| /freebsd-12-stable/crypto/openssl/crypto/x509/ |
| D | x509_trs.c | 18 static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); 19 static int trust_1oid(X509_TRUST *trust, X509 *x, int flags); 20 static int trust_compat(X509_TRUST *trust, X509 *x, int flags); 54 return (*a)->trust - (*b)->trust; in tr_cmp() 57 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, in X509_TRUST_set_default() 61 default_trust = trust; in X509_TRUST_set_default() 106 tmp.trust = id; in X509_TRUST_get_by_id() 113 int X509_TRUST_set(int *t, int trust) in X509_TRUST_set() argument 115 if (X509_TRUST_get_by_id(trust) == -1) { in X509_TRUST_set() 119 *t = trust; in X509_TRUST_set() [all …]
|
| D | x_x509a.c | 27 ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT), 114 if (aux->trust == NULL in X509_add1_trust_object() 115 && (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL) in X509_add1_trust_object() 117 if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp)) in X509_add1_trust_object() 144 sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); in X509_trust_clear() 145 x->aux->trust = NULL; in X509_trust_clear() 160 return x->aux->trust; in STACK_OF()
|
| D | x509_vfy.c | 427 tr_ok = X509_check_trust(x, ctx->param->trust, X509_TRUST_NO_SS_COMPAT); in check_purpose() 784 int trust; in check_trust() local 791 switch (trust = check_dane_issuer(ctx, num_untrusted)) { in check_trust() 794 return trust; in check_trust() 806 trust = X509_check_trust(x, ctx->param->trust, 0); in check_trust() 808 if (trust == X509_TRUST_TRUSTED) in check_trust() 810 if (trust == X509_TRUST_REJECTED) in check_trust() 839 trust = X509_check_trust(mx, ctx->param->trust, 0); in check_trust() 840 if (trust == X509_TRUST_REJECTED) { in check_trust() 2184 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) in X509_STORE_CTX_set_trust() argument [all …]
|
| D | t_x509.c | 330 STACK_OF(ASN1_OBJECT) *trust, *reject; in X509_aux_print() 336 trust = X509_get0_trust_objects(x); in X509_aux_print() 338 if (trust) { in X509_aux_print() 341 for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) { in X509_aux_print() 347 sk_ASN1_OBJECT_value(trust, i), 0); in X509_aux_print()
|
| D | x509_vpm.c | 91 param->trust = X509_TRUST_DEFAULT; in X509_VERIFY_PARAM_new() 180 x509_verify_param_copy(trust, X509_TRUST_DEFAULT); in X509_VERIFY_PARAM_inherit() 306 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust) in X509_VERIFY_PARAM_set_trust() argument 308 return X509_TRUST_set(¶m->trust, trust); in X509_VERIFY_PARAM_set_trust()
|
| /freebsd-12-stable/lib/libsecureboot/ |
| D | veta.c | 50 trust_file_add(const char *trust) in trust_file_add() argument 55 xcs = read_certificates(trust, &num); in trust_file_add() 60 else if (load_key_file(trust)) { in trust_file_add() 73 trust_dir_add(const char *trust) in trust_dir_add() argument 82 if (!(dh = opendir(trust))) in trust_dir_add() 87 sz = snprintf(fbuf, sizeof(fbuf), "%s/%s", trust, de->d_name); in trust_dir_add() 102 ve_trust_add(const char *trust) in ve_trust_add() argument 106 if (stat(trust, &st) < 0) in ve_trust_add() 109 return (trust_dir_add(trust)); in ve_trust_add() 110 return (trust_file_add(trust)); in ve_trust_add()
|
| D | README.rst | 5 To do that, the necessary trust anchors need to be available. 10 The makefile ``local.trust.mk`` is responsible for doing that. 15 provide access to the necessary trust anchors. 68 we want the trust anchor in a file named ``t*.asc`` 93 certificate (trust anchor). This is expected to be in a file named 121 you need to provide a suitable file signed by each supported trust 125 have the same extension as the corresponding trust anchor. 131 signed by the corresponding trust anchor.
