| /freebsd/crypto/openssl/test/recipes/80-test_cmp_http_data/ |
| H A D | test_verification.csv | 1 expected,description, -section,val, -recipient,val, -expect_sender,val, -srvcert,val, -trusted,val,…
4 1,default test, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK, -unp…
6 0,recipient missing arg, -section,, -recipient,,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK, -…
7 …recipient name, -section,, -recipient,_CA_DN/ABC=123,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BL…
8 …uble '/' after value, -section,, -recipient,_CA_DN//,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BL…
9 …ipient name: missing '=', -section,, -recipient,/CDE,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BL…
10 …A v10/OU=For test purpose only/O=CMPforOpenSSL/C=DEE,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BL…
12 …er, -section,, -recipient,_CA_DN, -expect_sender,_SERVER_DN,BLANK,, -trusted,trusted.crt,BLANK,,BL…
13 … missing arg, -section,, -recipient,_CA_DN, -expect_sender,,BLANK,, -trusted,trusted.crt,BLANK,,BL…
14 …ender,/CN=Sample Cert/OU=R&D/O=Company Ltd./L=Dublin 4/C=IE,BLANK,, -trusted,trusted.crt,BLANK,,BL…
[all …]
|
| /freebsd/crypto/krb5/src/tests/ |
| H A D | t_proxy.py | 62 output("running pass 1: issuer not trusted and hostname doesn't match\n")
72 output("running pass 2: subject matches, issuer not trusted\n")
82 output("running pass 3: subjectAltName matches, issuer not trusted\n")
92 output("running pass 4: subject matches, issuer not trusted\n")
100 # Fail: trusted issuer but hostname doesn't match.
101 mark('trusted issuer, hostname mismatch')
102 output("running pass 5: issuer trusted but hostname doesn't match\n")
110 # Succeed: trusted issuer and host name matches subject.
111 mark('trusted issuer, hostname subject match')
112 output("running pass 6: issuer trusted, subject matches\n")
[all …]
|
| /freebsd/sys/contrib/device-tree/Bindings/arm/firmware/ |
| H A D | tlm,trusted-foundations.yaml | 4 $id: http://devicetree.org/schemas/arm/firmware/tlm,trusted-foundations.yaml#
7 title: Trusted Foundations
10 Boards that use the Trusted Foundations secure monitor can signal its
18 const: trusted-foundations
21 const: tlm,trusted-foundations
25 description: major version number of Trusted Foundations firmware
29 description: minor version number of Trusted Foundations firmware
41 trusted-foundations {
42 compatible = "tlm,trusted-foundations";
|
| H A D | tlm,trusted-foundations.txt | 1 Trusted Foundations
4 Boards that use the Trusted Foundations secure monitor can signal its
5 presence by declaring a node compatible with "tlm,trusted-foundations"
9 - compatible: "tlm,trusted-foundations"
10 - tlm,version-major: major version number of Trusted Foundations firmware
11 - tlm,version-minor: minor version number of Trusted Foundations firmware
15 trusted-foundations {
16 compatible = "tlm,trusted-foundations";
|
| /freebsd/contrib/ntp/util/ |
| H A D | ntp-keygen.mdoc.in | 230 but it is possible for a trusted agent (TA) to generate these files
232 The subject name and trusted name default to the hostname
234 It is convenient to designate the owner name and trusted name
237 while the trusted name is used for the identity files.
290 Designate one of them as the trusted host (TH) using
333 Additional information on trusted groups and identity schemes is on the
360 .Ss Trusted Hosts and Groups
376 trusted hosts from which all other hosts derive synchronization
378 Trusted hosts have trusted certificate
[all...] |
| H A D | ntp-keygen.1ntp-keygenmdoc | 230 but it is possible for a trusted agent (TA) to generate these files
232 The subject name and trusted name default to the hostname
234 It is convenient to designate the owner name and trusted name
237 while the trusted name is used for the identity files.
