Add functionality needed to process proxy certificates.
This commit is contained in:
parent
de421076a5
commit
6951c23afd
5
CHANGES
5
CHANGES
@ -4,6 +4,11 @@
|
||||
|
||||
Changes between 0.9.7e and 0.9.8 [xx XXX xxxx]
|
||||
|
||||
*) Add processing of proxy certificates (see RFC 3820). This work was
|
||||
sponsored by KTH (The Royal Institute of Technology in Stockholm) and
|
||||
EGEE (Enabling Grids for E-science in Europe).
|
||||
[Richard Levitte]
|
||||
|
||||
*) RC4 performance overhaul on modern architectures/implementations, such
|
||||
as Intel P4, IA-64 and AMD64.
|
||||
[Andy Polyakov]
|
||||
|
@ -258,3 +258,56 @@ basicConstraints = CA:true
|
||||
|
||||
# issuerAltName=issuer:copy
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
|
||||
[ proxy_cert_ext ]
|
||||
# These extensions should be added when creating a proxy certificate
|
||||
|
||||
# This goes against PKIX guidelines but some CAs do it and some software
|
||||
# requires this to avoid interpreting an end user certificate as a CA.
|
||||
|
||||
basicConstraints=CA:FALSE
|
||||
|
||||
# Here are some examples of the usage of nsCertType. If it is omitted
|
||||
# the certificate can be used for anything *except* object signing.
|
||||
|
||||
# This is OK for an SSL server.
|
||||
# nsCertType = server
|
||||
|
||||
# For an object signing certificate this would be used.
|
||||
# nsCertType = objsign
|
||||
|
||||
# For normal client use this is typical
|
||||
# nsCertType = client, email
|
||||
|
||||
# and for everything including object signing:
|
||||
# nsCertType = client, email, objsign
|
||||
|
||||
# This is typical in keyUsage for a client certificate.
|
||||
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
|
||||
# This will be displayed in Netscape's comment listbox.
|
||||
nsComment = "OpenSSL Generated Certificate"
|
||||
|
||||
# PKIX recommendations harmless if included in all certificates.
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
|
||||
# This stuff is for subjectAltName and issuerAltname.
|
||||
# Import the email address.
|
||||
# subjectAltName=email:copy
|
||||
# An alternative to produce certificates that aren't
|
||||
# deprecated according to PKIX.
|
||||
# subjectAltName=email:move
|
||||
|
||||
# Copy subject details
|
||||
# issuerAltName=issuer:copy
|
||||
|
||||
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
|
||||
#nsBaseUrl
|
||||
#nsRevocationUrl
|
||||
#nsRenewalUrl
|
||||
#nsCaPolicyUrl
|
||||
#nsSslServerName
|
||||
|
||||
# This really needs to be in place for it to be a proxy certificate.
|
||||
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
|
||||
|
@ -258,3 +258,56 @@ basicConstraints = CA:true
|
||||
|
||||
# issuerAltName=issuer:copy
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
|
||||
[ proxy_cert_ext ]
|
||||
# These extensions should be added when creating a proxy certificate
|
||||
|
||||
# This goes against PKIX guidelines but some CAs do it and some software
|
||||
# requires this to avoid interpreting an end user certificate as a CA.
|
||||
|
||||
basicConstraints=CA:FALSE
|
||||
|
||||
# Here are some examples of the usage of nsCertType. If it is omitted
|
||||
# the certificate can be used for anything *except* object signing.
|
||||
|
||||
# This is OK for an SSL server.
|
||||
# nsCertType = server
|
||||
|
||||
# For an object signing certificate this would be used.
|
||||
# nsCertType = objsign
|
||||
|
||||
# For normal client use this is typical
|
||||
# nsCertType = client, email
|
||||
|
||||
# and for everything including object signing:
|
||||
# nsCertType = client, email, objsign
|
||||
|
||||
# This is typical in keyUsage for a client certificate.
|
||||
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
|
||||
# This will be displayed in Netscape's comment listbox.
|
||||
nsComment = "OpenSSL Generated Certificate"
|
||||
|
||||
# PKIX recommendations harmless if included in all certificates.
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
|
||||
# This stuff is for subjectAltName and issuerAltname.
|
||||
# Import the email address.
|
||||
# subjectAltName=email:copy
|
||||
# An alternative to produce certificates that aren't
|
||||
# deprecated according to PKIX.
|
||||
# subjectAltName=email:move
|
||||
|
||||
# Copy subject details
|
||||
# issuerAltName=issuer:copy
|
||||
|
||||
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
|
||||
#nsBaseUrl
|
||||
#nsRevocationUrl
|
||||
#nsRenewalUrl
|
||||
#nsCaPolicyUrl
|
||||
#nsSslServerName
|
||||
|
||||
# This really needs to be in place for it to be a proxy certificate.
|
||||
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
|
||||
|
@ -62,12 +62,12 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#define NUM_NID 746
|
||||
#define NUM_SN 742
|
||||
#define NUM_LN 742
|
||||
#define NUM_OBJ 704
|
||||
#define NUM_NID 751
|
||||
#define NUM_SN 747
|
||||
#define NUM_LN 747
|
||||
#define NUM_OBJ 709
|
||||
|
||||
static unsigned char lvalues[4963]={
|
||||
static unsigned char lvalues[5002]={
|
||||
0x00, /* [ 0] OBJ_undef */
|
||||
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
|
||||
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
|
||||
@ -772,6 +772,11 @@ static unsigned char lvalues[4963]={
|
||||
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4935] OBJ_sha384 */
|
||||
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4944] OBJ_sha512 */
|
||||
0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4953] OBJ_sha224 */
|
||||
0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4962] OBJ_id_ppl */
|
||||
0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4969] OBJ_proxyCertInfo */
|
||||
0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4977] OBJ_id_ppl_anyLanguage */
|
||||
0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4985] OBJ_id_ppl_inheritAll */
|
||||
0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4993] OBJ_Independent */
|
||||
};
|
||||
|
||||
static ASN1_OBJECT nid_objs[NUM_NID]={
|
||||
@ -1932,6 +1937,14 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
|
||||
{"SHA224","sha224",NID_sha224,9,&(lvalues[4953]),0},
|
||||
{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL},
|
||||
{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL},
|
||||
{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4962]),0},
|
||||
{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8,
|
||||
&(lvalues[4969]),0},
|
||||
{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8,
|
||||
&(lvalues[4977]),0},
|
||||
{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
|
||||
&(lvalues[4985]),0},
|
||||
{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4993]),0},
|
||||
};
|
||||
|
||||
static ASN1_OBJECT *sn_objs[NUM_SN]={
|
||||
@ -2271,6 +2284,10 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
|
||||
&(nid_objs[271]),/* "id-pkix1-explicit-93" */
|
||||
&(nid_objs[270]),/* "id-pkix1-implicit-88" */
|
||||
&(nid_objs[272]),/* "id-pkix1-implicit-93" */
|
||||
&(nid_objs[746]),/* "id-ppl" */
|
||||
&(nid_objs[748]),/* "id-ppl-anyLanguage" */
|
||||
&(nid_objs[750]),/* "id-ppl-independent" */
|
||||
&(nid_objs[749]),/* "id-ppl-inheritAll" */
|
||||
&(nid_objs[267]),/* "id-qcs" */
|
||||
&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
|
||||
&(nid_objs[259]),/* "id-qt" */
|
||||
@ -2453,6 +2470,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
|
||||
&(nid_objs[415]),/* "prime256v1" */
|
||||
&(nid_objs[385]),/* "private" */
|
||||
&(nid_objs[84]),/* "privateKeyUsagePeriod" */
|
||||
&(nid_objs[747]),/* "proxyCertInfo" */
|
||||
&(nid_objs[510]),/* "pseudonym" */
|
||||
&(nid_objs[435]),/* "pss" */
|
||||
&(nid_objs[286]),/* "qcStatements" */
|
||||
@ -2683,6 +2701,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
|
||||
&(nid_objs[363]),/* "AD Time Stamping" */
|
||||
&(nid_objs[405]),/* "ANSI X9.62" */
|
||||
&(nid_objs[368]),/* "Acceptable OCSP Responses" */
|
||||
&(nid_objs[748]),/* "Any language" */
|
||||
&(nid_objs[177]),/* "Authority Information Access" */
|
||||
&(nid_objs[365]),/* "Basic OCSP Response" */
|
||||
&(nid_objs[285]),/* "Biometric Info" */
|
||||
@ -2705,6 +2724,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
|
||||
&(nid_objs[296]),/* "IPSec User" */
|
||||
&(nid_objs[182]),/* "ISO Member Body" */
|
||||
&(nid_objs[183]),/* "ISO US Member Body" */
|
||||
&(nid_objs[750]),/* "Independent" */
|
||||
&(nid_objs[749]),/* "Inherit all" */
|
||||
&(nid_objs[647]),/* "International Organizations" */
|
||||
&(nid_objs[142]),/* "Invalidity Date" */
|
||||
&(nid_objs[504]),/* "MIME MHS" */
|
||||
@ -2748,6 +2769,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
|
||||
&(nid_objs[164]),/* "Policy Qualifier CPS" */
|
||||
&(nid_objs[165]),/* "Policy Qualifier User Notice" */
|
||||
&(nid_objs[385]),/* "Private" */
|
||||
&(nid_objs[747]),/* "Proxy Certificate Information" */
|
||||
&(nid_objs[ 1]),/* "RSA Data Security, Inc." */
|
||||
&(nid_objs[ 2]),/* "RSA Data Security, Inc. PKCS" */
|
||||
&(nid_objs[188]),/* "S/MIME" */
|
||||
@ -3009,6 +3031,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
|
||||
&(nid_objs[271]),/* "id-pkix1-explicit-93" */
|
||||
&(nid_objs[270]),/* "id-pkix1-implicit-88" */
|
||||
&(nid_objs[272]),/* "id-pkix1-implicit-93" */
|
||||
&(nid_objs[746]),/* "id-ppl" */
|
||||
&(nid_objs[267]),/* "id-qcs" */
|
||||
&(nid_objs[359]),/* "id-qcs-pkixQCSyntax-v1" */
|
||||
&(nid_objs[259]),/* "id-qt" */
|
||||
@ -3727,6 +3750,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
|
||||
&(nid_objs[266]),/* OBJ_id_aca 1 3 6 1 5 5 7 10 */
|
||||
&(nid_objs[267]),/* OBJ_id_qcs 1 3 6 1 5 5 7 11 */
|
||||
&(nid_objs[268]),/* OBJ_id_cct 1 3 6 1 5 5 7 12 */
|
||||
&(nid_objs[746]),/* OBJ_id_ppl 1 3 6 1 5 5 7 21 */
|
||||
&(nid_objs[176]),/* OBJ_id_ad 1 3 6 1 5 5 7 48 */
|
||||
&(nid_objs[507]),/* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */
|
||||
&(nid_objs[508]),/* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */
|
||||
@ -3801,6 +3825,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
|
||||
&(nid_objs[292]),/* OBJ_sbqp_routerIdentifier 1 3 6 1 5 5 7 1 9 */
|
||||
&(nid_objs[397]),/* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */
|
||||
&(nid_objs[398]),/* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */
|
||||
&(nid_objs[747]),/* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */
|
||||
&(nid_objs[164]),/* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */
|
||||
&(nid_objs[165]),/* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */
|
||||
&(nid_objs[293]),/* OBJ_textNotice 1 3 6 1 5 5 7 2 3 */
|
||||
@ -3871,6 +3896,9 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
|
||||
&(nid_objs[360]),/* OBJ_id_cct_crs 1 3 6 1 5 5 7 12 1 */
|
||||
&(nid_objs[361]),/* OBJ_id_cct_PKIData 1 3 6 1 5 5 7 12 2 */
|
||||
&(nid_objs[362]),/* OBJ_id_cct_PKIResponse 1 3 6 1 5 5 7 12 3 */
|
||||
&(nid_objs[748]),/* OBJ_id_ppl_anyLanguage 1 3 6 1 5 5 7 21 0 */
|
||||
&(nid_objs[749]),/* OBJ_id_ppl_inheritAll 1 3 6 1 5 5 7 21 1 */
|
||||
&(nid_objs[750]),/* OBJ_Independent 1 3 6 1 5 5 7 21 2 */
|
||||
&(nid_objs[178]),/* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */
|
||||
&(nid_objs[179]),/* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */
|
||||
&(nid_objs[363]),/* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */
|
||||
|
@ -1265,6 +1265,10 @@
|
||||
#define NID_id_cct 268
|
||||
#define OBJ_id_cct OBJ_id_pkix,12L
|
||||
|
||||
#define SN_id_ppl "id-ppl"
|
||||
#define NID_id_ppl 746
|
||||
#define OBJ_id_ppl OBJ_id_pkix,21L
|
||||
|
||||
#define SN_id_ad "id-ad"
|
||||
#define NID_id_ad 176
|
||||
#define OBJ_id_ad OBJ_id_pkix,48L
|
||||
@ -1380,6 +1384,11 @@
|
||||
#define NID_sinfo_access 398
|
||||
#define OBJ_sinfo_access OBJ_id_pe,11L
|
||||
|
||||
#define SN_proxyCertInfo "proxyCertInfo"
|
||||
#define LN_proxyCertInfo "Proxy Certificate Information"
|
||||
#define NID_proxyCertInfo 747
|
||||
#define OBJ_proxyCertInfo OBJ_id_pe,14L
|
||||
|
||||
#define SN_id_qt_cps "id-qt-cps"
|
||||
#define LN_id_qt_cps "Policy Qualifier CPS"
|
||||
#define NID_id_qt_cps 164
|
||||
@ -1704,6 +1713,21 @@
|
||||
#define NID_id_cct_PKIResponse 362
|
||||
#define OBJ_id_cct_PKIResponse OBJ_id_cct,3L
|
||||
|
||||
#define SN_id_ppl_anyLanguage "id-ppl-anyLanguage"
|
||||
#define LN_id_ppl_anyLanguage "Any language"
|
||||
#define NID_id_ppl_anyLanguage 748
|
||||
#define OBJ_id_ppl_anyLanguage OBJ_id_ppl,0L
|
||||
|
||||
#define SN_id_ppl_inheritAll "id-ppl-inheritAll"
|
||||
#define LN_id_ppl_inheritAll "Inherit all"
|
||||
#define NID_id_ppl_inheritAll 749
|
||||
#define OBJ_id_ppl_inheritAll OBJ_id_ppl,1L
|
||||
|
||||
#define SN_Independent "id-ppl-independent"
|
||||
#define LN_Independent "Independent"
|
||||
#define NID_Independent 750
|
||||
#define OBJ_Independent OBJ_id_ppl,2L
|
||||
|
||||
#define SN_ad_OCSP "OCSP"
|
||||
#define LN_ad_OCSP "OCSP"
|
||||
#define NID_ad_OCSP 178
|
||||
|
@ -743,3 +743,8 @@ sha512 742
|
||||
sha224 743
|
||||
ipsec3 744
|
||||
ipsec4 745
|
||||
id_ppl 746
|
||||
proxyCertInfo 747
|
||||
id_ppl_anyLanguage 748
|
||||
id_ppl_inheritAll 749
|
||||
Independent 750
|
||||
|
@ -405,6 +405,7 @@ id-pkix 9 : id-pda
|
||||
id-pkix 10 : id-aca
|
||||
id-pkix 11 : id-qcs
|
||||
id-pkix 12 : id-cct
|
||||
id-pkix 21 : id-ppl
|
||||
id-pkix 48 : id-ad
|
||||
|
||||
# PKIX Modules
|
||||
@ -439,6 +440,7 @@ id-pe 9 : sbqp-routerIdentifier
|
||||
id-pe 10 : ac-proxying
|
||||
!Cname sinfo-access
|
||||
id-pe 11 : subjectInfoAccess : Subject Information Access
|
||||
id-pe 14 : proxyCertInfo : Proxy Certificate Information
|
||||
|
||||
# PKIX policyQualifiers for Internet policy qualifiers
|
||||
id-qt 1 : id-qt-cps : Policy Qualifier CPS
|
||||
@ -554,6 +556,11 @@ id-cct 1 : id-cct-crs
|
||||
id-cct 2 : id-cct-PKIData
|
||||
id-cct 3 : id-cct-PKIResponse
|
||||
|
||||
# Predefined Proxy Certificate policy languages
|
