| /osnet-11/usr/src/lib/libpkg/common/ |
| H A D | security.c | 85 * cert - User cert to start with
95 get_cert_chain(PKG_ERR *err, X509 *cert, STACK_OF(X509) *clcerts, argument
130 (void) X509_STORE_CTX_init(store_ctx, ca_store, cert, clcerts);
131 /* attempt to verify the cert, which builds the cert chain */
135 get_subject_display_name(cert),
157 * Arguments: cert - The certificate to get the name from
160 * subject of the cert.
166 *get_subject_display_name(X509 *cert) argument
197 get_issuer_display_name(X509 *cert) argument
228 get_serial_num(X509 *cert) argument
256 get_fingerprint(X509 *cert, const EVP_MD *alg) argument
[all...] |
| H A D | p12lib.c | 201 STACK_OF(X509) *, X509 **cert);
219 * Parse and decrypt a PKCS#12 structure returning user key, user cert and/or
221 * or it should point to a valid STACK_OF(X509) structure. pkey and cert can
236 * cert - Points to locaiton which points to the client cert returned
247 * 1) Find the key and/or cert whose localkeyid attributes matches
249 * 2) Find the key and/or cert whose friendlyname attributes matches
251 * 3) Return the first matching key/cert pair found.
252 * 4) Return the last matching key/cert pair found.
253 * 5) Return whatever cert an
340 X509_free(*cert); variable
645 X509 *cert = NULL; local
954 sunw_set_localkeyid(const char *keyid_str, int keyid_len, EVP_PKEY *pkey, X509 *cert) argument
1320 sunw_get_cert_fname(getdo_actions_t dowhat, X509 *cert, char **fname) argument
1370 sunw_set_fname(const char *ascname, EVP_PKEY *pkey, X509 *cert) argument
1465 sunw_check_keys(X509 *cert, EVP_PKEY *pkey) argument
1490 sunw_check_cert_times(chk_actions_t chkwhat, X509 *cert) argument
1536 parse_pkcs12(PKCS12 *p12, const char *pass, int matchty, char *keyid, int kstr_len, char *name_str, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) argument
2249 get_key_cert(int n, STACK_OF(EVP_PKEY) *kl, EVP_PKEY **pkey, STACK_OF(X509) *cl, X509 **cert) argument
2518 check_time(chk_actions_t chkwhat, X509 *cert) argument
2589 find_attr(int nid, ASN1_STRING *str, STACK_OF(EVP_PKEY) *kl, EVP_PKEY **pkey, STACK_OF(X509) *cl, X509 **cert) argument
[all...] |
| H A D | keystore.c | 128 X509 *cert; local
134 /* print out each client cert */
136 cert = sk_X509_value(keystore->clcerts, i);
137 (void) sunw_get_cert_fname(GETDO_COPY, cert,
144 get_subject_display_name(cert));
155 (void) print_cert(err, cert, format,
169 /* print out each trusted cert */
171 cert = sk_X509_value(keystore->cacerts, i);
173 cert, &fname);
179 get_subject_display_name(cert));
624 find_key_cert_pair(PKG_ERR *err, keystore_handle_t ks_h, char *alias, EVP_PKEY **key, X509 **cert) argument
775 merge_cert_and_key(PKG_ERR *err, X509 *cert, EVP_PKEY *key, char *alias, keystore_handle_t keystore_h) argument
993 check_cert(PKG_ERR *err, X509 *cert) argument
1058 check_cert_and_key(PKG_ERR *err, X509 *cert, EVP_PKEY *key) argument
[all...] |
| H A D | pkgweb.c | 891 /* find the issuer of the current cert */
892 chaincerts = p7->d.sign->cert;
