/osnet-11/usr/src/lib/libelfsign/common/ |
H A D | elfcertlib.c | 77 * cert 85 * We then verify the given cert using the publickey of a TA. 86 * If the passed in cert is a TA or it has been verified already we 91 elfcertlib_verifycert(ELFsign_t ess, ELFCert_t cert) argument 99 if ((cert->c_verified == E_OK) || (cert->c_verified == E_IS_TA)) { 122 KMF_CERT_DATA_ATTR, &cert->c_cert.certificate, 133 cert, CAp->CA_cert); local 134 cert->c_verified = E_OK; 146 * cert_pathname - path to cert (Ma 159 ELFCert_t cert = NULL; local 272 (ess->es_callbackctx, cert, local 325 elfcertlib_loadprivatekey(ELFsign_t ess, ELFCert_t cert, const char *pathname) argument 383 elfcertlib_loadtokenkey(ELFsign_t ess, ELFCert_t cert, const char *token_label, const char *pin) argument 477 elfcertlib_sign(ELFsign_t ess, ELFCert_t cert, const uchar_t *data, size_t data_len, uchar_t *sig, size_t *sig_len) argument 561 elfcertlib_verifysig(ELFsign_t ess, ELFCert_t cert, const uchar_t *signature, size_t sig_len, const uchar_t *data, size_t data_len) argument 616 elfcertlib_getdn(ELFCert_t cert) argument 631 elfcertlib_getissuer(ELFCert_t cert) argument 723 elfcertlib_releasecert(ELFsign_t ess, ELFCert_t cert) argument 738 ELFCert_t cert = NULL; local 764 elfcertlib_freecert(ELFsign_t ess, ELFCert_t cert) argument [all...] |
H A D | libelfsign.h | 167 extern char *elfcertlib_getdn(ELFCert_t cert); 168 extern char *elfcertlib_getissuer(ELFCert_t cert); 170 extern boolean_t elfcertlib_loadprivatekey(ELFsign_t ess, ELFCert_t cert, 172 extern boolean_t elfcertlib_loadtokenkey(ELFsign_t ess, ELFCert_t cert, 175 extern boolean_t elfcertlib_sign(ELFsign_t ess, ELFCert_t cert, 179 extern boolean_t elfcertlib_verifycert(ELFsign_t ess, ELFCert_t cert); 180 extern boolean_t elfcertlib_verifysig(ELFsign_t ess, ELFCert_t cert,
|
H A D | elfsignlib.c | 430 ELFCert_t cert = NULL; local 435 &cert, ess->es_action)) { 436 if ((subject = elfcertlib_getdn(cert)) != NULL) { 446 elfcertlib_releasecert(ess, cert); 1028 ELFCert_t cert = NULL; local 1040 * Find out which cert we need, based on who signed the ELF object 1088 if (cert != NULL) 1089 elfcertlib_releasecert(ess, cert); 1095 fsx.fsx_signer_DN, &cert, ess->es_action)) { 1109 !elfcertlib_verifycert(ess, cert)) { 1152 (ess->es_callbackctx, fssp, fslen, cert); local [all...] |
/osnet-11/usr/src/lib/libpkg/common/ |
H A D | security.c | 85 * cert - User cert to start with 95 get_cert_chain(PKG_ERR *err, X509 *cert, STACK_OF(X509) *clcerts, argument 130 (void) X509_STORE_CTX_init(store_ctx, ca_store, cert, clcerts); 131 /* attempt to verify the cert, which builds the cert chain */ 135 get_subject_display_name(cert), 157 * Arguments: cert - The certificate to get the name from 160 * subject of the cert. 166 *get_subject_display_name(X509 *cert) argument 197 get_issuer_display_name(X509 *cert) argument 228 get_serial_num(X509 *cert) argument 256 get_fingerprint(X509 *cert, const EVP_MD *alg) argument [all...] |
