Home
last modified time | relevance | path

Searched refs:trust (Results 1 – 25 of 153) sorted by relevance

1234567

/freebsd-12-stable/crypto/openssl/crypto/x509/
Dx509_trs.c18 static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
19 static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
20 static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
54 return (*a)->trust - (*b)->trust; in tr_cmp()
57 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, in X509_TRUST_set_default()
61 default_trust = trust; in X509_TRUST_set_default()
106 tmp.trust = id; in X509_TRUST_get_by_id()
113 int X509_TRUST_set(int *t, int trust) in X509_TRUST_set() argument
115 if (X509_TRUST_get_by_id(trust) == -1) { in X509_TRUST_set()
119 *t = trust; in X509_TRUST_set()
[all …]
Dx_x509a.c27 ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
114 if (aux->trust == NULL in X509_add1_trust_object()
115 && (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL) in X509_add1_trust_object()
117 if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp)) in X509_add1_trust_object()
144 sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); in X509_trust_clear()
145 x->aux->trust = NULL; in X509_trust_clear()
160 return x->aux->trust; in STACK_OF()
Dx509_vfy.c427 tr_ok = X509_check_trust(x, ctx->param->trust, X509_TRUST_NO_SS_COMPAT); in check_purpose()
784 int trust; in check_trust() local
791 switch (trust = check_dane_issuer(ctx, num_untrusted)) { in check_trust()
794 return trust; in check_trust()
806 trust = X509_check_trust(x, ctx->param->trust, 0); in check_trust()
808 if (trust == X509_TRUST_TRUSTED) in check_trust()
810 if (trust == X509_TRUST_REJECTED) in check_trust()
839 trust = X509_check_trust(mx, ctx->param->trust, 0); in check_trust()
840 if (trust == X509_TRUST_REJECTED) { in check_trust()
2184 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) in X509_STORE_CTX_set_trust() argument
[all …]
Dt_x509.c330 STACK_OF(ASN1_OBJECT) *trust, *reject; in X509_aux_print()
336 trust = X509_get0_trust_objects(x); in X509_aux_print()
338 if (trust) { in X509_aux_print()
341 for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) { in X509_aux_print()
347 sk_ASN1_OBJECT_value(trust, i), 0); in X509_aux_print()
Dx509_vpm.c91 param->trust = X509_TRUST_DEFAULT; in X509_VERIFY_PARAM_new()
180 x509_verify_param_copy(trust, X509_TRUST_DEFAULT); in X509_VERIFY_PARAM_inherit()
306 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust) in X509_VERIFY_PARAM_set_trust() argument
308 return X509_TRUST_set(&param->trust, trust); in X509_VERIFY_PARAM_set_trust()
/freebsd-12-stable/lib/libsecureboot/
Dveta.c50 trust_file_add(const char *trust) in trust_file_add() argument
55 xcs = read_certificates(trust, &num); in trust_file_add()
60 else if (load_key_file(trust)) { in trust_file_add()
73 trust_dir_add(const char *trust) in trust_dir_add() argument
82 if (!(dh = opendir(trust))) in trust_dir_add()
87 sz = snprintf(fbuf, sizeof(fbuf), "%s/%s", trust, de->d_name); in trust_dir_add()
102 ve_trust_add(const char *trust) in ve_trust_add() argument
106 if (stat(trust, &st) < 0) in ve_trust_add()
109 return (trust_dir_add(trust)); in ve_trust_add()
110 return (trust_file_add(trust)); in ve_trust_add()
DREADME.rst5 To do that, the necessary trust anchors need to be available.
10 The makefile ``local.trust.mk`` is responsible for doing that.
15 provide access to the necessary trust anchors.
68 we want the trust anchor in a file named ``t*.asc``
93 certificate (trust anchor). This is expected to be in a file named
121 you need to provide a suitable file signed by each supported trust
125 have the same extension as the corresponding trust anchor.
131 signed by the corresponding trust anchor.