897 /* were we not able to find the issuer cert */
1024 * cert is invalid. if 'ok' is non-zero, then we do our
1025 * checks, and return 0 or 1 based on if the cert is
1058 /* don't perform OCSP unless cert has required OCSP extensions */
1069 * ok we have the current cert
1077 * responder did not indicate the cert was valid. We
1147 * Arguments: cert - The cert t
1153 get_ocsp_uri(X509 *cert, char **uri) argument
1199 ocsp_verify(PKG_ERR *err, X509 *cert, X509 *issuer, char *uri, url_hport_t *proxy, STACK_OF(X509) *cas) argument
[all...] |
| /osnet-11/usr/src/lib/libkmf/libkmf/common/ |
| H A D | mapping.c | 311 kmf_map_cert_to_name(KMF_HANDLE_T handle, KMF_DATA *cert, KMF_DATA *name) argument
328 return (cert2name(handle, cert, name));
336 kmf_match_cert_to_name(KMF_HANDLE_T handle, KMF_DATA *cert, argument
356 return (cert2name(handle, cert, name_to_match, mapped_name));
|
| H A D | certgetsetop.c | 121 * parse the cert data and return the data associated with
134 KMF_X509_CERTIFICATE *cert = NULL; local
141 ret = DerDecodeSignedCertificate(certdata, &cert);
145 if (cert->certificate.extensions.numberOfExtensions == 0) {
151 i < cert->certificate.extensions.numberOfExtensions;
153 eptr = &cert->certificate.extensions.extensions[i];
163 if (cert != NULL) {
164 kmf_free_signed_cert(cert);
165 free(cert);
189 KMF_X509_CERTIFICATE *cert; local
1605 kmf_get_cert_extn_str(KMF_HANDLE_T handle, const KMF_DATA *cert, KMF_PRINTABLE_ITEM extension, char **result) argument
1639 KMF_X509_CERTIFICATE *cert = NULL; local
1695 kmf_get_cert_validity(const KMF_DATA *cert, time_t *not_before, time_t *not_after) argument
[all...] |
| H A D | certop.c | 53 get_keyalg_from_cert(KMF_DATA *cert, KMF_KEY_ALG *keyalg) argument
59 rv = DerDecodeSignedCertificate(cert, &SignerCert);
112 KMF_DATA *cert = NULL; local
138 cert = kmf_get_attr_ptr(KMF_CERT_DATA_ATTR, attrlist, numattr);
139 if (cert == NULL)
142 ret = get_keyalg_from_cert(cert, &keyalg);
167 const KMF_DATA *cert,
175 if (handle == NULL || cert == NULL)
181 ret = kmf_get_cert_ku(cert, &keyusage);
184 * If absent or error, the cert i
166 check_key_usage(void *handle, const KMF_DATA *cert, const KMF_KU_PURPOSE purpose) argument
328 setup_findprikey_attrlist(KMF_ATTRIBUTE *src_attrlist, int src_num, KMF_ATTRIBUTE **new_attrlist, int *new_num, KMF_KEY_HANDLE *key, KMF_DATA *cert) argument
421 check_for_basic_constraint(KMF_DATA *cert) argument
1087 KMF_DATA *cert; local
1184 KMF_DATA *cert = NULL; local
1402 cert_get_crl(KMF_HANDLE_T handle, const KMF_DATA *cert, char *proxy, char *filename, char **retn_uri, KMF_ENCODE_FORMAT *format) argument
1970 cert_ku_check(KMF_HANDLE_T handle, KMF_DATA *cert) argument
2030 cert_eku_check(KMF_HANDLE_T handle, KMF_DATA *cert) argument
2784 kmf_check_cert_date(KMF_HANDLE_T handle, const KMF_DATA *cert) argument
[all...] |
| /osnet-11/usr/src/lib/libkmf/mappers/kmf_mapper_cn/common/ |
| H A D | mapper_cn.c | 88 mapper_map_cert_to_name(KMF_HANDLE_T h, KMF_DATA *cert, KMF_DATA *name) argument
