps.c
451
if (cert == NULL) {
crypto/openssl/apps/lib/apps.c
457
NULL, NULL, NULL, &cert, NULL, NULL, NULL);
crypto/openssl/apps/lib/apps.c
459
return cert;
crypto/openssl/apps/lib/apps.c
664
static void warn_cert_msg(const char *uri, X509 *cert, const char *msg)
crypto/openssl/apps/lib/apps.c
666
char *subj = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
crypto/openssl/apps/lib/apps.c
673
static void warn_cert(const char *uri, X509 *cert, int warn_EE,
crypto/openssl/apps/lib/apps.c
676
uint32_t ex_flags = X509_get_extension_flags(cert);
crypto/openssl/apps/lib/apps.c
677
int res = X509_cmp_timeframe(vpm, X509_get0_notBefore(cert),
crypto/openssl/apps/lib/apps.c
678
X509_get0_notAfter(cert));
crypto/openssl/apps/lib/apps.c
681
warn_cert_msg(uri, cert, res > 0 ? "has expired" : "not yet valid");
crypto/openssl/apps/lib/apps.c
683
warn_cert_msg(uri, cert, "is not a CA cert");
crypto/openssl/apps/lib/cmp_mock_srv.c
75
X509 *cert) \
crypto/openssl/apps/lib/cmp_mock_srv.c
83
if (cert == NULL || X509_up_ref(cert)) { \
crypto/openssl/apps/lib/cmp_mock_srv.c
85
ctx->FIELD = cert; \
crypto/openssl/apps/lib/s_cb.c
1023
rv = SSL_check_chain(ssl, exc->cert, exc->key, exc->chain);
crypto/openssl/apps/lib/s_cb.c
1025
X509_NAME_print_ex(bio_err, X509_get_subject_name(exc->cert), 0,
crypto/openssl/apps/lib/s_cb.c
1030
if (!SSL_use_certificate(ssl, exc->cert)
crypto/openssl/apps/lib/s_cb.c
1084
X509_free(exc->cert);
crypto/openssl/apps/lib/s_cb.c
1110
exc->cert = load_cert(exc->certfile, exc->certform,
crypto/openssl/apps/lib/s_cb.c
1112
if (exc->cert == NULL)
crypto/openssl/apps/lib/s_cb.c
155
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
crypto/openssl/apps/lib/s_cb.c
160
if (cert == NULL)
crypto/openssl/apps/lib/s_cb.c
162
if (SSL_CTX_use_certificate(ctx, cert) <= 0) {
crypto/openssl/apps/lib/s_cb.c
953
X509 *cert;
crypto/openssl/apps/ocsp.c
270
X509 *issuer = NULL, *cert = NULL;
crypto/openssl/apps/ocsp.c
481
X509_free(cert);
crypto/openssl/apps/ocsp.c
482
cert = load_cert(opt_arg(), FORMAT_UNDEF, "certificate");
crypto/openssl/apps/ocsp.c
483
if (cert == NULL)
crypto/openssl/apps/ocsp.c
487
if (!add_ocsp_cert(&req, cert, cert_id_md, issuer, ids))
crypto/openssl/apps/ocsp.c
53
static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
crypto/openssl/apps/ocsp.c
906
X509_free(cert);
crypto/openssl/apps/ocsp.c
949
static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
crypto/openssl/apps/ocsp.c
963
id = OCSP_cert_to_id(cert_id_md, cert, issuer);
crypto/openssl/apps/pkcs12.c
1149
static int get_cert_chain(X509 *cert, X509_STORE *store,
crypto/openssl/apps/pkcs12.c
1162
if (!X509_STORE_CTX_init(store_ctx, store, cert, untrusted_certs)) {
crypto/openssl/apps/pkcs12.c
1270
X509 *cert;
crypto/openssl/apps/pkcs12.c
1272
while ((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
crypto/openssl/apps/pkcs12.c
1274
if (!sk_X509_push(sk, cert))
crypto/openssl/apps/pkcs12.c
39
static int get_cert_chain(X509 *cert, X509_STORE *store,
crypto/openssl/apps/pkcs7.c
166
certs = p7->d.sign->cert;
crypto/openssl/apps/pkcs7.c
172
certs = p7->d.signed_and_enveloped->cert;
crypto/openssl/apps/s_client.c
1840
cert = load_cert_pass(cert_file, cert_format, 1, pass,
crypto/openssl/apps/s_client.c
1842
if (cert == NULL)
crypto/openssl/apps/s_client.c
2118
if (!set_cert_key_stuff(ctx, cert, key, chain, build_chain))
crypto/openssl/apps/s_client.c
3389
X509_free(cert);
crypto/openssl/apps/s_client.c
3439
static void print_cert_key_info(BIO *bio, X509 *cert)
crypto/openssl/apps/s_client.c
3441
EVP_PKEY *pkey = X509_get0_pubkey(cert);
crypto/openssl/apps/s_client.c
3455
OBJ_nid2ln(X509_get_signature_nid(cert)));
crypto/openssl/apps/s_client.c
3459
OBJ_nid2ln(X509_get_signature_nid(cert)));
crypto/openssl/apps/s_client.c
936
X509 *cert = NULL;
crypto/openssl/apps/s_server.c
485
X509 *x = NULL, *cert;
crypto/openssl/apps/s_server.c
529
cert = sk_X509_value(chain, i);
crypto/openssl/apps/s_server.c
530
if (X509_name_cmp(iname, X509_get_subject_name(cert)) == 0) {
crypto/openssl/apps/s_server.c
532
id = OCSP_cert_to_id(NULL, x, cert);
crypto/openssl/apps/sess_id.c
138
if (cert) {
crypto/openssl/apps/sess_id.c
146
if (!noout && !cert) {
crypto/openssl/apps/sess_id.c
61
int cert = 0, noout = 0, text = 0, ret = 1, i, num = 0;
crypto/openssl/apps/sess_id.c
95
cert = ++num;
crypto/openssl/apps/smime.c
203
X509 *cert = NULL, *recip = NULL, *signer = NULL;
crypto/openssl/apps/smime.c
519
cert = load_cert(*argv, FORMAT_UNDEF,
crypto/openssl/apps/smime.c
521
if (cert == NULL)
crypto/openssl/apps/smime.c
523
if (!sk_X509_push(encerts, cert))
crypto/openssl/apps/smime.c
525
cert = NULL;
crypto/openssl/apps/smime.c
732
X509_free(cert);
crypto/openssl/apps/ts.c
194
int ret = 1, no_nonce = 0, cert = 0, text = 0;
crypto/openssl/apps/ts.c
256
cert = 1;
crypto/openssl/apps/ts.c
343
ret = !query_command(data, digest, md, policy, no_nonce, cert,
crypto/openssl/apps/ts.c
39
int cert, const char *in, const char *out, int text);
crypto/openssl/apps/ts.c
41
const char *policy, int no_nonce, int cert);
crypto/openssl/apps/ts.c
419
int cert, const char *in, const char *out, int text)
crypto/openssl/apps/ts.c
436
query = create_query(data_bio, digest, md, policy, no_nonce, cert);
crypto/openssl/apps/ts.c
465
const char *policy, int no_nonce, int cert)
crypto/openssl/apps/ts.c
509
if (!TS_REQ_set_cert_req(ts_req, cert))
crypto/openssl/apps/verify.c
316
X509 *cert = sk_X509_value(chain, j);
crypto/openssl/apps/verify.c
319
X509_get_subject_name(cert),
crypto/openssl/apps/x509.c
1258
static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)
crypto/openssl/apps/x509.c
1265
idret = X509_check_purpose(cert, id, i);
crypto/openssl/apps/x509.c
259
static X509_REQ *x509_to_req(X509 *cert, int ext_copy, const char *names)
crypto/openssl/apps/x509.c
261
const STACK_OF(X509_EXTENSION) *cert_exts = X509_get0_extensions(cert);
crypto/openssl/apps/x509.c
266
X509_REQ *req = X509_to_X509_REQ(cert, NULL, NULL);
crypto/openssl/apps/x509.c
304
static int self_signed(X509_STORE *ctx, X509 *cert)
crypto/openssl/apps/x509.c
309
if (xsc == NULL || !X509_STORE_CTX_init(xsc, ctx, cert, NULL)) {
crypto/openssl/apps/x509.c
39
static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt);
crypto/openssl/crypto/cmp/cmp_asn.c
683
const X509 *cert, int only_DN)
crypto/openssl/crypto/cmp/cmp_asn.c
700
if (cert != NULL) {
crypto/openssl/crypto/cmp/cmp_asn.c
701
crldps = X509_get_ext_d2i(cert, NID_crl_distribution_points, NULL, NULL);
crypto/openssl/crypto/cmp/cmp_asn.c
728
if (cert != NULL) {
crypto/openssl/crypto/cmp/cmp_asn.c
729
akid = X509_get_ext_d2i(cert, NID_akid, NULL, NULL);
crypto/openssl/crypto/cmp/cmp_asn.c
733
CRLissuer = issuers = gennames_new(X509_get_issuer_name(cert));
crypto/openssl/crypto/cmp/cmp_client.c
593
int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info,
crypto/openssl/crypto/cmp/cmp_client.c
606
chain = X509_build_chain(cert, ctx->untrusted, out_trusted,
crypto/openssl/crypto/cmp/cmp_client.c
614
if (!X509_STORE_CTX_init(csc, out_trusted, cert, ctx->untrusted))
crypto/openssl/crypto/cmp/cmp_client.c
677
X509 *cert;
crypto/openssl/crypto/cmp/cmp_client.c
746
cert = get1_cert_status(ctx, (*resp)->body->type, crep);
crypto/openssl/crypto/cmp/cmp_client.c
747
if (cert == NULL) {
crypto/openssl/crypto/cmp/cmp_client.c
751
if (!ossl_cmp_ctx_set0_newCert(ctx, cert)) {
crypto/openssl/crypto/cmp/cmp_client.c
752
X509_free(cert);
crypto/openssl/crypto/cmp/cmp_client.c
764
subj = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
crypto/openssl/crypto/cmp/cmp_ctx.c
216
X509_free(ctx->cert);
crypto/openssl/crypto/cmp/cmp_ctx.c
584
#define X509_invalid(cert) (!ossl_x509v3_cache_extensions(cert))
crypto/openssl/crypto/cmp/cmp_ctx.c
700
DEFINE_OSSL_set1_up_ref(OSSL_CMP_CTX, cert, X509)
crypto/openssl/crypto/cmp/cmp_ctx.c
717
chain = X509_build_chain(ctx->cert, ctx->untrusted, own_trusted, 0,
crypto/openssl/crypto/cmp/cmp_ctx.c
797
if (ctx->cert != NULL)
crypto/openssl/crypto/cmp/cmp_ctx.c
798
return X509_get0_pubkey(ctx->cert);
crypto/openssl/crypto/cmp/cmp_genm.c
192
X509 *cert = sk_X509_value(chain, 0); /* target cert */
crypto/openssl/crypto/cmp/cmp_genm.c
196
cert = sk_X509_value(untrusted, i);
crypto/openssl/crypto/cmp/cmp_genm.c
197
if (!X509_add_cert(chain, cert, X509_ADD_FLAG_UP_REF))
crypto/openssl/crypto/cmp/cmp_genm.c
204
if ((*check_issued)(store_ctx, cert, issuer)) {
crypto/openssl/crypto/cmp/cmp_genm.c
205
if (X509_add_cert(chain, cert, X509_ADD_FLAG_UP_REF))
crypto/openssl/crypto/cmp/cmp_genm.c
23
const char *source, X509 *cert, const char *msg)
crypto/openssl/crypto/cmp/cmp_genm.c
25
char *subj = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
crypto/openssl/crypto/cmp/cmp_genm.c
35
static int ossl_X509_check(OSSL_CMP_CTX *ctx, const char *source, X509 *cert,
crypto/openssl/crypto/cmp/cmp_genm.c
38
uint32_t ex_flags = X509_get_extension_flags(cert);
crypto/openssl/crypto/cmp/cmp_genm.c
39
int res = X509_cmp_timeframe(vpm, X509_get0_notBefore(cert),
crypto/openssl/crypto/cmp/cmp_genm.c
40
X509_get0_notAfter(cert));
crypto/openssl/crypto/cmp/cmp_genm.c
46
source, cert, res > 0 ? "has expired" : "not yet valid");
crypto/openssl/crypto/cmp/cmp_genm.c
52
source, cert,
crypto/openssl/crypto/cmp/cmp_hdr.c
288
sender = ctx->cert != NULL ? X509_get_subject_name(ctx->cert) : ctx->oldCert != NULL ? X509_get_subject_name(ctx->oldCert)
crypto/openssl/crypto/cmp/cmp_hdr.c
303
else if (ctx->cert != NULL)
crypto/openssl/crypto/cmp/cmp_hdr.c
304
rcp = X509_get_issuer_name(ctx->cert);
crypto/openssl/crypto/cmp/cmp_local.h
82
X509 *cert; /* protection cert used to identify and sign for MSG_SIG_ALG */
crypto/openssl/crypto/cmp/cmp_local.h
863
int ossl_cmp_ctx_set1_validatedSrvCert(OSSL_CMP_CTX *ctx, X509 *cert);
crypto/openssl/crypto/cmp/cmp_local.h
868
int ossl_cmp_ctx_set0_newCert(OSSL_CMP_CTX *ctx, X509 *cert);
crypto/openssl/crypto/cmp/cmp_local.h
955
X509 *cert, const EVP_PKEY *pkey,
crypto/openssl/crypto/cmp/cmp_msg.c
1151
ctx->pkey, ctx->cert,
crypto/openssl/crypto/cmp/cmp_msg.c
300
X509 *refcert = ctx->oldCert != NULL ? ctx->oldCert : ctx->cert;
crypto/openssl/crypto/cmp/cmp_msg.c
493
envData = ossl_cms_sign_encrypt(privbio, ctx->cert, ctx->chain, ctx->pkey, CMS_BINARY,
crypto/openssl/crypto/cmp/cmp_msg.c
513
X509 *cert, const EVP_PKEY *pkey,
crypto/openssl/crypto/cmp/cmp_msg.c
544
&& status != OSSL_CMP_PKISTATUS_waiting && cert != NULL) {
crypto/openssl/crypto/cmp/cmp_msg.c
554
if (!X509_up_ref(cert))
crypto/openssl/crypto/cmp/cmp_msg.c
556
resp->certifiedKeyPair->certOrEncCert->value.certificate = cert;
crypto/openssl/crypto/cmp/cmp_protect.c
140
ctx->chain = X509_build_chain(ctx->cert, ctx->untrusted, NULL, 0,
crypto/openssl/crypto/cmp/cmp_protect.c
160
&& ctx->cert != NULL && ctx->pkey != NULL) {
crypto/openssl/crypto/cmp/cmp_protect.c
170
if (!ossl_x509_add_cert_new(&msg->extraCerts, ctx->cert, prepend))
crypto/openssl/crypto/cmp/cmp_protect.c
262
} else if (ctx->cert != NULL && ctx->pkey != NULL) {
crypto/openssl/crypto/cmp/cmp_protect.c
266
if (!X509_check_private_key(ctx->cert, ctx->pkey)) {
crypto/openssl/crypto/cmp/cmp_protect.c
274
if (!set_senderKID(ctx, msg, X509_get0_subject_key_id(ctx->cert)))
crypto/openssl/crypto/cmp/cmp_util.c
212
X509 *cert = sk_X509_value(certs, i);
crypto/openssl/crypto/cmp/cmp_util.c
214
if (!only_self_signed || X509_self_signed(cert, 0) == 1)
crypto/openssl/crypto/cmp/cmp_util.c
215
if (!X509_STORE_add_cert(store, cert)) /* ups cert ref counter */
crypto/openssl/crypto/cmp/cmp_vfy.c
109
X509_STORE *trusted_store, X509 *cert)
crypto/openssl/crypto/cmp/cmp_vfy.c
115
if (ctx == NULL || cert == NULL) {
crypto/openssl/crypto/cmp/cmp_vfy.c
127
cert, ctx->untrusted))
crypto/openssl/crypto/cmp/cmp_vfy.c
144
static int verify_cb_cert(X509_STORE *ts, X509 *cert, int err)
crypto/openssl/crypto/cmp/cmp_vfy.c
153
&& X509_STORE_CTX_init(csc, ts, cert, NULL)) {
crypto/openssl/crypto/cmp/cmp_vfy.c
155
X509_STORE_CTX_set_current_cert(csc, cert);
crypto/openssl/crypto/cmp/cmp_vfy.c
227
static int already_checked(const X509 *cert,
crypto/openssl/crypto/cmp/cmp_vfy.c
233
if (X509_cmp(sk_X509_value(already_checked, i - 1), cert) == 0)
crypto/openssl/crypto/cmp/cmp_vfy.c
247
const char *desc1, const char *desc2, X509 *cert,
crypto/openssl/crypto/cmp/cmp_vfy.c
253
int self_issued = X509_check_issued(cert, cert) == X509_V_OK;
crypto/openssl/crypto/cmp/cmp_vfy.c
26
const OSSL_CMP_MSG *msg, X509 *cert)
crypto/openssl/crypto/cmp/cmp_vfy.c
260
if ((str = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0)) != NULL)
crypto/openssl/crypto/cmp/cmp_vfy.c
264
str = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0);
crypto/openssl/crypto/cmp/cmp_vfy.c
270
if (already_checked(cert, already_checked1)
crypto/openssl/crypto/cmp/cmp_vfy.c
271
|| already_checked(cert, already_checked2)) {
crypto/openssl/crypto/cmp/cmp_vfy.c
276
time_cmp = X509_cmp_timeframe(vpm, X509_get0_notBefore(cert),
crypto/openssl/crypto/cmp/cmp_vfy.c
277
X509_get0_notAfter(cert));
crypto/openssl/crypto/cmp/cmp_vfy.c
284
&& verify_cb_cert(ts, cert, err) <= 0)
crypto/openssl/crypto/cmp/cmp_vfy.c
289
"cert subject", X509_get_subject_name(cert),
crypto/openssl/crypto/cmp/cmp_vfy.c
293
if (!check_kid(ctx, X509_get0_subject_key_id(cert), msg->header->senderKID))
crypto/openssl/crypto/cmp/cmp_vfy.c
296
if (!ossl_x509v3_cache_extensions(cert)) {
crypto/openssl/crypto/cmp/cmp_vfy.c
300
if (!verify_signature(ctx, msg, cert)) {
crypto/openssl/crypto/cmp/cmp_vfy.c
33
if (!ossl_assert(cmp_ctx != NULL && msg != NULL && cert != NULL))
crypto/openssl/crypto/cmp/cmp_vfy.c
367
static int check_msg_given_cert(const OSSL_CMP_CTX *ctx, X509 *cert,
crypto/openssl/crypto/cmp/cmp_vfy.c
371
cert, NULL, NULL, msg);
crypto/openssl/crypto/cmp/cmp_vfy.c
395
X509 *cert = sk_X509_value(certs, i);
crypto/openssl/crypto/cmp/cmp_vfy.c
397
if (!ossl_assert(cert != NULL))
crypto/openssl/crypto/cmp/cmp_vfy.c
399
if (!cert_acceptable(ctx, "cert from", desc, cert,
crypto/openssl/crypto/cmp/cmp_vfy.c
403
if (mode_3gpp ? check_cert_path_3gpp(ctx, msg, cert)
crypto/openssl/crypto/cmp/cmp_vfy.c
404
: check_cert_path(ctx, ctx->trusted, cert)) {
crypto/openssl/crypto/cmp/cmp_vfy.c
406
return ossl_cmp_ctx_set1_validatedSrvCert(ctx, cert);
crypto/openssl/crypto/cmp/cmp_vfy.c
41
&& (X509_get_key_usage(cert) & X509v3_KU_DIGITAL_SIGNATURE) == 0) {
crypto/openssl/crypto/cmp/cmp_vfy.c
46
pubkey = X509_get_pubkey(cert);
crypto/openssl/crypto/cmp/cmp_vfy.c