||||
id-ppl 0 : id-ppl-anyLanguage : Any language
|
||||
id-ppl 1 : id-ppl-inheritAll : Inherit all
|
||||
id-ppl 2 : id-ppl-independent : Independent
|
||||
|
||||
# access descriptors for authority info access extension
|
||||
!Cname ad-OCSP
|
||||
id-ad 1 : OCSP : OCSP
|
||||
|
@ -280,6 +280,7 @@ struct x509_st
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
/* These contain copies of various extension values */
|
||||
long ex_pathlen;
|
||||
long ex_pcpathlen;
|
||||
unsigned long ex_flags;
|
||||
unsigned long ex_kusage;
|
||||
unsigned long ex_xkusage;
|
||||
|
@ -126,6 +126,8 @@ const char *X509_verify_cert_error_string(long n)
|
||||
return ("invalid non-CA certificate (has CA markings)");
|
||||
case X509_V_ERR_PATH_LENGTH_EXCEEDED:
|
||||
return ("path length constraint exceeded");
|
||||
case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
|
||||
return("proxy path length constraint exceeded");
|
||||
case X509_V_ERR_INVALID_PURPOSE:
|
||||
return ("unsupported certificate purpose");
|
||||
case X509_V_ERR_CERT_UNTRUSTED:
|
||||
@ -142,28 +144,22 @@ const char *X509_verify_cert_error_string(long n)
|
||||
return("authority and issuer serial number mismatch");
|
||||
case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
|
||||
return("key usage does not include certificate signing");
|
||||
|
||||
case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
|
||||
return("unable to get CRL issuer certificate");
|
||||
|
||||
case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
|
||||
return("unhandled critical extension");
|
||||
|
||||
case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
|
||||
return("key usage does not include CRL signing");
|
||||
|
||||
case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
|
||||
return("key usage does not include digital signature");
|
||||
case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
|
||||
return("unhandled critical CRL extension");
|
||||
|
||||
case X509_V_ERR_INVALID_EXTENSION:
|
||||
return("invalid or inconsistent certificate extension");
|
||||
|
||||
case X509_V_ERR_INVALID_POLICY_EXTENSION:
|
||||
return("invalid or inconsistent certificate policy extension");
|
||||
|
||||
case X509_V_ERR_NO_EXPLICIT_POLICY:
|
||||
return("no explicit policy");
|
||||
|
||||
default:
|
||||
BIO_snprintf(buf,sizeof buf,"error number %ld",n);
|
||||
return(buf);
|
||||
|
@ -389,6 +389,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
|
||||
int i, ok=0, must_be_ca;
|
||||
X509 *x;
|
||||
int (*cb)();
|
||||
int proxy_path_length = 0;
|
||||
cb=ctx->verify_cb;
|
||||
|
||||
/* must_be_ca can have 1 of 3 values:
|
||||
@ -472,7 +473,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
|
||||
}
|
||||
/* Check pathlen */
|
||||
if ((i > 1) && (x->ex_pathlen != -1)
|
||||
&& (i > (x->ex_pathlen + 1)))
|
||||
&& (i > (x->ex_pathlen + proxy_path_length + 1)))
|
||||
{
|
||||
ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
|
||||
ctx->error_depth = i;
|
||||
@ -480,8 +481,26 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
|
||||
ok=cb(0,ctx);
|
||||
if (!ok) goto end;
|
||||
}
|
||||
/* The next certificate must be a CA */
|
||||
must_be_ca = 1;
|
||||
/* If this certificate is a proxy certificate, the next
|
||||
certificate must be another proxy certificate or a EE
|
||||
certificate. If not, the next certificate must be a
|
||||
CA certificate. */
|
||||
if (x->ex_flags & EXFLAG_PROXY)
|
||||
{
|
||||
if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen)
|
||||
{
|
||||
ctx->error =
|
||||
X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
|
||||
ctx->error_depth = i;
|
||||
ctx->current_cert = x;
|
||||
ok=cb(0,ctx);
|
||||
if (!ok) goto end;
|
||||
}
|
||||
proxy_path_length++;
|
||||
must_be_ca = 0;
|
||||
}
|
||||
else
|
||||
must_be_ca = 1;
|
||||
}
|
||||
ok = 1;
|
||||
end:
|
||||
|
@ -323,10 +323,12 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
|
||||
#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
|
||||
#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
|
||||
#define X509_V_ERR_INVALID_NON_CA 37
|
||||
#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
|
||||
#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
|
||||
|
||||
#define X509_V_ERR_INVALID_EXTENSION 38
|
||||
#define X509_V_ERR_INVALID_POLICY_EXTENSION 39
|
||||
#define X509_V_ERR_NO_EXPLICIT_POLICY 40
|
||||
#define X509_V_ERR_INVALID_EXTENSION 40
|
||||
#define X509_V_ERR_INVALID_POLICY_EXTENSION 41
|
||||
#define X509_V_ERR_NO_EXPLICIT_POLICY 42
|
||||
|
||||
|
||||
/* The application is not happy */
|
||||
|
@ -26,13 +26,13 @@ LIB=$(TOP)/libcrypto.a
|
||||
LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \
|
||||
v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \
|
||||
v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \
|
||||
v3_ocsp.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c pcy_cache.c pcy_node.c \
|
||||
pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c
|
||||
v3_ocsp.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c v3_pcia.c v3_pci.c \
|
||||
pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c
|
||||
LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
|
||||
v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
|
||||
v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \
|
||||
v3_ocsp.o v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o pcy_cache.o pcy_node.o \
|
||||
pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o
|
||||
v3_ocsp.o v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o v3_pcia.o v3_pci.o \
|
||||
pcy_cache.o pcy_node.o pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o
|
||||
|
||||
SRC= $(LIBSRC)
|
||||
|
||||
@ -410,6 +410,32 @@ v3_ocsp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||
v3_ocsp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
v3_ocsp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
|
||||
v3_ocsp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ocsp.c
|
||||
v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
|
||||
v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
|
||||
v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
|
||||
v3_pci.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
|
||||
v3_pci.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
|
||||
v3_pci.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
|
||||
v3_pci.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||
v3_pci.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
v3_pci.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
|
||||
v3_pci.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||
v3_pci.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
v3_pci.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
|
||||
v3_pci.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pci.c
|
||||
v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
|
||||
v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
|
||||
v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
|
||||
v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
|
||||
v3_pcia.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
|
||||
v3_pcia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
|
||||
v3_pcia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
|
||||
v3_pcia.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
|
||||
v3_pcia.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
|
||||
v3_pcia.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
|
||||
v3_pcia.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
|
||||
v3_pcia.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
|
||||
v3_pcia.o: ../../include/openssl/x509v3.h v3_pcia.c
|
||||
v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h
|
||||
v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
|
||||
v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
|
||||
|
@ -64,7 +64,7 @@ extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate;
|
||||
extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld;
|
||||
extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
|
||||
extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;
|
||||
extern X509V3_EXT_METHOD v3_crl_hold;
|
||||
extern X509V3_EXT_METHOD v3_crl_hold, v3_pci;
|
||||
extern X509V3_EXT_METHOD v3_policy_mappings, v3_policy_constraints;
|
||||
extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp;
|
||||
|
||||
@ -112,6 +112,7 @@ static X509V3_EXT_METHOD *standard_exts[] = {
|
||||
#ifndef OPENSSL_NO_OCSP
|
||||
&v3_crl_hold,
|
||||
#endif
|
||||
&v3_pci,
|
||||
&v3_policy_mappings,
|
||||
&v3_name_constraints,
|
||||
&v3_inhibit_anyp
|
||||
|
307
crypto/x509v3/v3_pci.c
Normal file
307
crypto/x509v3/v3_pci.c
Normal file
@ -0,0 +1,307 @@
|
||||
/* v3_pci.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* Contributed to the OpenSSL Project 2004
|
||||
* by Richard Levitte (richard@levitte.org)
|
||||
*/
|
||||
/* Copyright (c) 2004 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include "cryptlib.h"
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/x509v3.h>
|
||||
|
||||
static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
|
||||
BIO *out, int indent);
|
||||
static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
|
||||
X509V3_CTX *ctx, char *str);
|
||||
|
||||
X509V3_EXT_METHOD v3_pci =
|
||||
{ NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
|
||||
0,0,0,0,
|
||||
0,0,
|
||||
NULL, NULL,
|
||||
(X509V3_EXT_I2R)i2r_pci,
|
||||
(X509V3_EXT_R2I)r2i_pci,
|
||||
NULL,
|
||||
};
|
||||
|
||||
static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
|
||||
BIO *out, int indent)
|
||||
{
|
||||
BIO_printf(out, "%*sPath Length Constraint: ", indent, "");
|
||||
if (pci->pcPathLengthConstraint)
|
||||
i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint);
|
||||
else
|
||||
BIO_printf(out, "infinite");
|
||||
BIO_puts(out, "\n");
|
||||
BIO_printf(out, "%*sPolicy Language: ", indent, "");
|
||||
i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
|
||||
BIO_puts(out, "\n");
|
||||
if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
|
||||
BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
|
||||
pci->proxyPolicy->policy->data);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int process_pci_value(CONF_VALUE *val,
|
||||
ASN1_OBJECT **language, ASN1_INTEGER **pathlen,
|
||||
ASN1_OCTET_STRING **policy)
|
||||
{
|
||||
int free_policy = 0;
|
||||
|
||||
if (strcmp(val->name, "language") == 0)
|
||||
{
|
||||
if (*language)
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED);
|
||||
X509V3_conf_err(val);
|
||||
return 0;
|
||||
}
|
||||
if (!(*language = OBJ_txt2obj(val->value, 0)))
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
||||
X509V3_conf_err(val);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
else if (strcmp(val->name, "pathlen") == 0)
|
||||
{
|
||||
if (*pathlen)
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED);
|
||||
X509V3_conf_err(val);
|
||||
return 0;
|
||||
}
|
||||
if (!X509V3_get_value_int(val, pathlen))
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH);
|
||||
X509V3_conf_err(val);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
else if (strcmp(val->name, "policy") == 0)
|
||||
{
|
||||
unsigned char *tmp_data = NULL;
|
||||
long val_len;
|
||||
if (!*policy)
|
||||
{
|
||||
*policy = ASN1_OCTET_STRING_new();
|
||||
if (!*policy)
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
|
||||
X509V3_conf_err(val);
|
||||
return 0;
|
||||
}
|
||||
free_policy = 1;
|
||||
}
|
||||
if (strncmp(val->value, "hex:", 4) == 0)
|
||||
{
|
||||
unsigned char *tmp_data2 =
|
||||
string_to_hex(val->value + 4, &val_len);
|
||||
|
||||
if (!tmp_data2) goto err;
|
||||
|
||||
tmp_data = OPENSSL_realloc((*policy)->data,
|
||||
(*policy)->length + val_len + 1);
|
||||
if (tmp_data)
|
||||
{
|
||||
(*policy)->data = tmp_data;
|
||||
memcpy(&(*policy)->data[(*policy)->length],
|
||||
tmp_data2, val_len);
|
||||
(*policy)->length += val_len;
|
||||
(*policy)->data[(*policy)->length] = '\0';
|
||||
}
|
||||
}
|
||||
else if (strncmp(val->value, "file:", 5) == 0)
|
||||
{
|
||||
unsigned char buf[2048];
|
||||
int n;
|
||||
BIO *b = BIO_new_file(val->value + 5, "r");
|
||||
if (!b)
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB);
|
||||
X509V3_conf_err(val);
|
||||
goto err;
|
||||
}
|
||||
while((n = BIO_read(b, buf, sizeof(buf))) > 0
|
||||
|| (n == 0 && BIO_should_retry(b)))
|
||||
{
|
||||
if (!n) continue;
|
||||
|
||||
tmp_data = OPENSSL_realloc((*policy)->data,
|
||||
(*policy)->length + n + 1);
|
||||
|
||||
if (!tmp_data)
|
||||
break;
|
||||
|
||||
(*policy)->data = tmp_data;
|
||||
memcpy(&(*policy)->data[(*policy)->length],
|
||||
buf, n);
|
||||
(*policy)->length += n;
|
||||
(*policy)->data[(*policy)->length] = '\0';
|
||||
}
|
||||
|
||||
if (n < 0)
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB);
|
||||
X509V3_conf_err(val);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
else if (strncmp(val->value, "text:", 5) == 0)
|
||||
{
|
||||
val_len = strlen(val->value + 5);
|
||||
tmp_data = OPENSSL_realloc((*policy)->data,
|
||||
(*policy)->length + val_len + 1);
|
||||
if (tmp_data)
|
||||
{
|
||||
(*policy)->data = tmp_data;
|
||||
memcpy(&(*policy)->data[(*policy)->length],
|
||||
val->value + 5, val_len);
|
||||
(*policy)->length += val_len;
|
||||
(*policy)->data[(*policy)->length] = '\0';
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
|
||||
X509V3_conf_err(val);
|
||||
goto err;
|
||||
}
|
||||
if (!tmp_data)
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
|
||||
X509V3_conf_err(val);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
err:
|
||||
if (free_policy)
|
||||
{
|
||||
ASN1_OCTET_STRING_free(*policy);
|
||||
*policy = NULL;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
|
||||
X509V3_CTX *ctx, char *value)
|
||||
{
|
||||
