| /hostap-3.7.0/src/tls/ |
| D | x509v3.c | 45 void x509_certificate_free(struct x509_certificate *cert) in x509_certificate_free() argument
47 if (cert == NULL) in x509_certificate_free()
49 if (cert->next) { in x509_certificate_free()
52 cert, cert->next); in x509_certificate_free()
54 x509_free_name(&cert->issuer); in x509_certificate_free()
55 x509_free_name(&cert->subject); in x509_certificate_free()
56 os_free(cert->public_key); in x509_certificate_free()
57 os_free(cert->sign_value); in x509_certificate_free()
58 os_free(cert->subject_dn); in x509_certificate_free()
59 os_free(cert); in x509_certificate_free()
[all …]
|
| D | tlsv1_cred.c | 35 x509_certificate_chain_free(cred->cert); in tlsv1_cred_free()
48 struct x509_certificate *cert, *p; in tlsv1_add_cert_der() local
51 cert = x509_certificate_parse(buf, len); in tlsv1_add_cert_der()
52 if (cert == NULL) { in tlsv1_add_cert_der()
61 if (p && x509_name_compare(&cert->subject, &p->issuer) == 0) { in tlsv1_add_cert_der()
66 p->next = cert; in tlsv1_add_cert_der()
69 cert->next = *chain; in tlsv1_add_cert_der()
70 *chain = cert; in tlsv1_add_cert_der()
73 x509_name_string(&cert->subject, name, sizeof(name)); in tlsv1_add_cert_der()
158 const char *cert, const u8 *cert_blob, in tlsv1_set_cert_chain() argument
[all …]
|
| D | tlsv1_client_ocsp.c | 111 struct x509_certificate *cert, in tls_process_ocsp_single_response() argument
224 if (serial_number_len != cert->serial_number_len || in tls_process_ocsp_single_response()
225 os_memcmp(serial_number, cert->serial_number, in tls_process_ocsp_single_response()
312 struct x509_certificate *cert, in tls_process_ocsp_responses() argument
330 if (tls_process_ocsp_single_response(conn, cert, issuer, in tls_process_ocsp_responses()
436 struct x509_certificate *cert; in tls_process_basic_ocsp_response() local
445 cert = x509_certificate_parse(hdr.payload, hdr.length); in tls_process_basic_ocsp_response()
446 if (!cert) in tls_process_basic_ocsp_response()
449 last_cert->next = cert; in tls_process_basic_ocsp_response()
450 last_cert = cert; in tls_process_basic_ocsp_response()
[all …]
|
| D | tlsv1_client_write.c | 27 struct x509_certificate *cert; in tls_client_cert_chain_der_len() local
32 cert = conn->cred->cert; in tls_client_cert_chain_der_len()
33 while (cert) { in tls_client_cert_chain_der_len()
34 len += 3 + cert->cert_len; in tls_client_cert_chain_der_len()
35 if (x509_certificate_self_signed(cert)) in tls_client_cert_chain_der_len()
37 cert = x509_certificate_get_subject(conn->cred->trusted_certs, in tls_client_cert_chain_der_len()
38 &cert->issuer); in tls_client_cert_chain_der_len()
257 struct x509_certificate *cert; in tls_write_client_certificate() local
283 cert = conn->cred ? conn->cred->cert : NULL; in tls_write_client_certificate()
284 while (cert) { in tls_write_client_certificate()
[all …]
|
| D | tlsv1_client_read.c | 280 struct x509_certificate *cert) in tls_peer_cert_event() argument
294 cert_buf = wpabuf_alloc_copy(cert->cert_start, in tls_peer_cert_event()
295 cert->cert_len); in tls_peer_cert_event()
296 ev.peer_cert.cert = cert_buf; in tls_peer_cert_event()
312 x509_name_string(&cert->subject, subject, sizeof(subject)); in tls_peer_cert_event()
315 if (cert->extensions_present & X509_EXT_CERTIFICATE_POLICY) { in tls_peer_cert_event()
316 if (cert->certificate_policy & X509_EXT_CERT_POLICY_TOD_STRICT) in tls_peer_cert_event()
318 else if (cert->certificate_policy & in tls_peer_cert_event()
329 struct x509_certificate *cert, in tls_cert_chain_failure_event() argument
337 if (!conn->event_cb || !cert) in tls_cert_chain_failure_event()
[all …]
|
| D | tlsv1_server_write.c | 27 struct x509_certificate *cert; in tls_server_cert_chain_der_len() local