98 if ((rv = kmf_get_cert_subject_str(h, cert, &dn)) != KMF_OK)
150 mapper_match_cert_to_name(KMF_HANDLE_T h, KMF_DATA *cert, argument
166 if ((rv = mapper_map_cert_to_name(h, cert, &get_name)) != KMF_OK)
|
| /osnet-11/usr/src/lib/krb5/plugins/preauth/pkinit/ |
| H A D | pkinit_crypto_openssl.h | 58 X509 *cert; member in struct:_pkinit_cred_info
70 int cert_index; /* cert to use out of available certs*/
187 EVP_PKEY *pkey, X509 *cert);
|
| H A D | pkinit_crypto_openssl.c | 95 #define CMS_get1_certs(_p7) (_p7->d.sign->cert)
618 X509 *cert = NULL; local
638 cert = (X509 *) PEM_read_bio_X509(tmp, NULL, NULL, NULL);
639 if (cert == NULL) {
644 *retcert = cert;
1005 X509 *cert = NULL; local
1026 /* create a cert chain that has at least the signer's certificate */
1030 cert = sk_X509_value(id_cryptoctx->my_certs, id_cryptoctx->cert_index);
1033 sk_X509_push(cert_stack, X509_dup(cert));
1035 /* create a cert chai
1990 crypto_retrieve_X509_sans(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, X509 *cert, krb5_principal **princs_ret, krb5_principal **upn_ret, unsigned char ***dns_ret) argument
3926 CK_BYTE_PTR cert = NULL, cert_id = NULL; local
4612 X509 *cert; local
4935 decode_data(unsigned char **out_data, unsigned int *out_data_len, unsigned char *data, unsigned int data_len, EVP_PKEY *pkey, X509 *cert) argument
6528 X509 *cert = req_cryptoctx->received_cert; local
6688 X509 *cert = sk_X509_value(id_cryptoctx->my_certs, local
[all...] |
| /osnet-11/usr/src/lib/libslp/javalib/com/sun/slp/ |
| H A D | AuthBlock.java | 35 import java.security.cert.*;
289 * cert has been signed by someDN.
302 X509Certificate cert = getCert(someDN, ks);
305 myCert.getSubjectDN().toString(), cert.getSubjectDN());
310 * is in ab's cert chain.
313 // Get cert for input DN
338 // Get cert for input DN
370 X509Certificate cert = getSignAsCert();
373 if (cert == null) {
378 String DN = cert
867 checkSPIs(X509Certificate cert, KeyStore ks) argument
[all...] |
| /osnet-11/usr/src/lib/libelfsign/common/ |
| H A D | elfcertlib.c | 77 * cert
85 * We then verify the given cert using the publickey of a TA.
86 * If the passed in cert is a TA or it has been verified already we
91 elfcertlib_verifycert(ELFsign_t ess, ELFCert_t cert) argument
99 if ((cert->c_verified == E_OK) || (cert->c_verified == E_IS_TA)) {
122 KMF_CERT_DATA_ATTR, &cert->c_cert.certificate,
133 cert, CAp->CA_cert); local
134 cert->c_verified = E_OK;
146 * cert_pathname - path to cert (Ma
159 ELFCert_t cert = NULL; local
272 (ess->es_callbackctx, cert, local
325 elfcertlib_loadprivatekey(ELFsign_t ess, ELFCert_t cert, const char *pathname) argument
383 elfcertlib_loadtokenkey(ELFsign_t ess, ELFCert_t cert, const char *token_label, const char *pin) argument
477 elfcertlib_sign(ELFsign_t ess, ELFCert_t cert, const uchar_t *data, size_t data_len, uchar_t *sig, size_t *sig_len) argument
561 elfcertlib_verifysig(ELFsign_t ess, ELFCert_t cert, const uchar_t *signature, size_t sig_len, const uchar_t *data, size_t data_len) argument
616 elfcertlib_getdn(ELFCert_t cert) argument