PROXY_CERT_INFO_EXTENSION *pci = NULL;
|
||||
STACK_OF(CONF_VALUE) *vals;
|
||||
ASN1_OBJECT *language = NULL;
|
||||
ASN1_INTEGER *pathlen = NULL;
|
||||
ASN1_OCTET_STRING *policy = NULL;
|
||||
int i, j;
|
||||
|
||||
vals = X509V3_parse_list(value);
|
||||
for (i = 0; i < sk_CONF_VALUE_num(vals); i++)
|
||||
{
|
||||
CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
|
||||
if (!cnf->name || (*cnf->name != '@' && !cnf->value))
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_PROXY_POLICY_SETTING);
|
||||
X509V3_conf_err(cnf);
|
||||
goto err;
|
||||
}
|
||||
if (*cnf->name == '@')
|
||||
{
|
||||
STACK_OF(CONF_VALUE) *sect;
|
||||
int success_p = 1;
|
||||
|
||||
sect = X509V3_get_section(ctx, cnf->name + 1);
|
||||
if (!sect)
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_SECTION);
|
||||
X509V3_conf_err(cnf);
|
||||
goto err;
|
||||
}
|
||||
for (j = 0; success_p && j < sk_CONF_VALUE_num(sect); j++)
|
||||
{
|
||||
success_p =
|
||||
process_pci_value(sk_CONF_VALUE_value(sect, j),
|
||||
&language, &pathlen, &policy);
|
||||
}
|
||||
X509V3_section_free(ctx, sect);
|
||||
if (!success_p)
|
||||
goto err;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!process_pci_value(cnf,
|
||||
&language, &pathlen, &policy))
|
||||
{
|
||||
X509V3_conf_err(cnf);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Language is mandatory */
|
||||
if (!language)
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
|
||||
goto err;
|
||||
}
|
||||
|
||||
pci = PROXY_CERT_INFO_EXTENSION_new();
|
||||
if (!pci)
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
pci->proxyPolicy = PROXY_POLICY_new();
|
||||
if (!pci->proxyPolicy)
|
||||
{
|
||||
X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
}
|
||||
|
||||
pci->proxyPolicy->policyLanguage = language; language = NULL;
|
||||
pci->proxyPolicy->policy = policy; policy = NULL;
|
||||
pci->pcPathLengthConstraint = pathlen; pathlen = NULL;
|
||||
goto end;
|
||||
err:
|
||||
if (language) { ASN1_OBJECT_free(language); language = NULL; }
|
||||
if (pathlen) { ASN1_INTEGER_free(pathlen); pathlen = NULL; }
|
||||
if (policy) { ASN1_OCTET_STRING_free(policy); policy = NULL; }
|
||||
if (pci && pci->proxyPolicy)
|
||||
{
|
||||
PROXY_POLICY_free(pci->proxyPolicy);
|
||||
pci->proxyPolicy = NULL;
|
||||
}
|
||||
if (pci) { PROXY_CERT_INFO_EXTENSION_free(pci); pci = NULL; }
|
||||
end:
|
||||
sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
|
||||
return pci;
|
||||
}
|
55
crypto/x509v3/v3_pcia.c
Normal file
55
crypto/x509v3/v3_pcia.c
Normal file
@ -0,0 +1,55 @@
|
||||
/* v3_pcia.c -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* Contributed to the OpenSSL Project 2004
|
||||
* by Richard Levitte (richard@levitte.org)
|
||||
*/
|
||||
/* Copyright (c) 2004 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/x509v3.h>
|
||||
|
||||
ASN1_SEQUENCE(PROXY_POLICY) =
|
||||
{
|
||||
ASN1_SIMPLE(PROXY_POLICY,policyLanguage,ASN1_OBJECT),
|
||||
ASN1_OPT(PROXY_POLICY,policy,ASN1_OCTET_STRING)
|
||||
} ASN1_SEQUENCE_END(PROXY_POLICY)
|
||||
|
||||
IMPLEMENT_ASN1_FUNCTIONS(PROXY_POLICY)
|
||||
|
||||
ASN1_SEQUENCE(PROXY_CERT_INFO_EXTENSION) =
|
||||
{
|
||||
ASN1_OPT(PROXY_CERT_INFO_EXTENSION,pcPathLengthConstraint,ASN1_INTEGER),
|
||||
ASN1_SIMPLE(PROXY_CERT_INFO_EXTENSION,proxyPolicy,PROXY_POLICY)
|
||||
} ASN1_SEQUENCE_END(PROXY_CERT_INFO_EXTENSION)
|
||||
|
||||
IMPLEMENT_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
|
@ -285,7 +285,8 @@ int X509_supported_extension(X509_EXTENSION *ex)
|
||||
NID_key_usage, /* 83 */
|
||||
NID_subject_alt_name, /* 85 */
|
||||
NID_basic_constraints, /* 87 */
|
||||
NID_ext_key_usage /* 126 */
|
||||
NID_ext_key_usage, /* 126 */
|
||||
NID_proxyCertInfo /* 661 */
|
||||
};
|
||||
|
||||
int ex_nid;
|
||||
@ -306,6 +307,7 @@ int X509_supported_extension(X509_EXTENSION *ex)
|
||||
static void x509v3_cache_extensions(X509 *x)
|
||||
{
|
||||
BASIC_CONSTRAINTS *bs;
|
||||
PROXY_CERT_INFO_EXTENSION *pci;
|
||||
ASN1_BIT_STRING *usage;
|
||||
ASN1_BIT_STRING *ns;
|
||||
EXTENDED_KEY_USAGE *extusage;
|
||||
@ -334,6 +336,18 @@ static void x509v3_cache_extensions(X509 *x)
|
||||
BASIC_CONSTRAINTS_free(bs);
|
||||
x->ex_flags |= EXFLAG_BCONS;
|
||||
}
|
||||
/* Handle proxy certificates */
|
||||
if((pci=X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {
|
||||
if (x->ex_flags & EXFLAG_CA) {
|
||||
x->ex_flags |= EXFLAG_INVALID;
|
||||
}
|
||||
if (pci->pcPathLengthConstraint) {
|
||||
x->ex_pcpathlen =
|
||||
ASN1_INTEGER_get(pci->pcPathLengthConstraint);
|
||||
} else x->ex_pcpathlen = -1;
|
||||
PROXY_CERT_INFO_EXTENSION_free(pci);
|
||||
x->ex_flags |= EXFLAG_PROXY;
|
||||
}
|
||||
/* Handle key usage */
|
||||
if((usage=X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {
|
||||
if(usage->length > 0) {
|
||||
@ -623,7 +637,13 @@ int X509_check_issued(X509 *issuer, X509 *subject)
|
||||
return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
|
||||
}
|
||||
}
|
||||
if(ku_reject(issuer, KU_KEY_CERT_SIGN)) return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
|
||||
if(subject->ex_flags & EXFLAG_PROXY)
|
||||
{
|
||||
if(ku_reject(issuer, KU_DIGITAL_SIGNATURE))
|
||||
return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;
|
||||
}
|
||||
else if(ku_reject(issuer, KU_KEY_CERT_SIGN))
|
||||
return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
|
||||
return X509_V_OK;
|
||||
}
|
||||
|
||||
|
@ -81,6 +81,7 @@ static ERR_STRING_DATA X509V3_str_functs[]=
|
||||
{ERR_PACK(0,X509V3_F_NREF_NOS,0), "NREF_NOS"},
|
||||
{ERR_PACK(0,X509V3_F_POLICY_SECTION,0), "POLICY_SECTION"},
|
||||
{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0), "R2I_CERTPOL"},
|
||||
{ERR_PACK(0,X509V3_F_R2I_PCI,0), "R2I_PCI"},
|
||||
{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0), "S2I_ASN1_IA5STRING"},
|
||||
{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0), "s2i_ASN1_INTEGER"},
|
||||
{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0), "s2i_ASN1_OCTET_STRING"},
|
||||
@ -138,6 +139,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
|
||||
{X509V3_R_EXTENSION_VALUE_ERROR ,"extension value error"},
|
||||
{X509V3_R_ILLEGAL_EMPTY_EXTENSION ,"illegal empty extension"},
|
||||
{X509V3_R_ILLEGAL_HEX_DIGIT ,"illegal hex digit"},
|
||||
{X509V3_R_INCORRECT_POLICY_SYNTAX_TAG ,"incorrect policy syntax tag"},
|
||||
{X509V3_R_INVALID_BOOLEAN_STRING ,"invalid boolean string"},
|
||||
{X509V3_R_INVALID_EXTENSION_STRING ,"invalid extension string"},
|
||||
{X509V3_R_INVALID_NAME ,"invalid name"},
|
||||
@ -149,6 +151,7 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
|
||||
{X509V3_R_INVALID_OBJECT_IDENTIFIER ,"invalid object identifier"},
|
||||
{X509V3_R_INVALID_OPTION ,"invalid option"},
|
||||
{X509V3_R_INVALID_POLICY_IDENTIFIER ,"invalid policy identifier"},
|
||||
{X509V3_R_INVALID_PROXY_POLICY_SETTING ,"invalid proxy policy setting"},
|
||||
{X509V3_R_INVALID_PURPOSE ,"invalid purpose"},
|
||||
{X509V3_R_INVALID_SECTION ,"invalid section"},
|
||||
{X509V3_R_INVALID_SYNTAX ,"invalid syntax"},
|
||||
@ -159,11 +162,16 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
|
||||
{X509V3_R_NO_ISSUER_CERTIFICATE ,"no issuer certificate"},
|
||||
{X509V3_R_NO_ISSUER_DETAILS ,"no issuer details"},
|
||||
{X509V3_R_NO_POLICY_IDENTIFIER ,"no policy identifier"},
|
||||
{X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED,"no proxy cert policy language defined"},
|
||||
{X509V3_R_NO_PUBLIC_KEY ,"no public key"},
|
||||
{X509V3_R_NO_SUBJECT_DETAILS ,"no subject details"},
|
||||
{X509V3_R_ODD_NUMBER_OF_DIGITS ,"odd number of digits"},
|
||||
{X509V3_R_OPERATION_NOT_DEFINED ,"operation not defined"},
|
||||
{X509V3_R_OTHERNAME_ERROR ,"othername error"},
|
||||
{X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED,"policy language alreadty defined"},
|
||||
{X509V3_R_POLICY_PATH_LENGTH ,"policy path length"},
|
||||
{X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED,"policy path length alreadty defined"},
|
||||
{X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED,"policy syntax not currently supported"},
|
||||
{X509V3_R_SECTION_NOT_FOUND ,"section not found"},
|
||||
{X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ,"unable to get issuer details"},
|
||||
{X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ,"unable to get issuer keyid"},
|
||||
|
@ -313,6 +313,23 @@ typedef struct POLICY_CONSTRAINTS_st {
|
||||
ASN1_INTEGER *inhibitPolicyMapping;
|
||||
} POLICY_CONSTRAINTS;
|
||||
|
||||
/* Proxy certificate structures, see RFC 3820 */
|
||||
typedef struct PROXY_POLICY_st
|
||||
{
|
||||
ASN1_OBJECT *policyLanguage;
|
||||
ASN1_OCTET_STRING *policy;
|
||||
} PROXY_POLICY;
|
||||
|
||||
typedef struct PROXY_CERT_INFO_EXTENSION_st
|
||||
{
|
||||
ASN1_INTEGER *pcPathLengthConstraint;
|
||||
PROXY_POLICY *proxyPolicy;
|
||||
} PROXY_CERT_INFO_EXTENSION;
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
|
||||
DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
|
||||
|
||||
|
||||
#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
|
||||
",name:", val->name, ",value:", val->value);
|
||||
|
||||
@ -351,6 +368,7 @@ typedef struct POLICY_CONSTRAINTS_st {
|
||||
#define EXFLAG_INVALID 0x80
|
||||
#define EXFLAG_SET 0x100
|
||||
#define EXFLAG_CRITICAL 0x200
|
||||
#define EXFLAG_PROXY 0x400
|
||||
|
||||
#define EXFLAG_INVALID_POLICY 0x400
|
||||
|
||||
@ -631,6 +649,7 @@ void ERR_load_X509V3_strings(void);
|
||||
#define X509V3_F_NREF_NOS 133
|
||||
#define X509V3_F_POLICY_SECTION 131
|
||||
#define X509V3_F_R2I_CERTPOL 130
|
||||
#define X509V3_F_R2I_PCI 149
|
||||
#define X509V3_F_S2I_ASN1_IA5STRING 100
|
||||
#define X509V3_F_S2I_ASN1_INTEGER 108
|
||||
#define X509V3_F_S2I_ASN1_OCTET_STRING 112
|
||||
@ -685,6 +704,7 @@ void ERR_load_X509V3_strings(void);
|
||||
#define X509V3_R_EXTENSION_VALUE_ERROR 116
|
||||
#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
|
||||
#define X509V3_R_ILLEGAL_HEX_DIGIT 113
|
||||
#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
|
||||
#define X509V3_R_INVALID_BOOLEAN_STRING 104
|
||||
#define X509V3_R_INVALID_EXTENSION_STRING 105
|
||||
#define X509V3_R_INVALID_NAME 106
|
||||
@ -696,6 +716,7 @@ void ERR_load_X509V3_strings(void);
|
||||
#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
|
||||
#define X509V3_R_INVALID_OPTION 138
|
||||
#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
|
||||
#define X509V3_R_INVALID_PROXY_POLICY_SETTING 153
|
||||
#define X509V3_R_INVALID_PURPOSE 146
|
||||
#define X509V3_R_INVALID_SECTION 135
|
||||
#define X509V3_R_INVALID_SYNTAX 143
|
||||
@ -706,11 +727,16 @@ void ERR_load_X509V3_strings(void);
|
||||
#define X509V3_R_NO_ISSUER_CERTIFICATE 121
|
||||
#define X509V3_R_NO_ISSUER_DETAILS 127
|
||||
#define X509V3_R_NO_POLICY_IDENTIFIER 139
|
||||
#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154
|
||||
#define X509V3_R_NO_PUBLIC_KEY 114
|
||||
#define X509V3_R_NO_SUBJECT_DETAILS 125
|
||||
#define X509V3_R_ODD_NUMBER_OF_DIGITS 112
|
||||
#define X509V3_R_OPERATION_NOT_DEFINED 148
|
||||
#define X509V3_R_OTHERNAME_ERROR 147
|
||||
#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 155
|
||||
#define X509V3_R_POLICY_PATH_LENGTH 156
|
||||
#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 157
|
||||
#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158
|
||||
#define X509V3_R_SECTION_NOT_FOUND 150
|
||||
#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
|
||||
#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
|
||||
|
@ -71,4 +71,6 @@ emailAddress = optional
|
||||
[ v3_ca ]
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
basicConstraints = CA:true
|
||||
basicConstraints = CA:true,pathlen:1
|
||||
keyUsage = cRLSign, keyCertSign
|
||||
issuerAltName=issuer:copy
|
||||
|
@ -274,17 +274,23 @@ test_gen:
|
||||
@echo "Generate and verify a certificate request"
|
||||
@$(SET_SO_PATHS); sh ./testgen
|
||||
|
||||
test_ss keyU.ss certU.ss certCA.ss: testss
|
||||
test_ss keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
|
||||
intP1.ss intP2.ss: testss
|
||||
@echo "Generate and certify a test certificate"
|
||||
@$(SET_SO_PATHS); sh ./testss
|
||||
@cat certCA.ss certU.ss > intP1.ss
|
||||
@cat certCA.ss certU.ss certP1.ss > intP2.ss
|
||||
|
||||
test_engine:
|
||||
@echo "Manipulate the ENGINE structures"
|
||||
$(SET_SO_PATHS); ./$(ENGINETEST)
|
||||
|
||||
test_ssl: keyU.ss certU.ss certCA.ss
|
||||
test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
|
||||
intP1.ss intP2.ss
|
||||
@echo "test SSL protocol"
|
||||
@$(SET_SO_PATHS); sh ./testssl keyU.ss certU.ss certCA.ss
|
||||
@$(SET_SO_PATHS); sh ./testssl keyP1.ss certP1.ss intP1.ss
|
||||
@$(SET_SO_PATHS); sh ./testssl keyP2.ss certP2.ss intP2.ss
|
||||
|
||||
test_ca:
|
||||
@$(SET_SO_PATHS); if ../apps/openssl no-rsa; then \
|
||||
|
37
test/P1ss.cnf
Normal file
37
test/P1ss.cnf
Normal file
@ -0,0 +1,37 @@
|
||||
#
|
||||
# SSLeay example configuration file.
|
||||
# This is mostly being used for generation of certificate requests.
|
||||
#
|
||||
|
||||
RANDFILE = ./.rnd
|
||||
|
||||
####################################################################
|
||||
[ req ]
|
||||
default_bits = 512
|
||||
default_keyfile = keySS.pem
|
||||
distinguished_name = req_distinguished_name
|
||||
encrypt_rsa_key = no
|
||||
default_md = md2
|
||||
|
||||
[ req_distinguished_name ]
|
||||
countryName = Country Name (2 letter code)
|
||||
countryName_default = AU
|
||||
countryName_value = AU
|
||||
|
||||
organizationName = Organization Name (eg, company)
|
||||
organizationName_value = Dodgy Brothers
|
||||
|
||||
0.commonName = Common Name (eg, YOUR name)
|
||||
0.commonName_value = Brother 1
|
||||
|
||||
1.commonName = Common Name (eg, YOUR name)
|
||||
1.commonName_value = Brother 2
|
||||
|
||||
2.commonName = Common Name (eg, YOUR name)
|
||||
2.commonName_value = Proxy 1
|
||||
|
||||
[ v3_proxy ]