/freebsd-12-stable/crypto/openssl/doc/man3/
DX509_STORE_CTX_new.pod51 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
53 int purpose, int trust);
134 certificate itself. In addition the trust store containing trusted certificates
135 can declare what purposes we trust different certificates for. This "trust"
141 administrator might only trust it for the former. An X.509 certificate extension
158 purpose also has an associated default trust value which will also be set at the
159 same time. During verification this trust setting will be verified to check it
160 is consistent with the trust set by the system administrator for certificates in
163 X509_STORE_CTX_set_trust() sets the trust value for the target certificate
164 being verified in the I<ctx>. Built-in available values for the I<trust>
[all …]
DX509_VERIFY_PARAM_set_flags.pod36 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
89 X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
90 B<trust>.
108 neither the end-entity certificate nor the trust-anchor count against this
111 directly by the trust-anchor, while with a B<depth> limit of 1 there can be one
112 intermediate CA certificate between the trust-anchor and the end-entity
121 The signature algorithm security level is not enforced for the chain's I<trust
279 in L<X509_verify_cert(3)> will search the trust store for issuer certificates
283 This is especially important when some certificates in the trust store have
284 explicit trust settings (see "TRUST SETTINGS" in L<x509(1)>).
[all …]
/freebsd-12-stable/contrib/unbound/services/cache/
Drrset.c140 if( newd->trust > cached->trust ) { in need_to_update_rrset()
152 if( newd->trust == cached->trust && !equal ) { in need_to_update_rrset()
389 if(updata->trust > cachedata->trust) in rrset_update_sec_status()
390 cachedata->trust = updata->trust; in rrset_update_sec_status()
437 if(cachedata->trust > updata->trust) in rrset_check_sec_status()
438 updata->trust = cachedata->trust; in rrset_check_sec_status()
Ddns.c802 newd->trust = rrset_trust_ans_noAA; in synth_dname_msg()
856 if(d->trust == rrset_trust_add_noAA || in fill_any()
857 d->trust == rrset_trust_auth_noAA || in fill_any()
858 d->trust == rrset_trust_add_AA || in fill_any()
859 d->trust == rrset_trust_auth_AA) { in fill_any()
990 if(d->trust != rrset_trust_add_noAA && in dns_cache_lookup()
991 d->trust != rrset_trust_add_AA && in dns_cache_lookup()
993 (d->trust != rrset_trust_auth_noAA in dns_cache_lookup()
994 && d->trust != rrset_trust_auth_AA) )) { in dns_cache_lookup()
/freebsd-12-stable/secure/caroot/
DMAca-bundle.pl218 my $trust = ($maytrust and not $distrust);
219 return ($serial, $cka_label, $trust);
243 my ($serial, $label, $trust) = grabtrust($inputfh);
247 $trusts{$label."\0".$serial} = $trust;
/freebsd-12-stable/crypto/heimdal/doc/
Dwin2k.texi21 * Inter-Realm keys (trust) between Windows and a Heimdal KDC::
29 @node Configuring Windows to use a Heimdal KDC, Inter-Realm keys (trust) between Windows and a Heim…
86 @node Inter-Realm keys (trust) between Windows and a Heimdal KDC, Create account mappings, Configur…
88 @section Inter-Realm keys (trust) between Windows and a Heimdal KDC
95 By default the trust will be non-transitive. This means that only users
98 can also be used to add the trust between two realms.
112 Add on the appropriate trust windows and enter domain name and
122 netdom trust NT.REALM.EXAMPLE.COM /Domain:EXAMPLE.COM /add /realm /passwordt:TrustPassword
130 understand them. Otherwise, the trust will not works.
140 For Windows 2003RC2, to change the trust encryption type, you have to use the
[all …]
/freebsd-12-stable/contrib/ntp/libntp/
Dauthkeys.c632 u_long trust in authtrust() argument
644 if (!trust && sk == NULL) in authtrust()
660 if (trust > 0) { in authtrust()
662 if (trust > 1) in authtrust()
663 sk->lifetime = current_time + trust; in authtrust()
676 if (trust > 1) { in authtrust()
677 lifetime = current_time + trust; in authtrust()
/freebsd-12-stable/contrib/ldns/drill/
Dconfigure.ac180 AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE],
181 [Default location of the trust anchor file. [default=SYSCONFDIR/unbound/root.key]]), [
196 AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor fil…
198 AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE])
/freebsd-12-stable/contrib/unbound/doc/
DFEATURES33 RFC 2181: completely, including the trust model, keeping rrsets together.
