| /freebsd/crypto/openssl/doc/man3/ |
| H A D | SSL_CTX_set_cert_verify_callback.pod | 5 SSL_CTX_set_cert_verify_callback - set peer certificate verification procedure
17 SSL_CTX_set_cert_verify_callback() sets the verification callback function for
24 a verification function is called regardless of the verification mode.
25 If the application does not explicitly specify a verification callback function,
26 the built-in verification function is used.
27 If a verification callback I<callback> is specified via
33 I<callback> should return 1 to indicate verification success
34 and 0 to indicate verification failure.
38 if the verification mode is B<SSL_VERIFY_NONE>.
45 typically done in case the certificate verification was not yet able
[all …]
|
| H A D | SSL_CTX_set_verify.pod | 12 - set various SSL/TLS parameters for peer certificate verification
33 SSL_CTX_set_verify() sets the verification flags for B<ctx> to be B<mode> and
37 SSL_set_verify() sets the verification flags for B<ssl> to be B<mode> and
45 of the current SSL object that is doing the verification.
50 This would be typically done in case the certificate verification was not yet
55 information needed for the verification.
57 server certificate verification step.
63 verification that shall be allowed for B<ctx>.
66 verification that shall be allowed for B<ssl>.
81 The verification o
[all...] |
| H A D | X509_STORE_CTX_new.pod | 77 X509_STORE_CTX_init() sets up I<ctx> for a subsequent verification operation.
80 given I<ctx>. Among others, it sets the verification parameters associcated
84 L<X509_STORE_CTX_verify(3)>, i.e., a context is only good for one verification.
95 will need a verification target.
98 list of untrusted certificates as its verification target,
117 verification to I<sk>. These CRLs will only be used if CRL verification is
123 to the verification parameters associated with I<ctx>.
125 X509_STORE_CTX_set0_param() sets the internal verification parameter pointer
145 L<openssl-verification-options(1)/Certification Path Building> and
146 L<openssl-verification-options(1)/Certification Path Validation>.
[all …]
|
| H A D | X509_STORE_CTX_set_verify_cb.pod | 19 - get and set X509_STORE_CTX components such as verification callback
46 X509_STORE_CTX_set_verify_cb() sets the verification callback of B<ctx> to
49 The verification callback can be used to customise the operation of certificate
50 verification, for instance by overriding error conditions or logging errors for
53 However, a verification callback is B<not> essential and the default operation
63 is performing the verification operation. A callback can examine this
68 X509_STORE_CTX_print_verify_cb() is a verification callback function that,
69 when a certificate verification has failed, adds an entry to the error queue
89 In general a verification callback should B<NOT> unconditionally return 1 in
90 all circumstances because this will allow verification to succeed no matter
[all …]
|
| H A D | X509_VERIFY_PARAM_set_flags.pod | 21 - X509 verification parameters
75 a certificate verification operation.
78 it with B<flags>. See L</VERIFICATION FLAGS> for a complete
84 which specifies how verification flags are copied from one structure to
90 X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B<param>
98 X509_VERIFY_PARAM_set_time() sets the verification time in B<param> to
110 X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to B<depth>.
151 certificate verification automatically invokes L<X509_check_host(3)>
157 be suppressed as appropriate when DANE verification is enabled.
197 is specified, certificate verification automatically invokes
[all …]
|
| H A D | SSL_get_verify_result.pod | 5 SSL_get_verify_result - get result of peer certificate verification
15 SSL_get_verify_result() returns the result of the verification of the
20 SSL_get_verify_result() can only return one error code while the verification
22 the last verification error that occurred during the processing is available
25 Sometimes there can be a sequence of errors leading to the verification
32 The verification result is part of the established session and is restored
38 X509_V_OK. This is because no verification error occurred, it does however
50 The verification succeeded or no peer certificate was presented.
|
| H A D | X509_STORE_CTX_get_error.pod | 9 X509_verify_cert_error_string - get or set certificate verification status
30 These functions are typically called after certificate or chain verification
32 an error or in a verification callback to determine the nature of an error.
37 an error, likely because a verification callback function has waived the error.
40 it might be used in a verification callback to set an error based on additional
61 It may be examined by a verification callback invoked to handle each error
62 encountered during chain verification and is no longer required after such a
73 verification is successful. Otherwise the returned chain may be incomplete or
80 verification error I<n>.
92 verification error I<n>.
[all …]
|
| H A D | SSL_set_retry_verify.pod | 5 SSL_set_retry_verify - indicate that certificate verification should be retried
15 SSL_set_retry_verify() should be called from the certificate verification
19 is resumed again by the application, retrying the verification step.
26 verification callback on the client side is undefined.
45 if (/* we need to retry verification callback */)
48 /* do normal processing of the verification callback */
58 incompatible handling of a negative return value from the verification
|
| H A D | SSL_CTX_get_verify_mode.pod | 5 …h, SSL_get_verify_callback, SSL_CTX_get_verify_callback - get currently set verification parameters
20 SSL_CTX_get_verify_mode() returns the verification mode currently set in
23 SSL_get_verify_mode() returns the verification mode currently set in
26 SSL_CTX_get_verify_depth() returns the verification depth limit currently set
30 SSL_get_verify_depth() returns the verification depth limit currently set
34 SSL_CTX_get_verify_callback() returns a function pointer to the verification
38 SSL_get_verify_callback() returns a function pointer to the verification
|
| H A D | SSL_CTX_set1_verify_cert_store.pod | 11 verification or chain store
34 set the certificate store used for certificate verification to B<st>.