290 Designate one of them as the trusted host (TH) using
333 Additional information on trusted groups and identity schemes is on the
360 .Ss Trusted Hosts and Groups
376 trusted hosts from which all other hosts derive synchronization
378 Trusted hosts have trusted certificate
[all...] |
| H A D | ntp-keygen.1ntp-keygenman | 271 but it is possible for a trusted agent (TA) to generate these files
273 The subject name and trusted name default to the hostname
275 It is convenient to designate the owner name and trusted name
278 while the trusted name is used for the identity files.
339 Designate one of them as the trusted host (TH) using
388 Additional information on trusted groups and identity schemes is on the
417 .SS Trusted Hosts and Groups
433 trusted hosts from which all other hosts derive synchronization
435 Trusted hosts have trusted certificate
[all...] |
| H A D | ntp-keygen.man.in | 271 but it is possible for a trusted agent (TA) to generate these files
273 The subject name and trusted name default to the hostname
275 It is convenient to designate the owner name and trusted name
278 while the trusted name is used for the identity files.
339 Designate one of them as the trusted host (TH) using
388 Additional information on trusted groups and identity schemes is on the
417 .SS Trusted Hosts and Groups
433 trusted hosts from which all other hosts derive synchronization
435 Trusted hosts have trusted certificate
[all...] |
| H A D | ntp-keygen-opts.def | 243 name = trusted-cert;
245 descrip = "trusted certificate (TC scheme)";
247 Generate a trusted certificate. By default, the program generates
248 a non-trusted certificate.
491 but it is possible for a trusted agent (TA) to generate these files
493 The subject name and trusted name default to the hostname
495 It is convenient to designate the owner name and trusted name
498 while the trusted name is used for the identity files.
551 Designate one of them as the trusted host (TH) using
594 Additional information on trusted groups and identity schemes is on the
[all …]
|
| H A D | invoke-ntp-keygen.texi | 225 but it is possible for a trusted agent (TA) to generate these files
227 The subject name and trusted name default to the hostname
229 It is convenient to designate the owner name and trusted name
232 while the trusted name is used for the identity files.
285 Designate one of them as the trusted host (TH) using
328 Additional information on trusted groups and identity schemes is on the
356 @subsubsection Trusted Hosts and Groups
372 trusted hosts from which all other hosts derive synchronization
374 Trusted hosts have trusted certificate
[all...] |
| /freebsd/crypto/openssl/apps/ |
| H A D | verify.c | 51 {"trusted", OPT_TRUSTED, '<', "A file of trusted certificates"},
52 {"CAfile", OPT_CAFILE, '<', "A file of trusted certificates"},
53 {"CApath", OPT_CAPATH, '/', "A directory of files with trusted certificates"},
54 {"CAstore", OPT_CASTORE, ':', "URI to a store of trusted certificates"},
56 "Do not load the default trusted certificates file"},
58 "Do not load trusted certificates from the default directory"},
60 "Do not load trusted certificates from the default certificates store"},
82 STACK_OF(X509) *untrusted = NULL, *trusted = NULL; in verify_main()
157 if (!load_certs(opt_arg(), 0, &trusted, NULL, "trusted certificates")) in verify_main()
201 if (trusted != NULL in verify_main()
[all …]
|
| /freebsd/usr.sbin/certctl/ |
| H A D | certctl.8 | 32 .Nd "tool for managing trusted and untrusted TLS certificates"
