Home
last modified time | relevance | path

Searched refs:untrusted (Results 1 – 25 of 79) sorted by relevance

1234

/freebsd/crypto/openssl/test/
H A Dverify_extra_test.c66 STACK_OF(X509) *untrusted = NULL; in test_alt_chains_cert_forgery()
81 untrusted = load_certs_pem(untrusted_f); in test_alt_chains_cert_forgery()
90 if (!X509_STORE_CTX_init(sctx, store, x, untrusted)) in test_alt_chains_cert_forgery()
102 sk_X509_pop_free(untrusted, X509_free); in test_alt_chains_cert_forgery()
231 STACK_OF(X509) *untrusted = sk_X509_new_null(); in do_test_purpose()
239 || !TEST_ptr(untrusted) in do_test_purpose()
247 if (!TEST_true(sk_X509_push(untrusted, untrcert))) in do_test_purpose()
251 if (!TEST_true(X509_STORE_CTX_init(ctx, NULL, eecert, untrusted))) in do_test_purpose()
270 sk_X509_pop_free(untrusted, X509_free); in do_test_purpose()
/freebsd/secure/caroot/
H A DMAca-bundle.pl223 my $untrusted = 0;
237 $untrusted ++;
265 $untrusted++;
271 print "## Untrusted certificates omitted from this bundle: $untrusted\n\n";
273 print STDERR "## Untrusted certificates omitted from this bundle: $untrusted\n";
H A DMakefile4 SUBDIR+= untrusted
H A DREADME16 untrusted directory (git mv)
/freebsd/crypto/openssl/test/recipes/
H A D80-test_ocsp.t33 my $untrusted = shift;
34 if ($untrusted eq "") {
35 $untrusted = $CAfile;
48 "-verify_other", catfile($ocspdir, $untrusted),
H A D60-test_x509_store.t29 my ($cert, $purpose, $trustedpath, $untrusted, @opts) = @_;
34 for (@$untrusted) { push(@args, "-untrusted", srctop_file(@path, "$_.pem")) }
H A D25-test_verify.t21 my ($cert, $purpose, $trusted, $untrusted, @opts) = @_;
27 for (@$untrusted) { push(@args, "-untrusted", srctop_file(@path, "$_.pem")) }
/freebsd/crypto/openssl/test/recipes/80-test_cmp_http_data/
H A Dtest_verification.csv1 …n,val, -recipient,val, -expect_sender,val, -srvcert,val, -trusted,val, -untrusted,val, -ignore_key…
37 0,untrusted missing arg, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt, -untrust…
38 0,untrusted empty file, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt, -untruste…
39 0,untrusted random file, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt, -untrust…
40 0,untrusted file does not exist, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt, …
/freebsd/crypto/openssl/crypto/ts/
H A Dts_rsp_verify.c19 static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
93 STACK_OF(X509) *untrusted = NULL; in TS_RESP_verify_signature()
130 untrusted = sk_X509_new_reserve(NULL, sk_X509_num(certs) in TS_RESP_verify_signature()
132 if (untrusted == NULL in TS_RESP_verify_signature()
133 || !X509_add_certs(untrusted, certs, 0) in TS_RESP_verify_signature()
134 || !X509_add_certs(untrusted, token->d.sign->cert, 0)) in TS_RESP_verify_signature()
136 if (!ts_verify_cert(store, untrusted, signer, &chain)) in TS_RESP_verify_signature()
160 sk_X509_free(untrusted); in TS_RESP_verify_signature()
171 static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, in ts_verify_cert() argument
184 if (!X509_STORE_CTX_init(cert_ctx, store, signer, untrusted)) in ts_verify_cert()
/freebsd/crypto/openssl/crypto/ocsp/
H A Docsp_vfy.c32 STACK_OF(X509) *untrusted, STACK_OF(X509) **chain) in ocsp_verify_signer()
42 if (!X509_STORE_CTX_init(ctx, st, signer, untrusted)) { in ocsp_verify_signer()
103 STACK_OF(X509) *untrusted = NULL; in OCSP_basic_verify()
118 if ((untrusted = sk_X509_dup(bs->certs)) == NULL) in OCSP_basic_verify()
120 if (!X509_add_certs(untrusted, certs, X509_ADD_FLAG_DEFAULT)) in OCSP_basic_verify()
123 ret = ocsp_verify_signer(signer, 1, st, flags, untrusted, &chain); in OCSP_basic_verify()
158 sk_X509_free(untrusted); in OCSP_basic_verify()
/freebsd/crypto/openssl/doc/man1/
H A Dopenssl-verify.pod.in17 [B<-untrusted> I<filename>|I<uri>]
52 successful). Certificates in the chain that came from the untrusted list will be
53 flagged as "untrusted".