|
||||
basicConstraints=CA:FALSE
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:foo
|
45
test/P2ss.cnf
Normal file
45
test/P2ss.cnf
Normal file
@ -0,0 +1,45 @@
|
||||
#
|
||||
# SSLeay example configuration file.
|
||||
# This is mostly being used for generation of certificate requests.
|
||||
#
|
||||
|
||||
RANDFILE = ./.rnd
|
||||
|
||||
####################################################################
|
||||
[ req ]
|
||||
default_bits = 512
|
||||
default_keyfile = keySS.pem
|
||||
distinguished_name = req_distinguished_name
|
||||
encrypt_rsa_key = no
|
||||
default_md = md2
|
||||
|
||||
[ req_distinguished_name ]
|
||||
countryName = Country Name (2 letter code)
|
||||
countryName_default = AU
|
||||
countryName_value = AU
|
||||
|
||||
organizationName = Organization Name (eg, company)
|
||||
organizationName_value = Dodgy Brothers
|
||||
|
||||
0.commonName = Common Name (eg, YOUR name)
|
||||
0.commonName_value = Brother 1
|
||||
|
||||
1.commonName = Common Name (eg, YOUR name)
|
||||
1.commonName_value = Brother 2
|
||||
|
||||
2.commonName = Common Name (eg, YOUR name)
|
||||
2.commonName_value = Proxy 1
|
||||
|
||||
3.commonName = Common Name (eg, YOUR name)
|
||||
3.commonName_value = Proxy 2
|
||||
|
||||
[ v3_proxy ]
|
||||
basicConstraints=CA:FALSE
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
proxyCertInfo=critical,@proxy_ext
|
||||
|
||||
[ proxy_ext ]
|
||||
language=id-ppl-anyLanguage
|
||||
pathlen=0
|
||||
policy=text:bar
|
@ -26,3 +26,11 @@ organizationName_value = Dodgy Brothers
|
||||
|
||||
1.commonName = Common Name (eg, YOUR name)
|
||||
1.commonName_value = Brother 2
|
||||
|
||||
[ v3_ee ]
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer:always
|
||||
basicConstraints = CA:false
|
||||
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
issuerAltName=issuer:copy
|
||||
|
||||
|
76
test/testss
76
test/testss
@ -17,6 +17,18 @@ Ukey="keyU.ss"
|
||||
Ureq="reqU.ss"
|
||||
Ucert="certU.ss"
|
||||
|
||||
P1conf="P1ss.cnf"
|
||||
P1key="keyP1.ss"
|
||||
P1req="reqP1.ss"
|
||||
P1cert="certP1.ss"
|
||||
P1intermediate="tmp_intP1.ss"
|
||||
|
||||
P2conf="P2ss.cnf"
|
||||
P2key="keyP2.ss"
|
||||
P2req="reqP2.ss"
|
||||
P2cert="certP2.ss"
|
||||
P2intermediate="tmp_intP2.ss"
|
||||
|
||||
echo
|
||||
echo "make a certificate request using 'req'"
|
||||
|
||||
@ -35,7 +47,7 @@ if [ $? != 0 ]; then
|
||||
fi
|
||||
echo
|
||||
echo "convert the certificate request into a self signed certificate using 'x509'"
|
||||
$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss
|
||||
$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
|
||||
if [ $? != 0 ]; then
|
||||
echo "error using 'x509' to self sign a certificate request"
|
||||
exit 1
|
||||
@ -68,18 +80,18 @@ if [ $? != 0 ]; then
|
||||
fi
|
||||
|
||||
echo
|
||||
echo "make another certificate request using 'req'"
|
||||
echo "make a user certificate request using 'req'"
|
||||
$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
|
||||
if [ $? != 0 ]; then
|
||||
echo "error using 'req' to generate a certificate request"
|
||||
echo "error using 'req' to generate a user certificate request"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo
|
||||
echo "sign certificate request with the just created CA via 'x509'"
|
||||
$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss
|
||||
echo "sign user certificate request with the just created CA via 'x509'"
|
||||
$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
|
||||
if [ $? != 0 ]; then
|
||||
echo "error using 'x509' to sign a certificate request"
|
||||
echo "error using 'x509' to sign a user certificate request"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
@ -88,6 +100,50 @@ echo
|
||||
echo "Certificate details"
|
||||
$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
|
||||
|
||||
echo
|
||||
echo "make a proxy certificate request using 'req'"
|
||||
$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
|
||||
if [ $? != 0 ]; then
|
||||
echo "error using 'req' to generate a proxy certificate request"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo
|
||||
echo "sign proxy certificate request with the just created user certificate via 'x509'"
|
||||
$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
|
||||
if [ $? != 0 ]; then
|
||||
echo "error using 'x509' to sign a proxy certificate request"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
cat $Ucert > $P1intermediate
|
||||
$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
|
||||
echo
|
||||
echo "Certificate details"
|
||||
$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
|
||||
|
||||
echo
|
||||
echo "make another proxy certificate request using 'req'"
|
||||
$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
|
||||
if [ $? != 0 ]; then
|
||||
echo "error using 'req' to generate another proxy certificate request"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo
|
||||
echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
|
||||
$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
|
||||
if [ $? != 0 ]; then
|
||||
echo "error using 'x509' to sign a second proxy certificate request"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
cat $Ucert $P1cert > $P2intermediate
|
||||
$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
|
||||
echo
|
||||
echo "Certificate details"
|
||||
$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
|
||||
|
||||
echo
|
||||
echo The generated CA certificate is $CAcert
|
||||
echo The generated CA private key is $CAkey
|
||||
@ -95,5 +151,13 @@ echo The generated CA private key is $CAkey
|
||||
echo The generated user certificate is $Ucert
|
||||
echo The generated user private key is $Ukey
|
||||
|
||||
echo The first generated proxy certificate is $P1cert
|
||||
echo The first generated proxy private key is $P1key
|
||||
|
||||
echo The second generated proxy certificate is $P2cert
|
||||
echo The second generated proxy private key is $P2key
|
||||
|
||||
/bin/rm err.ss
|
||||
#/bin/rm $P1intermediate
|
||||
#/bin/rm $P2intermediate
|
||||
exit 0
|
||||
|
902
util/libeay.num
902
util/libeay.num
@ -2843,448 +2843,460 @@ FIPS_mode 3283 NOEXIST::FUNCTION:
|
||||
FIPS_selftest_failed 3284 NOEXIST::FUNCTION:
|
||||
sk_is_sorted 3285 EXIST::FUNCTION:
|
||||
X509_check_ca 3286 EXIST::FUNCTION:
|
||||
ERR_set_mark 3287 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_set0_crls 3288 EXIST::FUNCTION:
|
||||
ENGINE_set_STORE 3289 EXIST::FUNCTION:ENGINE
|
||||
ENGINE_register_ECDSA 3290 EXIST::FUNCTION:ENGINE
|
||||
STORE_method_set_list_start_function 3291 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_list_start_fn 3291 EXIST:VMS:FUNCTION:
|
||||
NAME_CONSTRAINTS_free 3292 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_set_number 3293 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_set0_param 3294 EXIST::FUNCTION:
|
||||
POLICY_MAPPING_it 3295 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
POLICY_MAPPING_it 3295 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
STORE_parse_attrs_start 3296 EXIST::FUNCTION:
|
||||
POLICY_CONSTRAINTS_free 3297 EXIST::FUNCTION:
|
||||
BN_nist_mod_192 3298 EXIST::FUNCTION:
|
||||
EC_GROUP_get_trinomial_basis 3299 EXIST::FUNCTION:EC
|
||||
STORE_set_method 3300 EXIST::FUNCTION:
|
||||
EVP_aes_256_cfb128 3301 EXIST::FUNCTION:AES
|
||||
GENERAL_SUBTREE_free 3302 EXIST::FUNCTION:
|
||||
NAME_CONSTRAINTS_it 3303 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
NAME_CONSTRAINTS_it 3303 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
ECDH_get_default_method 3304 EXIST::FUNCTION:ECDH
|
||||
PKCS12_add_safe 3305 EXIST::FUNCTION:
|
||||
STORE_method_get_update_store_function 3306 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_update_store_fn 3306 EXIST:VMS:FUNCTION:
|
||||
ENGINE_register_ECDH 3307 EXIST::FUNCTION:ENGINE
|
||||
EVP_sha384 3308 EXIST::FUNCTION:SHA,SHA512
|
||||
SHA512_Update 3309 EXIST::FUNCTION:SHA,SHA512
|
||||
i2d_ECPrivateKey 3310 EXIST::FUNCTION:EC
|
||||
BN_get0_nist_prime_192 3311 EXIST::FUNCTION:
|
||||
STORE_modify_certificate 3312 EXIST::FUNCTION:
|
||||
EC_POINT_set_affine_coordinates_GF2m 3313 EXIST:!VMS:FUNCTION:EC
|
||||
EC_POINT_set_affine_coords_GF2m 3313 EXIST:VMS:FUNCTION:EC
|
||||
BN_GF2m_mod_exp_arr 3314 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_modify_number 3315 EXIST::FUNCTION:
|
||||
X509_keyid_get0 3316 EXIST::FUNCTION:
|
||||
EC_GROUP_new_by_nid 3317 EXIST::FUNCTION:EC
|
||||
ENGINE_load_gmp 3318 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
|
||||
BN_GF2m_mod_mul_arr 3319 EXIST::FUNCTION:
|
||||
STORE_list_public_key_endp 3320 EXIST::FUNCTION:
|
||||
o2i_ECPublicKey 3321 EXIST::FUNCTION:EC
|
||||
EC_KEY_copy 3322 EXIST::FUNCTION:EC
|
||||
BIO_dump_fp 3323 EXIST::FUNCTION:FP_API
|
||||
X509_policy_node_get0_parent 3324 EXIST::FUNCTION:
|
||||
EC_GROUP_check_discriminant 3325 EXIST::FUNCTION:EC
|
||||
i2o_ECPublicKey 3326 EXIST::FUNCTION:EC
|
||||
a2i_IPADDRESS 3327 EXIST::FUNCTION:
|
||||
STORE_method_set_initialise_function 3328 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_initialise_fn 3328 EXIST:VMS:FUNCTION:
|
||||
X509_STORE_CTX_set_depth 3329 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_inherit 3330 EXIST::FUNCTION:
|
||||
EC_POINT_point2bn 3331 EXIST::FUNCTION:EC
|
||||
STORE_ATTR_INFO_set_dn 3332 EXIST::FUNCTION:
|
||||
X509_policy_tree_get0_policies 3333 EXIST::FUNCTION:
|
||||
EC_GROUP_new_curve_GF2m 3334 EXIST::FUNCTION:EC
|
||||
STORE_destroy_method 3335 EXIST::FUNCTION:
|
||||
ENGINE_unregister_STORE 3336 EXIST::FUNCTION:ENGINE
|
||||
EVP_PKEY_get1_EC_KEY 3337 EXIST::FUNCTION:EC
|
||||
STORE_ATTR_INFO_get0_number 3338 EXIST::FUNCTION:
|
||||
ENGINE_get_default_ECDH 3339 EXIST::FUNCTION:ENGINE
|
||||
ASN1_OCTET_STRING_NDEF_it 3340 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
ASN1_OCTET_STRING_NDEF_it 3340 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
STORE_delete_public_key 3341 EXIST::FUNCTION:
|
||||
STORE_get_public_key 3342 EXIST::FUNCTION:
|
||||
STORE_modify_arbitrary 3343 EXIST::FUNCTION:
|
||||
ENGINE_get_static_state 3344 EXIST::FUNCTION:ENGINE
|
||||
ECDSA_SIG_new 3345 EXIST::FUNCTION:ECDSA
|
||||
OPENSSL_DIR_end 3346 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_sqr 3347 EXIST::FUNCTION:
|
||||
EC_POINT_bn2point 3348 EXIST::FUNCTION:EC
|
||||
X509_VERIFY_PARAM_set_depth 3349 EXIST::FUNCTION:
|
||||
STORE_get_method 3350 EXIST::FUNCTION:
|
||||
STORE_parse_attrs_end 3351 EXIST::FUNCTION:
|
||||
EC_GROUP_get_point_conversion_form 3352 EXIST:!VMS:FUNCTION:EC
|
||||
EC_GROUP_get_point_conv_form 3352 EXIST:VMS:FUNCTION:EC
|
||||
STORE_method_set_store_function 3353 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_in 3354 EXIST::FUNCTION:
|
||||
PEM_read_bio_ECPKParameters 3355 EXIST::FUNCTION:EC
|
||||
EC_GROUP_get_pentanomial_basis 3356 EXIST::FUNCTION:EC
|
||||
X509_VERIFY_PARAM_set1_policies 3357 EXIST::FUNCTION:
|
||||
EVP_sha512 3358 EXIST::FUNCTION:SHA,SHA512
|
||||
X509_VERIFY_PARAM_set1_name 3359 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_set_purpose 3360 EXIST::FUNCTION:
|
||||
EC_GROUP_get_nid 3361 EXIST::FUNCTION:EC
|
||||
STORE_get_number 3362 EXIST::FUNCTION:
|
||||
ECDSA_sign_setup 3363 EXIST::FUNCTION:ECDSA
|
||||
BN_GF2m_mod_solve_quad_arr 3364 EXIST::FUNCTION:
|
||||
EC_KEY_up_ref 3365 EXIST::FUNCTION:EC
|
||||