631 elfcertlib_getissuer(ELFCert_t cert) argument
723 elfcertlib_releasecert(ELFsign_t ess, ELFCert_t cert) argument
738 ELFCert_t cert = NULL; local
764 elfcertlib_freecert(ELFsign_t ess, ELFCert_t cert) argument
[all...] |
| H A D | elfsignlib.c | 430 ELFCert_t cert = NULL; local
435 &cert, ess->es_action)) {
436 if ((subject = elfcertlib_getdn(cert)) != NULL) {
446 elfcertlib_releasecert(ess, cert);
1028 ELFCert_t cert = NULL; local
1040 * Find out which cert we need, based on who signed the ELF object
1088 if (cert != NULL)
1089 elfcertlib_releasecert(ess, cert);
1095 fsx.fsx_signer_DN, &cert, ess->es_action)) {
1109 !elfcertlib_verifycert(ess, cert)) {
1152 (ess->es_callbackctx, fssp, fslen, cert); local
[all...] |
| /osnet-11/usr/src/cmd/sendmail/src/ |
| H A D | tls.c | 334 # define TLS_S_CERT_EX 0x00000001 /* cert file exists */
335 # define TLS_S_CERT_OK 0x00000002 /* cert file is ok */
338 # define TLS_S_CERTP_EX 0x00000010 /* CA cert path exists */
339 # define TLS_S_CERTP_OK 0x00000020 /* CA cert path is ok */
340 # define TLS_S_CERTF_EX 0x00000040 /* CA cert file exists */
341 # define TLS_S_CERTF_OK 0x00000080 /* CA cert file is ok */
346 # define TLS_S_CERT2_EX 0x00001000 /* 2nd cert file exists */
347 # define TLS_S_CERT2_OK 0x00002000 /* 2nd cert file is ok */
352 # define TLS_S_DH_OK 0x00200000 /* DH cert is ok */
1055 ** SSL_VERIFY_PEER requests a client cert bu
1176 X509 *cert; local
1596 X509 *cert; local
[all...] |
| /osnet-11/usr/src/lib/pkcs11/pkcs11_softtoken/common/ |
| H A D | softKeystore.c | 520 * cert: TRUE for certificate (use cert_dest)
535 cert_attr_t **cert_dest, ulong_t *offset, boolean_t cert)
550 if (cert) {
1337 certificate_obj_t *cert; local
1758 cert = calloc(1, sizeof (certificate_obj_t));
1759 if (cert == NULL) {
1762 (void) memset((void *)cert, 0, sizeof (certificate_obj_t));
1764 cert->certificate_type = certtype;
1765 objp->object_class_u.certificate = cert;
1771 &cert
534 soft_unpack_obj_attribute(uchar_t *buf, biginteger_t *key_dest, cert_attr_t **cert_dest, ulong_t *offset, boolean_t cert) argument
[all...] |
| H A D | softAttributeUtil.c | 493 certificate_obj_t *cert; local
497 cert = calloc(1, sizeof (certificate_obj_t));
498 if (cert == NULL) {
506 &cert->cert_type_u.x509.subject)))
510 &cert->cert_type_u.x509.value)))
516 &cert->cert_type_u.x509_attr.owner)))
520 &cert->cert_type_u.x509_attr.value)))
528 *newcert = cert;
530 free(cert);
3460 certificate_obj_t *cert; local
[all...] |
| /osnet-11/usr/src/lib/libldap5/sources/ldap/ssldap/ |
| H A D | ldapsinit.c | 51 #include <cert.h>
725 /* this function provides cert authentication. This is called during
726 * the SSL_Handshake process. Once the cert has been retrieved from
737 CERTCertificate *cert; local
755 cert = SSL_PeerCertificate( fd );
757 rv = CERT_VerifyCertNow(sseip->lssei_certdbh, cert, checkSig,
765 /* cert is OK. This is the client side of an SSL connection.
766 * Now check the name field in the cert against the desired hostname.