|
| /freebsd-12-stable/crypto/openssl/doc/man3/ |
| D | X509_STORE_CTX_new.pod | 51 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); 53 int purpose, int trust); 134 certificate itself. In addition the trust store containing trusted certificates 135 can declare what purposes we trust different certificates for. This "trust" 141 administrator might only trust it for the former. An X.509 certificate extension 158 purpose also has an associated default trust value which will also be set at the 159 same time. During verification this trust setting will be verified to check it 160 is consistent with the trust set by the system administrator for certificates in 163 X509_STORE_CTX_set_trust() sets the trust value for the target certificate 164 being verified in the I<ctx>. Built-in available values for the I<trust> [all …]
|
| D | X509_VERIFY_PARAM_set_flags.pod | 36 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust); 89 X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to 90 B<trust>. 108 neither the end-entity certificate nor the trust-anchor count against this 111 directly by the trust-anchor, while with a B<depth> limit of 1 there can be one 112 intermediate CA certificate between the trust-anchor and the end-entity 121 The signature algorithm security level is not enforced for the chain's I<trust 279 in L<X509_verify_cert(3)> will search the trust store for issuer certificates 283 This is especially important when some certificates in the trust store have 284 explicit trust settings (see "TRUST SETTINGS" in L<x509(1)>). [all …]
|
| /freebsd-12-stable/contrib/unbound/services/cache/ |
| D | rrset.c | 140 if( newd->trust > cached->trust ) { in need_to_update_rrset() 152 if( newd->trust == cached->trust && !equal ) { in need_to_update_rrset() 389 if(updata->trust > cachedata->trust) in rrset_update_sec_status() 390 cachedata->trust = updata->trust; in rrset_update_sec_status() 437 if(cachedata->trust > updata->trust) in rrset_check_sec_status() 438 updata->trust = cachedata->trust; in rrset_check_sec_status()
|
| D | dns.c | 802 newd->trust = rrset_trust_ans_noAA; in synth_dname_msg() 856 if(d->trust == rrset_trust_add_noAA || in fill_any() 857 d->trust == rrset_trust_auth_noAA || in fill_any() 858 d->trust == rrset_trust_add_AA || in fill_any() 859 d->trust == rrset_trust_auth_AA) { in fill_any() 990 if(d->trust != rrset_trust_add_noAA && in dns_cache_lookup() 991 d->trust != rrset_trust_add_AA && in dns_cache_lookup() 993 (d->trust != rrset_trust_auth_noAA in dns_cache_lookup() 994 && d->trust != rrset_trust_auth_AA) )) { in dns_cache_lookup()
|
| /freebsd-12-stable/secure/caroot/ |
| D | MAca-bundle.pl | 218 my $trust = ($maytrust and not $distrust); 219 return ($serial, $cka_label, $trust); 243 my ($serial, $label, $trust) = grabtrust($inputfh); 247 $trusts{$label."\0".$serial} = $trust;
|
| /freebsd-12-stable/crypto/heimdal/doc/ |
| D | win2k.texi | 21 * Inter-Realm keys (trust) between Windows and a Heimdal KDC:: 29 @node Configuring Windows to use a Heimdal KDC, Inter-Realm keys (trust) between Windows and a Heim… 86 @node Inter-Realm keys (trust) between Windows and a Heimdal KDC, Create account mappings, Configur… 88 @section Inter-Realm keys (trust) between Windows and a Heimdal KDC 95 By default the trust will be non-transitive. This means that only users 98 can also be used to add the trust between two realms. 112 Add on the appropriate trust windows and enter domain name and 122 netdom trust NT.REALM.EXAMPLE.COM /Domain:EXAMPLE.COM /add /realm /passwordt:TrustPassword 130 understand them. Otherwise, the trust will not works. 140 For Windows 2003RC2, to change the trust encryption type, you have to use the [all …]
|
| /freebsd-12-stable/contrib/ntp/libntp/ |
| D | authkeys.c | 632 u_long trust in authtrust() argument 644 if (!trust && sk == NULL) in authtrust() 660 if (trust > 0) { in authtrust() 662 if (trust > 1) in authtrust() 663 sk->lifetime = current_time + trust; in authtrust() 676 if (trust > 1) { in authtrust() 677 lifetime = current_time + trust; in authtrust()
|
| /freebsd-12-stable/contrib/ldns/drill/ |
| D | configure.ac | 180 AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE], 181 [Default location of the trust anchor file. [default=SYSCONFDIR/unbound/root.key]]), [ 196 AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor fil… 198 AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE])
|
| /freebsd-12-stable/contrib/unbound/doc/ |
| D | FEATURES | 33 RFC 2181: completely, including the trust model, keeping rrsets together. 43 RFC 5011: update of trust anchors with timers. 76 draft-ietf-dnsop-dnssec-trust-anchor(-01): DS records can be configured 77 as trust anchors. Also DNSKEYs are allowed, by the way.