65
res = ossl_x509_print_ex_brief(bio, cert, X509_FLAG_NO_EXTENSIONS);
crypto/openssl/crypto/cms/cms_env.c
254
EVP_PKEY *pkey, X509 *cert,
crypto/openssl/crypto/cms/cms_env.c
278
secret == NULL ? cert : NULL, detached_data, bio, flags);
crypto/openssl/crypto/cms/cms_env.c
483
int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert)
crypto/openssl/crypto/cms/cms_env.c
489
return ossl_cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert);
crypto/openssl/crypto/cms/cms_kari.c
107
return ossl_cms_ias_cert_cmp(oik->d.issuerAndSerialNumber, cert);
crypto/openssl/crypto/cms/cms_kari.c
109
return ossl_cms_keyid_cert_cmp(oik->d.subjectKeyIdentifier, cert);
crypto/openssl/crypto/cms/cms_kari.c
149
X509 *cert)
crypto/openssl/crypto/cms/cms_kari.c
154
return ossl_cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert);
crypto/openssl/crypto/cms/cms_kari.c
157
cert);
crypto/openssl/crypto/cms/cms_kari.c
97
int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert)
crypto/openssl/crypto/cms/cms_lib.c
536
int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert)
crypto/openssl/crypto/cms/cms_lib.c
548
if (X509_cmp(cch->d.certificate, cert) == 0) {
crypto/openssl/crypto/cms/cms_lib.c
549
X509_free(cert);
crypto/openssl/crypto/cms/cms_lib.c
558
cch->d.certificate = cert;
crypto/openssl/crypto/cms/cms_lib.c
562
int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert)
crypto/openssl/crypto/cms/cms_lib.c
564
if (!X509_up_ref(cert))
crypto/openssl/crypto/cms/cms_lib.c
566
if (CMS_add0_cert(cms, cert))
crypto/openssl/crypto/cms/cms_lib.c
568
X509_free(cert);
crypto/openssl/crypto/cms/cms_lib.c
731
int ossl_cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert)
crypto/openssl/crypto/cms/cms_lib.c
734
ret = X509_NAME_cmp(ias->issuer, X509_get_issuer_name(cert));
crypto/openssl/crypto/cms/cms_lib.c
737
return ASN1_INTEGER_cmp(ias->serialNumber, X509_get0_serialNumber(cert));
crypto/openssl/crypto/cms/cms_lib.c
740
int ossl_cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert)
crypto/openssl/crypto/cms/cms_lib.c
742
const ASN1_OCTET_STRING *cert_keyid = X509_get0_subject_key_id(cert);
crypto/openssl/crypto/cms/cms_lib.c
749
int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
crypto/openssl/crypto/cms/cms_lib.c
757
if (!X509_NAME_set(&ias->issuer, X509_get_issuer_name(cert))) {
crypto/openssl/crypto/cms/cms_lib.c
761
if (!ASN1_STRING_copy(ias->serialNumber, X509_get0_serialNumber(cert))) {
crypto/openssl/crypto/cms/cms_lib.c
773
int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
crypto/openssl/crypto/cms/cms_lib.c
777
cert_keyid = X509_get0_subject_key_id(cert);
crypto/openssl/crypto/cms/cms_local.h
413
int ossl_cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
crypto/openssl/crypto/cms/cms_local.h
419
int ossl_cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
crypto/openssl/crypto/cms/cms_local.h
431
int ossl_cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert);
crypto/openssl/crypto/cms/cms_local.h
432
int ossl_cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
crypto/openssl/crypto/cms/cms_local.h
433
int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
crypto/openssl/crypto/cms/cms_local.h
434
int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
crypto/openssl/crypto/cms/cms_sd.c
173
int ossl_cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
crypto/openssl/crypto/cms/cms_sd.c
178
if (!ossl_cms_set1_ias(&sid->d.issuerAndSerialNumber, cert))
crypto/openssl/crypto/cms/cms_sd.c
183
if (!ossl_cms_set1_keyid(&sid->d.subjectKeyIdentifier, cert))
crypto/openssl/crypto/cms/cms_sd.c
216
int ossl_cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert)
crypto/openssl/crypto/cms/cms_sd.c
219
return ossl_cms_ias_cert_cmp(sid->d.issuerAndSerialNumber, cert);
crypto/openssl/crypto/cms/cms_sd.c
221
return ossl_cms_keyid_cert_cmp(sid->d.subjectKeyIdentifier, cert);
crypto/openssl/crypto/cms/cms_sd.c
666
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert)
crypto/openssl/crypto/cms/cms_sd.c
668
return ossl_cms_SignerIdentifier_cert_cmp(si->sid, cert);
crypto/openssl/crypto/cms/cms_smime.c
682
EVP_PKEY *pk, X509 *cert, X509 *peer)
crypto/openssl/crypto/cms/cms_smime.c
693
if (cert != NULL && CMS_RecipientEncryptedKey_cert_cmp(rek, cert))
crypto/openssl/crypto/cms/cms_smime.c
700
return cert == NULL ? 0 : -1;
crypto/openssl/crypto/cms/cms_smime.c
705
int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
crypto/openssl/crypto/cms/cms_smime.c
707
return CMS_decrypt_set1_pkey_and_peer(cms, pk, cert, NULL);
crypto/openssl/crypto/cms/cms_smime.c
711
X509 *cert, X509 *peer)
crypto/openssl/crypto/cms/cms_smime.c
744
r = cms_kari_set1_pkey_and_peer(cms, ri, pk, cert, peer);
crypto/openssl/crypto/cms/cms_smime.c
751
else if (cert == NULL || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) {
crypto/openssl/crypto/cms/cms_smime.c
757
if (cert != NULL) {
crypto/openssl/crypto/cms/cms_smime.c
781
if (cert == NULL
crypto/openssl/crypto/cms/cms_smime.c
864
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
crypto/openssl/crypto/cms/cms_smime.c
881
ec->havenocert = cert == NULL;
crypto/openssl/crypto/cms/cms_smime.c
882
if (pk == NULL && cert == NULL && dcont == NULL && out == NULL)
crypto/openssl/crypto/cms/cms_smime.c
884
if (pk != NULL && !CMS_decrypt_set1_pkey(cms, pk, cert))
crypto/openssl/crypto/crmf/crmf_lib.c
668
X509 *cert, ASN1_OCTET_STRING *secret,
crypto/openssl/crypto/crmf/crmf_lib.c
703
NULL, pkey, cert, secret, 0,
crypto/openssl/crypto/crmf/crmf_lib.c
753
((void)ts, (void)extra, (void)cert, (void)secret);
crypto/openssl/crypto/crmf/crmf_lib.c
874
X509 *cert = NULL;
crypto/openssl/crypto/crmf/crmf_lib.c
877
if ((p = buf) == NULL || (cert = X509_new_ex(libctx, propq)) == NULL)
crypto/openssl/crypto/crmf/crmf_lib.c
880
if (d2i_X509(&cert, &p, len) == NULL) {
crypto/openssl/crypto/crmf/crmf_lib.c
882
X509_free(cert);
crypto/openssl/crypto/crmf/crmf_lib.c
883
cert = NULL;
crypto/openssl/crypto/crmf/crmf_lib.c
888
return cert;
crypto/openssl/crypto/crmf/crmf_lib.c
903
X509 *cert = NULL;
crypto/openssl/crypto/crmf/crmf_lib.c
915
cert = d2i_X509_bio(bio, NULL);
crypto/openssl/crypto/crmf/crmf_lib.c
916
if (cert == NULL)
crypto/openssl/crypto/crmf/crmf_lib.c
919
return cert;
crypto/openssl/crypto/ct/ct_local.h
111
X509 *cert;
crypto/openssl/crypto/ct/ct_local.h
139
__owur int SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner);
crypto/openssl/crypto/ct/ct_policy.c
62
X509_free(ctx->cert);
crypto/openssl/crypto/ct/ct_policy.c
68
int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert)
crypto/openssl/crypto/ct/ct_policy.c
70
if (!X509_up_ref(cert))
crypto/openssl/crypto/ct/ct_policy.c
72
ctx->cert = cert;
crypto/openssl/crypto/ct/ct_policy.c
97
return ctx->cert;
crypto/openssl/crypto/ct/ct_sct.c
350
if (SCT_CTX_set1_cert(sctx, ctx->cert, NULL) != 1)
crypto/openssl/crypto/ct/ct_sct_ctx.c
100
if (!X509_set_issuer_name(cert, X509_get_issuer_name(presigner)))
crypto/openssl/crypto/ct/ct_sct_ctx.c
105
X509_EXTENSION *certext = X509_get_ext(cert, certidx);
crypto/openssl/crypto/ct/ct_sct_ctx.c
118
int SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner)
crypto/openssl/crypto/ct/ct_sct_ctx.c
125
int poison_idx = ct_x509_get_ext(cert, NID_ct_precert_poison, &poison_ext_is_dup);
crypto/openssl/crypto/ct/ct_sct_ctx.c
137
certderlen = i2d_X509(cert, &certder);
crypto/openssl/crypto/ct/ct_sct_ctx.c
143
idx = ct_x509_get_ext(cert, NID_ct_precert_scts, &sct_ext_is_dup);
crypto/openssl/crypto/ct/ct_sct_ctx.c
168
pretmp = X509_dup(cert);
crypto/openssl/crypto/ct/ct_sct_ctx.c
60
static int ct_x509_get_ext(X509 *cert, int nid, int *is_duplicated)
crypto/openssl/crypto/ct/ct_sct_ctx.c
62
int ret = X509_get_ext_by_NID(cert, nid, -1);
crypto/openssl/crypto/ct/ct_sct_ctx.c
65
*is_duplicated = ret >= 0 && X509_get_ext_by_NID(cert, nid, ret) >= 0;
crypto/openssl/crypto/ct/ct_sct_ctx.c
75
__owur static int ct_x509_cert_fixup(X509 *cert, X509 *presigner)
crypto/openssl/crypto/ct/ct_sct_ctx.c
85
certidx = ct_x509_get_ext(cert, NID_authority_key_identifier,
crypto/openssl/crypto/ess/ess_lib.c
101
if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) {
crypto/openssl/crypto/ess/ess_lib.c
112
= ASN1_INTEGER_dup(X509_get0_serialNumber(cert)))
crypto/openssl/crypto/ess/ess_lib.c
150
X509 *cert = sk_X509_value(certs, i);
crypto/openssl/crypto/ess/ess_lib.c
152
if ((cid = ESS_CERT_ID_V2_new_init(hash_alg, cert, 1)) == NULL) {
crypto/openssl/crypto/ess/ess_lib.c
171
const X509 *cert,
crypto/openssl/crypto/ess/ess_lib.c
18
static ESS_CERT_ID *ESS_CERT_ID_new_init(const X509 *cert,
crypto/openssl/crypto/ess/ess_lib.c
204
if (!X509_digest(cert, hash_alg, hash, &hash_len)) {
crypto/openssl/crypto/ess/ess_lib.c
21
const X509 *cert,
crypto/openssl/crypto/ess/ess_lib.c
226
if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) {
crypto/openssl/crypto/ess/ess_lib.c
236
cid->issuer_serial->serial = ASN1_INTEGER_dup(X509_get0_serialNumber(cert));
crypto/openssl/crypto/ess/ess_lib.c
250
static int ess_issuer_serial_cmp(const ESS_ISSUER_SERIAL *is, const X509 *cert)
crypto/openssl/crypto/ess/ess_lib.c
254
if (is == NULL || cert == NULL || sk_GENERAL_NAME_num(is->issuer) != 1)
crypto/openssl/crypto/ess/ess_lib.c
259
|| X509_NAME_cmp(issuer->d.dirn, X509_get_issuer_name(cert)) != 0)
crypto/openssl/crypto/ess/ess_lib.c
262
return ASN1_INTEGER_cmp(is->serial, X509_get0_serialNumber(cert));
crypto/openssl/crypto/ess/ess_lib.c
273
const X509 *cert;
crypto/openssl/crypto/ess/ess_lib.c
308
cert = sk_X509_value(certs, i);
crypto/openssl/crypto/ess/ess_lib.c
311
if (!X509_digest(cert, md, cert_digest, &len)
crypto/openssl/crypto/ess/ess_lib.c
322
if (is == NULL || ess_issuer_serial_cmp(is, cert) == 0) {
crypto/openssl/crypto/ess/ess_lib.c
48
X509 *cert = sk_X509_value(certs, i);
crypto/openssl/crypto/ess/ess_lib.c
50
if ((cid = ESS_CERT_ID_new_init(cert, 1)) == NULL) {
crypto/openssl/crypto/ess/ess_lib.c
67
static ESS_CERT_ID *ESS_CERT_ID_new_init(const X509 *cert,
crypto/openssl/crypto/ess/ess_lib.c
78
if (!X509_digest(cert, EVP_sha1(), cert_sha1, NULL)) {
crypto/openssl/crypto/ocsp/ocsp_cl.c
64
int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)
crypto/openssl/crypto/ocsp/ocsp_cl.c
69
if (cert == NULL)
crypto/openssl/crypto/ocsp/ocsp_cl.c
71
return ossl_x509_add_cert_new(&req->optionalSignature->certs, cert,
crypto/openssl/crypto/ocsp/ocsp_srv.c
155
int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert)
crypto/openssl/crypto/ocsp/ocsp_srv.c
157
return ossl_x509_add_cert_new(&resp->certs, cert, X509_ADD_FLAG_UP_REF);
crypto/openssl/crypto/ocsp/ocsp_srv.c
233
int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert)
crypto/openssl/crypto/ocsp/ocsp_srv.c
235
if (!X509_NAME_set(&respid->value.byName, X509_get_subject_name(cert)))
crypto/openssl/crypto/ocsp/ocsp_srv.c
243
int OCSP_RESPID_set_by_key_ex(OCSP_RESPID *respid, X509 *cert,
crypto/openssl/crypto/ocsp/ocsp_srv.c
255
if (!X509_pubkey_digest(cert, sha1, md, NULL))
crypto/openssl/crypto/ocsp/ocsp_srv.c
276
int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert)
crypto/openssl/crypto/ocsp/ocsp_srv.c
278
if (cert == NULL)
crypto/openssl/crypto/ocsp/ocsp_srv.c
280
return OCSP_RESPID_set_by_key_ex(respid, cert, cert->libctx, cert->propq);
crypto/openssl/crypto/ocsp/ocsp_srv.c
283
int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OSSL_LIB_CTX *libctx,
crypto/openssl/crypto/ocsp/ocsp_srv.c
300
if (!X509_pubkey_digest(cert, sha1, md, NULL))
crypto/openssl/crypto/ocsp/ocsp_srv.c
312
X509_get_subject_name(cert))
crypto/openssl/crypto/ocsp/ocsp_srv.c
321
int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert)
crypto/openssl/crypto/ocsp/ocsp_srv.c
323
if (cert == NULL)
crypto/openssl/crypto/ocsp/ocsp_srv.c
325
return OCSP_RESPID_match_ex(respid, cert, cert->libctx, cert->propq);
crypto/openssl/crypto/ocsp/ocsp_vfy.c
22
static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
crypto/openssl/crypto/ocsp/ocsp_vfy.c
302
static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
crypto/openssl/crypto/ocsp/ocsp_vfy.c
338
iname = X509_get_subject_name(cert);
crypto/openssl/crypto/ocsp/ocsp_vfy.c
345
if (!X509_pubkey_digest(cert, dgst, md, NULL)) {
crypto/openssl/crypto/ocsp/ocsp_vfy.c
358
ret = ocsp_match_issuerid(cert, tmpid, NULL);
crypto/openssl/crypto/pkcs12/p12_crt.c
171
PKCS12 *PKCS12_create_ex(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert,
crypto/openssl/crypto/pkcs12/p12_crt.c
176
return PKCS12_create_ex2(pass, name, pkey, cert, ca, nid_key, nid_cert,
crypto/openssl/crypto/pkcs12/p12_crt.c
181
PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert,
crypto/openssl/crypto/pkcs12/p12_crt.c
185
return PKCS12_create_ex(pass, name, pkey, cert, ca, nid_key, nid_cert,
crypto/openssl/crypto/pkcs12/p12_crt.c
190
X509 *cert,
crypto/openssl/crypto/pkcs12/p12_crt.c
199
if ((bag = PKCS12_SAFEBAG_create_cert(cert)) == NULL)
crypto/openssl/crypto/pkcs12/p12_crt.c
20
X509 *cert,
crypto/openssl/crypto/pkcs12/p12_crt.c
218
PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert)
crypto/openssl/crypto/pkcs12/p12_crt.c
228
name = (char *)X509_alias_get0(cert, &namelen);
crypto/openssl/crypto/pkcs12/p12_crt.c
229
keyid = X509_keyid_get0(cert, &keyidlen);
crypto/openssl/crypto/pkcs12/p12_crt.c
231
return pkcs12_add_cert_bag(pbags, cert, name, namelen, keyid, keyidlen);
crypto/openssl/crypto/pkcs12/p12_crt.c
36
X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
crypto/openssl/crypto/pkcs12/p12_crt.c
62
if (pkey == NULL && cert == NULL && ca == NULL) {
crypto/openssl/crypto/pkcs12/p12_crt.c
67
if (pkey && cert) {
crypto/openssl/crypto/pkcs12/p12_crt.c
68
if (!X509_check_private_key(cert, pkey))
crypto/openssl/crypto/pkcs12/p12_crt.c
70
if (!X509_digest(cert, EVP_sha1(), keyid, &keyidlen))
crypto/openssl/crypto/pkcs12/p12_crt.c
74
if (cert) {
crypto/openssl/crypto/pkcs12/p12_crt.c
76
name = (char *)X509_alias_get0(cert, &namelen);
crypto/openssl/crypto/pkcs12/p12_crt.c
81
pkeyid = X509_keyid_get0(cert, &pkeyidlen);
crypto/openssl/crypto/pkcs12/p12_crt.c
84
bag = pkcs12_add_cert_bag(&bags, cert, name, namelen, pkeyid, pkeyidlen);
crypto/openssl/crypto/pkcs12/p12_kiss.c
104
*cert = x;
crypto/openssl/crypto/pkcs12/p12_kiss.c
126
if (cert != NULL) {
crypto/openssl/crypto/pkcs12/p12_kiss.c
127
X509_free(*cert);
crypto/openssl/crypto/pkcs12/p12_kiss.c
128
*cert = NULL;
crypto/openssl/crypto/pkcs12/p12_kiss.c
35