54 utility manages the list of TLS Certificate Authorities that are trusted by
79 List all currently trusted certificate authorities.
83 Rebuild the list of trusted certificate authorities by scanning all directories
88 A symbolic link to each trusted certificate is placed in
108 List of paths to search for trusted certificates.
110 .Pa <DESTDIR><DISTBASE>/usr/share/certs/trusted
120 Destination directory for symbolic links to trusted certificates.
|
| /freebsd/contrib/ldns/drill/ |
| H A D | securetrace.c | 20 /* See if there is a key/ds in trusted that matches
24 ds_key_match(ldns_rr_list *ds, ldns_rr_list *trusted)
31 if (!trusted || !ds) {
41 if (!ds || !trusted) {
45 for (i = 0; i < ldns_rr_list_rr_count(trusted); i++) {
46 rr_i = ldns_rr_list_rr(trusted, i);
194 /* Add all preset trusted DS signatures to the list of trusted DS RRs. */ in do_secure_trace()
430 if they match an already trusted DS, or if one of the in do_secure_trace()
431 keys used to sign these is trusted, add the keys to in do_secure_trace()
432 the trusted list */ in do_secure_trace()
[all …]
|
| /freebsd/crypto/openssl/test/ |
| H A D | verify_extra_test.c | 52 * interCA (but not rootCA) and subinterCA (ss) are in the trusted store
184 STACK_OF(X509) *trusted = sk_X509_new_null(); in test_self_signed()
192 ret = ret && TEST_true(sk_X509_push(trusted, cert)); in test_self_signed()
194 X509_STORE_CTX_set0_trusted_stack(ctx, trusted); in test_self_signed()
199 sk_X509_free(trusted); in test_self_signed()
221 /* Verifying a cert where we have no trusted certs should fail */ in test_store_ctx()
230 STACK_OF(X509) *trusted = sk_X509_new_null(); in do_test_purpose()
238 || !TEST_ptr(trusted) in do_test_purpose()
244 if (!TEST_true(sk_X509_push(trusted, trcert))) in do_test_purpose()
259 * we are still responsible for freeing trusted after we have finished with in do_test_purpose()
[all …]
|
| /freebsd/crypto/openssl/crypto/cmp/ |
| H A D | cmp_vfy.c | 100 * Attempt to validate certificate and path using any given store with trusted
102 * and non-trusted intermediate certs from the given ctx.
239 * and the cert must be current (checked if ctx->trusted is not NULL).
250 X509_STORE *ts = ctx->trusted; in cert_acceptable()
348 * OSSL_CMP_CERTREQID) can also be validated with the same trusted store in check_cert_path_3gpp()
373 && (check_cert_path(ctx, ctx->trusted, cert) in check_msg_given_cert()
407 : check_cert_path(ctx, ctx->trusted, cert)) { in check_msg_with_certs()
419 * at its front, then trying the trusted certs in truststore (if any) of ctx.
442 if (ctx->trusted == NULL) { in check_msg_all_certs()
444 : "no trusted store"); in check_msg_all_certs()
[all …]
|
| /freebsd/crypto/openssl/doc/man3/ |
| H A D | X509_STORE_add_cert.pod | 51 and validating chains of certificates terminating in trusted roots.
61 no information about trusted certificates or where such certificates
62 are located on disk, and is generally not usable. Normally, trusted
74 trusted entities such as root certificate authorities (CAs).
75 OpenSSL represents these trusted certificates internally as B<X509> objects
78 The public interfaces that operate on such trusted certificates still
98 X509_STORE_load_file_ex() loads trusted certificate(s) into an
105 X509_STORE_load_path() loads trusted certificate(s) into an
110 X509_STORE_load_store_ex() loads trusted certificate(s) into an
|
| H A D | X509_get_default_cert_file.pod | 7 retrieve default locations for trusted CA certificates
22 to a file containing trusted CA certificates. OpenSSL will use this as
23 the default path when it is asked to load trusted CA certificates
28 list of paths to a directories containing trusted CA certificates named in the
30 asked to load trusted CA certificates from a directory and no other path is
|
| /freebsd/secure/lib/libcrypto/man/man3/ |
| H A D | X509_STORE_add_cert.3 | 110 and validating chains of certificates terminating in trusted roots.
120 no information about trusted certificates or where such certificates
121 are located on disk, and is generally not usable. Normally, trusted
133 trusted entities such as root certificate authorities (CAs).
