| /third_party/openssl/crypto/x509/ |
| D | x509_trs.c | 18 static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
19 static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
20 static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
54 return (*a)->trust - (*b)->trust; in tr_cmp()
57 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, in X509_TRUST_set_default()
61 default_trust = trust; in X509_TRUST_set_default()
106 tmp.trust = id; in X509_TRUST_get_by_id()
113 int X509_TRUST_set(int *t, int trust) in X509_TRUST_set() argument
115 if (X509_TRUST_get_by_id(trust) == -1) { in X509_TRUST_set()
119 *t = trust; in X509_TRUST_set()
[all …]
|
| D | x_x509a.c | 27 ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
114 if (aux->trust == NULL in X509_add1_trust_object()
115 && (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL) in X509_add1_trust_object()
117 if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp)) in X509_add1_trust_object()
144 sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); in X509_trust_clear()
145 x->aux->trust = NULL; in X509_trust_clear()
160 return x->aux->trust; in STACK_OF()
|
| D | x509_vfy.c | 427 tr_ok = X509_check_trust(x, ctx->param->trust, X509_TRUST_NO_SS_COMPAT); in check_purpose()
784 int trust; in check_trust() local
791 switch (trust = check_dane_issuer(ctx, num_untrusted)) { in check_trust()
794 return trust; in check_trust()
806 trust = X509_check_trust(x, ctx->param->trust, 0); in check_trust()
808 if (trust == X509_TRUST_TRUSTED) in check_trust()
810 if (trust == X509_TRUST_REJECTED) in check_trust()
839 trust = X509_check_trust(mx, ctx->param->trust, 0); in check_trust()
840 if (trust == X509_TRUST_REJECTED) { in check_trust()
2184 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) in X509_STORE_CTX_set_trust() argument
[all …]
|
| D | t_x509.c | 330 STACK_OF(ASN1_OBJECT) *trust, *reject; in X509_aux_print()
336 trust = X509_get0_trust_objects(x); in X509_aux_print()
338 if (trust) { in X509_aux_print()
341 for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) { in X509_aux_print()
347 sk_ASN1_OBJECT_value(trust, i), 0); in X509_aux_print()
|
| D | x509_vpm.c | 91 param->trust = X509_TRUST_DEFAULT; in X509_VERIFY_PARAM_new()
180 x509_verify_param_copy(trust, X509_TRUST_DEFAULT); in X509_VERIFY_PARAM_inherit()
306 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust) in X509_VERIFY_PARAM_set_trust() argument
308 return X509_TRUST_set(¶m->trust, trust); in X509_VERIFY_PARAM_set_trust()
|
| /third_party/libwebsockets/minimal-examples/secure-streams/minimal-secure-streams-policy2c/ |
| D | minimal-secure-streams.c | 266 if (pol->trust.store) { in main()
269 if (a->orig == (const char *)pol->trust.store) in main()
284 a->orig = (const char *)pol->trust.store; in main()
292 for (n = 0; n < pol->trust.store->count; n++) { in main()
293 if (!pol->trust.store->ssx509[n]) in main()
297 if (a1->orig == (const char *)pol->trust.store->ssx509[n]) in main()
313 a1->orig = (const char *)pol->trust.store->ssx509[n]; in main()
317 purify_csymbol(pol->trust.store->ssx509[n]->vhost_name, in main()
320 for (m = 0; m < (int)pol->trust.store->ssx509[n]->ca_der_len; m++) { in main()
324 printf("0x%02X, ", pol->trust.store->ssx509[n]->ca_der[m]); in main()
[all …]
|
| /third_party/libwebsockets/READMEs/ |
| D | README.jit-trust.md | 1 # JIT trust
3 
7 Most systems using openssl rely on a system trust bundle that openssl was
14 
25 
29 "JIT trust".