H A D | p12lib.c | 201 STACK_OF(X509) *, X509 **cert); 219 * Parse and decrypt a PKCS#12 structure returning user key, user cert and/or 221 * or it should point to a valid STACK_OF(X509) structure. pkey and cert can 236 * cert - Points to locaiton which points to the client cert returned 247 * 1) Find the key and/or cert whose localkeyid attributes matches 249 * 2) Find the key and/or cert whose friendlyname attributes matches 251 * 3) Return the first matching key/cert pair found. 252 * 4) Return the last matching key/cert pair found. 253 * 5) Return whatever cert an 340 X509_free(*cert); variable 645 X509 *cert = NULL; local 954 sunw_set_localkeyid(const char *keyid_str, int keyid_len, EVP_PKEY *pkey, X509 *cert) argument 1320 sunw_get_cert_fname(getdo_actions_t dowhat, X509 *cert, char **fname) argument 1370 sunw_set_fname(const char *ascname, EVP_PKEY *pkey, X509 *cert) argument 1465 sunw_check_keys(X509 *cert, EVP_PKEY *pkey) argument 1490 sunw_check_cert_times(chk_actions_t chkwhat, X509 *cert) argument 1536 parse_pkcs12(PKCS12 *p12, const char *pass, int matchty, char *keyid, int kstr_len, char *name_str, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) argument 2249 get_key_cert(int n, STACK_OF(EVP_PKEY) *kl, EVP_PKEY **pkey, STACK_OF(X509) *cl, X509 **cert) argument 2518 check_time(chk_actions_t chkwhat, X509 *cert) argument 2589 find_attr(int nid, ASN1_STRING *str, STACK_OF(EVP_PKEY) *kl, EVP_PKEY **pkey, STACK_OF(X509) *cl, X509 **cert) argument [all...] |
H A D | keystore.c | 128 X509 *cert; local 134 /* print out each client cert */ 136 cert = sk_X509_value(keystore->clcerts, i); 137 (void) sunw_get_cert_fname(GETDO_COPY, cert, 144 get_subject_display_name(cert)); 155 (void) print_cert(err, cert, format, 169 /* print out each trusted cert */ 171 cert = sk_X509_value(keystore->cacerts, i); 173 cert, &fname); 179 get_subject_display_name(cert)); 624 find_key_cert_pair(PKG_ERR *err, keystore_handle_t ks_h, char *alias, EVP_PKEY **key, X509 **cert) argument 775 merge_cert_and_key(PKG_ERR *err, X509 *cert, EVP_PKEY *key, char *alias, keystore_handle_t keystore_h) argument 993 check_cert(PKG_ERR *err, X509 *cert) argument 1058 check_cert_and_key(PKG_ERR *err, X509 *cert, EVP_PKEY *key) argument [all...] |
H A D | pkgweb.c | 891 /* find the issuer of the current cert */ 892 chaincerts = p7->d.sign->cert; 897 /* were we not able to find the issuer cert */ 1024 * cert is invalid. if 'ok' is non-zero, then we do our 1025 * checks, and return 0 or 1 based on if the cert is 1058 /* don't perform OCSP unless cert has required OCSP extensions */ 1069 * ok we have the current cert 1077 * responder did not indicate the cert was valid. We 1147 * Arguments: cert - The cert t 1153 get_ocsp_uri(X509 *cert, char **uri) argument 1199 ocsp_verify(PKG_ERR *err, X509 *cert, X509 *issuer, char *uri, url_hport_t *proxy, STACK_OF(X509) *cas) argument [all...] |
/osnet-11/usr/src/lib/libslp/javalib/com/sun/slp/ |
H A D | AuthBlock.java | 35 import java.security.cert.*; 289 * cert has been signed by someDN. 302 X509Certificate cert = getCert(someDN, ks); 305 myCert.getSubjectDN().toString(), cert.getSubjectDN()); 310 * is in ab's cert chain. 313 // Get cert for input DN 338 // Get cert for input DN 370 X509Certificate cert = getSignAsCert(); 373 if (cert == null) { 378 String DN = cert 867 checkSPIs(X509Certificate cert, KeyStore ks) argument [all...] |
/osnet-11/usr/src/lib/libkmf/mappers/kmf_mapper_cn/common/ |
