Home
last modified time | relevance | path

Searched refs:trust (Results 1 – 25 of 369) sorted by relevance

12345678910>>...15

/third_party/node/deps/openssl/openssl/crypto/x509/
Dx509_trust.c18 static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
19 static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
20 static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
54 return (*a)->trust - (*b)->trust; in tr_cmp()
57 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, in X509_TRUST_set_default()
61 default_trust = trust; in X509_TRUST_set_default()
106 tmp.trust = id; in X509_TRUST_get_by_id()
113 int X509_TRUST_set(int *t, int trust) in X509_TRUST_set() argument
115 if (X509_TRUST_get_by_id(trust) < 0) { in X509_TRUST_set()
119 *t = trust; in X509_TRUST_set()
[all …]
Dx_x509a.c27 ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
114 if (aux->trust == NULL in X509_add1_trust_object()
115 && (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL) in X509_add1_trust_object()
117 if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp)) in X509_add1_trust_object()
149 sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); in X509_trust_clear()
150 x->aux->trust = NULL; in X509_trust_clear()
165 return x->aux->trust; in STACK_OF()
Dx509_vfy.c424 tr_ok = X509_check_trust(x, ctx->param->trust, X509_TRUST_NO_SS_COMPAT); in check_purpose()
817 int trust; in check_trust() local
824 trust = check_dane_issuer(ctx, num_untrusted); in check_trust()
825 if (trust != X509_TRUST_UNTRUSTED) in check_trust()
826 return trust; in check_trust()
837 trust = X509_check_trust(x, ctx->param->trust, 0); in check_trust()
839 if (trust == X509_TRUST_TRUSTED) in check_trust()
841 if (trust == X509_TRUST_REJECTED) in check_trust()
873 trust = X509_check_trust(mx, ctx->param->trust, 0); in check_trust()
874 if (trust == X509_TRUST_REJECTED) { in check_trust()
[all …]
Dx509_vpm.c91 param->trust = X509_TRUST_DEFAULT; in X509_VERIFY_PARAM_new()
173 x509_verify_param_copy(trust, X509_TRUST_DEFAULT); in X509_VERIFY_PARAM_inherit()
306 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust) in X509_VERIFY_PARAM_set_trust() argument
308 return X509_TRUST_set(&param->trust, trust); in X509_VERIFY_PARAM_set_trust()
Dt_x509.c343 STACK_OF(ASN1_OBJECT) *trust, *reject; in X509_aux_print()
349 trust = X509_get0_trust_objects(x); in X509_aux_print()
351 if (trust) { in X509_aux_print()
354 for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) { in X509_aux_print()
360 sk_ASN1_OBJECT_value(trust, i), 0); in X509_aux_print()
/third_party/openssl/crypto/x509/
Dx509_trust.c18 static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
19 static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
20 static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
54 return (*a)->trust - (*b)->trust; in tr_cmp()
57 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, in X509_TRUST_set_default()
61 default_trust = trust; in X509_TRUST_set_default()
106 tmp.trust = id; in X509_TRUST_get_by_id()
113 int X509_TRUST_set(int *t, int trust) in X509_TRUST_set() argument
115 if (X509_TRUST_get_by_id(trust) < 0) { in X509_TRUST_set()
119 *t = trust; in X509_TRUST_set()
[all …]
Dx_x509a.c27 ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
114 if (aux->trust == NULL in X509_add1_trust_object()
115 && (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL) in X509_add1_trust_object()
117 if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp)) in X509_add1_trust_object()
149 sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); in X509_trust_clear()
150 x->aux->trust = NULL; in X509_trust_clear()
165 return x->aux->trust; in STACK_OF()
Dx509_vfy.c424 tr_ok = X509_check_trust(x, ctx->param->trust, X509_TRUST_NO_SS_COMPAT); in check_purpose()
817 int trust; in check_trust() local
824 trust = check_dane_issuer(ctx, num_untrusted); in check_trust()
825 if (trust != X509_TRUST_UNTRUSTED) in check_trust()
826 return trust; in check_trust()
837 trust = X509_check_trust(x, ctx->param->trust, 0); in check_trust()
839 if (trust == X509_TRUST_TRUSTED) in check_trust()
841 if (trust == X509_TRUST_REJECTED) in check_trust()
873 trust = X509_check_trust(mx, ctx->param->trust, 0); in check_trust()
874 if (trust == X509_TRUST_REJECTED) { in check_trust()
[all …]
Dx509_vpm.c91 param->trust = X509_TRUST_DEFAULT; in X509_VERIFY_PARAM_new()
173 x509_verify_param_copy(trust, X509_TRUST_DEFAULT); in X509_VERIFY_PARAM_inherit()
306 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust) in X509_VERIFY_PARAM_set_trust() argument
308 return X509_TRUST_set(&param->trust, trust); in X509_VERIFY_PARAM_set_trust()
/third_party/libwebsockets/READMEs/
DREADME.jit-trust.md1 # JIT trust
3 ![JIT Trust logo](../doc-assets/jit-trust-logo.png)
7 Most systems using openssl rely on a system trust bundle that openssl was
14 ![Using system trust bundles](../doc-assets/jit-trust-system-trust.png)
25 ![Using system trust bundles](../doc-assets/jit-trust-single-trust.png)
29 "JIT trust".