29 cert = conn->cred ? conn->cred->cert : NULL; in tls_server_cert_chain_der_len()
30 while (cert) { in tls_server_cert_chain_der_len()
31 len += 3 + cert->cert_len; in tls_server_cert_chain_der_len()
32 if (x509_certificate_self_signed(cert)) in tls_server_cert_chain_der_len()
34 cert = x509_certificate_get_subject(conn->cred->trusted_certs, in tls_server_cert_chain_der_len()
35 &cert->issuer); in tls_server_cert_chain_der_len()
194 struct x509_certificate *cert; in tls_write_server_certificate() local
228 cert = conn->cred->cert; in tls_write_server_certificate()
229 while (cert) { in tls_write_server_certificate()
[all …]
|
| D | tlsv1_cred.h | 14 struct x509_certificate *cert; member
35 int tlsv1_set_ca_cert(struct tlsv1_credentials *cred, const char *cert,
38 int tlsv1_set_cert(struct tlsv1_credentials *cred, const char *cert,
|
| D | x509v3.h | 133 void x509_certificate_free(struct x509_certificate *cert);
144 void x509_certificate_chain_free(struct x509_certificate *cert);
150 struct x509_certificate *cert);
157 int x509_certificate_self_signed(struct x509_certificate *cert);
|
| /hostap-3.7.0/tests/hwsim/ |
| D | test_cert_check.py | 50 cert = OpenSSL.crypto.X509()
51 cert.set_serial_number(12345)
52 cert.gmtime_adj_notBefore(-10)
53 cert.gmtime_adj_notAfter(1000)
54 cert.set_pubkey(servercert.get_pubkey())
55 dn = cert.get_subject()
57 cert.set_subject(dn)
59 cert.set_version(2)
60 cert.add_extensions([
64 b"hash", subject=cert),
[all …]
|
| /hostap-3.7.0/wpa_supplicant/ |
| D | notify.c | 807 struct tls_cert_data *cert, in wpas_notify_certification() argument
814 cert->depth, cert->subject, cert_hash ? " hash=" : "", in wpas_notify_certification()
816 cert->tod == 2 ? " tod=2" : "", in wpas_notify_certification()
817 cert->tod == 1 ? " tod=1" : ""); in wpas_notify_certification()
819 if (cert->cert) { in wpas_notify_certification()
821 size_t len = wpabuf_len(cert->cert) * 2 + 1; in wpas_notify_certification()
824 wpa_snprintf_hex(cert_hex, len, wpabuf_head(cert->cert), in wpas_notify_certification()
825 wpabuf_len(cert->cert)); in wpas_notify_certification()
829 cert->depth, cert->subject, cert_hex); in wpas_notify_certification()
834 for (i = 0; i < cert->num_altsubject; i++) in wpas_notify_certification()
[all …]
|
| D | eapol_test.c | 440 const struct wpabuf *cert) in eapol_test_write_cert() argument
444 encoded = base64_encode(wpabuf_head(cert), wpabuf_len(cert), NULL); in eapol_test_write_cert()
501 static void eapol_test_cert_cb(void *ctx, struct tls_cert_data *cert, in eapol_test_cert_cb() argument
509 cert->depth, cert->subject, in eapol_test_cert_cb()
513 if (cert->cert) { in eapol_test_cert_cb()
515 size_t len = wpabuf_len(cert->cert) * 2 + 1; in eapol_test_cert_cb()
518 wpa_snprintf_hex(cert_hex, len, wpabuf_head(cert->cert), in eapol_test_cert_cb()
519 wpabuf_len(cert->cert)); in eapol_test_cert_cb()
523 cert->depth, cert->subject, cert_hex); in eapol_test_cert_cb()
529 cert->subject, cert->cert); in eapol_test_cert_cb()
[all …]
|
| /hostap-3.7.0/src/crypto/ |
| D | tls_openssl.c | 370 const CERT_CONTEXT *cert; member
493 if (priv->cert) in cryptoapi_free_data()
494 CertFreeCertificateContext(priv->cert); in cryptoapi_free_data()
556 X509 *cert = NULL; in tls_cryptoapi_cert() local
576 priv->cert = cryptoapi_find_cert(name, CERT_SYSTEM_STORE_CURRENT_USER); in tls_cryptoapi_cert()
577 if (priv->cert == NULL) { in tls_cryptoapi_cert()
578 priv->cert = cryptoapi_find_cert( in tls_cryptoapi_cert()
581 if (priv->cert == NULL) { in tls_cryptoapi_cert()
587 cert = d2i_X509(NULL, in tls_cryptoapi_cert()
588 (const unsigned char **) &priv->cert->pbCertEncoded, in tls_cryptoapi_cert()