H A D | mapper_cn.c | 88 mapper_map_cert_to_name(KMF_HANDLE_T h, KMF_DATA *cert, KMF_DATA *name) argument 98 if ((rv = kmf_get_cert_subject_str(h, cert, &dn)) != KMF_OK) 150 mapper_match_cert_to_name(KMF_HANDLE_T h, KMF_DATA *cert, argument 166 if ((rv = mapper_map_cert_to_name(h, cert, &get_name)) != KMF_OK)
|
/osnet-11/usr/src/lib/libkmf/plugins/kmf_nss/common/ |
H A D | nss_spi.c | 40 #include <mps/cert.h> 396 /* this is an invalid cert, reject it */ 406 /* this is a valid cert, reject it in this case. */ 467 der.Data = node->cert->derIssuer.data; 468 der.Length = node->cert->derIssuer.len; 481 der.Data = node->cert->derSubject.data; 482 der.Length = node->cert->derSubject.len; 497 sernum = &node->cert->serialNumber; 512 ret = CERT_CertTimesValid(node->cert); 514 /* this is an invalid cert */ 691 CERTCertificate *cert = NULL; local 1235 KMF_DATA *cert = NULL; local 1737 add_cert_to_bag(SEC_PKCS12ExportContext *p12ecx, CERTCertificate *cert, SECItem *pwitem) argument 2199 KMF_DATA *cert; local 2286 store_cert(KMF_HANDLE_T handle, PK11SlotInfo *nss_slot, KMF_DATA *cert, char *label, char *trust_flag) argument 2357 KMF_DATA *cert = NULL; local 2396 KMF_DATA cert = {NULL, 0}; local 2567 CERTCertificate *cert = NULL; local 2847 CERTCertificate *cert = NULL; local [all...] |
/osnet-11/usr/src/lib/libkmf/libkmf/common/ |
H A D | certop.c | 53 get_keyalg_from_cert(KMF_DATA *cert, KMF_KEY_ALG *keyalg) argument 59 rv = DerDecodeSignedCertificate(cert, &SignerCert); 112 KMF_DATA *cert = NULL; local 138 cert = kmf_get_attr_ptr(KMF_CERT_DATA_ATTR, attrlist, numattr); 139 if (cert == NULL) 142 ret = get_keyalg_from_cert(cert, &keyalg); 167 const KMF_DATA *cert, 175 if (handle == NULL || cert == NULL) 181 ret = kmf_get_cert_ku(cert, &keyusage); 184 * If absent or error, the cert i 166 check_key_usage(void *handle, const KMF_DATA *cert, const KMF_KU_PURPOSE purpose) argument 328 setup_findprikey_attrlist(KMF_ATTRIBUTE *src_attrlist, int src_num, KMF_ATTRIBUTE **new_attrlist, int *new_num, KMF_KEY_HANDLE *key, KMF_DATA *cert) argument 421 check_for_basic_constraint(KMF_DATA *cert) argument 1087 KMF_DATA *cert; local 1184 KMF_DATA *cert = NULL; local 1402 cert_get_crl(KMF_HANDLE_T handle, const KMF_DATA *cert, char *proxy, char *filename, char **retn_uri, KMF_ENCODE_FORMAT *format) argument 1970 cert_ku_check(KMF_HANDLE_T handle, KMF_DATA *cert) argument 2030 cert_eku_check(KMF_HANDLE_T handle, KMF_DATA *cert) argument 2784 kmf_check_cert_date(KMF_HANDLE_T handle, const KMF_DATA *cert) argument [all...] |
H A D | certgetsetop.c | 121 * parse the cert data and return the data associated with 134 KMF_X509_CERTIFICATE *cert = NULL; local 141 ret = DerDecodeSignedCertificate(certdata, &cert); 145 if (cert->certificate.extensions.numberOfExtensions == 0) { 151 i < cert->certificate.extensions.numberOfExtensions; 153 eptr = &cert->certificate.extensions.extensions[i]; 163 if (cert != NULL) { 164 kmf_free_signed_cert(cert); 165 free(cert); 189 KMF_X509_CERTIFICATE *cert; local 1605 kmf_get_cert_extn_str(KMF_HANDLE_T handle, const KMF_DATA *cert, KMF_PRINTABLE_ITEM extension, char **result) argument 1639 KMF_X509_CERTIFICATE *cert = NULL; local 1695 kmf_get_cert_validity(const KMF_DATA *cert, time_t *not_before, time_t *not_after) argument [all...] |