774 rv = CERT_VerifyCertName(cert, hostname);
789 * called during SSL client auth. when server wants our cert an
814 CERTCertificate *cert; local
880 CERTCertificate *cert = NULL; local
[all...] |
| /osnet-11/usr/src/lib/libkmf/plugins/kmf_nss/common/ |
| H A D | nss_spi.c | 40 #include <mps/cert.h>
396 /* this is an invalid cert, reject it */
406 /* this is a valid cert, reject it in this case. */
467 der.Data = node->cert->derIssuer.data;
468 der.Length = node->cert->derIssuer.len;
481 der.Data = node->cert->derSubject.data;
482 der.Length = node->cert->derSubject.len;
497 sernum = &node->cert->serialNumber;
512 ret = CERT_CertTimesValid(node->cert);
514 /* this is an invalid cert */
691 CERTCertificate *cert = NULL; local
1235 KMF_DATA *cert = NULL; local
1737 add_cert_to_bag(SEC_PKCS12ExportContext *p12ecx, CERTCertificate *cert, SECItem *pwitem) argument
2199 KMF_DATA *cert; local
2286 store_cert(KMF_HANDLE_T handle, PK11SlotInfo *nss_slot, KMF_DATA *cert, char *label, char *trust_flag) argument
2357 KMF_DATA *cert = NULL; local
2396 KMF_DATA cert = {NULL, 0}; local
2567 CERTCertificate *cert = NULL; local
2847 CERTCertificate *cert = NULL; local
[all...] |
| /osnet-11/usr/src/lib/libslp/clib/ |
| H A D | slp_ami.h | 360 struct ami_cert *cert; member in union:ami_extcert_or_cert::__anon2590
835 const int, /* IN: length of cert chain */
847 int *)); /* OUT: length of cert chain */
856 int *)); /* OUT: length of cert chain */
869 const char *, /* IN: cert filename or repository index */
|
| /osnet-11/usr/src/lib/libkmf/plugins/kmf_pkcs11/common/ |
| H A D | pkcs11_spi.c | 1121 * Convert it to a CSSM cert and then parse the fields so
1192 * The cert object handle is actually "leaked" here. If the app
1230 KMF_DATA *cert = NULL; local
1240 cert = kmf_get_attr_ptr(KMF_CERT_DATA_ATTR, attrlist, numattr);
1241 if (cert == NULL || cert->Data == NULL || cert->Length == 0)
1254 rv = CreateCertObject(handle, label, cert);
1277 * Get the input cert filename attribute, check if it is a valid
2214 KMF_DATA *cert local
3238 KMF_DATA *cert = NULL; local
[all...] |
| /osnet-11/usr/src/lib/libkmf/plugins/kmf_openssl/common/ |
| H A D | openssl_spi.c | 410 ssl_cert2KMFDATA(KMF_HANDLE *kmfh, X509 *x509cert, KMF_DATA *cert) argument
442 cert->Data = buf;
443 cert->Length = len;
449 cert->Data = NULL;
450 cert->Length = 0;
721 /* Remove this cert from the list by clearing it. */
754 KMF_DATA *cert)
760 if (rv == KMF_OK && x509cert != NULL && cert != NULL) {
761 rv = ssl_cert2KMFDATA(kmfh, x509cert, cert);
766 rv = kmf_check_cert_date(kmfh, cert);
750 kmf_load_cert(KMF_HANDLE *kmfh, char *issuer, char *subject, KMF_BIGINT *serial, KMF_CERT_VALIDITY validity, char *pathname, KMF_DATA *cert) argument
1211 KMF_DATA *cert = NULL; local
2358 X509 *cert = NULL; local
4192 KMF_X509_DER_CERT cert; local
4388 X509 *cert = sk_X509_value(sslcert, i); local
[all...] |
| /osnet-11/usr/src/lib/libntfs/common/include/ntfs/ |
| H A D | layout.h | 2991 } __attribute__((__packed__)) cert; member in union:__anon2133::__anon2134
|