31 ## JIT trust overview
37 
41 connection, if it is one that we do actually trust. If it lies about what CA it
42 needs to validate, or we do not trust the one it asks for, subsequent
[all …]
|
| D | README.libressl.md | 27 Libressl by default will look for a trust bundle in `/usr/local/etc/ssl/cert.pem`, you either have …
28 symlink this to your trust bundle if that doesnt happen to be where it is, or give your app the tru…
31 In Fedora, the system trust store can be found at `/etc/pki/tls/cert.pem`, so you can symlink it
|
| /third_party/libwebsockets/minimal-examples/secure-streams/minimal-secure-streams-staticpolicy/ |
| D | static-policy.h | 1346 .trust = {.store = &_ss_ts_mqtt_amz_iot},
1363 .trust = {.store = &_ss_ts_mqtt_amz_iot},
1379 .trust = {.store = &_ss_ts_le_via_isrg},
1395 .trust = {.store = &_ss_ts_le_via_isrg},
1411 .trust = {.store = &_ss_ts_le_via_isrg},
1429 .trust = {.store = &_ss_ts_le_via_isrg},
1451 .trust = {.store = &_ss_ts_avs_via_starfield},
1474 .trust = {.store = &_ss_ts_avs_via_starfield},
1494 .trust = {.store = &_ss_ts_avs_via_starfield},
1510 .trust = {.store = &_ss_ts_api_amazon_com},
|
| /third_party/openssl/doc/man3/ |
| D | X509_STORE_CTX_new.pod | 51 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
53 int purpose, int trust);
134 certificate itself. In addition the trust store containing trusted certificates
135 can declare what purposes we trust different certificates for. This "trust"
141 administrator might only trust it for the former. An X.509 certificate extension
158 purpose also has an associated default trust value which will also be set at the
159 same time. During verification this trust setting will be verified to check it
160 is consistent with the trust set by the system administrator for certificates in
163 X509_STORE_CTX_set_trust() sets the trust value for the target certificate
164 being verified in the I<ctx>. Built-in available values for the I<trust>
[all …]
|
| D | X509_VERIFY_PARAM_set_flags.pod | 36 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
89 X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
90 B<trust>.
108 neither the end-entity certificate nor the trust-anchor count against this
111 directly by the trust-anchor, while with a B<depth> limit of 1 there can be one
112 intermediate CA certificate between the trust-anchor and the end-entity
121 The signature algorithm security level is not enforced for the chain's I<trust
279 in L<X509_verify_cert(3)> will search the trust store for issuer certificates
283 This is especially important when some certificates in the trust store have
284 explicit trust settings (see "TRUST SETTINGS" in L<x509(1)>).
[all …]
|
| D | i2d_re_X509_tbs.pod | 25 consist of an X509 certificate followed by auxiliary trust information.
30 contains both the certificate and any auxiliary trust information.
|
| /third_party/libwebsockets/lib/secure-streams/ |
| D | policy-common.c | 311 if (!pol->trust.store) { in lws_ss_policy_ref_trust_store()
329 v = lws_get_vhost_by_name(context, pol->trust.store->name); in lws_ss_policy_ref_trust_store()
336 i.vhost_name = pol->trust.store->name; in lws_ss_policy_ref_trust_store()
339 i.client_ssl_ca_mem = pol->trust.store->ssx509[0]->ca_der; in lws_ss_policy_ref_trust_store()
341 pol->trust.store->ssx509[0]->ca_der_len; in lws_ss_policy_ref_trust_store()
345 i.vhost_name, pol->trust.store->ssx509[0]->vhost_name); in lws_ss_policy_ref_trust_store()
355 for (n = 1; v && n < pol->trust.store->count; n++) { in lws_ss_policy_ref_trust_store()
357 pol->trust.store->ssx509[n]->vhost_name); in lws_ss_policy_ref_trust_store()
360 pol->trust.store->ssx509[n]->ca_der, in lws_ss_policy_ref_trust_store()
361 pol->trust.store->ssx509[n]->ca_der_len)) { in lws_ss_policy_ref_trust_store()
[all …]
|
| D | secure-streams.c | 771 if (!h->policy->trust.store) in _lws_ss_client_connect()
776 h->policy->trust.store->name); in _lws_ss_client_connect()
780 h->policy->trust.store->name); in _lws_ss_client_connect()
1229 h->policy->trust.server.cert->ca_der; in lws_ss_create()
1231 h->policy->trust.server.cert->ca_der_len; in lws_ss_create()
1233 h->policy->trust.server.key->ca_der; in lws_ss_create()
1235 h->policy->trust.server.key->ca_der_len; in lws_ss_create()
|
| /third_party/curl/docs/ |
| D | SSLCERTS.md | 20 It is about trust
23 This system is about trust. In your local CA certificate store you have certs
26 trust.