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
crypto/openssl/crypto/pkcs12/p12_kiss.c
43
if (cert != NULL)
crypto/openssl/crypto/pkcs12/p12_kiss.c
44
*cert = NULL;
crypto/openssl/crypto/pkcs12/p12_kiss.c
79
if ((cert != NULL || ca != NULL)
crypto/openssl/crypto/pkcs12/p12_kiss.c
97
&& cert != NULL && *cert == NULL) {
crypto/openssl/crypto/pkcs7/pk7_asn1.c
128
ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0),
crypto/openssl/crypto/pkcs7/pk7_asn1.c
184
X509_free(ri->cert);
crypto/openssl/crypto/pkcs7/pk7_asn1.c
211
ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0),
crypto/openssl/crypto/pkcs7/pk7_doit.c
1032
untrusted = p7->d.sign->cert;
crypto/openssl/crypto/pkcs7/pk7_doit.c
1035
untrusted = p7->d.signed_and_enveloped->cert;
crypto/openssl/crypto/pkcs7/pk7_doit.c
155
pkey = X509_get0_pubkey(ri->cert);
crypto/openssl/crypto/pkcs7/pk7_lib.c
265
sk = &(p7->d.sign->cert);
crypto/openssl/crypto/pkcs7/pk7_lib.c
268
sk = &(p7->d.signed_and_enveloped->cert);
crypto/openssl/crypto/pkcs7/pk7_lib.c
429
return p7->d.sign->cert;
crypto/openssl/crypto/pkcs7/pk7_lib.c
431
return p7->d.signed_and_enveloped->cert;
crypto/openssl/crypto/pkcs7/pk7_lib.c
473
ossl_x509_set0_libctx(ri->cert, libctx, propq);
crypto/openssl/crypto/pkcs7/pk7_lib.c
671
p7i->cert = x509;
crypto/openssl/crypto/pkcs7/pk7_lib.c
682
return (X509_find_by_issuer_and_serial(p7->d.sign->cert,
crypto/openssl/crypto/pkcs7/pk7_smime.c
472
int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
crypto/openssl/crypto/pkcs7/pk7_smime.c
489
if (cert && !X509_check_private_key(cert, pkey)) {
crypto/openssl/crypto/pkcs7/pk7_smime.c
495
if ((tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert)) == NULL) {
crypto/openssl/crypto/store/store_result.c
487
X509 *cert = X509_new_ex(libctx, propq);
crypto/openssl/crypto/store/store_result.c
489
if (cert == NULL)
crypto/openssl/crypto/store/store_result.c
497
if (d2i_X509_AUX(&cert, (const unsigned char **)&data->octet_data,
crypto/openssl/crypto/store/store_result.c
501
|| d2i_X509(&cert, (const unsigned char **)&data->octet_data,
crypto/openssl/crypto/store/store_result.c
504
X509_free(cert);
crypto/openssl/crypto/store/store_result.c
505
cert = NULL;
crypto/openssl/crypto/store/store_result.c
508
if (cert != NULL) {
crypto/openssl/crypto/store/store_result.c
511
*v = OSSL_STORE_INFO_new_CERT(cert);
crypto/openssl/crypto/store/store_result.c
513
X509_free(cert);
crypto/openssl/crypto/store/store_result.c
567
X509 *cert = NULL;
crypto/openssl/crypto/store/store_result.c
609
if (PKCS12_parse(p12, pass, &pkey, &cert, &chain)) {
crypto/openssl/crypto/store/store_result.c
627
if (ok && cert != NULL) {
crypto/openssl/crypto/store/store_result.c
628
if ((osi_cert = OSSL_STORE_INFO_new_CERT(cert)) != NULL
crypto/openssl/crypto/store/store_result.c
630
&& (cert = NULL) == NULL
crypto/openssl/crypto/store/store_result.c
648
X509_free(cert);
crypto/openssl/crypto/ts/ts_conf.c
207
const char *cert, TS_RESP_CTX *ctx)
crypto/openssl/crypto/ts/ts_conf.c
212
if (cert == NULL) {
crypto/openssl/crypto/ts/ts_conf.c
213
cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT);
crypto/openssl/crypto/ts/ts_conf.c
214
if (cert == NULL) {
crypto/openssl/crypto/ts/ts_conf.c
219
if ((cert_obj = TS_CONF_load_cert(cert)) == NULL)
crypto/openssl/crypto/ts/ts_conf.c
50
BIO *cert = NULL;
crypto/openssl/crypto/ts/ts_conf.c
54
if ((cert = BIO_new_file(file, "rb")) == NULL)
crypto/openssl/crypto/ts/ts_conf.c
56
if ((cert = BIO_new_file(file, "r")) == NULL)
crypto/openssl/crypto/ts/ts_conf.c
59
x = PEM_read_bio_X509_AUX(cert, NULL, NULL, NULL);
crypto/openssl/crypto/ts/ts_conf.c
63
BIO_free(cert);
crypto/openssl/crypto/ts/ts_rsp_sign.c
717
X509 *cert = sk_X509_value(ctx->certs, i);
crypto/openssl/crypto/ts/ts_rsp_sign.c
718
PKCS7_add_certificate(p7, cert);
crypto/openssl/crypto/ts/ts_rsp_verify.c
129
untrusted = sk_X509_new_reserve(NULL, sk_X509_num(certs) + sk_X509_num(token->d.sign->cert));
crypto/openssl/crypto/ts/ts_rsp_verify.c
132
|| !X509_add_certs(untrusted, token->d.sign->cert, 0))
crypto/openssl/crypto/x509/pcy_local.h
101
X509 *cert;
crypto/openssl/crypto/x509/pcy_tree.c
219
(++level)->cert = x;
crypto/openssl/crypto/x509/pcy_tree.c
607
cache = ossl_policy_cache_set(curr->cert);
crypto/openssl/crypto/x509/pcy_tree.c
640
X509_free(curr->cert);
crypto/openssl/crypto/x509/t_x509.c
374
int ossl_x509_print_ex_brief(BIO *bio, X509 *cert, unsigned long neg_cflags)
crypto/openssl/crypto/x509/t_x509.c
378
if (cert == NULL)
crypto/openssl/crypto/x509/t_x509.c
381
|| !X509_print_ex(bio, cert, flags, ~X509_FLAG_NO_SUBJECT))
crypto/openssl/crypto/x509/t_x509.c
383
if (X509_check_issued((X509 *)cert, cert) == X509_V_OK) {
crypto/openssl/crypto/x509/t_x509.c
388
|| !X509_print_ex(bio, cert, flags, ~X509_FLAG_NO_ISSUER))
crypto/openssl/crypto/x509/t_x509.c
391
if (!X509_print_ex(bio, cert, flags,
crypto/openssl/crypto/x509/t_x509.c
394
if (X509_cmp_current_time(X509_get0_notBefore(cert)) > 0)
crypto/openssl/crypto/x509/t_x509.c
397
if (X509_cmp_current_time(X509_get0_notAfter(cert)) < 0)
crypto/openssl/crypto/x509/t_x509.c
400
return X509_print_ex(bio, cert, flags,
crypto/openssl/crypto/x509/t_x509.c
412
X509 *cert = sk_X509_value(certs, i);
crypto/openssl/crypto/x509/t_x509.c
414
if (cert != NULL) {
crypto/openssl/crypto/x509/t_x509.c
415
if (!ossl_x509_print_ex_brief(bio, cert, 0))
crypto/openssl/crypto/x509/t_x509.c
418
X509_get0_extensions(cert),
crypto/openssl/crypto/x509/v3_conf.c
357
X509 *cert)
crypto/openssl/crypto/x509/v3_conf.c
360
if (cert != NULL)
crypto/openssl/crypto/x509/v3_conf.c
361
sk = &cert->cert_info.extensions;
crypto/openssl/crypto/x509/v3_conf.c
553
const char *section, X509 *cert)
crypto/openssl/crypto/x509/v3_conf.c
561
ret = X509V3_EXT_add_nconf(ctmp, ctx, section, cert);
crypto/openssl/crypto/x509/x509_cmp.c
181
int ossl_x509_add_cert_new(STACK_OF(X509) **p_sk, X509 *cert, int flags)
crypto/openssl/crypto/x509/x509_cmp.c
187
return X509_add_cert(*p_sk, cert, flags);
crypto/openssl/crypto/x509/x509_cmp.c
190
int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags)
crypto/openssl/crypto/x509/x509_cmp.c
196
if (cert == NULL)
crypto/openssl/crypto/x509/x509_cmp.c
206
if (X509_cmp(sk_X509_value(sk, i), cert) == 0)
crypto/openssl/crypto/x509/x509_cmp.c
211
int ret = X509_self_signed(cert, 0);
crypto/openssl/crypto/x509/x509_cmp.c
216
if ((flags & X509_ADD_FLAG_UP_REF) != 0 && !X509_up_ref(cert))
crypto/openssl/crypto/x509/x509_cmp.c
218
if (!sk_X509_insert(sk, cert,
crypto/openssl/crypto/x509/x509_cmp.c
221
X509_free(cert);
crypto/openssl/crypto/x509/x509_cmp.c
392
int X509_check_private_key(const X509 *cert, const EVP_PKEY *pkey)
crypto/openssl/crypto/x509/x509_cmp.c
394
const EVP_PKEY *xk = X509_get0_pubkey(cert);
crypto/openssl/crypto/x509/x509_lu.c
633
X509 *cert = X509_OBJECT_get0_X509(sk_X509_OBJECT_value(objs, i));
crypto/openssl/crypto/x509/x509_lu.c
635
if (cert != NULL
crypto/openssl/crypto/x509/x509_lu.c
636
&& !X509_add_cert(sk, cert, X509_ADD_FLAG_UP_REF))
crypto/openssl/crypto/x509/x509_vfy.c
100
if ((pkey = X509_get0_pubkey(cert)) == NULL) { /* handles cert == NULL */
crypto/openssl/crypto/x509/x509_vfy.c
104
if (!ossl_x509v3_cache_extensions(cert))
crypto/openssl/crypto/x509/x509_vfy.c
106
if ((cert->ex_flags & EXFLAG_SS) == 0)
crypto/openssl/crypto/x509/x509_vfy.c
110
return X509_verify(cert, pkey);
crypto/openssl/crypto/x509/x509_vfy.c
170
#define CB_FAIL_IF(cond, ctx, cert, depth, err) \
crypto/openssl/crypto/x509/x509_vfy.c
171
if ((cond) && verify_cb_cert(ctx, cert, depth, err) == 0) \
crypto/openssl/crypto/x509/x509_vfy.c
197
X509 *cert = sk_X509_value(ctx->chain, i);
crypto/openssl/crypto/x509/x509_vfy.c
203
CB_FAIL_IF(i > 0 && !check_cert_key_level(ctx, cert),
crypto/openssl/crypto/x509/x509_vfy.c
204
ctx, cert, i, X509_V_ERR_CA_KEY_TOO_SMALL);
crypto/openssl/crypto/x509/x509_vfy.c
209
CB_FAIL_IF(i < num - 1 && !check_sig_level(ctx, cert),
crypto/openssl/crypto/x509/x509_vfy.c
210
ctx, cert, i, X509_V_ERR_CA_MD_TOO_WEAK);
crypto/openssl/crypto/x509/x509_vfy.c
2371
ctx->cert = x;
crypto/openssl/crypto/x509/x509_vfy.c
2518
ctx->cert = x509;
crypto/openssl/crypto/x509/x509_vfy.c
2704
return ctx->cert;
crypto/openssl/crypto/x509/x509_vfy.c
279
if (ctx->cert == NULL && sk_X509_num(ctx->untrusted) >= 1)
crypto/openssl/crypto/x509/x509_vfy.c
280
ctx->cert = sk_X509_value(ctx->untrusted, 0);
crypto/openssl/crypto/x509/x509_vfy.c
2857
static unsigned char *dane_i2d(X509 *cert, uint8_t selector,
crypto/openssl/crypto/x509/x509_vfy.c
2868
len = i2d_X509(cert, &buf);
crypto/openssl/crypto/x509/x509_vfy.c
2871
len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(cert), &buf);
crypto/openssl/crypto/x509/x509_vfy.c
2890
static int dane_match_cert(X509_STORE_CTX *ctx, X509 *cert, int depth)
crypto/openssl/crypto/x509/x509_vfy.c
2967
i2dbuf = dane_i2d(cert, selector, &i2dlen);
crypto/openssl/crypto/x509/x509_vfy.c
3016
if (!X509_up_ref(cert)) {
crypto/openssl/crypto/x509/x509_vfy.c
3022
dane->mcert = cert;
crypto/openssl/crypto/x509/x509_vfy.c
3040
X509 *cert;
crypto/openssl/crypto/x509/x509_vfy.c
3050
cert = sk_X509_value(ctx->chain, depth);
crypto/openssl/crypto/x509/x509_vfy.c
3051
if (cert != NULL && (matched = dane_match_cert(ctx, cert, depth)) < 0)
crypto/openssl/crypto/x509/x509_vfy.c
3066
X509 *cert = sk_X509_value(ctx->chain, num - 1);
crypto/openssl/crypto/x509/x509_vfy.c
3072
if (t->usage != DANETLS_USAGE_DANE_TA || t->selector != DANETLS_SELECTOR_SPKI || t->mtype != DANETLS_MATCHING_FULL || X509_verify(cert, t->spki) <= 0)
crypto/openssl/crypto/x509/x509_vfy.c
3162
static int check_leaf_suiteb(X509_STORE_CTX *ctx, X509 *cert)
crypto/openssl/crypto/x509/x509_vfy.c
3164
int err = X509_chain_check_suiteb(NULL, cert, NULL, ctx->param->flags);
crypto/openssl/crypto/x509/x509_vfy.c
3166
CB_FAIL_IF(err != X509_V_OK, ctx, cert, 0, err);
crypto/openssl/crypto/x509/x509_vfy.c
3203
X509 *cert = ctx->cert;
crypto/openssl/crypto/x509/x509_vfy.c
3222
matched = dane_match_cert(ctx, ctx->cert, 0);
crypto/openssl/crypto/x509/x509_vfy.c
3230
if (!check_leaf_suiteb(ctx, cert))
crypto/openssl/crypto/x509/x509_vfy.c
3237
ctx->current_cert = cert;
crypto/openssl/crypto/x509/x509_vfy.c
3243
ctx->current_cert = cert;
crypto/openssl/crypto/x509/x509_vfy.c
3250
if (!check_leaf_suiteb(ctx, cert))
crypto/openssl/crypto/x509/x509_vfy.c
3252
return verify_cb_cert(ctx, cert, 0, X509_V_ERR_DANE_NO_MATCH);
crypto/openssl/crypto/x509/x509_vfy.c
3266
static int get1_trusted_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *cert)
crypto/openssl/crypto/x509/x509_vfy.c
3272
ok = ctx->get_issuer(issuer, ctx, cert);
crypto/openssl/crypto/x509/x509_vfy.c
329
if (ctx->cert == NULL) {
crypto/openssl/crypto/x509/x509_vfy.c
345
if (!ossl_x509_add_cert_new(&ctx->chain, ctx->cert, X509_ADD_FLAG_UP_REF)) {
crypto/openssl/crypto/x509/x509_vfy.c
352
CB_FAIL_IF(!check_cert_key_level(ctx, ctx->cert),
crypto/openssl/crypto/x509/x509_vfy.c
353
ctx, ctx->cert, 0, X509_V_ERR_EE_KEY_TOO_SMALL);
crypto/openssl/crypto/x509/x509_vfy.c
367
static int sk_X509_contains(STACK_OF(X509) *sk, X509 *cert)
crypto/openssl/crypto/x509/x509_vfy.c
3705
static int check_cert_key_level(X509_STORE_CTX *ctx, X509 *cert)
crypto/openssl/crypto/x509/x509_vfy.c
3707
return check_key_level(ctx, X509_get0_pubkey(cert));
crypto/openssl/crypto/x509/x509_vfy.c
3716
static int check_curve(X509 *cert)
crypto/openssl/crypto/x509/x509_vfy.c
3718
EVP_PKEY *pkey = X509_get0_pubkey(cert);
crypto/openssl/crypto/x509/x509_vfy.c
372
if (X509_cmp(sk_X509_value(sk, i), cert) == 0)
crypto/openssl/crypto/x509/x509_vfy.c
3740
static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert)
crypto/openssl/crypto/x509/x509_vfy.c
3750
if (!X509_get_signature_info(cert, NULL, NULL, &secbits, NULL))
crypto/openssl/crypto/x509/x509_vfy.c
61
static int check_cert_key_level(X509_STORE_CTX *ctx, X509 *cert);
crypto/openssl/crypto/x509/x509_vfy.c
63
static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert);
crypto/openssl/crypto/x509/x509_vfy.c
64
static int check_curve(X509 *cert);
crypto/openssl/crypto/x509/x509_vfy.c
695
* this means not last cert in chain,
crypto/openssl/crypto/x509/x509_vfy.c
899
return verify_cb_cert(ctx, ctx->cert, 0, errcode);
crypto/openssl/crypto/x509/x509_vfy.c
923
X509 *x = ctx->cert;
crypto/openssl/crypto/x509/x509_vfy.c
96
int X509_self_signed(X509 *cert, int verify_signature)
crypto/openssl/crypto/x509/x_all.c
498
int X509_digest(const X509 *cert, const EVP_MD *md, unsigned char *data,
crypto/openssl/crypto/x509/x_all.c
501
if (EVP_MD_is_a(md, SN_sha1) && (cert->ex_flags & EXFLAG_SET) != 0
crypto/openssl/crypto/x509/x_all.c
502
&& (cert->ex_flags & EXFLAG_NO_FINGERPRINT) == 0) {
crypto/openssl/crypto/x509/x_all.c
505
*len = sizeof(cert->sha1_hash);
crypto/openssl/crypto/x509/x_all.c
506
memcpy(data, cert->sha1_hash, sizeof(cert->sha1_hash));
crypto/openssl/crypto/x509/x_all.c
509
return ossl_asn1_item_digest_ex(ASN1_ITEM_rptr(X509), md, (char *)cert,
crypto/openssl/crypto/x509/x_all.c
510
data, len, cert->libctx, cert->propq);
crypto/openssl/crypto/x509/x_all.c
514
ASN1_OCTET_STRING *X509_digest_sig(const X509 *cert,
crypto/openssl/crypto/x509/x_all.c
529
if (cert == NULL) {
crypto/openssl/crypto/x509/x_all.c
534
if (!OBJ_find_sigid_algs(X509_get_signature_nid(cert), &mdnid, &pknid)) {
crypto/openssl/crypto/x509/x_all.c
541
RSA_PSS_PARAMS *pss = ossl_rsa_pss_decode(&cert->sig_alg);
crypto/openssl/crypto/x509/x_all.c
556
if ((md = EVP_MD_fetch(cert->libctx, EVP_MD_get0_name(mmd),
crypto/openssl/crypto/x509/x_all.c
557
cert->propq))
crypto/openssl/crypto/x509/x_all.c
574
if ((md = EVP_MD_fetch(cert->libctx, md_name,
crypto/openssl/crypto/x509/x_all.c
575
cert->propq))
crypto/openssl/crypto/x509/x_all.c
585
} else if ((md = EVP_MD_fetch(cert->libctx, OBJ_nid2sn(mdnid),
crypto/openssl/crypto/x509/x_all.c
586
cert->propq))
crypto/openssl/crypto/x509/x_all.c
592
if (!X509_digest(cert, md, hash, &len)
crypto/openssl/crypto/x509/x_x509.c
157
X509 *cert = NULL;
crypto/openssl/crypto/x509/x_x509.c
159
cert = (X509 *)ASN1_item_new_ex(X509_it(), libctx, propq);
crypto/openssl/crypto/x509/x_x509.c
160
if (!ossl_x509_set0_libctx(cert, libctx, propq)) {
crypto/openssl/crypto/x509/x_x509.c
161
X509_free(cert);
crypto/openssl/crypto/x509/x_x509.c
162
cert = NULL;
crypto/openssl/crypto/x509/x_x509.c
164
return cert;
crypto/openssl/demos/pkcs12/pkread.c
106
X509_free(cert);
crypto/openssl/demos/pkcs12/pkread.c