60 The verification store is used to verify the certificate chain sent by the
61 peer: that is an SSL/TLS client will use the verification store to verify
67 L<openssl-verification-options(1)/Certification Path Building> and
68 L<openssl-verification-options(1)/Certification Path Validation>.
79 If the chain or the verification store is not set then the store associated
|
| H A D | SSL_CTX_set_ct_validation_callback.pod | 41 TLS handshake with the verification mode set to B<SSL_VERIFY_PEER>, if the peer
43 If the verification mode is B<SSL_VERIFY_NONE>, the handshake will continue
45 However, in that case if the verification status before the built-in callback
49 handshake completion, even after session resumption since the verification
54 handshake continues, and the verification status is not modified, regardless of
69 The TLS handshake is aborted if the verification mode is not B<SSL_VERIFY_NONE>
88 nor to have specified server verification via DANE-TA(2) or DANE-EE(3) TLSA
|
| H A D | X509_verify_cert.pod | 37 The verification context, of type B<X509_STORE_CTX>, can be constructed
43 such as a callback function that allows customizing the verification outcome.
44 A complete description of the certificate verification process is contained in
45 the L<openssl-verification-options(1)> manual page.
78 verification indicated success, the stored error code may be different from
79 X509_V_OK, likely because a verification callback function has waived the error.
|
| H A D | SSL_CTX_get0_param.pod | 7 get and set verification parameters
27 the verification parameters for B<ctx> or B<ssl> respectively. The returned
30 SSL_CTX_set1_param() and SSL_set1_param() set the verification parameters
34 set the purpose parameter on the verification parameters object. These functions
38 which set the trust parameter on the verification parameters object. These
|
| H A D | SSL_CTX_set_cert_store.pod | 5 SSL_CTX_set_cert_store, SSL_CTX_set1_cert_store, SSL_CTX_get_cert_store - manipulate X509 certificate verification storage
17 SSL_CTX_set_cert_store() sets/replaces the certificate verification storage
23 SSL_CTX_set1_cert_store() sets/replaces the certificate verification storage
28 verification storage.
46 the verification takes place. So will e.g. the verify_callback() be
|
| /freebsd/crypto/heimdal/doc/doxyout/hx509/man/man3/ |
| H A D | hx509_verify.3 | 1 .TH "hx509 verification functions" 3 "11 Jan 2012" "Version 1.5.2" "Heimdalx509library" \" -*- nrof…
5 hx509 verification functions \-
192 … the verification context, makes an reference to the keyset, so the consumer can free the keyset i…
196 \fIctx\fP a verification context
204 …estruction of the verification context. If there is no revoke context, the verification process is…
208 \fIctx\fP a verification context.
216 Free an hx509 verification context.
226 Allocate an verification context that is used fo control the verification process.
249 \fIctx\fP A hx509 verification context.
268 \fIctx\fP a verification context
[all …]
|
| /freebsd/secure/lib/libcrypto/man/man3/ |
| H A D | SSL_CTX_set_verify.3 | 147 \&\- set various SSL/TLS parameters for peer certificate verification
168 \&\fBSSL_CTX_set_verify()\fR sets the verification flags for \fBctx\fR to be \fBmode\fR and
172 \&\fBSSL_set_verify()\fR sets the verification flags for \fBssl\fR to be \fBmode\fR and
180 of the current \s-1SSL\s0 object that is doing the verification.
185 This would be typically done in case the certificate verification was not yet
190 information needed for the verification.
192 server certificate verification step.
198 verification that shall be allowed for \fBctx\fR.
201 verification that shall be allowed for \fBssl\fR.
215 The verification of certificates can be controlled by a set of logically
[all …]
|
| H A D | SSL_CTX_set_cert_verify_callback.3 | 140 SSL_CTX_set_cert_verify_callback \- set peer certificate verification procedure
152 \&\fBSSL_CTX_set_cert_verify_callback()\fR sets the verification callback function for
158 a verification function is called regardless of the verification mode.
159 If the application does not explicitly specify a verification callback function,
160 the built-in verification function is used.
161 If a verification callback \fIcallback\fR is specified via
167 \&\fIcallback\fR should return 1 to indicate verification success
168 and 0 to indicate verification failure.
172 if the verification mode is \fB\s-1SSL_VERIFY_NONE\s0\fR.
179 typically done in case the certificate verification was not yet able
[all …]
|
| H A D | X509_VERIFY_PARAM_set_flags.3 | 156 \&\- X509 verification parameters
210 a certificate verification operation.