31 ## JIT trust overview
37 ![JIT Trust overview](../doc-assets/jit-trust-overview.png)
41 connection, if it is one that we do actually trust. If it lies about what CA it
42 needs to validate, or we do not trust the one it asks for, subsequent
[all …]
DREADME.libressl.md27 Libressl by default will look for a trust bundle in `/usr/local/etc/ssl/cert.pem`, you either have …
28 symlink this to your trust bundle if that doesnt happen to be where it is, or give your app the tru…
31 In Fedora, the system trust store can be found at `/etc/pki/tls/cert.pem`, so you can symlink it
/third_party/libwebsockets/minimal-examples/secure-streams/minimal-secure-streams-policy2c/
Dminimal-secure-streams.c266 if (pol->trust.store) { in main()
269 if (a->orig == (const char *)pol->trust.store) in main()
284 a->orig = (const char *)pol->trust.store; in main()
292 for (n = 0; n < pol->trust.store->count; n++) { in main()
293 if (!pol->trust.store->ssx509[n]) in main()
297 if (a1->orig == (const char *)pol->trust.store->ssx509[n]) in main()
313 a1->orig = (const char *)pol->trust.store->ssx509[n]; in main()
317 purify_csymbol(pol->trust.store->ssx509[n]->vhost_name, in main()
320 for (m = 0; m < (int)pol->trust.store->ssx509[n]->ca_der_len; m++) { in main()
324 printf("0x%02X, ", pol->trust.store->ssx509[n]->ca_der[m]); in main()
[all …]
/third_party/libwebsockets/minimal-examples/secure-streams/minimal-secure-streams-staticpolicy/
Dstatic-policy.h1346 .trust = {.store = &_ss_ts_mqtt_amz_iot},
1363 .trust = {.store = &_ss_ts_mqtt_amz_iot},
1379 .trust = {.store = &_ss_ts_le_via_isrg},
1395 .trust = {.store = &_ss_ts_le_via_isrg},
1411 .trust = {.store = &_ss_ts_le_via_isrg},
1429 .trust = {.store = &_ss_ts_le_via_isrg},
1451 .trust = {.store = &_ss_ts_avs_via_starfield},
1474 .trust = {.store = &_ss_ts_avs_via_starfield},
1494 .trust = {.store = &_ss_ts_avs_via_starfield},
1510 .trust = {.store = &_ss_ts_api_amazon_com},
/third_party/openssl/doc/man3/
DX509_STORE_CTX_new.pod52 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
54 int purpose, int trust);
169 certificate itself. In addition the trust store containing trusted certificates
170 can declare what purposes we trust different certificates for. This "trust"
176 administrator might only trust it for the former. An X.509 certificate extension
193 purpose also has an associated default trust value which will also be set at the
194 same time. During verification this trust setting will be verified to check it
195 is consistent with the trust set by the system administrator for certificates in
198 X509_STORE_CTX_set_trust() sets the trust value for the target certificate
199 being verified in the I<ctx>. Built-in available values for the I<trust>
[all …]
DX509_VERIFY_PARAM_set_flags.pod38 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
95 X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
96 B<trust>.
114 neither the end-entity certificate nor the trust-anchor count against this
117 directly by the trust anchor, while with a B<depth> limit of 1 there can be one
118 intermediate CA certificate between the trust anchor and the end-entity
127 The signature algorithm security level is not enforced for the chain's I<trust
300 in L<X509_verify_cert(3)> searches the trust store for issuer certificates
304 This is especially important when some certificates in the trust store have
305 explicit trust settings (see "TRUST SETTINGS" in L<openssl-x509(1)>).
[all …]
DSSL_CTX_get0_param.pod21 int SSL_CTX_set_trust(SSL_CTX *ctx, int trust);
22 int SSL_set_trust(SSL *ssl, int trust);
38 which set the trust parameter on the verification parameters object. These
DX509_verify_cert.pod24 Else the chain must reach a trust anchor contained in I<store>.