|
| /freebsd-12-stable/contrib/unbound/testdata/ |
| D | cachedb_cached_ede.crpl | 7 trust-anchor-signaling: no 11 …trust-anchor: "example.nl. DS 50602 8 2 FA8EE175C47325F4BD46D8A4083C3EBEB11C977D689069F2B41F1A29B2…
|
| D | val_scrub_rr_length.rpl | 2 ; The island of trust is at example.com 4 …trust-anchor: "example.com. IN DS 55566 8 2 9c148338951ce1c3b5cd3da532f3d90dfcf92595148022f2c2fd98… 8 trust-anchor-signaling: no
|
| D | subnet_cached_ede.crpl | 5 trust-anchor-signaling: no 15 …trust-anchor: "example.nl. DS 50602 8 2 FA8EE175C47325F4BD46D8A4083C3EBEB11C977D689069F2B41F1A29B2…
|
| /freebsd-12-stable/contrib/bearssl/samples/ |
| D | README.txt | 11 certificate against two hardcoded trust anchors. 24 certificate chains link to the trust anchors that are hardcoded
|
| /freebsd-12-stable/crypto/openssl/apps/ |
| D | x509.c | 161 STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL; in x509_main() 294 if (trust == NULL && (trust = sk_ASN1_OBJECT_new_null()) == NULL) in x509_main() 296 sk_ASN1_OBJECT_push(trust, objtmp); in x509_main() 612 if (trust != NULL) { in x509_main() 613 for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) { in x509_main() 614 objtmp = sk_ASN1_OBJECT_value(trust, i); in x509_main() 905 sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free); in x509_main()
|
| /freebsd-12-stable/crypto/openssl/doc/man1/ |
| D | verify.pod | 175 self-signed trust-anchor, provided it is possible to construct a chain to a 221 trust store to see if an alternative chain can be found that is trusted. 228 to construct a certificate chain from the subject certificate to a trust-anchor. 240 That is, the only trust-anchors are those listed in B<file>. 263 the chain except for the chain's I<trust anchor>, which is either directly 277 end-entity certificate nor the trust-anchor certificate count against the 297 Use default verification policies like trust model and required certificate 299 The trust model determines which auxiliary trust or reject OIDs are applicable 305 These mimics the combinations of purpose and trust settings used in SSL, CMS 307 As of OpenSSL 1.1.0, the trust model is inferred from the purpose when not [all …]
|
| /freebsd-12-stable/secure/caroot/trusted/ |
| D | D-TRUST_BR_Root_CA_1_2020.pem | 48 URI:http://crl.d-trust.net/crl/d-trust_br_root_ca_1_2020.crl 50 …URI:ldap://directory.d-trust.net/CN=D-TRUST%20BR%20Root%20CA%201%202020,O=D-Trust%20GmbH,C=DE?cert…
|
| D | D-TRUST_EV_Root_CA_1_2020.pem | 48 URI:http://crl.d-trust.net/crl/d-trust_ev_root_ca_1_2020.crl 50 …URI:ldap://directory.d-trust.net/CN=D-TRUST%20EV%20Root%20CA%201%202020,O=D-Trust%20GmbH,C=DE?cert…
|
| /freebsd-12-stable/contrib/bearssl/test/x509/ |
| D | alltests.txt | 110 ; Intermediate CA 1 as trust anchor. 117 ; Intermediate CA 2 as trust anchor. 124 ; EE certificate as trust anchor (direct trust only). 142 ; Valid chain except that no trust anchor is provided; this should fail 175 ; Direct trust of EE. 470 ; use a direct trust model here. 482 ; use a direct trust model here.
|