43 RFC 5011: update of trust anchors with timers.
76 draft-ietf-dnsop-dnssec-trust-anchor(-01): DS records can be configured
77 as trust anchors. Also DNSKEYs are allowed, by the way.
/freebsd-12-stable/contrib/unbound/testdata/
Dcachedb_cached_ede.crpl7 trust-anchor-signaling: no
11trust-anchor: "example.nl. DS 50602 8 2 FA8EE175C47325F4BD46D8A4083C3EBEB11C977D689069F2B41F1A29B2…
Dval_scrub_rr_length.rpl2 ; The island of trust is at example.com
4trust-anchor: "example.com. IN DS 55566 8 2 9c148338951ce1c3b5cd3da532f3d90dfcf92595148022f2c2fd98…
8 trust-anchor-signaling: no
Dsubnet_cached_ede.crpl5 trust-anchor-signaling: no
15trust-anchor: "example.nl. DS 50602 8 2 FA8EE175C47325F4BD46D8A4083C3EBEB11C977D689069F2B41F1A29B2…
/freebsd-12-stable/contrib/bearssl/samples/
DREADME.txt11 certificate against two hardcoded trust anchors.
24 certificate chains link to the trust anchors that are hardcoded
/freebsd-12-stable/crypto/openssl/apps/
Dx509.c161 STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL; in x509_main()
294 if (trust == NULL && (trust = sk_ASN1_OBJECT_new_null()) == NULL) in x509_main()
296 sk_ASN1_OBJECT_push(trust, objtmp); in x509_main()
612 if (trust != NULL) { in x509_main()
613 for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) { in x509_main()
614 objtmp = sk_ASN1_OBJECT_value(trust, i); in x509_main()
905 sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free); in x509_main()
/freebsd-12-stable/crypto/openssl/doc/man1/
Dverify.pod175 self-signed trust-anchor, provided it is possible to construct a chain to a
221 trust store to see if an alternative chain can be found that is trusted.
228 to construct a certificate chain from the subject certificate to a trust-anchor.
240 That is, the only trust-anchors are those listed in B<file>.
263 the chain except for the chain's I<trust anchor>, which is either directly
277 end-entity certificate nor the trust-anchor certificate count against the
297 Use default verification policies like trust model and required certificate
299 The trust model determines which auxiliary trust or reject OIDs are applicable
305 These mimics the combinations of purpose and trust settings used in SSL, CMS
307 As of OpenSSL 1.1.0, the trust model is inferred from the purpose when not
[all …]
/freebsd-12-stable/secure/caroot/trusted/
DD-TRUST_BR_Root_CA_1_2020.pem48 URI:http://crl.d-trust.net/crl/d-trust_br_root_ca_1_2020.crl
50 …URI:ldap://directory.d-trust.net/CN=D-TRUST%20BR%20Root%20CA%201%202020,O=D-Trust%20GmbH,C=DE?cert…
DD-TRUST_EV_Root_CA_1_2020.pem48 URI:http://crl.d-trust.net/crl/d-trust_ev_root_ca_1_2020.crl
50 …URI:ldap://directory.d-trust.net/CN=D-TRUST%20EV%20Root%20CA%201%202020,O=D-Trust%20GmbH,C=DE?cert…
/freebsd-12-stable/contrib/bearssl/test/x509/
Dalltests.txt110 ; Intermediate CA 1 as trust anchor.
117 ; Intermediate CA 2 as trust anchor.
124 ; EE certificate as trust anchor (direct trust only).
142 ; Valid chain except that no trust anchor is provided; this should fail
175 ; Direct trust of EE.
470 ; use a direct trust model here.
482 ; use a direct trust model here.

1234567