H A D | mapping.c | 311 kmf_map_cert_to_name(KMF_HANDLE_T handle, KMF_DATA *cert, KMF_DATA *name) argument 328 return (cert2name(handle, cert, name)); 336 kmf_match_cert_to_name(KMF_HANDLE_T handle, KMF_DATA *cert, argument 356 return (cert2name(handle, cert, name_to_match, mapped_name));
|
/osnet-11/usr/src/lib/libldap5/sources/ldap/ssldap/ |
H A D | ldapsinit.c | 51 #include <cert.h> 725 /* this function provides cert authentication. This is called during 726 * the SSL_Handshake process. Once the cert has been retrieved from 737 CERTCertificate *cert; local 755 cert = SSL_PeerCertificate( fd ); 757 rv = CERT_VerifyCertNow(sseip->lssei_certdbh, cert, checkSig, 765 /* cert is OK. This is the client side of an SSL connection. 766 * Now check the name field in the cert against the desired hostname. 774 rv = CERT_VerifyCertName(cert, hostname); 789 * called during SSL client auth. when server wants our cert an 814 CERTCertificate *cert; local 880 CERTCertificate *cert = NULL; local [all...] |
H A D | clientinit.c | 42 #include <cert.h> 122 /* indicating cert or key */ 149 /* neither *key[0-9].db nor *cert[0=9].db found */ 338 sprintf(dbname, "cert%d.db",dbVersion); 389 * If "certdbpath" is NULL or "", the default cert. db is used (typically 393 * it is assumed to be a full path to the cert. db file; otherwise, 395 * "cert7.db" or "cert.db". 400 * used to retrieve the cert db handle). 413 * used to retrieve the cert db handle). 504 * If "certdbpath" is NULL or "", the default cert [all...] |
/osnet-11/usr/src/cmd/sendmail/src/ |
H A D | tls.c | 334 # define TLS_S_CERT_EX 0x00000001 /* cert file exists */ 335 # define TLS_S_CERT_OK 0x00000002 /* cert file is ok */ 338 # define TLS_S_CERTP_EX 0x00000010 /* CA cert path exists */ 339 # define TLS_S_CERTP_OK 0x00000020 /* CA cert path is ok */ 340 # define TLS_S_CERTF_EX 0x00000040 /* CA cert file exists */ 341 # define TLS_S_CERTF_OK 0x00000080 /* CA cert file is ok */ 346 # define TLS_S_CERT2_EX 0x00001000 /* 2nd cert file exists */ 347 # define TLS_S_CERT2_OK 0x00002000 /* 2nd cert file is ok */ 352 # define TLS_S_DH_OK 0x00200000 /* DH cert is ok */ 1055 ** SSL_VERIFY_PEER requests a client cert bu 1176 X509 *cert; local 1596 X509 *cert; local [all...] |
/osnet-11/usr/src/lib/pkcs11/pkcs11_tpm/ |
H A D | Makefile.com | 29 cert.o \
|
/osnet-11/usr/src/lib/pkcs11/pkcs11_softtoken/common/ |
H A D | softKeystore.h | 102 cert_attr_t **cert_dest, ulong_t *offset, boolean_t cert);
|
H A D | softKeystore.c | 520 * cert: TRUE for certificate (use cert_dest) 535 cert_attr_t **cert_dest, ulong_t *offset, boolean_t cert) 550 if (cert) { 1337 certificate_obj_t *cert; local 1758 cert = calloc(1, sizeof (certificate_obj_t)); 1759 if (cert == NULL) { 1762 (void) memset((void *)cert, 0, sizeof (certificate_obj_t)); 1764 cert->certificate_type = certtype; 1765 objp->object_class_u.certificate = cert; 1771 &cert 534 soft_unpack_obj_attribute(uchar_t *buf, biginteger_t *key_dest, cert_attr_t **cert_dest, ulong_t *offset, boolean_t cert) argument [all...] |