[all …]
|
| D | tls_gnutls.c | 610 gnutls_datum_t cert, key; in tls_connection_set_params() local
612 cert.data = (unsigned char *) params->client_cert_blob; in tls_connection_set_params()
613 cert.size = params->client_cert_blob_len; in tls_connection_set_params()
619 conn->xcred, &cert, &key, GNUTLS_X509_FMT_DER, in tls_connection_set_params()
624 conn->xcred, &cert, &key, GNUTLS_X509_FMT_DER); in tls_connection_set_params()
631 conn->xcred, &cert, &key, GNUTLS_X509_FMT_PEM, in tls_connection_set_params()
636 conn->xcred, &cert, &key, GNUTLS_X509_FMT_PEM); in tls_connection_set_params()
929 const gnutls_datum_t *cert, int depth, in gnutls_tls_fail_event() argument
945 if (cert) { in gnutls_tls_fail_event()
946 cert_buf = wpabuf_alloc_copy(cert->data, cert->size); in gnutls_tls_fail_event()
[all …]
|
| D | tls_wolfssl.c | 577 static int tls_match_alt_subject_component(WOLFSSL_X509 *cert, int type, in tls_match_alt_subject_component() argument
585 ext = wolfSSL_X509_get_ext_d2i(cert, ALT_NAMES_OID, NULL, NULL); in tls_match_alt_subject_component()
603 static int tls_match_alt_subject(WOLFSSL_X509 *cert, const char *match) in tls_match_alt_subject() argument
638 if (tls_match_alt_subject_component(cert, type, pos, len) > 0) in tls_match_alt_subject()
678 static int tls_match_suffix_helper(WOLFSSL_X509 *cert, const char *match, in tls_match_suffix_helper() argument
691 ext = wolfSSL_X509_get_ext_d2i(cert, ALT_NAMES_OID, NULL, NULL); in tls_match_suffix_helper()
718 name = wolfSSL_X509_get_subject_name(cert); in tls_match_suffix_helper()
750 static int tls_match_suffix(WOLFSSL_X509 *cert, const char *match, int full) in tls_match_suffix() argument
756 if (tls_match_suffix_helper(cert, token, last - token, full)) in tls_match_suffix()
817 static struct wpabuf * get_x509_cert(WOLFSSL_X509 *cert) in get_x509_cert() argument
[all …]
|
| /hostap-3.7.0/tests/ |
| D | test-x509v3.c | 20 struct x509_certificate *certs = NULL, *last = NULL, *cert; in main() local
39 cert = x509_certificate_parse((u8 *) buf, len); in main()
40 if (cert == NULL) { in main()
48 certs = cert; in main()
50 last->next = cert; in main()
51 last = cert; in main()
|
| /hostap-3.7.0/src/utils/ |
| D | http_curl.c | 56 int (*cert_cb)(void *ctx, struct http_cert *cert);
179 static void debug_dump_cert(const char *title, X509 *cert) in debug_dump_cert() argument
189 X509_print_ex(out, cert, XN_FLAG_COMPAT, X509_FLAG_COMPAT); in debug_dump_cert()
204 static void add_alt_name_othername(struct http_ctx *ctx, struct http_cert *cert, in add_alt_name_othername() argument
212 on = os_realloc_array(cert->othername, cert->num_othername + 1, in add_alt_name_othername()
216 cert->othername = on; in add_alt_name_othername()
217 on = &on[cert->num_othername]; in add_alt_name_othername()
232 cert->num_othername++; in add_alt_name_othername()
236 static void add_alt_name_dns(struct http_ctx *ctx, struct http_cert *cert, in add_alt_name_dns() argument
246 n = os_realloc_array(cert->dnsname, cert->num_dnsname + 1, in add_alt_name_dns()
[all …]
|
| /hostap-3.7.0/wpa_supplicant/doc/docbook/ |
| D | wpa_supplicant.conf.sgml | 72 ca_cert="/etc/cert/ca.pem"
73 client_cert="/etc/cert/user.pem"
74 private_key="/etc/cert/user.prv"
94 ca_cert="/etc/cert/ca.pem"
117 ca_cert="/etc/cert/ca.pem"
137 ca_cert="/etc/cert/ca.pem"
138 client_cert="/etc/cert/user.pem"
139 private_key="/etc/cert/user.prv"
166 ca_cert="/etc/cert/ca.pem"
167 client_cert="/etc/cert/user.pem"
[all …]
|
| /hostap-3.7.0/src/eap_peer/ |
| D | eap_tls.c | 36 struct eap_peer_cert_config *cert; in eap_tls_init() local
41 cert = &config->cert; in eap_tls_init()
43 cert = &config->machine_cert; in eap_tls_init()