67 =item B<-untrusted> I<filename>|I<uri>
69 A file or URI of untrusted certificates to use for chain building.
84 B<-trusted>, B<-untrusted> or B<-CRLfile> options.
H A Dopenssl-pkcs12.pod.in53 [B<-untrusted> I<filename>]
267 and B<-untrusted>.
278 as well as any untrusted CA certificates given with the B<-untrusted> option.
280 =item B<-untrusted> I<filename>
282 An input file of untrusted certificates that may be used
/freebsd/crypto/openssl/apps/
H A Dverify.c82 STACK_OF(X509) *untrusted = NULL, *trusted = NULL; in verify_main()
148 if (!load_certs(opt_arg(), 0, &untrusted, NULL, in verify_main()
224 if (check(store, NULL, untrusted, trusted, crls, show_chain, in verify_main()
229 if (check(store, argv[i], untrusted, trusted, crls, show_chain, in verify_main()
237 sk_X509_pop_free(untrusted, X509_free); in verify_main()
H A Dts.c68 char *untrusted, X509_VERIFY_PARAM *vpm);
73 char *untrusted,
103 {"untrusted", OPT_UNTRUSTED, '<', "Extra untrusted certs"},
153 " -untrusted extra-certs.pem [-data file] [-digest hexstring]",
162 char *untrusted = NULL; in ts_main() local
274 untrusted = opt_arg(); in ts_main()
338 CApath, CAfile, CAstore, untrusted, in ts_main()
852 const char *CAstore, char *untrusted, in verify_command()
872 CApath, CAfile, CAstore, untrusted, in verify_command()
849 verify_command(const char * data,const char * digest,const char * queryfile,const char * in,int token_in,const char * CApath,const char * CAfile,const char * CAstore,char * untrusted,X509_VERIFY_PARAM * vpm) verify_command() argument
897 create_verify_ctx(const char * data,const char * digest,const char * queryfile,const char * CApath,const char * CAfile,const char * CAstore,char * untrusted,X509_VERIFY_PARAM * vpm) create_verify_ctx() argument
[all...]
H A Dpkcs12.c158 char *untrusted = NULL, *ciphername = NULL, *enc_flag = NULL; in pkcs12_main() local
290 untrusted = opt_arg(); in pkcs12_main()
392 if (untrusted != NULL) in pkcs12_main()
579 if (untrusted != NULL) { in pkcs12_main()
580 if (!load_certs(untrusted, 0, &untrusted_certs, passcerts, in pkcs12_main()
/freebsd/crypto/openssl/crypto/cmp/
H A Dcmp_ctx.c58 return ctx->untrusted; in STACK_OF()
67 STACK_OF(X509) *untrusted = NULL; in OSSL_CMP_CTX_set1_untrusted()
73 if (!ossl_x509_add_certs_new(&untrusted, certs, in OSSL_CMP_CTX_set1_untrusted()
76 sk_X509_pop_free(ctx->untrusted, X509_free); in OSSL_CMP_CTX_set1_untrusted()
77 ctx->untrusted = untrusted; in OSSL_CMP_CTX_set1_untrusted()
80 sk_X509_pop_free(untrusted, X509_free); in OSSL_CMP_CTX_set1_untrusted()
121 if ((ctx->untrusted = sk_X509_new_null()) == NULL) in OSSL_CMP_CTX_new()
202 sk_X509_pop_free(ctx->untrusted, X509_free); in OSSL_CMP_CTX_free()
765 if (!ossl_x509_add_certs_new(&ctx->untrusted, candidates, in DEFINE_OSSL_CMP_CTX_set1_up_ref()
770 chain = X509_build_chain(ctx->cert, ctx->untrusted, own_trusted, 0, in DEFINE_OSSL_CMP_CTX_set1_up_ref()
H A Dcmp_vfy.c124 cert, ctx->untrusted)) in OSSL_CMP_validate_cert_path()
420 if (check_msg_with_certs(ctx, ctx->untrusted, "untrusted certs", in check_msg_all_certs()
432 msg->extraCerts, ctx->untrusted, in check_msg_all_certs()