H A D | softAttributeUtil.c | 493 certificate_obj_t *cert; local 497 cert = calloc(1, sizeof (certificate_obj_t)); 498 if (cert == NULL) { 506 &cert->cert_type_u.x509.subject))) 510 &cert->cert_type_u.x509.value))) 516 &cert->cert_type_u.x509_attr.owner))) 520 &cert->cert_type_u.x509_attr.value))) 528 *newcert = cert; 530 free(cert); 3460 certificate_obj_t *cert; local [all...] |
/osnet-11/usr/src/lib/krb5/plugins/preauth/pkinit/ |
H A D | pkinit_crypto_openssl.h | 58 X509 *cert; member in struct:_pkinit_cred_info 70 int cert_index; /* cert to use out of available certs*/ 187 EVP_PKEY *pkey, X509 *cert);
|
H A D | pkinit_crypto_openssl.c | 95 #define CMS_get1_certs(_p7) (_p7->d.sign->cert) 618 X509 *cert = NULL; local 638 cert = (X509 *) PEM_read_bio_X509(tmp, NULL, NULL, NULL); 639 if (cert == NULL) { 644 *retcert = cert; 1005 X509 *cert = NULL; local 1026 /* create a cert chain that has at least the signer's certificate */ 1030 cert = sk_X509_value(id_cryptoctx->my_certs, id_cryptoctx->cert_index); 1033 sk_X509_push(cert_stack, X509_dup(cert)); 1035 /* create a cert chai 1990 crypto_retrieve_X509_sans(krb5_context context, pkinit_plg_crypto_context plgctx, pkinit_req_crypto_context reqctx, X509 *cert, krb5_principal **princs_ret, krb5_principal **upn_ret, unsigned char ***dns_ret) argument 3926 CK_BYTE_PTR cert = NULL, cert_id = NULL; local 4612 X509 *cert; local 4935 decode_data(unsigned char **out_data, unsigned int *out_data_len, unsigned char *data, unsigned int data_len, EVP_PKEY *pkey, X509 *cert) argument 6528 X509 *cert = req_cryptoctx->received_cert; local 6688 X509 *cert = sk_X509_value(id_cryptoctx->my_certs, local [all...] |
/osnet-11/usr/src/lib/libkmf/plugins/kmf_openssl/common/ |
H A D | openssl_spi.c | 410 ssl_cert2KMFDATA(KMF_HANDLE *kmfh, X509 *x509cert, KMF_DATA *cert) argument 442 cert->Data = buf; 443 cert->Length = len; 449 cert->Data = NULL; 450 cert->Length = 0; 721 /* Remove this cert from the list by clearing it. */ 754 KMF_DATA *cert) 760 if (rv == KMF_OK && x509cert != NULL && cert != NULL) { 761 rv = ssl_cert2KMFDATA(kmfh, x509cert, cert); 766 rv = kmf_check_cert_date(kmfh, cert); 750 kmf_load_cert(KMF_HANDLE *kmfh, char *issuer, char *subject, KMF_BIGINT *serial, KMF_CERT_VALIDITY validity, char *pathname, KMF_DATA *cert) argument 1211 KMF_DATA *cert = NULL; local 2358 X509 *cert = NULL; local 4192 KMF_X509_DER_CERT cert; local 4388 X509 *cert = sk_X509_value(sslcert, i); local [all...] |
/osnet-11/usr/src/lib/libkmf/plugins/kmf_pkcs11/common/ |
H A D | pkcs11_spi.c | 1121 * Convert it to a CSSM cert and then parse the fields so 1192 * The cert object handle is actually "leaked" here. If the app 1230 KMF_DATA *cert = NULL; local 1240 cert = kmf_get_attr_ptr(KMF_CERT_DATA_ATTR, attrlist, numattr); 1241 if (cert == NULL || cert->Data == NULL || cert->Length == 0) 1254 rv = CreateCertObject(handle, label, cert); 1277 * Get the input cert filename attribute, check if it is a valid 2214 KMF_DATA *cert local 3238 KMF_DATA *cert = NULL; local [all...] |
/osnet-11/usr/src/lib/libslp/clib/ |
H A D | slp_ami.h | 360 struct ami_cert *cert; member in union:ami_extcert_or_cert::__anon2590 835 const int, /* IN: length of cert chain */ 847 int *)); /* OUT: length of cert chain */ 856 int *)); /* OUT: length of cert chain */ 869 const char *, /* IN: cert filename or repository index */
|