31 A self-signed trust anchor is included only if I<target> is the trust anchor
40 a set of certificates serving as trust anchors,
/third_party/libwebsockets/lib/secure-streams/
Dpolicy-common.c311 if (!pol->trust.store) { in lws_ss_policy_ref_trust_store()
329 v = lws_get_vhost_by_name(context, pol->trust.store->name); in lws_ss_policy_ref_trust_store()
336 i.vhost_name = pol->trust.store->name; in lws_ss_policy_ref_trust_store()
339 i.client_ssl_ca_mem = pol->trust.store->ssx509[0]->ca_der; in lws_ss_policy_ref_trust_store()
341 pol->trust.store->ssx509[0]->ca_der_len; in lws_ss_policy_ref_trust_store()
345 i.vhost_name, pol->trust.store->ssx509[0]->vhost_name); in lws_ss_policy_ref_trust_store()
355 for (n = 1; v && n < pol->trust.store->count; n++) { in lws_ss_policy_ref_trust_store()
357 pol->trust.store->ssx509[n]->vhost_name); in lws_ss_policy_ref_trust_store()
360 pol->trust.store->ssx509[n]->ca_der, in lws_ss_policy_ref_trust_store()
361 pol->trust.store->ssx509[n]->ca_der_len)) { in lws_ss_policy_ref_trust_store()
[all …]
/third_party/openssl/doc/man1/
Dopenssl-verification-options.pod39 In general, according to RFC 4158 and RFC 5280, a I<trust anchor> is
44 In practice, trust anchors are given in the form of certificates,
50 is used for matching trust anchors during chain building.
52 In the most simple and common case, trust anchors are by default
53 all self-signed "root" CA certificates that are placed in the I<trust store>,
55 This is akin to what is used in the trust stores of Mozilla Firefox,
58 From the OpenSSL perspective, a trust anchor is a certificate
60 uses of a target certificate the certificate may serve as a trust anchor.
62 Such a designation provides a set of positive trust attributes
63 explicitly stating trust for the listed purposes
[all …]
/third_party/curl/docs/
DSSLCERTS.md19 It is about trust
22 This system is about trust. In your local CA certificate store you have certs
25 certificate authorities you trust.
27 Which certificate authorities do you trust? You can decide to trust the same
29 browsers trust. That is basically trust via someone else you trust. You should
30 just be aware that modern operating systems and browsers are setup to trust
102 - If you want to trust the certificate, you can add it to your CA
154 With these options, you make sure that the TLS connection and the trust of the
Dmk-ca-bundle.md81 list of Mozilla trust purposes and levels for certificates to include in
92 Valid trust levels are: *ALL*, *TRUSTED_DELEGATOR* (default), *NOT_TRUSTED*,
125 The file format used by Mozilla for this trust information is documented here:
127 https://p11-glue.freedesktop.org/doc/storing-trust-policy/storing-trust-existing.html
/third_party/curl/lib/vtls/
Dsectransp.c2247 SecTrustRef trust = NULL; local
2306 ret = SSLCopyPeerTrust(ctx, &trust);
2307 if(!trust) {
2317 ret = SecTrustSetAnchorCertificates(trust, array);
2322 ret = SecTrustSetAnchorCertificatesOnly(trust, true);
2329 ret = SecTrustEvaluate(trust, &trust_eval);
2358 if(trust)
2359 CFRelease(trust);
2420 SecTrustRef trust; local
2424 ret = SSLCopyPeerTrust(ctx, &trust);
[all …]
/third_party/cups/
Dohos-add-openssl.patch442 + * 'httpCredentialsGetTrust()' - Return the trust of credentials.
447 +http_trust_t // O - Level of trust
450 + const char *common_name) // I - Common name for trust lookup
452 + http_trust_t trust = HTTP_TRUST_OK; // Trusted?
493 + // Do not trust certificates on first use...
496 + trust = HTTP_TRUST_INVALID;
503 + trust = HTTP_TRUST_INVALID;
510 + trust = HTTP_TRUST_INVALID;
515 + trust = HTTP_TRUST_RENEWED;
526 + trust = HTTP_TRUST_INVALID;
[all …]
/third_party/openssl/include/openssl/
Dx509_vfy.h.in75 /* This is used for a table of trust checking functions */
77 int trust; member
88 /* standard trust ids */
105 /* No compat trust if self-signed, preempts "DO_SS" */
107 /* Compat trust if no explicit accepted trust EKUs */
109 /* Accept "anyEKU" as a wildcard rejection OID and as a wildcard trust OID */
117 int X509_TRUST_set(int *t, int trust);
136 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
409 int X509_STORE_set_trust(X509_STORE *ctx, int trust);
673 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
[all …]
/third_party/node/deps/openssl/openssl/include/openssl/
Dx509_vfy.h.in75 /* This is used for a table of trust checking functions */
77 int trust; member
88 /* standard trust ids */
105 /* No compat trust if self-signed, preempts "DO_SS" */
107 /* Compat trust if no explicit accepted trust EKUs */
109 /* Accept "anyEKU" as a wildcard rejection OID and as a wildcard trust OID */
117 int X509_TRUST_set(int *t, int trust);
136 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
409 int X509_STORE_set_trust(X509_STORE *ctx, int trust);
673 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
[all …]

12345678910>>...15