52
X509 *cert = NULL;
crypto/openssl/demos/pkcs12/pkread.c
74
if (!PKCS12_parse(p12, argv[2], &pkey, &cert, &ca)) {
crypto/openssl/demos/pkcs12/pkread.c
91
if (cert != NULL) {
crypto/openssl/demos/pkcs12/pkread.c
93
PEM_write_X509_AUX(fp, cert);
crypto/openssl/demos/pkcs12/pkwrite.c
22
X509 *cert;
crypto/openssl/demos/pkcs12/pkwrite.c
34
cert = PEM_read_X509(fp, NULL, NULL, NULL);
crypto/openssl/demos/pkcs12/pkwrite.c
38
p12 = PKCS12_create(argv[2], argv[3], pkey, cert, NULL, 0, 0, 0, 0, 0);
crypto/openssl/engines/e_capi.c
1300
PCCERT_CONTEXT cert)
crypto/openssl/engines/e_capi.c
1305
if (!CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID,
crypto/openssl/engines/e_capi.c
1311
if (!CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID,
crypto/openssl/engines/e_capi.c
1346
static char *capi_cert_get_fname(CAPI_CTX *ctx, PCCERT_CONTEXT cert)
crypto/openssl/engines/e_capi.c
1352
if (!CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID,
crypto/openssl/engines/e_capi.c
1358
if (CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID,
crypto/openssl/engines/e_capi.c
1371
static void capi_dump_cert(CAPI_CTX *ctx, BIO *out, PCCERT_CONTEXT cert)
crypto/openssl/engines/e_capi.c
1378
fname = capi_cert_get_fname(ctx, cert);
crypto/openssl/engines/e_capi.c
1387
p = cert->pbCertEncoded;
crypto/openssl/engines/e_capi.c
1388
x = d2i_X509(NULL, &p, cert->cbCertEncoded);
crypto/openssl/engines/e_capi.c
1403
pinfo = capi_get_prov_info(ctx, cert);
crypto/openssl/engines/e_capi.c
1438
PCCERT_CONTEXT cert = NULL;
crypto/openssl/engines/e_capi.c
1449
cert = capi_find_cert(ctx, id, hstore);
crypto/openssl/engines/e_capi.c
1450
if (!cert) {
crypto/openssl/engines/e_capi.c
1454
capi_dump_cert(ctx, out, cert);
crypto/openssl/engines/e_capi.c
1455
CertFreeCertificateContext(cert);
crypto/openssl/engines/e_capi.c
1458
cert = CertEnumCertificatesInStore(hstore, cert);
crypto/openssl/engines/e_capi.c
1459
if (!cert)
crypto/openssl/engines/e_capi.c
1462
capi_dump_cert(ctx, out, cert);
crypto/openssl/engines/e_capi.c
1473
PCCERT_CONTEXT cert = NULL;
crypto/openssl/engines/e_capi.c
1482
cert = CertEnumCertificatesInStore(hstore, cert);
crypto/openssl/engines/e_capi.c
1483
if (!cert)
crypto/openssl/engines/e_capi.c
1485
fname = capi_cert_get_fname(ctx, cert);
crypto/openssl/engines/e_capi.c
1493
return cert;
crypto/openssl/engines/e_capi.c
1551
static CAPI_KEY *capi_get_cert_key(CAPI_CTX *ctx, PCCERT_CONTEXT cert)
crypto/openssl/engines/e_capi.c
1556
pinfo = capi_get_prov_info(ctx, cert);
crypto/openssl/engines/e_capi.c
1568
PCCERT_CONTEXT cert;
crypto/openssl/engines/e_capi.c
1578
cert = capi_find_cert(ctx, id, hstore);
crypto/openssl/engines/e_capi.c
1579
if (cert) {
crypto/openssl/engines/e_capi.c
1580
key = capi_get_cert_key(ctx, cert);
crypto/openssl/engines/e_capi.c
1581
CertFreeCertificateContext(cert);
crypto/openssl/engines/e_capi.c
1710
PCCERT_CONTEXT cert = NULL, excert = NULL;
crypto/openssl/engines/e_capi.c
1727
cert = CertEnumCertificatesInStore(hstore, cert);
crypto/openssl/engines/e_capi.c
1728
if (!cert)
crypto/openssl/engines/e_capi.c
1730
p = cert->pbCertEncoded;
crypto/openssl/engines/e_capi.c
1731
x = d2i_X509(NULL, &p, cert->cbCertEncoded);
crypto/openssl/engines/e_capi.c
1738
key = capi_get_cert_key(ctx, cert);
crypto/openssl/engines/e_capi.c
1747
excert = CertDuplicateCertificateContext(cert);
crypto/openssl/engines/e_capi.c
1763
if (cert)
crypto/openssl/engines/e_capi.c
1764
CertFreeCertificateContext(cert);
crypto/openssl/engines/e_capi.c
1836
PCCERT_CONTEXT cert;
crypto/openssl/engines/e_capi.c
1870
cert = ctx->certselectdlg(dstore, hwnd, dlg_title, dlg_prompt,
crypto/openssl/engines/e_capi.c
1874
if (cert) {
crypto/openssl/engines/e_capi.c
1878
if (CertCompareCertificate(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, cert->pCertInfo,
crypto/openssl/engines/e_loader_attic.c
320
X509 *cert = NULL;
crypto/openssl/engines/e_loader_attic.c
343
if (PKCS12_parse(p12, pass, &pkey, &cert, &chain)) {
crypto/openssl/engines/e_loader_attic.c
359
if (ok && cert != NULL) {
crypto/openssl/engines/e_loader_attic.c
360
if ((osi_cert = OSSL_STORE_INFO_new_CERT(cert)) != NULL
crypto/openssl/engines/e_loader_attic.c
362
&& (cert = NULL) == NULL
crypto/openssl/engines/e_loader_attic.c
380
X509_free(cert);
crypto/openssl/engines/e_loader_attic.c
762
X509 *cert = NULL;
crypto/openssl/engines/e_loader_attic.c
783
cert = X509_new_ex(libctx, propq);
crypto/openssl/engines/e_loader_attic.c
784
if (cert == NULL)
crypto/openssl/engines/e_loader_attic.c
787
if ((d2i_X509_AUX(&cert, &blob, len)) != NULL
crypto/openssl/engines/e_loader_attic.c
788
|| (ignore_trusted && (d2i_X509(&cert, &blob, len)) != NULL)) {
crypto/openssl/engines/e_loader_attic.c
790
store_info = OSSL_STORE_INFO_new_CERT(cert);
crypto/openssl/engines/e_loader_attic.c
794
X509_free(cert);
crypto/openssl/fuzz/dtlsserver.c
3443
X509 *cert;
crypto/openssl/fuzz/dtlsserver.c
3481
cert = PEM_read_bio_X509(bio_buf, NULL, NULL, NULL);
crypto/openssl/fuzz/dtlsserver.c
3483
OPENSSL_assert(cert != NULL);
crypto/openssl/fuzz/dtlsserver.c
3484
ret = SSL_CTX_use_certificate(ctx, cert);
crypto/openssl/fuzz/dtlsserver.c
3486
X509_free(cert);
crypto/openssl/fuzz/dtlsserver.c
3505
cert = PEM_read_bio_X509(bio_buf, NULL, NULL, NULL);
crypto/openssl/fuzz/dtlsserver.c
3506
OPENSSL_assert(cert != NULL);
crypto/openssl/fuzz/dtlsserver.c
3508
ret = SSL_CTX_use_certificate(ctx, cert);
crypto/openssl/fuzz/dtlsserver.c
3510
X509_free(cert);
crypto/openssl/fuzz/dtlsserver.c
3529
cert = PEM_read_bio_X509(bio_buf, NULL, NULL, NULL);
crypto/openssl/fuzz/dtlsserver.c
3530
OPENSSL_assert(cert != NULL);
crypto/openssl/fuzz/dtlsserver.c
3532
ret = SSL_CTX_use_certificate(ctx, cert);
crypto/openssl/fuzz/dtlsserver.c
3534
X509_free(cert);
crypto/openssl/fuzz/server.c
2331
X509 *cert;
crypto/openssl/fuzz/server.c
2366
cert = d2i_X509(NULL, &bufp, sizeof(kCertificateDER));
crypto/openssl/fuzz/server.c
2367
OPENSSL_assert(cert != NULL);
crypto/openssl/fuzz/server.c
2368
ret = SSL_CTX_use_certificate(ctx, cert);
crypto/openssl/fuzz/server.c
2370
X509_free(cert);
crypto/openssl/fuzz/server.c
2389
cert = PEM_read_bio_X509(bio_buf, NULL, NULL, NULL);
crypto/openssl/fuzz/server.c
2390
OPENSSL_assert(cert != NULL);
crypto/openssl/fuzz/server.c
2392
ret = SSL_CTX_use_certificate(ctx, cert);
crypto/openssl/fuzz/server.c
2394
X509_free(cert);
crypto/openssl/fuzz/server.c
2413
cert = PEM_read_bio_X509(bio_buf, NULL, NULL, NULL);
crypto/openssl/fuzz/server.c
2414
OPENSSL_assert(cert != NULL);
crypto/openssl/fuzz/server.c
2416
ret = SSL_CTX_use_certificate(ctx, cert);
crypto/openssl/fuzz/server.c
2418
X509_free(cert);
crypto/openssl/include/crypto/x509.h
219
X509 *cert;
crypto/openssl/include/crypto/x509.h
314
int ossl_x509_print_ex_brief(BIO *bio, X509 *cert, unsigned long neg_cflags);
crypto/openssl/include/crypto/x509.h
326
int ossl_x509_add_cert_new(STACK_OF(X509) **sk, X509 *cert, int flags);
crypto/openssl/include/openssl/cmp.h
457
const X509 *cert, int only_DN);
crypto/openssl/include/openssl/cmp.h
546
int OSSL_CMP_CTX_set1_srvCert(OSSL_CMP_CTX *ctx, X509 *cert);
crypto/openssl/include/openssl/cmp.h
555
int OSSL_CMP_CTX_set1_cert(OSSL_CMP_CTX *ctx, X509 *cert);
crypto/openssl/include/openssl/cmp.h
582
int OSSL_CMP_CTX_set1_oldCert(OSSL_CMP_CTX *ctx, X509 *cert);
crypto/openssl/include/openssl/cmp.h
587
typedef int (*OSSL_CMP_certConf_cb_t)(OSSL_CMP_CTX *ctx, X509 *cert,
crypto/openssl/include/openssl/cmp.h
589
int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info,
crypto/openssl/include/openssl/cmp.h
639
X509_STORE *trusted_store, X509 *cert);
crypto/openssl/include/openssl/cms.h
290
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
crypto/openssl/include/openssl/cms.h
293
int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
crypto/openssl/include/openssl/cms.h
295
X509 *cert, X509 *peer);
crypto/openssl/include/openssl/cms.h
314
EVP_PKEY *pkey, X509 *cert,
crypto/openssl/include/openssl/cms.h
323
int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
crypto/openssl/include/openssl/cms.h
374
int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
crypto/openssl/include/openssl/cms.h
375
int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
crypto/openssl/include/openssl/cms.h
395
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
crypto/openssl/include/openssl/cms.h
487
int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
crypto/openssl/include/openssl/cms.h
495
X509 *cert);
crypto/openssl/include/openssl/crmf.h
268
X509 *cert, ASN1_OCTET_STRING *secret,
crypto/openssl/include/openssl/ct.h
156
int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
crypto/openssl/include/openssl/ocsp.h
317
int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
crypto/openssl/include/openssl/ocsp.h
381
int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
crypto/openssl/include/openssl/ocsp.h
388
int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
crypto/openssl/include/openssl/ocsp.h
389
int OCSP_RESPID_set_by_key_ex(OCSP_RESPID *respid, X509 *cert,
crypto/openssl/include/openssl/ocsp.h
391
int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
crypto/openssl/include/openssl/ocsp.h
392
int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OSSL_LIB_CTX *libctx,
crypto/openssl/include/openssl/ocsp.h
394
int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
crypto/openssl/include/openssl/pkcs12.h
320
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
crypto/openssl/include/openssl/pkcs12.h
324
X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
crypto/openssl/include/openssl/pkcs12.h
327
X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
crypto/openssl/include/openssl/pkcs12.h
331
X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
crypto/openssl/include/openssl/pkcs12.h
336
PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
crypto/openssl/include/openssl/pkcs7.h
105
X509 *cert; /* get the pub-key from this */
crypto/openssl/include/openssl/pkcs7.h
141
STACK_OF(X509) *cert; /* [ 0 ] */ /* name should be 'certificates' */
crypto/openssl/include/openssl/pkcs7.h
168
STACK_OF(X509) *cert; /* [ 0 ] */ /* name should be 'certificates' */
crypto/openssl/include/openssl/pkcs7.h
352
int PKCS7_add_certificate(PKCS7 *p7, X509 *cert);
crypto/openssl/include/openssl/pkcs7.h
413
int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
crypto/openssl/include/openssl/ts.h
438
#define TS_VERIFY_CTS_set_certs(ctx, cert) TS_VERIFY_CTX_set_certs(ctx, cert)
crypto/openssl/include/openssl/ts.h
495
const char *cert, TS_RESP_CTX *ctx);
crypto/openssl/include/openssl/x509.h
525
int X509_self_signed(X509 *cert, int verify_signature);
crypto/openssl/include/openssl/x509.h
556
ASN1_OCTET_STRING *X509_digest_sig(const X509 *cert,
crypto/openssl/include/openssl/x509.h
971
int X509_check_private_key(const X509 *cert, const EVP_PKEY *pkey);
crypto/openssl/include/openssl/x509.h
998
int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags);
crypto/openssl/include/openssl/x509v3.h
929
X509 *cert);
crypto/openssl/include/openssl/x509v3.h
941
const char *section, X509 *cert);
crypto/openssl/ssl/quic/quic_tls.c
733
if (!ossl_tls_add_custom_ext_intern(NULL, &sc->cert->custext,
crypto/openssl/ssl/s3_lib.c
4002
sc->cert->dh_tmp_auto = larg;
crypto/openssl/ssl/s3_lib.c
4112
*(STACK_OF(X509) **)parg = sc->cert->key->chain;
crypto/openssl/ssl/s3_lib.c
4117
return ssl_cert_select_current(sc->cert, (X509 *)parg);
crypto/openssl/ssl/s3_lib.c
4133
if (sc->s3.tmp.cert == NULL)
crypto/openssl/ssl/s3_lib.c
4135
sc->cert->key = sc->s3.tmp.cert;
crypto/openssl/ssl/s3_lib.c
4138
return ssl_cert_set_current(sc->cert, larg);
crypto/openssl/ssl/s3_lib.c
4202
return tls1_set_sigalgs(sc->cert, parg, larg, 0);
crypto/openssl/ssl/s3_lib.c
4205
return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 0);
crypto/openssl/ssl/s3_lib.c
4208
return tls1_set_sigalgs(sc->cert, parg, larg, 1);
crypto/openssl/ssl/s3_lib.c
4211
return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 1);
crypto/openssl/ssl/s3_lib.c
4225
return ssl3_set_req_cert_type(sc->cert, parg, larg);
crypto/openssl/ssl/s3_lib.c
4231
return ssl_cert_set_cert_store(sc->cert, parg, 0, larg);
crypto/openssl/ssl/s3_lib.c
4234
return ssl_cert_set_cert_store(sc->cert, parg, 1, larg);
crypto/openssl/ssl/s3_lib.c
4237
return ssl_cert_get_cert_store(sc->cert, parg, 0);
crypto/openssl/ssl/s3_lib.c
4240
return ssl_cert_get_cert_store(sc->cert, parg, 1);
crypto/openssl/ssl/s3_lib.c
4325
sc->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
crypto/openssl/ssl/s3_lib.c
4376
ctx->cert->dh_tmp_auto = larg;
crypto/openssl/ssl/s3_lib.c
4508
return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
crypto/openssl/ssl/s3_lib.c
4511
return tls1_set_sigalgs_list(ctx, ctx->cert, parg, 0);
crypto/openssl/ssl/s3_lib.c
4514
return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
crypto/openssl/ssl/s3_lib.c
4517
return tls1_set_sigalgs_list(ctx, ctx->cert, parg, 1);
crypto/openssl/ssl/s3_lib.c
4520
return ssl3_set_req_cert_type(ctx->cert, parg, larg);
crypto/openssl/ssl/s3_lib.c
4526
return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
crypto/openssl/ssl/s3_lib.c
4529
return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
crypto/openssl/ssl/s3_lib.c
4532
return ssl_cert_get_cert_store(ctx->cert, parg, 0);
crypto/openssl/ssl/s3_lib.c
4535
return ssl_cert_get_cert_store(ctx->cert, parg, 1);
crypto/openssl/ssl/s3_lib.c
4553
*(STACK_OF(X509) **)parg = ctx->cert->key->chain;
crypto/openssl/ssl/s3_lib.c
4576
*(STACK_OF(X509) **)parg = ctx->cert->key->chain;
crypto/openssl/ssl/s3_lib.c
4580
return ssl_cert_select_current(ctx->cert, (X509 *)parg);
crypto/openssl/ssl/s3_lib.c
4583
return ssl_cert_set_current(ctx->cert, larg);
crypto/openssl/ssl/s3_lib.c
4596
ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
crypto/openssl/ssl/s3_lib.c
4916
if (s->cert->ctype)
crypto/openssl/ssl/s3_lib.c
4917
return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len);
crypto/openssl/ssl/ssl_cert.c
106
ret->ssl_pkey_num = cert->ssl_pkey_num;
crypto/openssl/ssl/ssl_cert.c
1068
CERT *c = s != NULL ? s->cert : ctx->cert;
crypto/openssl/ssl/ssl_cert.c
113
ret->key = &ret->pkeys[cert->key - cert->pkeys];
crypto/openssl/ssl/ssl_cert.c
120
if (cert->dh_tmp != NULL) {
crypto/openssl/ssl/ssl_cert.c
121
if (!EVP_PKEY_up_ref(cert->dh_tmp))
crypto/openssl/ssl/ssl_cert.c
123
ret->dh_tmp = cert->dh_tmp;