28 Which CAs do you trust? You can decide to trust the same set of companies your
29 operating system trusts, or the set one of the known browsers trust. That's
30 basically trust via someone else you trust. You should just be aware that
31 modern operating systems and browsers are setup to trust *hundreds* of
102 - If you want to trust the certificate, you can add it to your CA
137 p11-kit-nss-trust which makes NSS use the system wide CA certificate store. NSS
172 With these options, you make sure that the TLS connection and the trust of the
|
| /third_party/curl/lib/vtls/ |
| D | sectransp.c | 2339 SecTrustRef trust; local
2340 OSStatus ret = SSLCopyPeerTrust(ctx, &trust);
2341 if(!trust) {
2352 ret = SecTrustSetAnchorCertificates(trust, array);
2355 CFRelease(trust);
2359 ret = SecTrustSetAnchorCertificatesOnly(trust, true);
2362 CFRelease(trust);
2368 ret = SecTrustEvaluate(trust, &trust_eval);
2370 CFRelease(trust);
2444 SecTrustRef trust; local
[all …]
|
| /third_party/openssl/apps/ |
| D | x509.c | 161 STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL; in x509_main()
294 if (trust == NULL && (trust = sk_ASN1_OBJECT_new_null()) == NULL) in x509_main()
296 sk_ASN1_OBJECT_push(trust, objtmp); in x509_main()
610 if (trust != NULL) { in x509_main()
611 for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) { in x509_main()
612 objtmp = sk_ASN1_OBJECT_value(trust, i); in x509_main()
903 sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free); in x509_main()
|
| /third_party/openssl/doc/man1/ |
| D | verify.pod | 175 self-signed trust-anchor, provided it is possible to construct a chain to a
221 trust store to see if an alternative chain can be found that is trusted.
228 to construct a certificate chain from the subject certificate to a trust-anchor.
240 That is, the only trust-anchors are those listed in B<file>.
263 the chain except for the chain's I<trust anchor>, which is either directly
277 end-entity certificate nor the trust-anchor certificate count against the
297 Use default verification policies like trust model and required certificate
299 The trust model determines which auxiliary trust or reject OIDs are applicable
305 These mimics the combinations of purpose and trust settings used in SSL, CMS
307 As of OpenSSL 1.1.0, the trust model is inferred from the purpose when not
[all …]
|
| /third_party/node/doc/guides/contributing/ |
| D | code-of-conduct.md | 19 Open, diverse, and inclusive communities live and die on the basis of trust.
20 Contributors can disagree with one another so long as they trust that those
|
| /third_party/libwebsockets/minimal-examples/embedded/esp32/esp-wrover-kit/main/ |
| D | static-policy.h | 242 .trust = {.store = &_ss_ts_le_via_isrg},
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/src/tls/ |
| D | x509v3.c | 2146 struct x509_certificate *cert, *trust; in x509_certificate_chain_validate() local
2218 for (trust = trusted; trust; trust = trust->next) { in x509_certificate_chain_validate()
2219 if (x509_name_compare(&cert->issuer, &trust->subject) in x509_certificate_chain_validate()
2224 if (trust) { in x509_certificate_chain_validate()
2227 if (x509_valid_issuer(trust) < 0) { in x509_certificate_chain_validate()
2232 if (x509_certificate_check_signature(trust, cert) < 0) in x509_certificate_chain_validate()
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9/src/tls/ |
| D | x509v3.c | 2084 struct x509_certificate *cert, *trust; in x509_certificate_chain_validate() local
2156 for (trust = trusted; trust; trust = trust->next) { in x509_certificate_chain_validate()
2157 if (x509_name_compare(&cert->issuer, &trust->subject) in x509_certificate_chain_validate()
2162 if (trust) { in x509_certificate_chain_validate()
2165 if (x509_valid_issuer(trust) < 0) { in x509_certificate_chain_validate()
2170 if (x509_certificate_check_signature(trust, cert) < 0) in x509_certificate_chain_validate()
|
| /third_party/flutter/skia/resources/text/ |
| D | english.txt | 3 …ountry or territory to which a person belongs, whether it be independent, trust, non-self-governin…
|
| /third_party/skia/resources/text/ |
| D | english.txt | 3 …ountry or territory to which a person belongs, whether it be independent, trust, non-self-governin…
|
| /third_party/openssl/include/openssl/ |
| D | x509_vfy.h | 282 int X509_STORE_set_trust(X509_STORE *ctx, int trust);
508 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
510 int purpose, int trust);
545 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
|