POLICY_MAPPING_free 3366 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_div 3367 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_set_flags 3368 EXIST::FUNCTION:
|
||||
EC_KEY_free 3369 EXIST::FUNCTION:EC
|
||||
STORE_method_set_list_next_function 3370 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_list_next_fn 3370 EXIST:VMS:FUNCTION:
|
||||
PEM_write_bio_ECPrivateKey 3371 EXIST::FUNCTION:EC
|
||||
d2i_EC_PUBKEY 3372 EXIST::FUNCTION:EC
|
||||
STORE_method_get_generate_function 3373 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_generate_fn 3373 EXIST:VMS:FUNCTION:
|
||||
STORE_method_set_list_end_function 3374 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_list_end_fn 3374 EXIST:VMS:FUNCTION:
|
||||
EC_GROUP_have_precompute_mult 3375 EXIST::FUNCTION:EC
|
||||
EC_KEY_print_fp 3376 EXIST::FUNCTION:EC,FP_API
|
||||
BN_GF2m_mod_arr 3377 EXIST::FUNCTION:
|
||||
PEM_write_bio_X509_CERT_PAIR 3378 EXIST::FUNCTION:
|
||||
EVP_PKEY_cmp 3379 EXIST::FUNCTION:
|
||||
X509_policy_level_node_count 3380 EXIST::FUNCTION:
|
||||
STORE_new_engine 3381 EXIST::FUNCTION:
|
||||
STORE_list_public_key_start 3382 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_new 3383 EXIST::FUNCTION:
|
||||
ECDH_get_ex_data 3384 EXIST::FUNCTION:ECDH
|
||||
ECDSA_do_sign 3385 EXIST::FUNCTION:ECDSA
|
||||
ENGINE_unregister_ECDH 3386 EXIST::FUNCTION:ENGINE
|
||||
ECDH_OpenSSL 3387 EXIST::FUNCTION:ECDH
|
||||
EC_POINT_dup 3388 EXIST::FUNCTION:EC
|
||||
GENERAL_SUBTREE_new 3389 EXIST::FUNCTION:
|
||||
STORE_list_crl_endp 3390 EXIST::FUNCTION:
|
||||
EC_get_builtin_curves 3391 EXIST::FUNCTION:EC
|
||||
EVP_aes_128_cfb128 3392 EXIST::FUNCTION:AES
|
||||
X509_policy_node_get0_qualifiers 3393 EXIST:!VMS:FUNCTION:
|
||||
X509_pcy_node_get0_qualifiers 3393 EXIST:VMS:FUNCTION:
|
||||
STORE_list_crl_end 3394 EXIST::FUNCTION:
|
||||
EVP_PKEY_set1_EC_KEY 3395 EXIST::FUNCTION:EC
|
||||
BN_GF2m_mod_sqrt_arr 3396 EXIST::FUNCTION:
|
||||
i2d_ECPrivateKey_bio 3397 EXIST::FUNCTION:BIO,EC
|
||||
ECPKParameters_print_fp 3398 EXIST::FUNCTION:EC,FP_API
|
||||
ECDSA_SIG_free 3399 EXIST::FUNCTION:ECDSA
|
||||
PEM_write_bio_ECPKParameters 3400 EXIST::FUNCTION:EC
|
||||
STORE_method_set_ctrl_function 3401 EXIST::FUNCTION:
|
||||
STORE_list_public_key_end 3402 EXIST::FUNCTION:
|
||||
EC_GROUP_set_nid 3403 EXIST::FUNCTION:EC
|
||||
STORE_get_arbitrary 3404 EXIST::FUNCTION:
|
||||
STORE_store_crl 3405 EXIST::FUNCTION:
|
||||
X509_policy_node_get0_policy 3406 EXIST::FUNCTION:
|
||||
PKCS12_add_safes 3407 EXIST::FUNCTION:
|
||||
X509_policy_tree_free 3408 EXIST::FUNCTION:
|
||||
BN_GF2m_poly2arr 3409 EXIST::FUNCTION:
|
||||
STORE_ctrl 3410 EXIST::FUNCTION:
|
||||
EVP_sha224 3411 EXIST::FUNCTION:SHA,SHA256
|
||||
STORE_ATTR_INFO_compare 3412 EXIST::FUNCTION:
|
||||
BN_get0_nist_prime_224 3413 EXIST::FUNCTION:
|
||||
i2d_ECParameters 3414 EXIST::FUNCTION:EC
|
||||
i2d_ECPKParameters 3415 EXIST::FUNCTION:EC
|
||||
BN_GENCB_call 3416 EXIST::FUNCTION:
|
||||
BN_ncopy 3417 EXIST::FUNCTION:
|
||||
d2i_ECPKParameters 3418 EXIST::FUNCTION:EC
|
||||
STORE_method_set_generate_function 3419 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_generate_fn 3419 EXIST:VMS:FUNCTION:
|
||||
ENGINE_set_ECDH 3420 EXIST::FUNCTION:ENGINE
|
||||
NAME_CONSTRAINTS_new 3421 EXIST::FUNCTION:
|
||||
SHA256_Init 3422 EXIST::FUNCTION:SHA,SHA256
|
||||
PEM_write_bio_EC_PUBKEY 3423 EXIST::FUNCTION:EC
|
||||
STORE_ATTR_INFO_set_cstr 3424 EXIST::FUNCTION:
|
||||
STORE_list_crl_next 3425 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_in_range 3426 EXIST::FUNCTION:
|
||||
ECParameters_print 3427 EXIST::FUNCTION:BIO,EC
|
||||
STORE_method_set_delete_function 3428 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_delete_fn 3428 EXIST:VMS:FUNCTION:
|
||||
STORE_list_certificate_next 3429 EXIST::FUNCTION:
|
||||
ASN1_generate_nconf 3430 EXIST::FUNCTION:
|
||||
BUF_memdup 3431 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_mul 3432 EXIST::FUNCTION:
|
||||
STORE_method_get_list_next_function 3433 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_list_next_fn 3433 EXIST:VMS:FUNCTION:
|
||||
STORE_ATTR_INFO_get0_dn 3434 EXIST::FUNCTION:
|
||||
STORE_list_private_key_next 3435 EXIST::FUNCTION:
|
||||
EC_GROUP_set_seed 3436 EXIST::FUNCTION:EC
|
||||
X509_VERIFY_PARAM_set_trust 3437 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_free 3438 EXIST::FUNCTION:
|
||||
STORE_get_private_key 3439 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_new 3440 EXIST::FUNCTION:
|
||||
EC_GROUP_get_curve_GF2m 3441 EXIST::FUNCTION:EC
|
||||
STORE_method_set_revoke_function 3442 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_revoke_fn 3442 EXIST:VMS:FUNCTION:
|
||||
STORE_store_number 3443 EXIST::FUNCTION:
|
||||
BN_is_prime_ex 3444 EXIST::FUNCTION:
|
||||
STORE_revoke_public_key 3445 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_get0_param 3446 EXIST::FUNCTION:
|
||||
STORE_delete_arbitrary 3447 EXIST::FUNCTION:
|
||||
PEM_read_X509_CERT_PAIR 3448 EXIST:!WIN16:FUNCTION:
|
||||
X509_STORE_set_depth 3449 EXIST::FUNCTION:
|
||||
ECDSA_get_ex_data 3450 EXIST::FUNCTION:ECDSA
|
||||
SHA224 3451 EXIST::FUNCTION:SHA,SHA256
|
||||
BIO_dump_indent_fp 3452 EXIST::FUNCTION:FP_API
|
||||
BUF_strndup 3453 EXIST::FUNCTION:
|
||||
STORE_list_certificate_start 3454 EXIST::FUNCTION:
|
||||
BN_GF2m_mod 3455 EXIST::FUNCTION:
|
||||
X509_REQ_check_private_key 3456 EXIST::FUNCTION:
|
||||
EC_GROUP_get_seed_len 3457 EXIST::FUNCTION:EC
|
||||
ERR_load_STORE_strings 3458 EXIST::FUNCTION:
|
||||
PEM_read_bio_EC_PUBKEY 3459 EXIST::FUNCTION:EC
|
||||
STORE_list_private_key_end 3460 EXIST::FUNCTION:
|
||||
i2d_EC_PUBKEY 3461 EXIST::FUNCTION:EC
|
||||
ECDSA_get_default_method 3462 EXIST::FUNCTION:ECDSA
|
||||
ASN1_put_eoc 3463 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_get_explicit_policy 3464 EXIST:!VMS:FUNCTION:
|
||||
X509_STORE_CTX_get_expl_policy 3464 EXIST:VMS:FUNCTION:
|
||||
ECDSA_DATA_free 3465 EXIST::FUNCTION:ECDSA
|
||||
X509_VERIFY_PARAM_table_cleanup 3466 EXIST::FUNCTION:
|
||||
STORE_modify_private_key 3467 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_free 3468 EXIST::FUNCTION:
|
||||
EC_METHOD_get_field_type 3469 EXIST::FUNCTION:EC
|
||||
EC_GFp_nist_method 3470 EXIST::FUNCTION:EC
|
||||
STORE_method_set_modify_function 3471 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_modify_fn 3471 EXIST:VMS:FUNCTION:
|
||||
STORE_parse_attrs_next 3472 EXIST::FUNCTION:
|
||||
ENGINE_load_padlock 3473 EXIST::FUNCTION:ENGINE
|
||||
X509_CERT_PAIR_it 3474 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
X509_CERT_PAIR_it 3474 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
STORE_method_get_revoke_function 3475 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_revoke_fn 3475 EXIST:VMS:FUNCTION:
|
||||
STORE_method_set_get_function 3476 EXIST::FUNCTION:
|
||||
STORE_modify_number 3477 EXIST::FUNCTION:
|
||||
STORE_method_get_store_function 3478 EXIST::FUNCTION:
|
||||
STORE_store_private_key 3479 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_sqr_arr 3480 EXIST::FUNCTION:
|
||||
STORE_Memory 3481 EXIST::FUNCTION:
|
||||
sk_find_ex 3482 EXIST::FUNCTION:
|
||||
EC_GROUP_set_curve_GF2m 3483 EXIST::FUNCTION:EC
|
||||
ENGINE_set_default_ECDSA 3484 EXIST::FUNCTION:ENGINE
|
||||
POLICY_CONSTRAINTS_new 3485 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_sqrt 3486 EXIST::FUNCTION:
|
||||
ECDH_set_default_method 3487 EXIST::FUNCTION:ECDH
|
||||
EC_KEY_generate_key 3488 EXIST::FUNCTION:EC
|
||||
SHA384_Update 3489 EXIST::FUNCTION:SHA,SHA512
|
||||
BN_GF2m_arr2poly 3490 EXIST::FUNCTION:
|
||||
STORE_method_get_get_function 3491 EXIST::FUNCTION:
|
||||
STORE_method_set_cleanup_function 3492 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_cleanup_fn 3492 EXIST:VMS:FUNCTION:
|
||||
EC_GROUP_check 3493 EXIST::FUNCTION:EC
|
||||
d2i_ECPrivateKey_bio 3494 EXIST::FUNCTION:BIO,EC
|
||||
STORE_method_get_lock_store_function 3495 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_lock_store_fn 3495 EXIST:VMS:FUNCTION:
|
||||
X509_VERIFY_PARAM_get_depth 3496 EXIST::FUNCTION:
|
||||
EVP_aes_192_cfb128 3497 EXIST::FUNCTION:AES
|
||||
SHA224_Final 3498 EXIST::FUNCTION:SHA,SHA256
|
||||
STORE_method_set_update_store_function 3499 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_update_store_fn 3499 EXIST:VMS:FUNCTION:
|
||||
SHA224_Update 3500 EXIST::FUNCTION:SHA,SHA256
|
||||
d2i_ECPrivateKey 3501 EXIST::FUNCTION:EC
|
||||
ASN1_item_ndef_i2d 3502 EXIST::FUNCTION:
|
||||
STORE_delete_private_key 3503 EXIST::FUNCTION:
|
||||
ERR_pop_to_mark 3504 EXIST::FUNCTION:
|
||||
ENGINE_register_all_STORE 3505 EXIST::FUNCTION:ENGINE
|
||||
X509_policy_level_get0_node 3506 EXIST::FUNCTION:
|
||||
i2d_PKCS7_NDEF 3507 EXIST::FUNCTION:
|
||||
EC_GROUP_get_degree 3508 EXIST::FUNCTION:EC
|
||||
ASN1_generate_v3 3509 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_modify_cstr 3510 EXIST::FUNCTION:
|
||||
X509_policy_tree_level_count 3511 EXIST::FUNCTION:
|
||||
BN_GF2m_add 3512 EXIST::FUNCTION:
|
||||
STORE_generate_crl 3513 EXIST::FUNCTION:
|
||||
STORE_store_public_key 3514 EXIST::FUNCTION:
|
||||
X509_CERT_PAIR_free 3515 EXIST::FUNCTION:
|
||||
STORE_revoke_private_key 3516 EXIST::FUNCTION:
|
||||
BN_nist_mod_224 3517 EXIST::FUNCTION:
|
||||
SHA512_Final 3518 EXIST::FUNCTION:SHA,SHA512
|
||||
STORE_ATTR_INFO_modify_dn 3519 EXIST::FUNCTION:
|
||||
STORE_method_get_initialise_function 3520 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_initialise_fn 3520 EXIST:VMS:FUNCTION:
|
||||
STORE_delete_number 3521 EXIST::FUNCTION:
|
||||
i2d_EC_PUBKEY_bio 3522 EXIST::FUNCTION:BIO,EC
|
||||
EC_GROUP_get_asn1_flag 3523 EXIST::FUNCTION:EC
|
||||
STORE_ATTR_INFO_in_ex 3524 EXIST::FUNCTION:
|
||||
STORE_list_crl_start 3525 EXIST::FUNCTION:
|
||||
ECDH_get_ex_new_index 3526 EXIST::FUNCTION:ECDH
|
||||
STORE_method_get_modify_function 3527 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_modify_fn 3527 EXIST:VMS:FUNCTION:
|
||||
v2i_ASN1_BIT_STRING 3528 EXIST::FUNCTION:
|
||||
STORE_store_certificate 3529 EXIST::FUNCTION:
|
||||
OBJ_bsearch_ex 3530 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_set_default 3531 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_set_sha1str 3532 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_inv 3533 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_exp 3534 EXIST::FUNCTION:
|
||||
STORE_modify_public_key 3535 EXIST::FUNCTION:
|
||||
STORE_method_get_list_start_function 3536 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_list_start_fn 3536 EXIST:VMS:FUNCTION:
|
||||
EC_GROUP_get0_seed 3537 EXIST::FUNCTION:EC
|
||||
ecdsa_check 3538 EXIST::FUNCTION:ECDSA
|
||||
STORE_store_arbitrary 3539 EXIST::FUNCTION:
|
||||
STORE_method_set_unlock_store_function 3540 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_unlock_store_fn 3540 EXIST:VMS:FUNCTION:
|
||||
BN_GF2m_mod_div_arr 3541 EXIST::FUNCTION:
|
||||
ENGINE_set_ECDSA 3542 EXIST::FUNCTION:ENGINE
|
||||
STORE_create_method 3543 EXIST::FUNCTION:
|
||||
ECPKParameters_print 3544 EXIST::FUNCTION:BIO,EC
|
||||
PEM_write_EC_PUBKEY 3545 EXIST:!WIN16:FUNCTION:EC
|
||||
X509_VERIFY_PARAM_set1 3546 EXIST::FUNCTION:
|
||||
ECDH_set_method 3547 EXIST::FUNCTION:ECDH
|
||||
v2i_GENERAL_NAME_ex 3548 EXIST::FUNCTION:
|
||||
ECDH_set_ex_data 3549 EXIST::FUNCTION:ECDH
|
||||
STORE_generate_key 3550 EXIST::FUNCTION:
|
||||