crypto/openssl/ssl/ssl_cert.c
126
ret->dh_tmp_cb = cert->dh_tmp_cb;
crypto/openssl/ssl/ssl_cert.c
127
ret->dh_tmp_auto = cert->dh_tmp_auto;
crypto/openssl/ssl/ssl_cert.c
1293
return s->cert->sec_cb(SSL_CONNECTION_GET_USER_SSL(s), NULL, op, bits, nid,
crypto/openssl/ssl/ssl_cert.c
1294
other, s->cert->sec_ex);
crypto/openssl/ssl/ssl_cert.c
1299
return ctx->cert->sec_cb(NULL, ctx, op, bits, nid, other,
crypto/openssl/ssl/ssl_cert.c
130
CERT_PKEY *cpk = cert->pkeys + i;
crypto/openssl/ssl/ssl_cert.c
1300
ctx->cert->sec_ex);
crypto/openssl/ssl/ssl_cert.c
171
if (cert->conf_sigalgs) {
crypto/openssl/ssl/ssl_cert.c
172
ret->conf_sigalgs = OPENSSL_malloc(cert->conf_sigalgslen
crypto/openssl/ssl/ssl_cert.c
173
* sizeof(*cert->conf_sigalgs));
crypto/openssl/ssl/ssl_cert.c
176
memcpy(ret->conf_sigalgs, cert->conf_sigalgs,
crypto/openssl/ssl/ssl_cert.c
177
cert->conf_sigalgslen * sizeof(*cert->conf_sigalgs));
crypto/openssl/ssl/ssl_cert.c
178
ret->conf_sigalgslen = cert->conf_sigalgslen;
crypto/openssl/ssl/ssl_cert.c
182
if (cert->client_sigalgs) {
crypto/openssl/ssl/ssl_cert.c
183
ret->client_sigalgs = OPENSSL_malloc(cert->client_sigalgslen
crypto/openssl/ssl/ssl_cert.c
184
* sizeof(*cert->client_sigalgs));
crypto/openssl/ssl/ssl_cert.c
187
memcpy(ret->client_sigalgs, cert->client_sigalgs,
crypto/openssl/ssl/ssl_cert.c
188
cert->client_sigalgslen * sizeof(*cert->client_sigalgs));
crypto/openssl/ssl/ssl_cert.c
189
ret->client_sigalgslen = cert->client_sigalgslen;
crypto/openssl/ssl/ssl_cert.c
193
if (cert->ctype) {
crypto/openssl/ssl/ssl_cert.c
194
ret->ctype = OPENSSL_memdup(cert->ctype, cert->ctype_len);
crypto/openssl/ssl/ssl_cert.c
197
ret->ctype_len = cert->ctype_len;
crypto/openssl/ssl/ssl_cert.c
200
ret->cert_flags = cert->cert_flags;
crypto/openssl/ssl/ssl_cert.c
202
ret->cert_cb = cert->cert_cb;
crypto/openssl/ssl/ssl_cert.c
203
ret->cert_cb_arg = cert->cert_cb_arg;
crypto/openssl/ssl/ssl_cert.c
205
if (cert->verify_store) {
crypto/openssl/ssl/ssl_cert.c
206
if (!X509_STORE_up_ref(cert->verify_store))
crypto/openssl/ssl/ssl_cert.c
208
ret->verify_store = cert->verify_store;
crypto/openssl/ssl/ssl_cert.c
211
if (cert->chain_store) {
crypto/openssl/ssl/ssl_cert.c
212
if (!X509_STORE_up_ref(cert->chain_store))
crypto/openssl/ssl/ssl_cert.c
214
ret->chain_store = cert->chain_store;
crypto/openssl/ssl/ssl_cert.c
217
ret->sec_cb = cert->sec_cb;
crypto/openssl/ssl/ssl_cert.c
218
ret->sec_level = cert->sec_level;
crypto/openssl/ssl/ssl_cert.c
219
ret->sec_ex = cert->sec_ex;
crypto/openssl/ssl/ssl_cert.c
221
if (!custom_exts_copy(&ret->custext, &cert->custext))
crypto/openssl/ssl/ssl_cert.c
224
if (cert->psk_identity_hint) {
crypto/openssl/ssl/ssl_cert.c
225
ret->psk_identity_hint = OPENSSL_strdup(cert->psk_identity_hint);
crypto/openssl/ssl/ssl_cert.c
302
CERT_PKEY *cpk = s != NULL ? s->cert->key : ctx->cert->key;
crypto/openssl/ssl/ssl_cert.c
339
CERT_PKEY *cpk = s ? s->cert->key : ctx->cert->key;
crypto/openssl/ssl/ssl_cert.c
445
if (s->cert->verify_store)
crypto/openssl/ssl/ssl_cert.c
446
verify_store = s->cert->verify_store;
crypto/openssl/ssl/ssl_cert.c
95
CERT *ssl_cert_dup(CERT *cert)
crypto/openssl/ssl/ssl_cert_comp.c
336
static int ossl_set1_compressed_cert(CERT *cert, int algorithm,
crypto/openssl/ssl/ssl_cert_comp.c
343
if (cert == NULL || cert->key == NULL)
crypto/openssl/ssl/ssl_cert_comp.c
351
OSSL_COMP_CERT_free(cert->key->comp_cert[algorithm]);
crypto/openssl/ssl/ssl_cert_comp.c
352
cert->key->comp_cert[algorithm] = comp_cert;
crypto/openssl/ssl/ssl_cert_comp.c
388
if (sc == NULL || sc->cert == NULL)
crypto/openssl/ssl/ssl_cert_comp.c
391
return ssl_compress_certs(ssl, sc->cert->pkeys, alg);
crypto/openssl/ssl/ssl_cert_comp.c
405
ret = ssl_compress_certs(new, ctx->cert->pkeys, alg);
crypto/openssl/ssl/ssl_cert_comp.c
420
if (sc->cert != NULL)
crypto/openssl/ssl/ssl_cert_comp.c
421
cpk = sc->cert->key;
crypto/openssl/ssl/ssl_cert_comp.c
423
cpk = ssl->ctx->cert->key;
crypto/openssl/ssl/ssl_cert_comp.c
437
ret = ssl_get_compressed_cert(new, ctx->cert->key, alg, data, orig_len);
crypto/openssl/ssl/ssl_cert_comp.c
449
return ossl_set1_compressed_cert(ctx->cert, algorithm, comp_data, comp_length, orig_length);
crypto/openssl/ssl/ssl_cert_comp.c
465
return ossl_set1_compressed_cert(sc->cert, algorithm, comp_data, comp_length, orig_length);
crypto/openssl/ssl/ssl_conf.c
1067
c = cctx->ctx->cert;
crypto/openssl/ssl/ssl_conf.c
1072
c = sc->cert;
crypto/openssl/ssl/ssl_conf.c
1162
cctx->pcert_flags = &sc->cert->cert_flags;
crypto/openssl/ssl/ssl_conf.c
1186
cctx->pcert_flags = &ctx->cert->cert_flags;
crypto/openssl/ssl/ssl_conf.c
443
c = cctx->ctx->cert;
crypto/openssl/ssl/ssl_conf.c
450
c = sc->cert;
crypto/openssl/ssl/ssl_conf.c
497
CERT *cert;
crypto/openssl/ssl/ssl_conf.c
504
cert = cctx->ctx->cert;
crypto/openssl/ssl/ssl_conf.c
512
cert = sc->cert;
crypto/openssl/ssl/ssl_conf.c
521
st = verify_store ? &cert->verify_store : &cert->chain_store;
crypto/openssl/ssl/ssl_lib.c
1418
ssl_cert_clear_certs(sc->cert);
crypto/openssl/ssl/ssl_lib.c
1479
ssl_cert_free(s->cert);
crypto/openssl/ssl/ssl_lib.c
2047
CRYPTO_UP_REF(&fsc->cert->references, &i);
crypto/openssl/ssl/ssl_lib.c
2048
ssl_cert_free(tsc->cert);
crypto/openssl/ssl/ssl_lib.c
2049
tsc->cert = fsc->cert;
crypto/openssl/ssl/ssl_lib.c
2060
if ((ctx == NULL) || (ctx->cert->key->x509 == NULL)) {
crypto/openssl/ssl/ssl_lib.c
2064
if (ctx->cert->key->privatekey == NULL) {
crypto/openssl/ssl/ssl_lib.c
2068
return X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey);
crypto/openssl/ssl/ssl_lib.c
2080
if (sc->cert->key->x509 == NULL) {
crypto/openssl/ssl/ssl_lib.c
2084
if (sc->cert->key->privatekey == NULL) {
crypto/openssl/ssl/ssl_lib.c
2088
return X509_check_private_key(sc->cert->key->x509,
crypto/openssl/ssl/ssl_lib.c
2089
sc->cert->key->privatekey);
crypto/openssl/ssl/ssl_lib.c
3029
return (sc->cert->cert_flags |= larg);
crypto/openssl/ssl/ssl_lib.c
3031
return (sc->cert->cert_flags &= ~larg);
crypto/openssl/ssl/ssl_lib.c
3189
return (ctx->cert->cert_flags |= larg);
crypto/openssl/ssl/ssl_lib.c
3191
return (ctx->cert->cert_flags &= ~larg);
crypto/openssl/ssl/ssl_lib.c
333
X509 *cert = NULL;
crypto/openssl/ssl/ssl_lib.c
3366
ctx->cert);
crypto/openssl/ssl/ssl_lib.c
338
if (!d2i_X509(&cert, &p, ilen) || p < data || dlen != (size_t)(p - data)) {
crypto/openssl/ssl/ssl_lib.c
339
X509_free(cert);
crypto/openssl/ssl/ssl_lib.c
3396
sc->cert);
crypto/openssl/ssl/ssl_lib.c
344
if (X509_get0_pubkey(cert) == NULL) {
crypto/openssl/ssl/ssl_lib.c
345
X509_free(cert);
crypto/openssl/ssl/ssl_lib.c
364
X509_free(cert);
crypto/openssl/ssl/ssl_lib.c
375
if ((dane->certs == NULL && (dane->certs = sk_X509_new_null()) == NULL) || !sk_X509_push(dane->certs, cert)) {
crypto/openssl/ssl/ssl_lib.c
377
X509_free(cert);
crypto/openssl/ssl/ssl_lib.c
4095
if ((ret->cert = ssl_cert_new(SSL_PKEY_NUM + ret->sigalg_list_len)) == NULL) {
crypto/openssl/ssl/ssl_lib.c
4103
OSSL_default_cipher_list(), ret->cert)
crypto/openssl/ssl/ssl_lib.c
4390
ssl_cert_free(a->cert);
crypto/openssl/ssl/ssl_lib.c
4545
ssl_cert_set_cert_cb(c->cert, cb, arg);
crypto/openssl/ssl/ssl_lib.c
4555
ssl_cert_set_cert_cb(sc->cert, cb, arg);
crypto/openssl/ssl/ssl_lib.c
4560
CERT *c = s->cert;
crypto/openssl/ssl/ssl_lib.c
4694
CERT_PKEY *cpk = s->s3.tmp.cert;
crypto/openssl/ssl/ssl_lib.c
5166
if (sc->cert != NULL) {
crypto/openssl/ssl/ssl_lib.c
5167
ssl_cert_free(retsc->cert);
crypto/openssl/ssl/ssl_lib.c
5168
retsc->cert = ssl_cert_dup(sc->cert);
crypto/openssl/ssl/ssl_lib.c
5169
if (retsc->cert == NULL)
crypto/openssl/ssl/ssl_lib.c
5243
if (sc->cert != NULL)
crypto/openssl/ssl/ssl_lib.c
5244
return sc->cert->key->x509;
crypto/openssl/ssl/ssl_lib.c
5256
if (sc->cert != NULL)
crypto/openssl/ssl/ssl_lib.c
5257
return sc->cert->key->privatekey;
crypto/openssl/ssl/ssl_lib.c
5264
if (ctx->cert != NULL)
crypto/openssl/ssl/ssl_lib.c
5265
return ctx->cert->key->x509;
crypto/openssl/ssl/ssl_lib.c
5272
if (ctx->cert != NULL)
crypto/openssl/ssl/ssl_lib.c
5273
return ctx->cert->key->privatekey;
crypto/openssl/ssl/ssl_lib.c
5473
new_cert = ssl_cert_dup(ctx->cert);
crypto/openssl/ssl/ssl_lib.c
5476
if (!custom_exts_copy_conn(&new_cert->custext, &sc->cert->custext))
crypto/openssl/ssl/ssl_lib.c
5478
if (!custom_exts_copy_flags(&new_cert->custext, &sc->cert->custext))
crypto/openssl/ssl/ssl_lib.c
5501
ssl_cert_free(sc->cert);
crypto/openssl/ssl/ssl_lib.c
5502
sc->cert = new_cert;
crypto/openssl/ssl/ssl_lib.c
5763
OPENSSL_free(ctx->cert->psk_identity_hint);
crypto/openssl/ssl/ssl_lib.c
5765
ctx->cert->psk_identity_hint = OPENSSL_strdup(identity_hint);
crypto/openssl/ssl/ssl_lib.c
5766
if (ctx->cert->psk_identity_hint == NULL)
crypto/openssl/ssl/ssl_lib.c
5769
ctx->cert->psk_identity_hint = NULL;
crypto/openssl/ssl/ssl_lib.c
5784
OPENSSL_free(sc->cert->psk_identity_hint);
crypto/openssl/ssl/ssl_lib.c
5786
sc->cert->psk_identity_hint = OPENSSL_strdup(identity_hint);
crypto/openssl/ssl/ssl_lib.c
5787
if (sc->cert->psk_identity_hint == NULL)
crypto/openssl/ssl/ssl_lib.c
5790
sc->cert->psk_identity_hint = NULL;
crypto/openssl/ssl/ssl_lib.c
6132
sc->cert->sec_level = level;
crypto/openssl/ssl/ssl_lib.c
6142
return sc->cert->sec_level;
crypto/openssl/ssl/ssl_lib.c
6155
sc->cert->sec_cb = cb;
crypto/openssl/ssl/ssl_lib.c
6168
return sc->cert->sec_cb;
crypto/openssl/ssl/ssl_lib.c
6178
sc->cert->sec_ex = ex;
crypto/openssl/ssl/ssl_lib.c
6188
return sc->cert->sec_ex;
crypto/openssl/ssl/ssl_lib.c
6193
ctx->cert->sec_level = level;
crypto/openssl/ssl/ssl_lib.c
6198
return ctx->cert->sec_level;
crypto/openssl/ssl/ssl_lib.c
6206
ctx->cert->sec_cb = cb;
crypto/openssl/ssl/ssl_lib.c
6216
return ctx->cert->sec_cb;
crypto/openssl/ssl/ssl_lib.c
6221
ctx->cert->sec_ex = ex;
crypto/openssl/ssl/ssl_lib.c
6226
return ctx->cert->sec_ex;
crypto/openssl/ssl/ssl_lib.c
6444
X509 *cert = s->session != NULL ? s->session->peer : NULL;
crypto/openssl/ssl/ssl_lib.c
6446
if (cert != NULL) {
crypto/openssl/ssl/ssl_lib.c
6447
STACK_OF(SCT) *scts = X509_get_ext_d2i(cert, NID_ct_precert_scts, NULL, NULL);
crypto/openssl/ssl/ssl_lib.c
6569
X509 *cert = s->session != NULL ? s->session->peer : NULL;
crypto/openssl/ssl/ssl_lib.c
6586
if (s->ct_validation_callback == NULL || cert == NULL || s->verify_result != X509_V_OK || s->verified_chain == NULL || sk_X509_num(s->verified_chain) <= 1)
crypto/openssl/ssl/ssl_lib.c
6609
CT_POLICY_EVAL_CTX_set1_cert(ctx, cert);
crypto/openssl/ssl/ssl_lib.c
681
OSSL_default_cipher_list(), ctx->cert);
crypto/openssl/ssl/ssl_lib.c
7551
EVP_PKEY_free(sc->cert->dh_tmp);
crypto/openssl/ssl/ssl_lib.c
7552
sc->cert->dh_tmp = dhpkey;
crypto/openssl/ssl/ssl_lib.c
7563
EVP_PKEY_free(ctx->cert->dh_tmp);
crypto/openssl/ssl/ssl_lib.c
7564
ctx->cert->dh_tmp = dhpkey;
crypto/openssl/ssl/ssl_lib.c
783
s->cert = ssl_cert_dup(ctx->cert);
crypto/openssl/ssl/ssl_lib.c
784
if (s->cert == NULL)
crypto/openssl/ssl/ssl_local.h
1396
CERT_PKEY *cert;
crypto/openssl/ssl/ssl_local.h
1524
struct cert_st /* CERT */ *cert;
crypto/openssl/ssl/ssl_local.h
2028
#define tls1_suiteb(s) (s->cert->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS)
crypto/openssl/ssl/ssl_local.h
2479
&& sc->cert->pkeys[idx].privatekey != NULL
crypto/openssl/ssl/ssl_local.h
2480
&& sc->cert->pkeys[idx].x509 == NULL;
crypto/openssl/ssl/ssl_local.h
2510
return s->cert->pkeys[idx].privatekey != NULL;
crypto/openssl/ssl/ssl_local.h
2512
return s->cert->pkeys[idx].x509 != NULL
crypto/openssl/ssl/ssl_local.h
2513
&& s->cert->pkeys[idx].privatekey != NULL;
crypto/openssl/ssl/ssl_local.h
2539
__owur CERT *ssl_cert_dup(CERT *cert);
crypto/openssl/ssl/ssl_local.h
2915
__owur int tls1_save_sigalgs(SSL_CONNECTION *s, PACKET *pkt, int cert);
crypto/openssl/ssl/ssl_local.h
928
struct cert_st /* CERT */ *cert;
crypto/openssl/ssl/ssl_rsa.c
166
ret = ssl_set_pkey(sc->cert, pkey, SSL_CONNECTION_GET_CTX(sc));
crypto/openssl/ssl/ssl_rsa.c
255
return ssl_set_cert(ctx->cert, x, ctx);
crypto/openssl/ssl/ssl_rsa.c
316
X509 *x = NULL, *cert = NULL;
crypto/openssl/ssl/ssl_rsa.c
341
cert = d2i_X509_bio(in, &x);
crypto/openssl/ssl/ssl_rsa.c
344
cert = PEM_read_bio_X509(in, &x, ctx->default_passwd_callback,
crypto/openssl/ssl/ssl_rsa.c
350
if (cert == NULL) {
crypto/openssl/ssl/ssl_rsa.c
390
return ssl_set_pkey(ctx->cert, pkey, ctx);
crypto/openssl/ssl/ssl_rsa.c
51
return ssl_set_cert(sc->cert, x, SSL_CONNECTION_GET_CTX(sc));
crypto/openssl/ssl/ssl_rsa.c
59
X509 *cert = NULL, *x = NULL;
crypto/openssl/ssl/ssl_rsa.c
835
if (ctx->cert->key == NULL) {
crypto/openssl/ssl/ssl_rsa.c
839
new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo,
crypto/openssl/ssl/ssl_rsa.c
84
cert = d2i_X509_bio(in, &x);
crypto/openssl/ssl/ssl_rsa.c
843
ctx->cert->key->serverinfo = new_serverinfo;
crypto/openssl/ssl/ssl_rsa.c
844
memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length);
crypto/openssl/ssl/ssl_rsa.c
845
ctx->cert->key->serverinfo_length = serverinfo_length;
crypto/openssl/ssl/ssl_rsa.c
92
cert = PEM_read_bio_X509(in, &x, sc->default_passwd_callback,
crypto/openssl/ssl/ssl_rsa.c
99
if (cert == NULL) {
crypto/openssl/ssl/ssl_rsa.c
994
c = sc != NULL ? sc->cert : ctx->cert;
crypto/openssl/ssl/statem/extensions.c
428
num_exts = builtin_num + s->cert->custext.meths_count;
crypto/openssl/ssl/statem/extensions.c
439
meth = custom_ext_find(&s->cert->custext, role, thisext->type,
crypto/openssl/ssl/statem/extensions.c
565
custom_ext_methods *exts = &s->cert->custext;
crypto/openssl/ssl/statem/extensions.c
576
custom_ext_init(&s->cert->custext);
crypto/openssl/ssl/statem/extensions.c
746
numexts += s->cert->custext.meths_count;
crypto/openssl/ssl/statem/extensions.c
834
custom_ext_init(&s->cert->custext);
crypto/openssl/ssl/statem/extensions_clnt.c
1575
if (custom_ext_find(&s->cert->custext, role,
crypto/openssl/ssl/statem/extensions_cust.c
119
custom_ext_methods *exts = &s->cert->custext;
crypto/openssl/ssl/statem/extensions_cust.c
176
custom_ext_methods *exts = &s->cert->custext;
crypto/openssl/ssl/statem/extensions_cust.c
396
return custom_ext_find(&ctx->cert->custext, ENDPOINT_CLIENT, ext_type,
crypto/openssl/ssl/statem/extensions_cust.c
420
exts = &ctx->cert->custext;
crypto/openssl/ssl/statem/statem_clnt.c
3710
if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT && !tls1_check_chain(s, NULL, NULL, NULL, -2))
crypto/openssl/ssl/statem/statem_clnt.c
3724
if (s->cert->cert_cb) {
crypto/openssl/ssl/statem/statem_clnt.c
3725