134 OpenSSL represents these trusted certificates internally as \fBX509\fR objects
137 The public interfaces that operate on such trusted certificates still
157 \&\fBX509_STORE_load_file_ex()\fR loads trusted certificate(s) into an
164 \&\fBX509_STORE_load_path()\fR loads trusted certificate(s) into an
169 \&\fBX509_STORE_load_store_ex()\fR loads trusted certificate(s) into an
|
| /freebsd/secure/usr.bin/openssl/man/ |
| H A D | openssl-verification-options.1 | 83 and ending in a certificate that due to some policy is trusted.
98 for some reason is considered trusted
111 which is a collection of certificates that are trusted for certain uses.
118 In PEM encoding, this is indicated by the \f(CW\*(C`TRUSTED CERTIFICATE\*(C'\fR string.
133 enables all uses when trusted.
202 It must be trusted for the given use.
222 .SS "Trusted Certificate Options"
223 .IX Subsection "Trusted Certificate Options"
237 Load the specified file which contains a trusted certificate in DER format
242 Do not load the default file of trusted certificates.
[all …]
|
| /freebsd/secure/caroot/ |
| H A D | Makefile | 3 SUBDIR+= trusted
8 # To be used by secteam@ to update the trusted certificates
13 @${MAKE} -C ${.CURDIR}/trusted ${.TARGET}
16 perl ${.CURDIR}/MAca-bundle.pl -i certdata.txt -o ${.CURDIR}/trusted
|
| H A D | README | 6 specifically when there is an important change to the list of trusted root
10 1) Remove the old trusted certificates (cleancerts)
15 1) Any no-longer-trusted certificates should be moved to the
33 in the trusted/ directory.
|
| /freebsd/contrib/ldns/ldns/ |
| H A D | dnssec_verify.h | 98 * and a trusted key. The tree only contains pointers to the
348 * Returns OK if there is a trusted path in the tree to one of
354 * \return LDNS_STATUS_OK if there is a trusted path to one of
422 * \param[in] keys the current set of trusted keys
425 * \return the set of trusted keys for the domain, or NULL if no
441 * \param[in] keys the current set of trusted keys
445 * \return the set of trusted keys for the domain, or NULL if no
455 * trusted keys.
459 * \param[in] keys the current set of trusted keys
460 * \return the set of trusted keys for the domain, or NULL if the RRSET
[all …]
|
| /freebsd/share/man/man4/ |
| H A D | tpm.4 | 21 .Nd Trusted Platform Module
48 driver provides support for various trusted platform modules (TPM) that can
91 .%T 11889-1:2009, Information technology -- Trusted Platform Module -- Part 1: Overview
97 .%T 11889-2:2009, Information technology -- Trusted Platform Module -- Part 2: Design principles
103 .%T 11889-3:2009, Information technology -- Trusted Platform Module -- Part 3: Structures
|
| /freebsd/crypto/openssl/doc/man1/ |
| H A D | openssl-verification-options.pod | 26 and ending in a certificate that due to some policy is trusted.
42 for some reason is considered trusted
55 which is a collection of certificates that are trusted for certain uses.
62 In PEM encoding, this is indicated by the C<TRUSTED CERTIFICATE> string.
77 enables all uses when trusted.
168 It must be trusted for the given use.
189 =head2 Trusted Certificate Options
207 Load the specified file which contains a trusted certificate in DER format
213 Do not load the default file of trusted certificates.
217 Use the specified directory as a collection of trusted certificates,
[all …]
|
| /freebsd/secure/lib/libcrypto/man/man7/ |
| H A D | ossl-guide-tls-introduction.7 | 182 .SH "TRUSTED CERTIFICATE STORE"
183 .IX Header "TRUSTED CERTIFICATE STORE"
210 ".0". If they exist then you already have a suitable trusted certificate store.
213 3.2 onwards) will use the default Windows set of trusted CAs.
216 other location and it does not have a set of trusted CA certificates then you
218 page <https://curl.se/docs/caextract.html> where you can download trusted
224 OpenSSL will look for its trusted certificate store. Set the \fBSSL_CERT_PATH\fR
231 trusted certificate store.
233 You can test that your trusted certificate store is setup correctly by using it
259 unable to find a trusted CA for the chain of certificates provided by the server
[all …]
|