BN_nist_mod_521 3551 EXIST::FUNCTION:
|
||||
X509_policy_tree_get0_level 3552 EXIST::FUNCTION:
|
||||
EC_GROUP_set_point_conversion_form 3553 EXIST:!VMS:FUNCTION:EC
|
||||
EC_GROUP_set_point_conv_form 3553 EXIST:VMS:FUNCTION:EC
|
||||
PEM_read_EC_PUBKEY 3554 EXIST:!WIN16:FUNCTION:EC
|
||||
i2d_ECDSA_SIG 3555 EXIST::FUNCTION:ECDSA
|
||||
ECDSA_OpenSSL 3556 EXIST::FUNCTION:ECDSA
|
||||
STORE_delete_crl 3557 EXIST::FUNCTION:
|
||||
ASN1_const_check_infinite_end 3558 EXIST::FUNCTION:
|
||||
ECDSA_set_default_method 3559 EXIST::FUNCTION:ECDSA
|
||||
EC_POINT_set_compressed_coordinates_GF2m 3560 EXIST:!VMS:FUNCTION:EC
|
||||
EC_POINT_set_compr_coords_GF2m 3560 EXIST:VMS:FUNCTION:EC
|
||||
EC_GROUP_cmp 3561 EXIST::FUNCTION:EC
|
||||
STORE_revoke_certificate 3562 EXIST::FUNCTION:
|
||||
ECDH_DATA_new_method 3563 EXIST::FUNCTION:ECDH
|
||||
BN_get0_nist_prime_256 3564 EXIST::FUNCTION:
|
||||
STORE_method_get_delete_function 3565 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_delete_fn 3565 EXIST:VMS:FUNCTION:
|
||||
SHA224_Init 3566 EXIST::FUNCTION:SHA,SHA256
|
||||
PEM_read_ECPrivateKey 3567 EXIST:!WIN16:FUNCTION:EC
|
||||
SHA512_Init 3568 EXIST::FUNCTION:SHA,SHA512
|
||||
STORE_parse_attrs_endp 3569 EXIST::FUNCTION:
|
||||
ERR_load_ECDSA_strings 3570 EXIST::FUNCTION:ECDSA
|
||||
EC_GROUP_get_basis_type 3571 EXIST::FUNCTION:EC
|
||||
ECDH_DATA_new 3572 EXIST::FUNCTION:ECDH
|
||||
STORE_list_public_key_next 3573 EXIST::FUNCTION:
|
||||
i2v_ASN1_BIT_STRING 3574 EXIST::FUNCTION:
|
||||
STORE_OBJECT_free 3575 EXIST::FUNCTION:
|
||||
BN_nist_mod_384 3576 EXIST::FUNCTION:
|
||||
i2d_X509_CERT_PAIR 3577 EXIST::FUNCTION:
|
||||
PEM_write_ECPKParameters 3578 EXIST:!WIN16:FUNCTION:EC
|
||||
ECDH_compute_key 3579 EXIST::FUNCTION:ECDH
|
||||
STORE_ATTR_INFO_get0_sha1str 3580 EXIST::FUNCTION:
|
||||
ENGINE_register_all_ECDH 3581 EXIST::FUNCTION:ENGINE
|
||||
STORE_ATTR_INFO_get0_cstr 3582 EXIST::FUNCTION:
|
||||
POLICY_CONSTRAINTS_it 3583 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
POLICY_CONSTRAINTS_it 3583 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
STORE_get_ex_new_index 3584 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_add0_policy 3585 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_solve_quad 3586 EXIST::FUNCTION:
|
||||
SHA256 3587 EXIST::FUNCTION:SHA,SHA256
|
||||
i2d_ECPrivateKey_fp 3588 EXIST::FUNCTION:EC,FP_API
|
||||
X509_policy_tree_get0_user_policies 3589 EXIST:!VMS:FUNCTION:
|
||||
X509_pcy_tree_get0_usr_policies 3589 EXIST:VMS:FUNCTION:
|
||||
OPENSSL_DIR_read 3590 EXIST::FUNCTION:
|
||||
ENGINE_register_all_ECDSA 3591 EXIST::FUNCTION:ENGINE
|
||||
X509_VERIFY_PARAM_lookup 3592 EXIST::FUNCTION:
|
||||
EC_POINT_get_affine_coordinates_GF2m 3593 EXIST:!VMS:FUNCTION:EC
|
||||
EC_POINT_get_affine_coords_GF2m 3593 EXIST:VMS:FUNCTION:EC
|
||||
EC_GROUP_dup 3594 EXIST::FUNCTION:EC
|
||||
ENGINE_get_default_ECDSA 3595 EXIST::FUNCTION:ENGINE
|
||||
EC_KEY_new 3596 EXIST::FUNCTION:EC
|
||||
SHA256_Transform 3597 EXIST::FUNCTION:SHA,SHA256
|
||||
ECDSA_verify 3598 EXIST::FUNCTION:ECDSA
|
||||
EC_POINT_point2hex 3599 EXIST::FUNCTION:EC
|
||||
ENGINE_get_STORE 3600 EXIST::FUNCTION:ENGINE
|
||||
SHA512 3601 EXIST::FUNCTION:SHA,SHA512
|
||||
STORE_get_certificate 3602 EXIST::FUNCTION:
|
||||
ECDSA_do_verify 3603 EXIST::FUNCTION:ECDSA
|
||||
d2i_ECPrivateKey_fp 3604 EXIST::FUNCTION:EC,FP_API
|
||||
STORE_delete_certificate 3605 EXIST::FUNCTION:
|
||||
SHA512_Transform 3606 EXIST::FUNCTION:SHA,SHA512
|
||||
X509_STORE_set1_param 3607 EXIST::FUNCTION:
|
||||
STORE_method_get_ctrl_function 3608 EXIST::FUNCTION:
|
||||
STORE_free 3609 EXIST::FUNCTION:
|
||||
PEM_write_ECPrivateKey 3610 EXIST:!WIN16:FUNCTION:EC
|
||||
STORE_method_get_unlock_store_function 3611 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_unlock_store_fn 3611 EXIST:VMS:FUNCTION:
|
||||
STORE_get_ex_data 3612 EXIST::FUNCTION:
|
||||
PEM_read_ECPKParameters 3613 EXIST:!WIN16:FUNCTION:EC
|
||||
X509_CERT_PAIR_new 3614 EXIST::FUNCTION:
|
||||
ENGINE_register_STORE 3615 EXIST::FUNCTION:ENGINE
|
||||
RSA_generate_key_ex 3616 EXIST::FUNCTION:RSA
|
||||
DSA_generate_parameters_ex 3617 EXIST::FUNCTION:DSA
|
||||
ECParameters_print_fp 3618 EXIST::FUNCTION:EC,FP_API
|
||||
X509V3_NAME_from_section 3619 EXIST::FUNCTION:
|
||||
STORE_modify_crl 3620 EXIST::FUNCTION:
|
||||
STORE_list_private_key_start 3621 EXIST::FUNCTION:
|
||||
POLICY_MAPPINGS_it 3622 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
POLICY_MAPPINGS_it 3622 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
GENERAL_SUBTREE_it 3623 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
GENERAL_SUBTREE_it 3623 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
ECDH_DATA_free 3624 EXIST::FUNCTION:ECDH
|
||||
PEM_write_X509_CERT_PAIR 3625 EXIST:!WIN16:FUNCTION:
|
||||
BIO_dump_indent_cb 3626 EXIST::FUNCTION:
|
||||
d2i_X509_CERT_PAIR 3627 EXIST::FUNCTION:
|
||||
STORE_list_private_key_endp 3628 EXIST::FUNCTION:
|
||||
asn1_const_Finish 3629 EXIST::FUNCTION:
|
||||
i2d_EC_PUBKEY_fp 3630 EXIST::FUNCTION:EC,FP_API
|
||||
BN_nist_mod_256 3631 EXIST::FUNCTION:
|
||||
ECDSA_DATA_new 3632 EXIST::FUNCTION:ECDSA
|
||||
X509_VERIFY_PARAM_add0_table 3633 EXIST::FUNCTION:
|
||||
EVP_sha256 3634 EXIST::FUNCTION:SHA,SHA256
|
||||
ECDSA_size 3635 EXIST::FUNCTION:ECDSA
|
||||
d2i_EC_PUBKEY_bio 3636 EXIST::FUNCTION:BIO,EC
|
||||
BN_get0_nist_prime_521 3637 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_modify_sha1str 3638 EXIST::FUNCTION:
|
||||
BN_generate_prime_ex 3639 EXIST::FUNCTION:
|
||||
SHA256_Final 3640 EXIST::FUNCTION:SHA,SHA256
|
||||
DH_generate_parameters_ex 3641 EXIST::FUNCTION:DH
|
||||
PEM_read_bio_ECPrivateKey 3642 EXIST::FUNCTION:EC
|
||||
STORE_method_get_cleanup_function 3643 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_cleanup_fn 3643 EXIST:VMS:FUNCTION:
|
||||
ENGINE_get_ECDH 3644 EXIST::FUNCTION:ENGINE
|
||||
d2i_ECDSA_SIG 3645 EXIST::FUNCTION:ECDSA
|
||||
BN_is_prime_fasttest_ex 3646 EXIST::FUNCTION:
|
||||
ECDSA_sign 3647 EXIST::FUNCTION:ECDSA
|
||||
X509_policy_check 3648 EXIST::FUNCTION:
|
||||
STORE_set_ex_data 3649 EXIST::FUNCTION:
|
||||
ENGINE_get_ECDSA 3650 EXIST::FUNCTION:ENGINE
|
||||
EVP_ecdsa 3651 EXIST::FUNCTION:SHA
|
||||
PKCS12_add_cert 3652 EXIST::FUNCTION:
|
||||
STORE_OBJECT_new 3653 EXIST::FUNCTION:
|
||||
ERR_load_ECDH_strings 3654 EXIST::FUNCTION:ECDH
|
||||
EC_KEY_dup 3655 EXIST::FUNCTION:EC
|
||||
EVP_CIPHER_CTX_rand_key 3656 EXIST::FUNCTION:
|
||||
ECDSA_set_method 3657 EXIST::FUNCTION:ECDSA
|
||||
a2i_IPADDRESS_NC 3658 EXIST::FUNCTION:
|
||||
d2i_ECParameters 3659 EXIST::FUNCTION:EC
|
||||
STORE_list_certificate_end 3660 EXIST::FUNCTION:
|
||||
STORE_get_crl 3661 EXIST::FUNCTION:
|
||||
X509_POLICY_NODE_print 3662 EXIST::FUNCTION:
|
||||
SHA384_Init 3663 EXIST::FUNCTION:SHA,SHA512
|
||||
EC_GF2m_simple_method 3664 EXIST::FUNCTION:EC
|
||||
ECDSA_set_ex_data 3665 EXIST::FUNCTION:ECDSA
|
||||
SHA384_Final 3666 EXIST::FUNCTION:SHA,SHA512
|
||||
PKCS7_set_digest 3667 EXIST::FUNCTION:
|
||||
EC_KEY_print 3668 EXIST::FUNCTION:BIO,EC
|
||||
STORE_method_set_lock_store_function 3669 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_lock_store_fn 3669 EXIST:VMS:FUNCTION:
|
||||
ECDSA_get_ex_new_index 3670 EXIST::FUNCTION:ECDSA
|
||||
SHA384 3671 EXIST::FUNCTION:SHA,SHA512
|
||||
POLICY_MAPPING_new 3672 EXIST::FUNCTION:
|
||||
STORE_list_certificate_endp 3673 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_get0_policy_tree 3674 EXIST::FUNCTION:
|
||||
EC_GROUP_set_asn1_flag 3675 EXIST::FUNCTION:EC
|
||||
EC_KEY_check_key 3676 EXIST::FUNCTION:EC
|
||||
d2i_EC_PUBKEY_fp 3677 EXIST::FUNCTION:EC,FP_API
|
||||
PKCS7_set0_type_other 3678 EXIST::FUNCTION:
|
||||
ecdh_check 3679 EXIST::FUNCTION:ECDH
|
||||
ECDSA_DATA_new_method 3680 EXIST::FUNCTION:ECDSA
|
||||
PEM_read_bio_X509_CERT_PAIR 3681 EXIST::FUNCTION:
|
||||
STORE_method_get_list_end_function 3682 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_list_end_fn 3682 EXIST:VMS:FUNCTION:
|
||||
X509_VERIFY_PARAM_set_time 3683 EXIST::FUNCTION:
|
||||
ENGINE_set_default_ECDH 3684 EXIST::FUNCTION:ENGINE
|
||||
STORE_new_method 3685 EXIST::FUNCTION:
|
||||
PKCS12_add_key 3686 EXIST::FUNCTION:
|
||||
DSO_merge 3687 EXIST::FUNCTION:
|
||||
EC_POINT_hex2point 3688 EXIST::FUNCTION:EC
|
||||
BIO_dump_cb 3689 EXIST::FUNCTION:
|
||||
SHA256_Update 3690 EXIST::FUNCTION:SHA,SHA256
|
||||
BN_GF2m_mod_inv_arr 3691 EXIST::FUNCTION:
|
||||
ENGINE_unregister_ECDSA 3692 EXIST::FUNCTION:ENGINE
|
||||
d2i_PROXY_CERT_INFO_EXTENSION 3287 EXIST::FUNCTION:
|
||||
PROXY_POLICY_it 3288 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
PROXY_POLICY_it 3288 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
i2d_PROXY_POLICY 3289 EXIST::FUNCTION:
|
||||
i2d_PROXY_CERT_INFO_EXTENSION 3290 EXIST::FUNCTION:
|
||||
d2i_PROXY_POLICY 3291 EXIST::FUNCTION:
|
||||
PROXY_CERT_INFO_EXTENSION_new 3292 EXIST::FUNCTION:
|
||||
PROXY_CERT_INFO_EXTENSION_free 3293 EXIST::FUNCTION:
|
||||
PROXY_CERT_INFO_EXTENSION_it 3294 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
PROXY_CERT_INFO_EXTENSION_it 3294 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
PROXY_POLICY_free 3295 EXIST::FUNCTION:
|
||||
PROXY_POLICY_new 3296 EXIST::FUNCTION:
|
||||
ERR_set_mark 3297 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_set0_crls 3298 EXIST::FUNCTION:
|
||||
ENGINE_set_STORE 3299 EXIST::FUNCTION:ENGINE
|
||||
ENGINE_register_ECDSA 3300 EXIST::FUNCTION:ENGINE
|
||||
STORE_method_set_list_start_function 3301 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_list_start_fn 3301 EXIST:VMS:FUNCTION:
|
||||
NAME_CONSTRAINTS_free 3302 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_set_number 3303 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_set0_param 3304 EXIST::FUNCTION:
|
||||
POLICY_MAPPING_it 3305 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
POLICY_MAPPING_it 3305 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
STORE_parse_attrs_start 3306 EXIST::FUNCTION:
|
||||
POLICY_CONSTRAINTS_free 3307 EXIST::FUNCTION:
|
||||
BN_nist_mod_192 3308 EXIST::FUNCTION:
|
||||
EC_GROUP_get_trinomial_basis 3309 EXIST::FUNCTION:EC
|
||||
STORE_set_method 3310 EXIST::FUNCTION:
|
||||
EVP_aes_256_cfb128 3311 EXIST::FUNCTION:AES
|
||||
GENERAL_SUBTREE_free 3312 EXIST::FUNCTION:
|
||||
NAME_CONSTRAINTS_it 3313 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
NAME_CONSTRAINTS_it 3313 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
ECDH_get_default_method 3314 EXIST::FUNCTION:ECDH
|
||||
PKCS12_add_safe 3315 EXIST::FUNCTION:
|
||||
STORE_method_get_update_store_function 3316 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_update_store_fn 3316 EXIST:VMS:FUNCTION:
|
||||
ENGINE_register_ECDH 3317 EXIST::FUNCTION:ENGINE
|
||||
EVP_sha384 3318 EXIST::FUNCTION:SHA,SHA512
|
||||
SHA512_Update 3319 EXIST::FUNCTION:SHA,SHA512
|
||||
i2d_ECPrivateKey 3320 EXIST::FUNCTION:EC
|
||||
BN_get0_nist_prime_192 3321 EXIST::FUNCTION:
|
||||
STORE_modify_certificate 3322 EXIST::FUNCTION:
|
||||
EC_POINT_set_affine_coordinates_GF2m 3323 EXIST:!VMS:FUNCTION:EC
|
||||
EC_POINT_set_affine_coords_GF2m 3323 EXIST:VMS:FUNCTION:EC
|
||||
BN_GF2m_mod_exp_arr 3324 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_modify_number 3325 EXIST::FUNCTION:
|
||||
X509_keyid_get0 3326 EXIST::FUNCTION:
|
||||
EC_GROUP_new_by_nid 3327 EXIST::FUNCTION:EC
|