i = s->cert->cert_cb(ssl, s->cert->cert_cb_arg);
crypto/openssl/ssl/statem/statem_clnt.c
3820
cpk = s->cert->key;
crypto/openssl/ssl/statem/statem_clnt.c
3890
if (!ssl3_output_cert_chain(sc, &tmppkt, sc->cert->key, 0)) {
crypto/openssl/ssl/statem/statem_lib.c
1044
else if (s->cert->chain_store)
crypto/openssl/ssl/statem/statem_lib.c
1045
chain_store = s->cert->chain_store;
crypto/openssl/ssl/statem/statem_lib.c
1945
if (s->psk_find_session_cb != NULL || s->cert->cert_cb != NULL)
crypto/openssl/ssl/statem/statem_lib.c
1969
curve = ssl_get_EC_curve_nid(s->cert->pkeys[SSL_PKEY_ECC].privatekey);
crypto/openssl/ssl/statem/statem_lib.c
326
if (lu == NULL || s->s3.tmp.cert == NULL) {
crypto/openssl/ssl/statem/statem_lib.c
330
pkey = s->s3.tmp.cert->privatekey;
crypto/openssl/ssl/statem/statem_srvr.c
2196
if (s->s3.tmp.cert != NULL) {
crypto/openssl/ssl/statem/statem_srvr.c
2201
s->cert->key = s->s3.tmp.cert;
crypto/openssl/ssl/statem/statem_srvr.c
2328
if (!s->hit && s->cert->cert_cb != NULL) {
crypto/openssl/ssl/statem/statem_srvr.c
2329
int rv = s->cert->cert_cb(ussl, s->cert->cert_cb_arg);
crypto/openssl/ssl/statem/statem_srvr.c
2588
CERT *cert = s->cert;
crypto/openssl/ssl/statem/statem_srvr.c
2591
if (s->cert->dh_tmp_auto) {
crypto/openssl/ssl/statem/statem_srvr.c
2599
pkdhp = cert->dh_tmp;
crypto/openssl/ssl/statem/statem_srvr.c
2602
if ((pkdhp == NULL) && (s->cert->dh_tmp_cb != NULL)) {
crypto/openssl/ssl/statem/statem_srvr.c
2603
pkdh = ssl_dh_to_pkey(s->cert->dh_tmp_cb(SSL_CONNECTION_GET_USER_SSL(s),
crypto/openssl/ssl/statem/statem_srvr.c
2713
size_t len = (s->cert->psk_identity_hint == NULL)
crypto/openssl/ssl/statem/statem_srvr.c
2715
: strlen(s->cert->psk_identity_hint);
crypto/openssl/ssl/statem/statem_srvr.c
2722
|| !WPACKET_sub_memcpy_u16(pkt, s->cert->psk_identity_hint,
crypto/openssl/ssl/statem/statem_srvr.c
2792
EVP_PKEY *pkey = s->s3.tmp.cert->privatekey;
crypto/openssl/ssl/statem/statem_srvr.c
3006
rsa = s->cert->pkeys[SSL_PKEY_RSA].privatekey;
crypto/openssl/ssl/statem/statem_srvr.c
3259
pk = s->cert->pkeys[SSL_PKEY_GOST12_512].privatekey;
crypto/openssl/ssl/statem/statem_srvr.c
3261
pk = s->cert->pkeys[SSL_PKEY_GOST12_256].privatekey;
crypto/openssl/ssl/statem/statem_srvr.c
3264
pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
crypto/openssl/ssl/statem/statem_srvr.c
3267
pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
crypto/openssl/ssl/statem/statem_srvr.c
3368
pk = s->cert->pkeys[SSL_PKEY_GOST12_512].privatekey != NULL ? s->cert->pkeys[SSL_PKEY_GOST12_512].privatekey : s->cert->pkeys[SSL_PKEY_GOST12_256].privatekey;
crypto/openssl/ssl/statem/statem_srvr.c
371
&& s->cert->psk_identity_hint)
crypto/openssl/ssl/statem/statem_srvr.c
3857
CERT_PKEY *cpk = s->s3.tmp.cert;
crypto/openssl/ssl/statem/statem_srvr.c
3897
OSSL_COMP_CERT *cc = sc->s3.tmp.cert->comp_cert[alg];
crypto/openssl/ssl/statem/statem_srvr.c
3914
sc->s3.tmp.cert->cert_comp_used++;
crypto/openssl/ssl/statem/statem_srvr.c
396
if (sc->s3.tmp.cert == NULL)
crypto/openssl/ssl/statem/statem_srvr.c
400
if (sc->s3.tmp.cert->comp_cert[*alg] != NULL)
crypto/openssl/ssl/t1_lib.c
2479
if (s->cert->pkeys[real_idx].privatekey != NULL) {
crypto/openssl/ssl/t1_lib.c
2494
if (s->cert->pkeys[real_idx].privatekey != NULL) {
crypto/openssl/ssl/t1_lib.c
2501
idx = s->cert->key - s->cert->pkeys;
crypto/openssl/ssl/t1_lib.c
2562
if ((s->server == sent) && s->cert->client_sigalgs != NULL) {
crypto/openssl/ssl/t1_lib.c
2563
*psigs = s->cert->client_sigalgs;
crypto/openssl/ssl/t1_lib.c
2564
return s->cert->client_sigalgslen;
crypto/openssl/ssl/t1_lib.c
2565
} else if (s->cert->conf_sigalgs) {
crypto/openssl/ssl/t1_lib.c
2566
*psigs = s->cert->conf_sigalgs;
crypto/openssl/ssl/t1_lib.c
2567
return s->cert->conf_sigalgslen;
crypto/openssl/ssl/t1_lib.c
2583
if (s->cert->conf_sigalgs) {
crypto/openssl/ssl/t1_lib.c
2584
sigs = s->cert->conf_sigalgs;
crypto/openssl/ssl/t1_lib.c
2585
siglen = s->cert->conf_sigalgslen;
crypto/openssl/ssl/t1_lib.c
2812
if (i == sent_sigslen && (lu->hash != NID_sha1 || s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)) {
crypto/openssl/ssl/t1_lib.c
3506
CERT *c = s->cert;
crypto/openssl/ssl/t1_lib.c
3576
int tls1_save_sigalgs(SSL_CONNECTION *s, PACKET *pkt, int cert)
crypto/openssl/ssl/t1_lib.c
3582
if (s->cert == NULL)
crypto/openssl/ssl/t1_lib.c
3585
if (cert)
crypto/openssl/ssl/t1_lib.c
4013
CERT *c = s->cert;
crypto/openssl/ssl/t1_lib.c
4304
if (s->cert->dh_tmp_auto != 2) {
crypto/openssl/ssl/t1_lib.c
4311
if (s->s3.tmp.cert == NULL)
crypto/openssl/ssl/t1_lib.c
4313
dh_secbits = EVP_PKEY_get_security_bits(s->s3.tmp.cert->privatekey);
crypto/openssl/ssl/t1_lib.c
4550
return check_cert_usable(s, sig, s->cert->pkeys[idx].x509,
crypto/openssl/ssl/t1_lib.c
4551
s->cert->pkeys[idx].privatekey);
crypto/openssl/ssl/t1_lib.c
4606
: s->cert->pkeys[lu->sig_idx].privatekey;
crypto/openssl/ssl/t1_lib.c
4643
s->s3.tmp.cert = NULL;
crypto/openssl/ssl/t1_lib.c
4659
if (!s->server && !ssl_has_cert(s, s->cert->key - s->cert->pkeys))
crypto/openssl/ssl/t1_lib.c
4670
curve = ssl_get_EC_curve_nid(s->cert->pkeys[SSL_PKEY_ECC]
crypto/openssl/ssl/t1_lib.c
4686
int cc_idx = s->cert->key - s->cert->pkeys;
crypto/openssl/ssl/t1_lib.c
4697
EVP_PKEY *pkey = s->cert->pkeys[sig_idx].privatekey;
crypto/openssl/ssl/t1_lib.c
4776
s->s3.tmp.cert = &s->cert->pkeys[sig_idx];
crypto/openssl/ssl/t1_lib.c
4777
s->cert->key = s->s3.tmp.cert;
crypto/openssl/test/algorithmid_test.c
104
static int test_x509_spki_aid(X509 *cert, const char *filename)
crypto/openssl/test/algorithmid_test.c
106
X509_PUBKEY *pubkey = X509_get_X509_PUBKEY(cert);
crypto/openssl/test/asynciotest.c
24
static char *cert = NULL;
crypto/openssl/test/asynciotest.c
302
&serverctx, &clientctx, cert, privkey)))
crypto/openssl/test/asynciotest.c
402
if (!TEST_ptr(cert = test_get_argument(0))
crypto/openssl/test/cert_comp_test.c
165
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/cert_comp_test.c
216
if (!TEST_int_eq(sc->cert->key->cert_comp_used, 0))
crypto/openssl/test/cert_comp_test.c
224
if (!TEST_int_gt(sc->cert->key->cert_comp_used, 0))
crypto/openssl/test/cert_comp_test.c
262
cert = test_mk_file_path(certsdir, "servercert.pem");
crypto/openssl/test/cert_comp_test.c
263
if (cert == NULL)
crypto/openssl/test/cert_comp_test.c
274
OPENSSL_free(cert);
crypto/openssl/test/cert_comp_test.c
285
OPENSSL_free(cert);
crypto/openssl/test/cert_comp_test.c
38
static char *cert = NULL;
crypto/openssl/test/cert_comp_test.c
52
in = BIO_new_file(cert, "r");
crypto/openssl/test/cmp_client_test.c
356
static int test_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info,
crypto/openssl/test/cmp_ctx_test.c
105
X509_free(cert);
crypto/openssl/test/cmp_ctx_test.c
341
static int test_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info,
crypto/openssl/test/cmp_ctx_test.c
65
X509 *cert = X509_new();
crypto/openssl/test/cmp_ctx_test.c
77
|| !ossl_cmp_ctx_set1_validatedSrvCert(ctx, cert)
crypto/openssl/test/cmp_ctx_test.c
775
DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 0, cert, X509)
crypto/openssl/test/cmp_msg_test.c
170
|| !TEST_true(OSSL_CMP_CTX_set1_cert(fixture->cmp_ctx, cert))) {
crypto/openssl/test/cmp_msg_test.c
258
|| !TEST_true(OSSL_CMP_CTX_set1_oldCert(fixture->cmp_ctx, cert))) {
crypto/openssl/test/cmp_msg_test.c
286
X509_dup(cert)))) {
crypto/openssl/test/cmp_msg_test.c
300
X509_dup(cert)))) {
crypto/openssl/test/cmp_msg_test.c
314
X509_dup(cert)))) {
crypto/openssl/test/cmp_msg_test.c
350
if (!TEST_true(OSSL_CMP_CTX_set1_oldCert(fixture->cmp_ctx, cert))) {
crypto/openssl/test/cmp_msg_test.c
391
if ((cresp->certifiedKeyPair->certOrEncCert->value.certificate = X509_dup(cert)) == NULL
crypto/openssl/test/cmp_msg_test.c
401
if (certfromresp == NULL || !TEST_int_eq(X509_cmp(cert, certfromresp), 0))
crypto/openssl/test/cmp_msg_test.c
532
X509_free(cert);
crypto/openssl/test/cmp_msg_test.c
559
|| !TEST_ptr(cert = load_cert_pem(server_cert_f, libctx))
crypto/openssl/test/cmp_msg_test.c
67
static X509 *cert = NULL;
crypto/openssl/test/cmp_protect_test.c
28
X509 *cert;
crypto/openssl/test/cmp_protect_test.c
339
STACK_OF(X509) *chain = X509_build_chain(fixture->cert, fixture->certs, NULL,
crypto/openssl/test/cmp_protect_test.c
354
chain = X509_build_chain(fixture->cert, fixture->certs, store,
crypto/openssl/test/cmp_protect_test.c
372
fixture->cert = endentity2;
crypto/openssl/test/cmp_protect_test.c
398
fixture->cert = endentity2;
crypto/openssl/test/cmp_protect_test.c
416
fixture->cert = endentity2;
crypto/openssl/test/cmp_protect_test.c
435
fixture->cert = root;
crypto/openssl/test/cmp_protect_test.c
452
fixture->cert = endentity2;
crypto/openssl/test/cmp_vfy_test.c
142
return res && (!fixture->expected || TEST_ptr_eq(validated, fixture->cert));
crypto/openssl/test/cmp_vfy_test.c
150
ts, fixture->cert));
crypto/openssl/test/cmp_vfy_test.c
159
fixture->cert = NULL;
crypto/openssl/test/cmp_vfy_test.c
197
fixture->cert = NULL;
crypto/openssl/test/cmp_vfy_test.c
211
static int add_trusted(OSSL_CMP_CTX *ctx, X509 *cert)
crypto/openssl/test/cmp_vfy_test.c
213
return X509_STORE_add_cert(OSSL_CMP_CTX_get0_trusted(ctx), cert);
crypto/openssl/test/cmp_vfy_test.c
216
static int add_untrusted(OSSL_CMP_CTX *ctx, X509 *cert)
crypto/openssl/test/cmp_vfy_test.c
218
return X509_add_cert(OSSL_CMP_CTX_get0_untrusted(ctx), cert,
crypto/openssl/test/cmp_vfy_test.c
227
fixture->cert = srvcert;
crypto/openssl/test/cmp_vfy_test.c
262
fixture->cert = srvcert;
crypto/openssl/test/cmp_vfy_test.c
304
fixture->cert = insta_cert;
crypto/openssl/test/cmp_vfy_test.c
319
fixture->cert = insta_cert;
crypto/openssl/test/cmp_vfy_test.c
340
fixture->cert = sk_X509_value(fixture->msg->extraCerts, 1); /* Insta CA */
crypto/openssl/test/cmp_vfy_test.c
35
X509 *cert;
crypto/openssl/test/cmp_vfy_test.c
363
fixture->cert = srvcert;
crypto/openssl/test/cmp_vfy_test.c
401
(*fixture)->cert = endentity2;
crypto/openssl/test/cmsapitest.c
20
static X509 *cert = NULL;
crypto/openssl/test/cmsapitest.c
39
if (!TEST_int_gt(sk_X509_push(certstack, cert), 0))
crypto/openssl/test/cmsapitest.c
46
if (!TEST_true(CMS_decrypt(content, privkey, cert, NULL, outmsgbio,
crypto/openssl/test/cmsapitest.c
497
if (!TEST_false(CMS_decrypt(cms, privkey, cert, NULL, out, 0)))
crypto/openssl/test/cmsapitest.c
52
NULL, privkey, cert, NULL,
crypto/openssl/test/cmsapitest.c
536
if (!TEST_true(PEM_read_bio_X509(certbio, &cert, NULL, NULL))) {
crypto/openssl/test/cmsapitest.c
544
X509_free(cert);
crypto/openssl/test/cmsapitest.c
545
cert = NULL;
crypto/openssl/test/cmsapitest.c
550
X509_free(cert);
crypto/openssl/test/cmsapitest.c
551
cert = NULL;
crypto/openssl/test/cmsapitest.c
572
X509_free(cert);
crypto/openssl/test/cmsapitest.c
98
&& TEST_ptr(CMS_add1_signer(cms, cert, privkey, NULL, 0))
crypto/openssl/test/cmsapitest.c
99
&& TEST_true(CMS_add1_cert(cms, cert)); /* add cert again */
crypto/openssl/test/ct_test.c
100
cert = PEM_read_bio_X509(cert_io, NULL, NULL, NULL);
crypto/openssl/test/ct_test.c
105
return cert;
crypto/openssl/test/ct_test.c
226
X509 *cert = NULL, *issuer = NULL;
crypto/openssl/test/ct_test.c
255
if (!TEST_ptr(cert = load_pem_cert(fixture->certs_dir,
crypto/openssl/test/ct_test.c
259
CT_POLICY_EVAL_CTX_set1_cert(ct_policy_ctx, cert);
crypto/openssl/test/ct_test.c
268
sct_extension_index = X509_get_ext_by_NID(cert, NID_ct_precert_scts, -1);
crypto/openssl/test/ct_test.c
269
sct_extension = X509_get_ext(cert, sct_extension_index);
crypto/openssl/test/ct_test.c
304
if (fixture->test_validity && cert != NULL) {
crypto/openssl/test/ct_test.c
322
X509_free(cert);
crypto/openssl/test/ct_test.c
93
X509 *cert = NULL;
crypto/openssl/test/danetest.c
114
X509 *cert;
crypto/openssl/test/danetest.c
117
if (!TEST_ptr(cert = d(0, &p, len))
crypto/openssl/test/danetest.c
123
if (!TEST_true(sk_X509_push(chain, cert)))
crypto/openssl/test/dtlstest.c
19
static char *cert = NULL;
crypto/openssl/test/dtlstest.c
200
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/dtlstest.c
314
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/dtlstest.c
354
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/dtlstest.c
420
&sctx, NULL, cert, privkey)))
crypto/openssl/test/dtlstest.c
485
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/dtlstest.c
598
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/dtlstest.c
694
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/dtlstest.c
742
if (!TEST_ptr(cert = test_get_argument(0))
crypto/openssl/test/dtlstest.c
82
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/enginetest.c
360
X509 *cert = NULL, *dupcert = NULL;
crypto/openssl/test/enginetest.c
367
|| !TEST_ptr(cert = PEM_read_bio_X509(b, NULL, NULL, NULL)))
crypto/openssl/test/enginetest.c
371
if (!TEST_ptr(dupcert = X509_dup(cert)))
crypto/openssl/test/enginetest.c
376
if (!TEST_ptr(pubkey = X509_get_X509_PUBKEY(cert))
crypto/openssl/test/enginetest.c
385
X509_free(cert);
crypto/openssl/test/enginetest.c
386
cert = NULL;
crypto/openssl/test/enginetest.c
403
|| !TEST_ptr(cert = PEM_read_bio_X509(b, NULL, NULL, NULL)))
crypto/openssl/test/enginetest.c
407
if (!TEST_ptr(dupcert = X509_dup(cert)))
crypto/openssl/test/enginetest.c
410
if (!TEST_ptr(pubkey = X509_get_X509_PUBKEY(cert))
crypto/openssl/test/enginetest.c
419
X509_free(cert);
crypto/openssl/test/evp_libctx_test.c
264
X509 *cert = NULL;
crypto/openssl/test/evp_libctx_test.c
336
|| !TEST_ptr(cert = X509_new_ex(libctx, NULL))
crypto/openssl/test/evp_libctx_test.c
337
|| !TEST_ptr(d2i_X509_bio(bio, &cert)))
crypto/openssl/test/evp_libctx_test.c
341
X509_free(cert);
crypto/openssl/test/fatalerrtest.c
16
static char *cert = NULL;
crypto/openssl/test/fatalerrtest.c
33
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/fatalerrtest.c
94
if (!TEST_ptr(cert = test_get_argument(0))
crypto/openssl/test/helpers/cmp_testlib.c
63
int STACK_OF_X509_push1(STACK_OF(X509) *sk, X509 *cert)
crypto/openssl/test/helpers/cmp_testlib.c
67
if (sk == NULL || cert == NULL)
crypto/openssl/test/helpers/cmp_testlib.c
69
if (!X509_up_ref(cert))
crypto/openssl/test/helpers/cmp_testlib.c
71
res = sk_X509_push(sk, cert);
crypto/openssl/test/helpers/cmp_testlib.c
73
X509_free(cert); /* down-ref */
crypto/openssl/test/helpers/cmp_testlib.h
27
int STACK_OF_X509_push1(STACK_OF(X509) *sk, X509 *cert);
crypto/openssl/test/helpers/pkcs12.c
374
X509 *cert = NULL;
crypto/openssl/test/helpers/pkcs12.c
380
cert = load_cert_asn1(bytes, len);