704 if (!X509_add_certs(ctx->untrusted, msg->extraCerts, in ossl_cmp_msg_check_update()
786 if (!X509_add_certs(ctx->untrusted, msg->extraCerts, in ossl_cmp_msg_check_update()
/freebsd/usr.sbin/certctl/
H A Dcertctl.sh120 info "Skipping untrusted certificate $hash ($otherfile)"
172 verbose "Adding $filename to untrusted list"
261 info "Adding $UTFILE to untrusted list"
278 info "Removing $(basename "$UNTRUSTEDFILE") from untrusted list"
283 info "Removing $UTFILE from untrusted list"
304 echo " $SCRIPTNAME [-v] untrusted"
305 echo " List untrusted certificates"
309 echo " Add <file> to the list of untrusted certificates"
311 echo " Remove <file> from the list of untrusted certificates"
341 : ${UNTRUSTPATH:=${DESTDIR}${DISTBASE}/usr/share/certs/untrusted
[all...]
/freebsd/contrib/wpa/src/crypto/
H A Dtls_openssl_ocsp.c498 STACK_OF(X509) *untrusted = NULL, *certs = NULL, *chain = NULL; in check_ocsp_resp()
559 untrusted = sk_X509_dup(basic->certs); in check_ocsp_resp()
560 if (!untrusted) in check_ocsp_resp()
573 if (!sk_X509_push(untrusted, extra_cert)) { in check_ocsp_resp()
612 signer = ocsp_find_signer(untrusted, rd->responderID); in check_ocsp_resp()
641 if (!ctx || !X509_STORE_CTX_init(ctx, store, signer, untrusted)) in check_ocsp_resp()
833 sk_X509_free(untrusted); in check_ocsp_resp()
/freebsd/crypto/openssh/
H A Dauth-options.c799 int untrusted) in sshauthopt_serialise() argument
827 untrusted ? "yes" : opts->cert_principals)) != 0 || in sshauthopt_serialise()
829 untrusted ? "true" : opts->force_command)) != 0 || in sshauthopt_serialise()
831 untrusted ? NULL : opts->required_from_host_cert)) != 0 || in sshauthopt_serialise()
833 untrusted ? NULL : opts->required_from_host_keys)) != 0) in sshauthopt_serialise()
838 untrusted ? 0 : opts->nenv)) != 0 || in sshauthopt_serialise()
840 untrusted ? 0 : opts->npermitopen)) != 0 || in sshauthopt_serialise()
842 untrusted ? 0 : opts->npermitlisten)) != 0) in sshauthopt_serialise()
/freebsd/crypto/openssl/doc/man3/
H A DX509_STORE_CTX_new.pod30 X509 *target, STACK_OF(X509) *untrusted);
91 and a list of additional certificates may be provided in I<untrusted>,
92 which will be untrusted but may be used to build the chain.
93 Each of the I<trust_store>, I<target> and I<untrusted> parameters can be NULL.
98 list of untrusted certificates as its verification target,
129 stack of untrusted certificates associated with I<ctx>.
132 of untrusted certificates associated with I<ctx> to I<sk>.
136 X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates
265 X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates
H A DPKCS7_verify.pod22 I<p7> may contain extra untrusted CA certificates that may be used for
56 L<PKCS7_add_certificate(3)>, are used as untrusted CAs unless B<PKCS7_NOCHAIN>
86 not used as untrusted CAs. This means that the whole verify chain (apart from
/freebsd/secure/caroot/untrusted/
H A DMakefile1 BINDIR= /usr/share/certs/untrusted
/freebsd/etc/mtree/
H A DBSD.root.dist103 untrusted
/freebsd/crypto/openssl/demos/certs/apps/
H A Dmkacerts.sh44 $OPENSSL verify -CAfile root.pem -untrusted intca.pem \

1234