213 it with \fBflags\fR. See \*(L"\s-1VERIFICATION FLAGS\*(R"\s0 for a complete
219 which specifies how verification flags are copied from one structure to
225 \&\fBX509_VERIFY_PARAM_set_purpose()\fR sets the verification purpose in \fBparam\fR
233 \&\fBX509_VERIFY_PARAM_set_time()\fR sets the verification time in \fBparam\fR to
245 \&\fBX509_VERIFY_PARAM_set_depth()\fR sets the maximum verification depth to \fBdepth\fR.
286 certificate verification automatically invokes \fBX509_check_host\fR\|(3)
292 be suppressed as appropriate when \s-1DANE\s0 verification is enabled.
332 is specified, certificate verification automatically invokes
[all …]
|
| H A D | X509_STORE_CTX_get_error.3 | 144 X509_verify_cert_error_string \- get or set certificate verification status
165 These functions are typically called after certificate or chain verification
167 an error or in a verification callback to determine the nature of an error.
172 an error, likely because a verification callback function has waived the error.
175 it might be used in a verification callback to set an error based on additional
196 It may be examined by a verification callback invoked to handle each error
197 encountered during chain verification and is no longer required after such a
208 verification is successful. Otherwise the returned chain may be incomplete or
217 verification error \fIn\fR.
228 verification error \fIn\fR.
[all …]
|
| H A D | X509_STORE_CTX_set_verify_cb.3 | 154 \&\- get and set X509_STORE_CTX components such as verification callback
181 \&\fBX509_STORE_CTX_set_verify_cb()\fR sets the verification callback of \fBctx\fR to
184 The verification callback can be used to customise the operation of certificate
185 verification, for instance by overriding error conditions or logging errors for
188 However, a verification callback is \fBnot\fR essential and the default operation
198 is performing the verification operation. A callback can examine this
203 \&\fBX509_STORE_CTX_print_verify_cb()\fR is a verification callback function that,
204 when a certificate verification has failed, adds an entry to the error queue
222 In general a verification callback should \fB\s-1NOT\s0\fR unconditionally return 1 in
223 all circumstances because this will allow verification to succeed no matter
[all …]
|
| H A D | X509_STORE_CTX_new.3 | 213 \&\fBX509_STORE_CTX_verify\fR\|(3), i.e., a context is only good for one verification.
224 will need a verification target.
227 list of untrusted certificates as its verification target,
246 verification to \fIsk\fR. These CRLs will only be used if \s-1CRL\s0 verification is
252 to the verification parameters associated with \fIctx\fR.
254 \&\fBX509_STORE_CTX_set0_param()\fR sets the internal verification parameter pointer
274 \&\*(L"Certification Path Building\*(R" in \fBopenssl\-verification\-options\fR\|(1) and
275 \&\*(L"Certification Path Validation\*(R" in \fBopenssl\-verification\-options\fR\|(1).
282 \&\fBX509_STORE_CTX_set_default()\fR looks up and sets the default verification
318 custom \*(L"purpose\*(R" (see below) or supply a nondefault verification callback
[all …]
|
| H A D | SSL_get_verify_result.3 | 140 SSL_get_verify_result \- get result of peer certificate verification
150 \&\fBSSL_get_verify_result()\fR returns the result of the verification of the
154 \&\fBSSL_get_verify_result()\fR can only return one error code while the verification
156 the last verification error that occurred during the processing is available
159 Sometimes there can be a sequence of errors leading to the verification
166 The verification result is part of the established session and is restored
171 X509_V_OK. This is because no verification error occurred, it does however
179 The verification succeeded or no peer certificate was presented.
|
| H A D | SSL_CTX_get_verify_mode.3 | 140 …, SSL_get_verify_callback, SSL_CTX_get_verify_callback \- get currently set verification parameters
155 \&\fBSSL_CTX_get_verify_mode()\fR returns the verification mode currently set in
158 \&\fBSSL_get_verify_mode()\fR returns the verification mode currently set in
161 \&\fBSSL_CTX_get_verify_depth()\fR returns the verification depth limit currently set
165 \&\fBSSL_get_verify_depth()\fR returns the verification depth limit currently set
169 \&\fBSSL_CTX_get_verify_callback()\fR returns a function pointer to the verification
173 \&\fBSSL_get_verify_callback()\fR returns a function pointer to the verification
|
| H A D | SSL_set_retry_verify.3 | 140 SSL_set_retry_verify \- indicate that certificate verification should be retried
150 \&\fBSSL_set_retry_verify()\fR should be called from the certificate verification
154 is resumed again by the application, retrying the verification step.
160 verification callback on the client side is undefined.
178 \& if (/* we need to retry verification callback */)
181 \& /* do normal processing of the verification callback */
190 incompatible handling of a negative return value from the verification
|
| /freebsd/contrib/libfido2/man/ |
| H A D | fido2-token.1 | 174 A PIN or equivalent user-verification gesture is required.
191 A PIN or equivalent user-verification gesture is required.
203 .Dq user verification always
218 A PIN or equivalent user-verification gesture is required.
237 A PIN or equivalent user-verification gesture is required.
264 A PIN or equivalent user-verification gesture is required.
304 A PIN or equivalent user-verification gesture is required.
323 A PIN or equivalent user-verification gesture is required.
342 A PIN or equivalent user-verification gesture is required.
378 .Dq user verification always
[all …]
|