crypto/openssl/test/helpers/pkcs12.c
381
if (!TEST_ptr(cert)) {
crypto/openssl/test/helpers/pkcs12.c
386
name = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
crypto/openssl/test/helpers/pkcs12.c
390
bag = PKCS12_add_cert(&pb->bags, cert);
crypto/openssl/test/helpers/pkcs12.c
401
X509_free(cert);
crypto/openssl/test/helpers/pkcs12.c
77
X509 *cert = NULL;
crypto/openssl/test/helpers/pkcs12.c
79
cert = d2i_X509(NULL, &bytes, len);
crypto/openssl/test/helpers/pkcs12.c
80
if (!TEST_ptr(cert))
crypto/openssl/test/helpers/pkcs12.c
83
return cert;
crypto/openssl/test/keymgmt_internal_test.c
302
X509 *cert = NULL;
crypto/openssl/test/keymgmt_internal_test.c
320
if ((cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)) == NULL) {
crypto/openssl/test/keymgmt_internal_test.c
327
pubkey = X509_get_X509_PUBKEY(cert);
crypto/openssl/test/keymgmt_internal_test.c
349
X509_free(cert);
crypto/openssl/test/localetest.c
110
cert = d2i_X509(NULL, &p, sizeof(der_bytes));
crypto/openssl/test/localetest.c
111
if (!TEST_ptr(cert))
crypto/openssl/test/localetest.c
114
cert_pubkey = X509_get_X509_PUBKEY(cert);
crypto/openssl/test/localetest.c
116
X509_free(cert);
crypto/openssl/test/localetest.c
121
X509_free(cert);
crypto/openssl/test/localetest.c
125
X509_free(cert);
crypto/openssl/test/localetest.c
97
X509 *cert = NULL;
crypto/openssl/test/ocspapitest.c
28
X509 *cert = NULL;
crypto/openssl/test/ocspapitest.c
33
cert = PEM_read_bio_X509(certbio, NULL, NULL, NULL);
crypto/openssl/test/ocspapitest.c
39
if (!TEST_ptr(cert) || !TEST_ptr(key))
crypto/openssl/test/ocspapitest.c
41
*cert_out = cert;
crypto/openssl/test/ocspapitest.c
45
X509_free(cert);
crypto/openssl/test/ocspapitest.c
53
X509 *cert = NULL;
crypto/openssl/test/ocspapitest.c
57
cert = PEM_read_bio_X509(certbio, NULL, NULL, NULL);
crypto/openssl/test/ocspapitest.c
59
if (!TEST_ptr(cert))
crypto/openssl/test/ocspapitest.c
61
*cert_out = cert;
crypto/openssl/test/ocspapitest.c
64
X509_free(cert);
crypto/openssl/test/pkcs12_api_test.c
108
X509 *cert = NULL;
crypto/openssl/test/pkcs12_api_test.c
116
if (!TEST_true(PKCS12_parse(p12, in_pass, &key, &cert, &ca)))
crypto/openssl/test/pkcs12_api_test.c
121
if ((has_cert && !TEST_ptr(cert)) || (!has_cert && !TEST_ptr_null(cert)))
crypto/openssl/test/pkcs12_api_test.c
125
if (has_key && !changepass(p12, key, cert, ca))
crypto/openssl/test/pkcs12_api_test.c
132
X509_free(cert);
crypto/openssl/test/pkcs12_api_test.c
143
static PKCS12 *pkcs12_create_ex2_setup(EVP_PKEY **key, X509 **cert, STACK_OF(X509) **ca)
crypto/openssl/test/pkcs12_api_test.c
150
if (!TEST_true(PKCS12_parse(p12, "", key, cert, ca)))
crypto/openssl/test/pkcs12_api_test.c
164
X509 *cert = NULL;
crypto/openssl/test/pkcs12_api_test.c
167
p12 = pkcs12_create_ex2_setup(&key, &cert, &ca);
crypto/openssl/test/pkcs12_api_test.c
182
if (!TEST_ptr(cert))
crypto/openssl/test/pkcs12_api_test.c
188
cert, NULL, NID_undef, NID_undef,
crypto/openssl/test/pkcs12_api_test.c
199
cert, NULL, NID_undef, NID_undef,
crypto/openssl/test/pkcs12_api_test.c
210
cert, NULL, NID_undef, NID_undef,
crypto/openssl/test/pkcs12_api_test.c
224
X509_free(cert);
crypto/openssl/test/pkcs12_api_test.c
261
X509 *cert = NULL;
crypto/openssl/test/pkcs12_api_test.c
267
if (!TEST_true(PKCS12_parse(p12, in_pass, &key, &cert, &ca)))
crypto/openssl/test/pkcs12_api_test.c
271
if (!TEST_ptr(p12 = PKCS12_create_ex2("pass", NULL, key, cert, ca,
crypto/openssl/test/pkcs12_api_test.c
280
X509_free(cert);
crypto/openssl/test/pkcs12_api_test.c
64
static int changepass(PKCS12 *p12, EVP_PKEY *key, X509 *cert, STACK_OF(X509) *ca)
crypto/openssl/test/pkcs12_api_test.c
90
if (!TEST_ptr(cert2) || !TEST_int_eq(X509_cmp(cert, cert2), 0))
crypto/openssl/test/pkcs12_format_test.c
3512
X509 *cert = NULL;
crypto/openssl/test/pkcs12_format_test.c
3523
cert = d2i_X509(NULL, &cert_bytes, sizeof(CERT1));
crypto/openssl/test/pkcs12_format_test.c
3524
if (!TEST_ptr(cert))
crypto/openssl/test/pkcs12_format_test.c
3529
p12 = PKCS12_create("pass", NULL, pkey, cert, NULL, NID_aes_256_cbc,
crypto/openssl/test/pkcs12_format_test.c
3569
X509_free(cert);
crypto/openssl/test/pkcs7_test.c
134
X509 *cert = NULL;
crypto/openssl/test/pkcs7_test.c
156
&& TEST_ptr(cert = d2i_X509_bio(x509_bio, NULL))
crypto/openssl/test/pkcs7_test.c
159
&& TEST_true(X509_STORE_add_cert(store, cert))
crypto/openssl/test/pkcs7_test.c
166
X509_free(cert);
crypto/openssl/test/pkcs7_test.c
225
X509 *cert = NULL;
crypto/openssl/test/pkcs7_test.c
368
&& TEST_ptr(cert = d2i_X509_bio(x509_bio, NULL))
crypto/openssl/test/pkcs7_test.c
371
&& TEST_true(X509_STORE_add_cert(store, cert))
crypto/openssl/test/pkcs7_test.c
382
X509_free(cert);
crypto/openssl/test/quic_newcid_test.c
16
static char *cert = NULL;
crypto/openssl/test/quic_newcid_test.c
163
cert = test_mk_file_path(certsdir, "servercert.pem");
crypto/openssl/test/quic_newcid_test.c
164
if (cert == NULL)
crypto/openssl/test/quic_newcid_test.c
176
OPENSSL_free(cert);
crypto/openssl/test/quic_newcid_test.c
183
OPENSSL_free(cert);
crypto/openssl/test/quic_newcid_test.c
70
if (!TEST_true(qtest_create_quic_objects(NULL, cctx, NULL, cert, privkey, 0,
crypto/openssl/test/quicapitest.c
1050
|| !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
1127
|| !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
1192
if (!TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert, privkey,
crypto/openssl/test/quicapitest.c
1323
if (!TEST_true(qtest_create_quic_objects(libctx, cctx, sctx, cert,
crypto/openssl/test/quicapitest.c
1330
|| !TEST_true(ssl_ctx_add_large_cert_chain(libctx, sctx, cert)))
crypto/openssl/test/quicapitest.c
1400
|| !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
1450
|| !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
1566
|| !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
1670
|| !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
230
cert, privkey,
crypto/openssl/test/quicapitest.c
2303
if (!TEST_true(qtest_create_quic_objects(libctx, c_ctx, NULL, cert,
crypto/openssl/test/quicapitest.c
2389
if (!TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
2478
|| !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
2545
|| !TEST_true(SSL_CTX_use_certificate_file(ssl_ctx, cert, SSL_FILETYPE_PEM))
crypto/openssl/test/quicapitest.c
27
static char *cert = NULL;
crypto/openssl/test/quicapitest.c
2992
cert = test_mk_file_path(certsdir, "servercert.pem");
crypto/openssl/test/quicapitest.c
2993
if (cert == NULL)
crypto/openssl/test/quicapitest.c
3056
OPENSSL_free(cert);
crypto/openssl/test/quicapitest.c
404
|| !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
445
|| !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
568
|| !TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
592
if (!TEST_true(qtest_create_quic_objects(libctx, cctx, NULL, cert,
crypto/openssl/test/quicapitest.c
71
cert, privkey,
crypto/openssl/test/quicapitest.c
926
if (!TEST_true(qtest_create_quic_objects(libctx, NULL, NULL, cert, privkey,
crypto/openssl/test/quicfaultstest.c
107
if (!TEST_true(qtest_create_quic_objects(NULL, cctx, NULL, cert, privkey, 0,
crypto/openssl/test/quicfaultstest.c
16
static char *cert = NULL;
crypto/openssl/test/quicfaultstest.c
189
if (!TEST_true(qtest_create_quic_objects(NULL, cctx, NULL, cert, privkey, 0,
crypto/openssl/test/quicfaultstest.c
276
if (!TEST_true(qtest_create_quic_objects(NULL, cctx, NULL, cert, privkey,
crypto/openssl/test/quicfaultstest.c
37
if (!TEST_true(qtest_create_quic_objects(NULL, cctx, NULL, cert, privkey, 0,
crypto/openssl/test/quicfaultstest.c
386
cert = test_mk_file_path(certsdir, "servercert.pem");
crypto/openssl/test/quicfaultstest.c
387
if (cert == NULL)
crypto/openssl/test/quicfaultstest.c
402
OPENSSL_free(cert);
crypto/openssl/test/quicfaultstest.c
409
OPENSSL_free(cert);
crypto/openssl/test/recordlentest.c
107
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/recordlentest.c
15
static char *cert = NULL;
crypto/openssl/test/recordlentest.c
193
if (!TEST_ptr(cert = test_get_argument(0))
crypto/openssl/test/rpktest.c
151
cert_file = cert;
crypto/openssl/test/rpktest.c
160
other_cert_file = cert;
crypto/openssl/test/rpktest.c
167
other_cert_file = cert;
crypto/openssl/test/rpktest.c
173
other_cert_file = cert;
crypto/openssl/test/rpktest.c
27
static char *cert = NULL;
crypto/openssl/test/rpktest.c
736
cert = test_mk_file_path(certsdir, "servercert.pem");
crypto/openssl/test/rpktest.c
737
if (cert == NULL)
crypto/openssl/test/rpktest.c
783
OPENSSL_free(cert);
crypto/openssl/test/servername_test.c
209
&sctx, &cctx, cert, privkey))
crypto/openssl/test/servername_test.c
260
if (!TEST_ptr(cert = test_get_argument(0))
crypto/openssl/test/servername_test.c
31
static char *cert = NULL;
crypto/openssl/test/ssl_handshake_rtt_test.c
36
static char *cert = NULL;
crypto/openssl/test/ssl_handshake_rtt_test.c
69
&sctx, &cctx, cert, privkey))
crypto/openssl/test/ssl_old_test.c
777
X509 *cert;
crypto/openssl/test/ssl_old_test.c
785
cert = SSL_get0_peer_certificate(c_ssl);
crypto/openssl/test/ssl_old_test.c
786
if (cert != NULL) {
crypto/openssl/test/ssl_old_test.c
787
EVP_PKEY *pubkey = X509_get0_pubkey(cert);
crypto/openssl/test/sslapitest.c
1002
if (!ssl_ctx_add_large_cert_chain(libctx, sctx, cert))
crypto/openssl/test/sslapitest.c
10020
if (!TEST_size_t_eq(ctx->cert->conf_sigalgslen, 2)
crypto/openssl/test/sslapitest.c
10021
|| !TEST_int_eq(ctx->cert->conf_sigalgs[0], TLSEXT_SIGALG_rsa_pkcs1_sha256)
crypto/openssl/test/sslapitest.c
10022
|| !TEST_int_eq(ctx->cert->conf_sigalgs[1], TLSEXT_SIGALG_rsa_pkcs1_sha512))
crypto/openssl/test/sslapitest.c
10029
if (!TEST_size_t_eq(ctx->cert->client_sigalgslen, 2)
crypto/openssl/test/sslapitest.c
10030
|| !TEST_int_eq(ctx->cert->client_sigalgs[0], TLSEXT_SIGALG_rsa_pkcs1_sha256)
crypto/openssl/test/sslapitest.c
10031
|| !TEST_int_eq(ctx->cert->client_sigalgs[1], TLSEXT_SIGALG_rsa_pkcs1_sha512))
crypto/openssl/test/sslapitest.c
10188
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
10310
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
10523
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
10609
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
10797
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
10902
thiscert = cert;
crypto/openssl/test/sslapitest.c
11011
&sctx2, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
11069
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
11433
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
11534
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
11661
TLS1_2_VERSION, &sctx, &cctx, cert,
crypto/openssl/test/sslapitest.c
1171
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
11921
version, &sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
11990
0, &sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
12077
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
12084
if ((idx & 1) == 1 && !ssl_ctx_add_large_cert_chain(libctx, sctx, cert))
crypto/openssl/test/sslapitest.c
12158
cert, privkey)))
crypto/openssl/test/sslapitest.c
12311
max_version, &sctx, &cctx, cert,
crypto/openssl/test/sslapitest.c
12552
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
12652
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
13049
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
13055
&sctx2, NULL, cert, privkey)))
crypto/openssl/test/sslapitest.c
13209
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
13362
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
13428
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
1346
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
13512
cert,
crypto/openssl/test/sslapitest.c
13558
NULL, 0, 0, &sctx, NULL, cert, privkey)))
crypto/openssl/test/sslapitest.c
13676
cert = test_mk_file_path(certsdir, "servercert.pem");
crypto/openssl/test/sslapitest.c
13677
if (cert == NULL)
crypto/openssl/test/sslapitest.c
13924
OPENSSL_free(cert);
crypto/openssl/test/sslapitest.c
13936
OPENSSL_free(cert);
crypto/openssl/test/sslapitest.c
1651
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
1733
&sctx, &cctx, cert,
crypto/openssl/test/sslapitest.c
1916
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
2001
if (!TEST_ptr(certbio = BIO_new_file(cert, "r"))
crypto/openssl/test/sslapitest.c
2089
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
2483
sctx, cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
2968
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
3204
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
3443
sctx, cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
376
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
3815
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
3976
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
459
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
4746
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
4816
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
5127
max_version, &sctx, &cctx, cert,
crypto/openssl/test/sslapitest.c
5325
max_version, &sctx, &cctx, cert,
crypto/openssl/test/sslapitest.c
5514
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
5619
&sctx, &cctx, idx == 3 ? NULL : cert,
crypto/openssl/test/sslapitest.c
5869
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
5907
NULL, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
5994
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
6223
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
6229
&sctx2, NULL, cert, privkey)))
crypto/openssl/test/sslapitest.c
6245
if (!TEST_int_eq(SSL_CTX_use_certificate_file(cctx, cert,
crypto/openssl/test/sslapitest.c
6520
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
6608
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
6853
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
6916
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
7009
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
7094
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
7183
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
7284
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
7480
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
769
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
7704
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
812
&sctx, &cctx, cert, privkey)) {
crypto/openssl/test/sslapitest.c
8175
tlsvers, tlsvers, &sctx, &cctx, cert,
crypto/openssl/test/sslapitest.c
8241
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