||||
ENGINE_load_gmp 3328 EXIST::FUNCTION:ENGINE,STATIC_ENGINE
|
||||
BN_GF2m_mod_mul_arr 3329 EXIST::FUNCTION:
|
||||
STORE_list_public_key_endp 3330 EXIST::FUNCTION:
|
||||
o2i_ECPublicKey 3331 EXIST::FUNCTION:EC
|
||||
EC_KEY_copy 3332 EXIST::FUNCTION:EC
|
||||
BIO_dump_fp 3333 EXIST::FUNCTION:FP_API
|
||||
X509_policy_node_get0_parent 3334 EXIST::FUNCTION:
|
||||
EC_GROUP_check_discriminant 3335 EXIST::FUNCTION:EC
|
||||
i2o_ECPublicKey 3336 EXIST::FUNCTION:EC
|
||||
a2i_IPADDRESS 3337 EXIST::FUNCTION:
|
||||
STORE_method_set_initialise_function 3338 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_initialise_fn 3338 EXIST:VMS:FUNCTION:
|
||||
X509_STORE_CTX_set_depth 3339 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_inherit 3340 EXIST::FUNCTION:
|
||||
EC_POINT_point2bn 3341 EXIST::FUNCTION:EC
|
||||
STORE_ATTR_INFO_set_dn 3342 EXIST::FUNCTION:
|
||||
X509_policy_tree_get0_policies 3343 EXIST::FUNCTION:
|
||||
EC_GROUP_new_curve_GF2m 3344 EXIST::FUNCTION:EC
|
||||
STORE_destroy_method 3345 EXIST::FUNCTION:
|
||||
ENGINE_unregister_STORE 3346 EXIST::FUNCTION:ENGINE
|
||||
EVP_PKEY_get1_EC_KEY 3347 EXIST::FUNCTION:EC
|
||||
STORE_ATTR_INFO_get0_number 3348 EXIST::FUNCTION:
|
||||
ENGINE_get_default_ECDH 3349 EXIST::FUNCTION:ENGINE
|
||||
ASN1_OCTET_STRING_NDEF_it 3350 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
ASN1_OCTET_STRING_NDEF_it 3350 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
STORE_delete_public_key 3351 EXIST::FUNCTION:
|
||||
STORE_get_public_key 3352 EXIST::FUNCTION:
|
||||
STORE_modify_arbitrary 3353 EXIST::FUNCTION:
|
||||
ENGINE_get_static_state 3354 EXIST::FUNCTION:ENGINE
|
||||
ECDSA_SIG_new 3355 EXIST::FUNCTION:ECDSA
|
||||
OPENSSL_DIR_end 3356 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_sqr 3357 EXIST::FUNCTION:
|
||||
EC_POINT_bn2point 3358 EXIST::FUNCTION:EC
|
||||
X509_VERIFY_PARAM_set_depth 3359 EXIST::FUNCTION:
|
||||
STORE_get_method 3360 EXIST::FUNCTION:
|
||||
STORE_parse_attrs_end 3361 EXIST::FUNCTION:
|
||||
EC_GROUP_get_point_conversion_form 3362 EXIST:!VMS:FUNCTION:EC
|
||||
EC_GROUP_get_point_conv_form 3362 EXIST:VMS:FUNCTION:EC
|
||||
STORE_method_set_store_function 3363 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_in 3364 EXIST::FUNCTION:
|
||||
PEM_read_bio_ECPKParameters 3365 EXIST::FUNCTION:EC
|
||||
EC_GROUP_get_pentanomial_basis 3366 EXIST::FUNCTION:EC
|
||||
X509_VERIFY_PARAM_set1_policies 3367 EXIST::FUNCTION:
|
||||
EVP_sha512 3368 EXIST::FUNCTION:SHA,SHA512
|
||||
X509_VERIFY_PARAM_set1_name 3369 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_set_purpose 3370 EXIST::FUNCTION:
|
||||
EC_GROUP_get_nid 3371 EXIST::FUNCTION:EC
|
||||
STORE_get_number 3372 EXIST::FUNCTION:
|
||||
ECDSA_sign_setup 3373 EXIST::FUNCTION:ECDSA
|
||||
BN_GF2m_mod_solve_quad_arr 3374 EXIST::FUNCTION:
|
||||
EC_KEY_up_ref 3375 EXIST::FUNCTION:EC
|
||||
POLICY_MAPPING_free 3376 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_div 3377 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_set_flags 3378 EXIST::FUNCTION:
|
||||
EC_KEY_free 3379 EXIST::FUNCTION:EC
|
||||
STORE_method_set_list_next_function 3380 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_list_next_fn 3380 EXIST:VMS:FUNCTION:
|
||||
PEM_write_bio_ECPrivateKey 3381 EXIST::FUNCTION:EC
|
||||
d2i_EC_PUBKEY 3382 EXIST::FUNCTION:EC
|
||||
STORE_method_get_generate_function 3383 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_generate_fn 3383 EXIST:VMS:FUNCTION:
|
||||
STORE_method_set_list_end_function 3384 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_list_end_fn 3384 EXIST:VMS:FUNCTION:
|
||||
EC_GROUP_have_precompute_mult 3385 EXIST::FUNCTION:EC
|
||||
EC_KEY_print_fp 3386 EXIST::FUNCTION:EC,FP_API
|
||||
BN_GF2m_mod_arr 3387 EXIST::FUNCTION:
|
||||
PEM_write_bio_X509_CERT_PAIR 3388 EXIST::FUNCTION:
|
||||
EVP_PKEY_cmp 3389 EXIST::FUNCTION:
|
||||
X509_policy_level_node_count 3390 EXIST::FUNCTION:
|
||||
STORE_new_engine 3391 EXIST::FUNCTION:
|
||||
STORE_list_public_key_start 3392 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_new 3393 EXIST::FUNCTION:
|
||||
ECDH_get_ex_data 3394 EXIST::FUNCTION:ECDH
|
||||
ECDSA_do_sign 3395 EXIST::FUNCTION:ECDSA
|
||||
ENGINE_unregister_ECDH 3396 EXIST::FUNCTION:ENGINE
|
||||
ECDH_OpenSSL 3397 EXIST::FUNCTION:ECDH
|
||||
EC_POINT_dup 3398 EXIST::FUNCTION:EC
|
||||
GENERAL_SUBTREE_new 3399 EXIST::FUNCTION:
|
||||
STORE_list_crl_endp 3400 EXIST::FUNCTION:
|
||||
EC_get_builtin_curves 3401 EXIST::FUNCTION:EC
|
||||
EVP_aes_128_cfb128 3402 EXIST::FUNCTION:AES
|
||||
X509_policy_node_get0_qualifiers 3403 EXIST:!VMS:FUNCTION:
|
||||
X509_pcy_node_get0_qualifiers 3403 EXIST:VMS:FUNCTION:
|
||||
STORE_list_crl_end 3404 EXIST::FUNCTION:
|
||||
EVP_PKEY_set1_EC_KEY 3405 EXIST::FUNCTION:EC
|
||||
BN_GF2m_mod_sqrt_arr 3406 EXIST::FUNCTION:
|
||||
i2d_ECPrivateKey_bio 3407 EXIST::FUNCTION:BIO,EC
|
||||
ECPKParameters_print_fp 3408 EXIST::FUNCTION:EC,FP_API
|
||||
ECDSA_SIG_free 3409 EXIST::FUNCTION:ECDSA
|
||||
PEM_write_bio_ECPKParameters 3410 EXIST::FUNCTION:EC
|
||||
STORE_method_set_ctrl_function 3411 EXIST::FUNCTION:
|
||||
STORE_list_public_key_end 3412 EXIST::FUNCTION:
|
||||
EC_GROUP_set_nid 3413 EXIST::FUNCTION:EC
|
||||
STORE_get_arbitrary 3414 EXIST::FUNCTION:
|
||||
STORE_store_crl 3415 EXIST::FUNCTION:
|
||||
X509_policy_node_get0_policy 3416 EXIST::FUNCTION:
|
||||
PKCS12_add_safes 3417 EXIST::FUNCTION:
|
||||
X509_policy_tree_free 3418 EXIST::FUNCTION:
|
||||
BN_GF2m_poly2arr 3419 EXIST::FUNCTION:
|
||||
STORE_ctrl 3420 EXIST::FUNCTION:
|
||||
EVP_sha224 3421 EXIST::FUNCTION:SHA,SHA256
|
||||
STORE_ATTR_INFO_compare 3422 EXIST::FUNCTION:
|
||||
BN_get0_nist_prime_224 3423 EXIST::FUNCTION:
|
||||
i2d_ECParameters 3424 EXIST::FUNCTION:EC
|
||||
i2d_ECPKParameters 3425 EXIST::FUNCTION:EC
|
||||
BN_GENCB_call 3426 EXIST::FUNCTION:
|
||||
BN_ncopy 3427 EXIST::FUNCTION:
|
||||
d2i_ECPKParameters 3428 EXIST::FUNCTION:EC
|
||||
STORE_method_set_generate_function 3429 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_generate_fn 3429 EXIST:VMS:FUNCTION:
|
||||
ENGINE_set_ECDH 3430 EXIST::FUNCTION:ENGINE
|
||||
NAME_CONSTRAINTS_new 3431 EXIST::FUNCTION:
|
||||
SHA256_Init 3432 EXIST::FUNCTION:SHA,SHA256
|
||||
PEM_write_bio_EC_PUBKEY 3433 EXIST::FUNCTION:EC
|
||||
STORE_ATTR_INFO_set_cstr 3434 EXIST::FUNCTION:
|
||||
STORE_list_crl_next 3435 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_in_range 3436 EXIST::FUNCTION:
|
||||
ECParameters_print 3437 EXIST::FUNCTION:BIO,EC
|
||||
STORE_method_set_delete_function 3438 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_delete_fn 3438 EXIST:VMS:FUNCTION:
|
||||
STORE_list_certificate_next 3439 EXIST::FUNCTION:
|
||||
ASN1_generate_nconf 3440 EXIST::FUNCTION:
|
||||
BUF_memdup 3441 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_mul 3442 EXIST::FUNCTION:
|
||||
STORE_method_get_list_next_function 3443 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_list_next_fn 3443 EXIST:VMS:FUNCTION:
|
||||
STORE_ATTR_INFO_get0_dn 3444 EXIST::FUNCTION:
|
||||
STORE_list_private_key_next 3445 EXIST::FUNCTION:
|
||||
EC_GROUP_set_seed 3446 EXIST::FUNCTION:EC
|
||||
X509_VERIFY_PARAM_set_trust 3447 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_free 3448 EXIST::FUNCTION:
|
||||
STORE_get_private_key 3449 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_new 3450 EXIST::FUNCTION:
|
||||
EC_GROUP_get_curve_GF2m 3451 EXIST::FUNCTION:EC
|
||||
STORE_method_set_revoke_function 3452 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_revoke_fn 3452 EXIST:VMS:FUNCTION:
|
||||
STORE_store_number 3453 EXIST::FUNCTION:
|
||||
BN_is_prime_ex 3454 EXIST::FUNCTION:
|
||||
STORE_revoke_public_key 3455 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_get0_param 3456 EXIST::FUNCTION:
|
||||
STORE_delete_arbitrary 3457 EXIST::FUNCTION:
|
||||
PEM_read_X509_CERT_PAIR 3458 EXIST:!WIN16:FUNCTION:
|
||||
X509_STORE_set_depth 3459 EXIST::FUNCTION:
|
||||
ECDSA_get_ex_data 3460 EXIST::FUNCTION:ECDSA
|
||||
SHA224 3461 EXIST::FUNCTION:SHA,SHA256
|
||||
BIO_dump_indent_fp 3462 EXIST::FUNCTION:FP_API
|
||||
BUF_strndup 3463 EXIST::FUNCTION:
|
||||
STORE_list_certificate_start 3464 EXIST::FUNCTION:
|
||||
BN_GF2m_mod 3465 EXIST::FUNCTION:
|
||||
X509_REQ_check_private_key 3466 EXIST::FUNCTION:
|
||||
EC_GROUP_get_seed_len 3467 EXIST::FUNCTION:EC
|
||||
ERR_load_STORE_strings 3468 EXIST::FUNCTION:
|
||||
PEM_read_bio_EC_PUBKEY 3469 EXIST::FUNCTION:EC
|
||||
STORE_list_private_key_end 3470 EXIST::FUNCTION:
|
||||
i2d_EC_PUBKEY 3471 EXIST::FUNCTION:EC
|
||||
ECDSA_get_default_method 3472 EXIST::FUNCTION:ECDSA
|
||||
ASN1_put_eoc 3473 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_get_explicit_policy 3474 EXIST:!VMS:FUNCTION:
|
||||
X509_STORE_CTX_get_expl_policy 3474 EXIST:VMS:FUNCTION:
|
||||
ECDSA_DATA_free 3475 EXIST::FUNCTION:ECDSA
|
||||
X509_VERIFY_PARAM_table_cleanup 3476 EXIST::FUNCTION:
|
||||
STORE_modify_private_key 3477 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_free 3478 EXIST::FUNCTION:
|
||||
EC_METHOD_get_field_type 3479 EXIST::FUNCTION:EC
|
||||
EC_GFp_nist_method 3480 EXIST::FUNCTION:EC
|
||||
STORE_method_set_modify_function 3481 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_modify_fn 3481 EXIST:VMS:FUNCTION:
|
||||
STORE_parse_attrs_next 3482 EXIST::FUNCTION:
|
||||
ENGINE_load_padlock 3483 EXIST::FUNCTION:ENGINE
|
||||
X509_CERT_PAIR_it 3484 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
X509_CERT_PAIR_it 3484 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
STORE_method_get_revoke_function 3485 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_revoke_fn 3485 EXIST:VMS:FUNCTION:
|
||||
STORE_method_set_get_function 3486 EXIST::FUNCTION:
|
||||
STORE_modify_number 3487 EXIST::FUNCTION:
|
||||
STORE_method_get_store_function 3488 EXIST::FUNCTION:
|
||||
STORE_store_private_key 3489 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_sqr_arr 3490 EXIST::FUNCTION:
|
||||
STORE_Memory 3491 EXIST::FUNCTION:
|
||||
sk_find_ex 3492 EXIST::FUNCTION:
|
||||
EC_GROUP_set_curve_GF2m 3493 EXIST::FUNCTION:EC
|
||||
ENGINE_set_default_ECDSA 3494 EXIST::FUNCTION:ENGINE
|
||||
POLICY_CONSTRAINTS_new 3495 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_sqrt 3496 EXIST::FUNCTION:
|
||||
ECDH_set_default_method 3497 EXIST::FUNCTION:ECDH
|
||||
EC_KEY_generate_key 3498 EXIST::FUNCTION:EC
|
||||
SHA384_Update 3499 EXIST::FUNCTION:SHA,SHA512
|
||||
BN_GF2m_arr2poly 3500 EXIST::FUNCTION:
|
||||
STORE_method_get_get_function 3501 EXIST::FUNCTION:
|
||||
STORE_method_set_cleanup_function 3502 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_cleanup_fn 3502 EXIST:VMS:FUNCTION:
|
||||
EC_GROUP_check 3503 EXIST::FUNCTION:EC
|
||||
d2i_ECPrivateKey_bio 3504 EXIST::FUNCTION:BIO,EC
|
||||
STORE_method_get_lock_store_function 3505 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_lock_store_fn 3505 EXIST:VMS:FUNCTION:
|
||||
X509_VERIFY_PARAM_get_depth 3506 EXIST::FUNCTION:
|
||||
EVP_aes_192_cfb128 3507 EXIST::FUNCTION:AES
|
||||
SHA224_Final 3508 EXIST::FUNCTION:SHA,SHA256
|
||||
STORE_method_set_update_store_function 3509 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_update_store_fn 3509 EXIST:VMS:FUNCTION:
|
||||
SHA224_Update 3510 EXIST::FUNCTION:SHA,SHA256
|
||||
d2i_ECPrivateKey 3511 EXIST::FUNCTION:EC
|
||||
ASN1_item_ndef_i2d 3512 EXIST::FUNCTION:
|