45 cert = &config->phase2_cert; in eap_tls_init()
46 if (!cert->private_key && cert->engine == 0) { in eap_tls_init()
61 if (cert->engine) { in eap_tls_init()
66 } else if (cert->private_key && !cert->private_key_passwd) { in eap_tls_init()
|
| /hostap-3.7.0/tests/fuzzing/x509/ |
| D | x509.c | 18 struct x509_certificate *cert; in LLVMFuzzerTestOneInput() local
22 cert = x509_certificate_parse(data, size); in LLVMFuzzerTestOneInput()
23 x509_certificate_free(cert); in LLVMFuzzerTestOneInput()
|
| /hostap-3.7.0/tests/hwsim/auth_serv/ |
| D | ica-generate.sh | 16 …_serial -out iCA-server/cacert.pem -days 3652 -batch -keyfile ca-key.pem -cert ca.pem -extensions …
31 …te_serial -out iCA-user/cacert.pem -days 3652 -batch -keyfile ca-key.pem -cert ca.pem -extensions …
45 $OPENSSL ca -config openssl.cnf.tmp -batch -keyfile iCA-server/private/cakey.pem -cert iCA-server/c…
59 $OPENSSL ca -config openssl.cnf.tmp -batch -keyfile iCA-server/private/cakey.pem -cert iCA-server/c…
60 …voke iCA-server/server-revoked.pem -keyfile iCA-server/private/cakey.pem -cert iCA-server/cacert.p…
74 $OPENSSL ca -config openssl.cnf.tmp -batch -keyfile iCA-user/private/cakey.pem -cert iCA-user/cacer…
|
| D | sha512-generate.sh | 29 $OPENSSL ca -config ec-ca-openssl.cnf.tmp -batch -keyfile sha512-ca.key -cert sha512-ca.pem -create…
41 $OPENSSL ca -config ec-ca-openssl.cnf.tmp -batch -keyfile sha512-ca.key -cert sha512-ca.pem -create…
53 $OPENSSL ca -config ec-ca-openssl.cnf.tmp -batch -keyfile sha512-ca.key -cert sha512-ca.pem -create…
65 $OPENSSL ca -config ec-ca-openssl.cnf.tmp -batch -keyfile sha512-ca.key -cert sha512-ca.pem -create…
|
| /hostap-3.7.0/hs20/server/ |
| D | spp_server.c | 720 xml_node_t *cred, *cert; in build_credential_cert() local
728 cert = xml_node_create(ctx->xml, cred, NULL, "DigitalCertificate"); in build_credential_cert()
729 add_text_node(ctx, cert, "CertificateType", "x509v3"); in build_credential_cert()
730 add_text_node(ctx, cert, "CertSHA256Fingerprint", cert_fingerprint); in build_credential_cert()
842 char *cert; in build_sub_rem_resp() local
844 cert = db_get_val(ctx, user, realm, "cert", dmacc); in build_sub_rem_resp()
845 if (cert && cert[0] == '\0') { in build_sub_rem_resp()
846 os_free(cert); in build_sub_rem_resp()
847 cert = NULL; in build_sub_rem_resp()
849 if (cert) { in build_sub_rem_resp()
[all …]
|
| /hostap-3.7.0/hs20/client/ |
| D | est.c | 66 certs = p7->d.sign->cert; in pkcs7_to_cert()
69 certs = p7->d.signed_and_enveloped->cert; in pkcs7_to_cert()
98 X509 *cert = sk_X509_value(certs, i); in pkcs7_to_cert() local
99 X509_print(out, cert); in pkcs7_to_cert()
100 PEM_write_bio_X509(out, cert); in pkcs7_to_cert()
444 X509 *cert; in generate_csr() local
450 cert = PEM_read_X509(f, NULL, NULL, NULL); in generate_csr()
453 if (cert == NULL) in generate_csr()
456 X509_get_subject_name(cert)); in generate_csr()
457 X509_free(cert); in generate_csr()
|
| D | osu_client.c | 218 static int process_est_cert(struct hs20_osu_client *ctx, xml_node_t *cert, in process_est_cert() argument
229 fingerprint = xml_node_get_text(ctx->xml, cert); in process_est_cert()
309 char *cert; in download_cert() local
350 cert = os_readfile(TMP_CERT_DL_FILE, &len); in download_cert()
352 if (cert == NULL) in download_cert()
355 if (sha256_vector(1, (const u8 **) &cert, &len, digest2) < 0) { in download_cert()
356 os_free(cert); in download_cert()
363 os_free(cert); in download_cert()
367 b64 = base64_encode(cert, len, NULL); in download_cert()
368 os_free(cert); in download_cert()
[all …]
|
| /hostap-3.7.0/hs20/server/www/ |
| D | remediation.php | 37 $cert = $user['methods'] == "TLS" || strncmp($username, "cert-", 5) == 0; variable
39 if ($cert) {
|