8248
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
8422
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
86
static char *cert = NULL;
crypto/openssl/test/sslapitest.c
8696
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
878
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
8805
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
8878
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
9020
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
9138
if (!TEST_true(SSL_use_certificate_file(s, cert, SSL_FILETYPE_PEM))
crypto/openssl/test/sslapitest.c
9293
in = BIO_new_file(cert, "r");
crypto/openssl/test/sslapitest.c
9338
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
9401
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslapitest.c
9558
max_version, &sctx, &cctx, cert,
crypto/openssl/test/sslapitest.c
9755
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslapitest.c
977
max_version, &sctx, &cctx, cert,
crypto/openssl/test/sslapitest.c
9888
&sctx, &cctx, cert, privkey))
crypto/openssl/test/sslbuffertest.c
345
char *cert, *pkey;
crypto/openssl/test/sslbuffertest.c
352
if (!TEST_ptr(cert = test_get_argument(0))
crypto/openssl/test/sslbuffertest.c
358
&serverctx, &clientctx, cert, pkey)) {
crypto/openssl/test/sslcorrupttest.c
178
static char *cert = NULL;
crypto/openssl/test/sslcorrupttest.c
199
&sctx, &cctx, cert, privkey)))
crypto/openssl/test/sslcorrupttest.c
265
if (!TEST_ptr(cert = test_get_argument(0))
crypto/openssl/test/testutil/load.c
20
X509 *cert = NULL;
crypto/openssl/test/testutil/load.c
26
&& TEST_ptr(cert = X509_new_ex(libctx, NULL)))
crypto/openssl/test/testutil/load.c
27
(void)TEST_ptr(cert = PEM_read_bio_X509(bio, &cert, NULL, NULL));
crypto/openssl/test/testutil/load.c
30
return cert;
crypto/openssl/test/tls13ccstest.c
16
static char *cert = NULL;
crypto/openssl/test/tls13ccstest.c
261
&sctx, &cctx, cert, privkey))
crypto/openssl/test/tls13ccstest.c
498
if (!TEST_ptr(cert = test_get_argument(0))
crypto/openssl/test/tls13groupselection_test.c
379
cert, privkey));
crypto/openssl/test/tls13groupselection_test.c
420
cert, privkey));
crypto/openssl/test/tls13groupselection_test.c
49
static char *cert = NULL;
crypto/openssl/test/tls13groupselection_test.c
548
if (!TEST_ptr(cert = test_get_argument(0))
crypto/openssl/test/verify_extra_test.c
183
X509 *cert = load_cert_from_file(filename); /* may result in NULL */
crypto/openssl/test/verify_extra_test.c
188
ret = TEST_int_eq(X509_self_signed(cert, 1), expected);
crypto/openssl/test/verify_extra_test.c
190
if (cert != NULL) {
crypto/openssl/test/verify_extra_test.c
192
ret = ret && TEST_true(sk_X509_push(trusted, cert));
crypto/openssl/test/verify_extra_test.c
193
ret = ret && TEST_true(X509_STORE_CTX_init(ctx, NULL, cert, NULL));
crypto/openssl/test/verify_extra_test.c
200
X509_free(cert);
crypto/openssl/test/x509aux.c
100
err = X509_cmp(reuse, cert);
crypto/openssl/test/x509aux.c
110
enclen = i2d(cert, &buf);
crypto/openssl/test/x509aux.c
129
enclen = i2d(cert, &buf);
crypto/openssl/test/x509aux.c
147
X509_free(cert);
crypto/openssl/test/x509aux.c
40
X509 *cert = NULL;
crypto/openssl/test/x509aux.c
54
cert = d2i(NULL, &p, len);
crypto/openssl/test/x509aux.c
56
if (cert == NULL || (p - data) != len) {
crypto/openssl/test/x509aux.c
63
enclen = i2d(cert, NULL);
crypto/openssl/test/x509aux.c
75
enclen = i2d(cert, &bufp);
lib/libfetch/common.c
1014
fetch_ssl_verify_hname(X509 *cert, const char *host)
lib/libfetch/common.c
1023
altnames = X509_get_ext_d2i(cert, NID_subject_alt_name,
lib/libfetch/common.c
1029
subject = X509_get_subject_name(cert);
lib/libsecureboot/vets.c
264
X509_to_tbs(unsigned char* cert, size_t* output_size)
lib/libsecureboot/vets.c
270
if (cert == NULL)
lib/libsecureboot/vets.c
279
if ((*cert & ASN1_PRIMITIVE_TAG) == ASN1_PRIMITIVE_TAG)
lib/libsecureboot/vets.c
282
cert++;
lib/libsecureboot/vets.c
284
if (*cert == ASN1_INF_LENGTH)
lib/libsecureboot/vets.c
287
size = *cert & ASN1_LENGTH_MASK;
lib/libsecureboot/vets.c
291
if (*cert & (ASN1_LENGTH_MASK + 1)) {
lib/libsecureboot/vets.c
292
cert++;
lib/libsecureboot/vets.c
293
while (*cert == 0 && size > 0) {
lib/libsecureboot/vets.c
294
cert++;
lib/libsecureboot/vets.c
299
tbs_size |= *(cert++);
lib/libsecureboot/vets.c
303
result = cert;
lib/libsecureboot/vets.c
305
tbs_size += (cert - result);
sys/dev/pms/RefTisa/sallsdk/api/saapi.h
564
void *cert);
sys/dev/pms/RefTisa/sallsdk/spc/sampidefs.h
1854
bit32 cert[10]; /* 3 12 */
sys/dev/pms/RefTisa/sallsdk/spc/saport.c
1360
void *cert
sys/dev/pms/RefTisa/sallsdk/spc/saport.c
1367
SA_DBG1(("saSetOperator, flag 0x%x cert %p\n",flag, cert));
sys/dev/pms/RefTisa/sallsdk/spc/saport.c
1372
si_memcpy((bit8*)SetOperatorCmd.cert, (bit8*)cert, 40);
sys/dev/pms/RefTisa/tisa/api/tiapi.h
237
void *cert
sys/dev/pms/RefTisa/tisa/api/titypes.h
576
bit8 cert[40]; /* Operator Certificate (CERT) [40 bytes] */
sys/dev/pms/RefTisa/tisa/sassata/common/tdport.c
6070
void *cert
sys/dev/pms/RefTisa/tisa/sassata/common/tdport.c
6095
cert);
tests/sys/kern/ssl_sendfile.c
103
ATF_REQUIRE(c->cert = X509_new());
tests/sys/kern/ssl_sendfile.c
104
ASN1_INTEGER_set(X509_get_serialNumber(c->cert), 1);
tests/sys/kern/ssl_sendfile.c
105
X509_set_version(c->cert, 2);
tests/sys/kern/ssl_sendfile.c
106
X509_gmtime_adj(X509_get_notBefore(c->cert), 0);
tests/sys/kern/ssl_sendfile.c
107
X509_gmtime_adj(X509_get_notAfter(c->cert), 60L*60*24*365);
tests/sys/kern/ssl_sendfile.c
108
X509_set_pubkey(c->cert, c->pkey);
tests/sys/kern/ssl_sendfile.c
109
name = X509_get_subject_name(c->cert);
tests/sys/kern/ssl_sendfile.c
112
X509_set_issuer_name(c->cert, name);
tests/sys/kern/ssl_sendfile.c
115
X509_add_ext(c->cert, ext, -1);
tests/sys/kern/ssl_sendfile.c
117
ATF_REQUIRE(X509_sign(c->cert, c->pkey, EVP_sha256()) > 0);
tests/sys/kern/ssl_sendfile.c
147
c->cert));
tests/sys/kern/ssl_sendfile.c
179
X509_free(c->cert);
tests/sys/kern/ssl_sendfile.c
199
SSL_CTX_use_certificate(srv, c->cert);
tests/sys/kern/ssl_sendfile.c
49
X509 *cert; /* ... and certificate */
usr.sbin/certctl/certctl.c
225
RB_ENTRY(cert) entry;
usr.sbin/certctl/certctl.c
233
free_cert(struct cert *cert)
usr.sbin/certctl/certctl.c
235
free(cert->name);
usr.sbin/certctl/certctl.c
236
X509_free(cert->x509);
usr.sbin/certctl/certctl.c
237
free(cert->path);
usr.sbin/certctl/certctl.c
238
free(cert);
usr.sbin/certctl/certctl.c
242
certcmp(const struct cert *a, const struct cert *b)
usr.sbin/certctl/certctl.c
247
RB_HEAD(cert_tree, cert);
usr.sbin/certctl/certctl.c
250
RB_GENERATE_STATIC(cert_tree, cert, entry, certcmp);
usr.sbin/certctl/certctl.c
255
struct cert *cert, *tmp;
usr.sbin/certctl/certctl.c
257
RB_FOREACH_SAFE(cert, cert_tree, tree, tmp) {
usr.sbin/certctl/certctl.c
258
RB_REMOVE(cert_tree, tree, cert);
usr.sbin/certctl/certctl.c
259
free_cert(cert);
usr.sbin/certctl/certctl.c
263
static struct cert *
usr.sbin/certctl/certctl.c
266
struct cert needle = { .x509 = x509 };
usr.sbin/certctl/certctl.c
279
const struct cert *cert;
usr.sbin/certctl/certctl.c
286
if (a->cert->hash > b->cert->hash)
usr.sbin/certctl/certctl.c
288
if (a->cert->hash < b->cert->hash)
usr.sbin/certctl/certctl.c
318
struct cert *cert;
usr.sbin/certctl/certctl.c
340
if ((cert = calloc(1, sizeof(*cert))) == NULL)
usr.sbin/certctl/certctl.c
342
cert->x509 = x509;
usr.sbin/certctl/certctl.c
344
cert->hash = X509_NAME_hash_ex(name, NULL, NULL, NULL);
usr.sbin/certctl/certctl.c
348
if ((cert->name = malloc(len + 1)) == NULL)
usr.sbin/certctl/certctl.c
351
cert->name, len + 1);
usr.sbin/certctl/certctl.c
354
cert->name = X509_NAME_oneline(name, NULL, 0);
usr.sbin/certctl/certctl.c
356
cert->path = xstrdup(unexpand_path(path));
usr.sbin/certctl/certctl.c
357
if (RB_INSERT(cert_tree, tree, cert) != NULL)
usr.sbin/certctl/certctl.c
359
info("%08lx: %s", cert->hash, cert->name);
usr.sbin/certctl/certctl.c
421
struct cert *cert;
usr.sbin/certctl/certctl.c
433
RB_FOREACH(cert, cert_tree, tree) {
usr.sbin/certctl/certctl.c
436
file->cert = cert;
usr.sbin/certctl/certctl.c
441
errx(1, "unable to disambiguate %08lx", cert->hash);
usr.sbin/certctl/certctl.c
442
free(cert->path);
usr.sbin/certctl/certctl.c
443
cert->path = xasprintf("%08lx.%d", cert->hash, file->c);
usr.sbin/certctl/certctl.c
478
path = file->cert->path;
usr.sbin/certctl/certctl.c
488
path = file->cert->path;
usr.sbin/certctl/certctl.c
531
!PEM_write_X509(f, file->cert->x509)) {
usr.sbin/certctl/certctl.c
578
struct cert *cert;
usr.sbin/certctl/certctl.c
606
RB_FOREACH(cert, cert_tree, tree) {
usr.sbin/certctl/certctl.c
607
if (!PEM_write_X509(f, cert->x509)) {
usr.sbin/certctl/certctl.c
778
struct cert *cert;
usr.sbin/certctl/certctl.c
781
RB_FOREACH(cert, cert_tree, tree) {
usr.sbin/certctl/certctl.c
782
path = longnames ? NULL : strrchr(cert->path, '/');
usr.sbin/certctl/certctl.c
783
name = longnames ? NULL : strrchr(cert->name, '=');
usr.sbin/certctl/certctl.c
784
printf("%s\t%s\n", path ? path + 1 : cert->path,
usr.sbin/certctl/certctl.c
785
name ? name + 1 : cert->name);
usr.sbin/certctl/certctl.c
870
struct cert *cert, *other, *tmp;
usr.sbin/certctl/certctl.c
904
RB_FOREACH_SAFE(cert, cert_tree, &extra, tmp) {
usr.sbin/certctl/certctl.c
905
RB_REMOVE(cert_tree, &extra, cert);
usr.sbin/certctl/certctl.c
906
RB_INSERT(cert_tree, &trusted, cert);
usr.sbin/certctl/certctl.c
907
if ((other = RB_FIND(cert_tree, &untrusted, cert)) != NULL) {
usr.sbin/certctl/certctl.c
908
warnx("%s was previously untrusted", cert->name);
usr.sbin/pkg/pkg.c
561
char *sig, *cert, *type;
usr.sbin/pkg/pkg.c
569
sig = cert = type = NULL;
usr.sbin/pkg/pkg.c
593
certfp = open_memstream(&cert, &certsz);
usr.sbin/pkg/pkg.c
642
strcmp(&cert[certsz - 4], "END\n") == 0)
usr.sbin/pkg/pkg.c
645
sc->cert = cert;
usr.sbin/pkg/pkg.c
787
hash = sha256_buf(sc->cert, sc->certlen);
usr.sbin/pkg/pkg.c
822
if (pkgsign_verify_cert(sctx, fd_pkg, NULL, sc->cert, sc->certlen,
usr.sbin/pkg/pkg.c
837
free(sc->cert);
usr.sbin/pkg/pkg.h
62
unsigned char *cert;
usr.sbin/pkg/rsa.c
65
load_public_key_buf(const unsigned char *cert, int certlen)
usr.sbin/pkg/rsa.c
71
bp = BIO_new_mem_buf(__DECONST(void *, cert), certlen);
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
257
X509 *cert;
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
269
argp->certname.certname_len, &cert);
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
289
newslp->cert = cert;
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
357
if (slp->cert != NULL)
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
358
X509_free(slp->cert);
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
525
X509 *cert;
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
599
cert = SSL_get1_peer_certificate(ssl);
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
601
cert = SSL_get_peer_certificate(ssl);
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
603
if (cert == NULL) {
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
615
rpctls_checkhost(sad, cert, X509_CHECK_FLAG_NO_WILDCARDS) != 1))
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
620
cp = X509_NAME_oneline(X509_get_issuer_name(cert),
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
622
cp2 = X509_NAME_oneline(X509_get_subject_name(cert),
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
637
X509_free(cert);
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
655
X509_free(cert);
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
661
*certp = cert;
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
663
X509_free(cert);
usr.sbin/rpc.tlsservd/rpc.tlscommon.c
192
if (slp->cert != NULL) {
usr.sbin/rpc.tlsservd/rpc.tlscommon.c
194
slp->cert);
usr.sbin/rpc.tlsservd/rpc.tlscommon.c
204
X509_get_subject_name(slp->cert),
usr.sbin/rpc.tlsservd/rpc.tlscommon.c
207
X509_get_issuer_name(slp->cert),
usr.sbin/rpc.tlsservd/rpc.tlscommon.c
256
rpctls_checkhost(struct sockaddr *sad, X509 *cert, unsigned int wildcard)
usr.sbin/rpc.tlsservd/rpc.tlscommon.c
267
ret = X509_check_host(cert, hostnam, strlen(hostnam),
usr.sbin/rpc.tlsservd/rpc.tlscommon.h
33
int rpctls_checkhost(struct sockaddr *sad, X509 *cert,
usr.sbin/rpc.tlsservd/rpc.tlscommon.h
53
X509 *cert;
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
109
static int rpctls_cnname(X509 *cert, uint32_t *uidp,
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
399
X509 *cert;
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
423
ssl = rpctls_server(rpctls_ctx, s, &flags, &uid, &ngrps, gidp, &cert);
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
459
newslp->cert = cert;
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
549
if (slp->cert != NULL)
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
550
X509_free(slp->cert);
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
722
X509 *cert;
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
761
cert = SSL_get1_peer_certificate(ssl);
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
763
cert = SSL_get_peer_certificate(ssl);
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
765
if (cert != NULL) {
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
773
X509_get_subject_name(cert), NULL, 0);
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
778
X509_get_issuer_name(cert), NULL, 0);
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
805
cert, rpctls_wildcard);
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
816
ret = rpctls_cnname(cert, uidp,
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
822
*certp = cert;
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
823
cert = NULL;
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
825
if (cert != NULL)
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
826
X509_free(cert);
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
897
rpctls_cnname(X509 *cert, uint32_t *uidp, int *ngrps, uint32_t *gidp)
usr.sbin/rpc.tlsservd/rpc.tlsservd.c
909
genlist = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
usr.sbin/uefisign/uefisign.c
241
sign(X509 *cert, EVP_PKEY *key, int pipefd)
usr.sbin/uefisign/uefisign.c
251
assert(cert != NULL);
usr.sbin/uefisign/uefisign.c
274
info = PKCS7_sign_add_signer(pkcs7, cert, key, md, 0);
usr.sbin/uefisign/uefisign.c
340
X509 *cert = NULL;
usr.sbin/uefisign/uefisign.c
420
cert = PEM_read_X509(certfp, NULL, NULL, NULL);
usr.sbin/uefisign/uefisign.c
421
if (cert == NULL) {
usr.sbin/uefisign/uefisign.c
433
sign(cert, key, pipefds[0]);