||||
STORE_delete_private_key 3513 EXIST::FUNCTION:
|
||||
ERR_pop_to_mark 3514 EXIST::FUNCTION:
|
||||
ENGINE_register_all_STORE 3515 EXIST::FUNCTION:ENGINE
|
||||
X509_policy_level_get0_node 3516 EXIST::FUNCTION:
|
||||
i2d_PKCS7_NDEF 3517 EXIST::FUNCTION:
|
||||
EC_GROUP_get_degree 3518 EXIST::FUNCTION:EC
|
||||
ASN1_generate_v3 3519 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_modify_cstr 3520 EXIST::FUNCTION:
|
||||
X509_policy_tree_level_count 3521 EXIST::FUNCTION:
|
||||
BN_GF2m_add 3522 EXIST::FUNCTION:
|
||||
STORE_generate_crl 3523 EXIST::FUNCTION:
|
||||
STORE_store_public_key 3524 EXIST::FUNCTION:
|
||||
X509_CERT_PAIR_free 3525 EXIST::FUNCTION:
|
||||
STORE_revoke_private_key 3526 EXIST::FUNCTION:
|
||||
BN_nist_mod_224 3527 EXIST::FUNCTION:
|
||||
SHA512_Final 3528 EXIST::FUNCTION:SHA,SHA512
|
||||
STORE_ATTR_INFO_modify_dn 3529 EXIST::FUNCTION:
|
||||
STORE_method_get_initialise_function 3530 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_initialise_fn 3530 EXIST:VMS:FUNCTION:
|
||||
STORE_delete_number 3531 EXIST::FUNCTION:
|
||||
i2d_EC_PUBKEY_bio 3532 EXIST::FUNCTION:BIO,EC
|
||||
EC_GROUP_get_asn1_flag 3533 EXIST::FUNCTION:EC
|
||||
STORE_ATTR_INFO_in_ex 3534 EXIST::FUNCTION:
|
||||
STORE_list_crl_start 3535 EXIST::FUNCTION:
|
||||
ECDH_get_ex_new_index 3536 EXIST::FUNCTION:ECDH
|
||||
STORE_method_get_modify_function 3537 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_modify_fn 3537 EXIST:VMS:FUNCTION:
|
||||
v2i_ASN1_BIT_STRING 3538 EXIST::FUNCTION:
|
||||
STORE_store_certificate 3539 EXIST::FUNCTION:
|
||||
OBJ_bsearch_ex 3540 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_set_default 3541 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_set_sha1str 3542 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_inv 3543 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_exp 3544 EXIST::FUNCTION:
|
||||
STORE_modify_public_key 3545 EXIST::FUNCTION:
|
||||
STORE_method_get_list_start_function 3546 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_list_start_fn 3546 EXIST:VMS:FUNCTION:
|
||||
EC_GROUP_get0_seed 3547 EXIST::FUNCTION:EC
|
||||
ecdsa_check 3548 EXIST::FUNCTION:ECDSA
|
||||
STORE_store_arbitrary 3549 EXIST::FUNCTION:
|
||||
STORE_method_set_unlock_store_function 3550 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_unlock_store_fn 3550 EXIST:VMS:FUNCTION:
|
||||
BN_GF2m_mod_div_arr 3551 EXIST::FUNCTION:
|
||||
ENGINE_set_ECDSA 3552 EXIST::FUNCTION:ENGINE
|
||||
STORE_create_method 3553 EXIST::FUNCTION:
|
||||
ECPKParameters_print 3554 EXIST::FUNCTION:BIO,EC
|
||||
PEM_write_EC_PUBKEY 3555 EXIST:!WIN16:FUNCTION:EC
|
||||
X509_VERIFY_PARAM_set1 3556 EXIST::FUNCTION:
|
||||
ECDH_set_method 3557 EXIST::FUNCTION:ECDH
|
||||
v2i_GENERAL_NAME_ex 3558 EXIST::FUNCTION:
|
||||
ECDH_set_ex_data 3559 EXIST::FUNCTION:ECDH
|
||||
STORE_generate_key 3560 EXIST::FUNCTION:
|
||||
BN_nist_mod_521 3561 EXIST::FUNCTION:
|
||||
X509_policy_tree_get0_level 3562 EXIST::FUNCTION:
|
||||
EC_GROUP_set_point_conversion_form 3563 EXIST:!VMS:FUNCTION:EC
|
||||
EC_GROUP_set_point_conv_form 3563 EXIST:VMS:FUNCTION:EC
|
||||
PEM_read_EC_PUBKEY 3564 EXIST:!WIN16:FUNCTION:EC
|
||||
i2d_ECDSA_SIG 3565 EXIST::FUNCTION:ECDSA
|
||||
ECDSA_OpenSSL 3566 EXIST::FUNCTION:ECDSA
|
||||
STORE_delete_crl 3567 EXIST::FUNCTION:
|
||||
ASN1_const_check_infinite_end 3568 EXIST::FUNCTION:
|
||||
ECDSA_set_default_method 3569 EXIST::FUNCTION:ECDSA
|
||||
EC_POINT_set_compressed_coordinates_GF2m 3570 EXIST:!VMS:FUNCTION:EC
|
||||
EC_POINT_set_compr_coords_GF2m 3570 EXIST:VMS:FUNCTION:EC
|
||||
EC_GROUP_cmp 3571 EXIST::FUNCTION:EC
|
||||
STORE_revoke_certificate 3572 EXIST::FUNCTION:
|
||||
ECDH_DATA_new_method 3573 EXIST::FUNCTION:ECDH
|
||||
BN_get0_nist_prime_256 3574 EXIST::FUNCTION:
|
||||
STORE_method_get_delete_function 3575 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_delete_fn 3575 EXIST:VMS:FUNCTION:
|
||||
SHA224_Init 3576 EXIST::FUNCTION:SHA,SHA256
|
||||
PEM_read_ECPrivateKey 3577 EXIST:!WIN16:FUNCTION:EC
|
||||
SHA512_Init 3578 EXIST::FUNCTION:SHA,SHA512
|
||||
STORE_parse_attrs_endp 3579 EXIST::FUNCTION:
|
||||
ERR_load_ECDSA_strings 3580 EXIST::FUNCTION:ECDSA
|
||||
EC_GROUP_get_basis_type 3581 EXIST::FUNCTION:EC
|
||||
ECDH_DATA_new 3582 EXIST::FUNCTION:ECDH
|
||||
STORE_list_public_key_next 3583 EXIST::FUNCTION:
|
||||
i2v_ASN1_BIT_STRING 3584 EXIST::FUNCTION:
|
||||
STORE_OBJECT_free 3585 EXIST::FUNCTION:
|
||||
BN_nist_mod_384 3586 EXIST::FUNCTION:
|
||||
i2d_X509_CERT_PAIR 3587 EXIST::FUNCTION:
|
||||
PEM_write_ECPKParameters 3588 EXIST:!WIN16:FUNCTION:EC
|
||||
ECDH_compute_key 3589 EXIST::FUNCTION:ECDH
|
||||
STORE_ATTR_INFO_get0_sha1str 3590 EXIST::FUNCTION:
|
||||
ENGINE_register_all_ECDH 3591 EXIST::FUNCTION:ENGINE
|
||||
STORE_ATTR_INFO_get0_cstr 3592 EXIST::FUNCTION:
|
||||
POLICY_CONSTRAINTS_it 3593 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
POLICY_CONSTRAINTS_it 3593 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
STORE_get_ex_new_index 3594 EXIST::FUNCTION:
|
||||
X509_VERIFY_PARAM_add0_policy 3595 EXIST::FUNCTION:
|
||||
BN_GF2m_mod_solve_quad 3596 EXIST::FUNCTION:
|
||||
SHA256 3597 EXIST::FUNCTION:SHA,SHA256
|
||||
i2d_ECPrivateKey_fp 3598 EXIST::FUNCTION:EC,FP_API
|
||||
X509_policy_tree_get0_user_policies 3599 EXIST:!VMS:FUNCTION:
|
||||
X509_pcy_tree_get0_usr_policies 3599 EXIST:VMS:FUNCTION:
|
||||
OPENSSL_DIR_read 3600 EXIST::FUNCTION:
|
||||
ENGINE_register_all_ECDSA 3601 EXIST::FUNCTION:ENGINE
|
||||
X509_VERIFY_PARAM_lookup 3602 EXIST::FUNCTION:
|
||||
EC_POINT_get_affine_coordinates_GF2m 3603 EXIST:!VMS:FUNCTION:EC
|
||||
EC_POINT_get_affine_coords_GF2m 3603 EXIST:VMS:FUNCTION:EC
|
||||
EC_GROUP_dup 3604 EXIST::FUNCTION:EC
|
||||
ENGINE_get_default_ECDSA 3605 EXIST::FUNCTION:ENGINE
|
||||
EC_KEY_new 3606 EXIST::FUNCTION:EC
|
||||
SHA256_Transform 3607 EXIST::FUNCTION:SHA,SHA256
|
||||
ECDSA_verify 3608 EXIST::FUNCTION:ECDSA
|
||||
EC_POINT_point2hex 3609 EXIST::FUNCTION:EC
|
||||
ENGINE_get_STORE 3610 EXIST::FUNCTION:ENGINE
|
||||
SHA512 3611 EXIST::FUNCTION:SHA,SHA512
|
||||
STORE_get_certificate 3612 EXIST::FUNCTION:
|
||||
ECDSA_do_verify 3613 EXIST::FUNCTION:ECDSA
|
||||
d2i_ECPrivateKey_fp 3614 EXIST::FUNCTION:EC,FP_API
|
||||
STORE_delete_certificate 3615 EXIST::FUNCTION:
|
||||
SHA512_Transform 3616 EXIST::FUNCTION:SHA,SHA512
|
||||
X509_STORE_set1_param 3617 EXIST::FUNCTION:
|
||||
STORE_method_get_ctrl_function 3618 EXIST::FUNCTION:
|
||||
STORE_free 3619 EXIST::FUNCTION:
|
||||
PEM_write_ECPrivateKey 3620 EXIST:!WIN16:FUNCTION:EC
|
||||
STORE_method_get_unlock_store_function 3621 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_unlock_store_fn 3621 EXIST:VMS:FUNCTION:
|
||||
STORE_get_ex_data 3622 EXIST::FUNCTION:
|
||||
PEM_read_ECPKParameters 3623 EXIST:!WIN16:FUNCTION:EC
|
||||
X509_CERT_PAIR_new 3624 EXIST::FUNCTION:
|
||||
ENGINE_register_STORE 3625 EXIST::FUNCTION:ENGINE
|
||||
RSA_generate_key_ex 3626 EXIST::FUNCTION:RSA
|
||||
DSA_generate_parameters_ex 3627 EXIST::FUNCTION:DSA
|
||||
ECParameters_print_fp 3628 EXIST::FUNCTION:EC,FP_API
|
||||
X509V3_NAME_from_section 3629 EXIST::FUNCTION:
|
||||
STORE_modify_crl 3630 EXIST::FUNCTION:
|
||||
STORE_list_private_key_start 3631 EXIST::FUNCTION:
|
||||
POLICY_MAPPINGS_it 3632 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
POLICY_MAPPINGS_it 3632 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
GENERAL_SUBTREE_it 3633 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
|
||||
GENERAL_SUBTREE_it 3633 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
|
||||
ECDH_DATA_free 3634 EXIST::FUNCTION:ECDH
|
||||
PEM_write_X509_CERT_PAIR 3635 EXIST:!WIN16:FUNCTION:
|
||||
BIO_dump_indent_cb 3636 EXIST::FUNCTION:
|
||||
d2i_X509_CERT_PAIR 3637 EXIST::FUNCTION:
|
||||
STORE_list_private_key_endp 3638 EXIST::FUNCTION:
|
||||
asn1_const_Finish 3639 EXIST::FUNCTION:
|
||||
i2d_EC_PUBKEY_fp 3640 EXIST::FUNCTION:EC,FP_API
|
||||
BN_nist_mod_256 3641 EXIST::FUNCTION:
|
||||
ECDSA_DATA_new 3642 EXIST::FUNCTION:ECDSA
|
||||
X509_VERIFY_PARAM_add0_table 3643 EXIST::FUNCTION:
|
||||
EVP_sha256 3644 EXIST::FUNCTION:SHA,SHA256
|
||||
ECDSA_size 3645 EXIST::FUNCTION:ECDSA
|
||||
d2i_EC_PUBKEY_bio 3646 EXIST::FUNCTION:BIO,EC
|
||||
BN_get0_nist_prime_521 3647 EXIST::FUNCTION:
|
||||
STORE_ATTR_INFO_modify_sha1str 3648 EXIST::FUNCTION:
|
||||
BN_generate_prime_ex 3649 EXIST::FUNCTION:
|
||||
SHA256_Final 3650 EXIST::FUNCTION:SHA,SHA256
|
||||
DH_generate_parameters_ex 3651 EXIST::FUNCTION:DH
|
||||
PEM_read_bio_ECPrivateKey 3652 EXIST::FUNCTION:EC
|
||||
STORE_method_get_cleanup_function 3653 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_cleanup_fn 3653 EXIST:VMS:FUNCTION:
|
||||
ENGINE_get_ECDH 3654 EXIST::FUNCTION:ENGINE
|
||||
d2i_ECDSA_SIG 3655 EXIST::FUNCTION:ECDSA
|
||||
BN_is_prime_fasttest_ex 3656 EXIST::FUNCTION:
|
||||
ECDSA_sign 3657 EXIST::FUNCTION:ECDSA
|
||||
X509_policy_check 3658 EXIST::FUNCTION:
|
||||
STORE_set_ex_data 3659 EXIST::FUNCTION:
|
||||
ENGINE_get_ECDSA 3660 EXIST::FUNCTION:ENGINE
|
||||
EVP_ecdsa 3661 EXIST::FUNCTION:SHA
|
||||
PKCS12_add_cert 3662 EXIST::FUNCTION:
|
||||
STORE_OBJECT_new 3663 EXIST::FUNCTION:
|
||||
ERR_load_ECDH_strings 3664 EXIST::FUNCTION:ECDH
|
||||
EC_KEY_dup 3665 EXIST::FUNCTION:EC
|
||||
EVP_CIPHER_CTX_rand_key 3666 EXIST::FUNCTION:
|
||||
ECDSA_set_method 3667 EXIST::FUNCTION:ECDSA
|
||||
a2i_IPADDRESS_NC 3668 EXIST::FUNCTION:
|
||||
d2i_ECParameters 3669 EXIST::FUNCTION:EC
|
||||
STORE_list_certificate_end 3670 EXIST::FUNCTION:
|
||||
STORE_get_crl 3671 EXIST::FUNCTION:
|
||||
X509_POLICY_NODE_print 3672 EXIST::FUNCTION:
|
||||
SHA384_Init 3673 EXIST::FUNCTION:SHA,SHA512
|
||||
EC_GF2m_simple_method 3674 EXIST::FUNCTION:EC
|
||||
ECDSA_set_ex_data 3675 EXIST::FUNCTION:ECDSA
|
||||
SHA384_Final 3676 EXIST::FUNCTION:SHA,SHA512
|
||||
PKCS7_set_digest 3677 EXIST::FUNCTION:
|
||||
EC_KEY_print 3678 EXIST::FUNCTION:BIO,EC
|
||||
STORE_method_set_lock_store_function 3679 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_set_lock_store_fn 3679 EXIST:VMS:FUNCTION:
|
||||
ECDSA_get_ex_new_index 3680 EXIST::FUNCTION:ECDSA
|
||||
SHA384 3681 EXIST::FUNCTION:SHA,SHA512
|
||||
POLICY_MAPPING_new 3682 EXIST::FUNCTION:
|
||||
STORE_list_certificate_endp 3683 EXIST::FUNCTION:
|
||||
X509_STORE_CTX_get0_policy_tree 3684 EXIST::FUNCTION:
|
||||
EC_GROUP_set_asn1_flag 3685 EXIST::FUNCTION:EC
|
||||
EC_KEY_check_key 3686 EXIST::FUNCTION:EC
|
||||
d2i_EC_PUBKEY_fp 3687 EXIST::FUNCTION:EC,FP_API
|
||||
PKCS7_set0_type_other 3688 EXIST::FUNCTION:
|
||||
ecdh_check 3689 EXIST::FUNCTION:ECDH
|
||||
ECDSA_DATA_new_method 3690 EXIST::FUNCTION:ECDSA
|
||||
PEM_read_bio_X509_CERT_PAIR 3691 EXIST::FUNCTION:
|
||||
STORE_method_get_list_end_function 3692 EXIST:!VMS:FUNCTION:
|
||||
STORE_meth_get_list_end_fn 3692 EXIST:VMS:FUNCTION:
|
||||
X509_VERIFY_PARAM_set_time 3693 EXIST::FUNCTION:
|
||||
ENGINE_set_default_ECDH 3694 EXIST::FUNCTION:ENGINE
|
||||
STORE_new_method 3695 EXIST::FUNCTION:
|
||||
PKCS12_add_key 3696 EXIST::FUNCTION:
|
||||
DSO_merge 3697 EXIST::FUNCTION:
|
||||
EC_POINT_hex2point 3698 EXIST::FUNCTION:EC
|
||||
BIO_dump_cb 3699 EXIST::FUNCTION:
|
||||
SHA256_Update 3700 EXIST::FUNCTION:SHA,SHA256
|
||||
BN_GF2m_mod_inv_arr 3701 EXIST::FUNCTION:
|
||||
ENGINE_unregister_ECDSA 3702 EXIST::FUNCTION:ENGINE
|
||||
|
Loading…
x
Reference in New Issue
Block a user