Home
last modified time | relevance | path

Searched refs:trust (Results 1 – 25 of 679) sorted by relevance

12345678910>>...28

/netbsd-src/crypto/external/bsd/openssl.old/dist/crypto/x509/
H A Dx509_trs.c18 static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
19 static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
20 static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
54 return (*a)->trust - (*b)->trust; in tr_cmp()
57 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, in X509_TRUST_set_default()
61 default_trust = trust; in X509_TRUST_set_default()
106 tmp.trust = id; in X509_TRUST_get_by_id()
113 int X509_TRUST_set(int *t, int trust) in X509_TRUST_set() argument
115 if (X509_TRUST_get_by_id(trust) == -1) { in X509_TRUST_set()
119 *t = trust; in X509_TRUST_set()
[all …]
H A Dx_x509a.c27 ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
114 if (aux->trust == NULL in X509_add1_trust_object()
115 && (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL) in X509_add1_trust_object()
117 if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp)) in X509_add1_trust_object()
144 sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); in X509_trust_clear()
145 x->aux->trust = NULL; in X509_trust_clear()
160 return x->aux->trust; in STACK_OF()
H A Dx509_vfy.c427 tr_ok = X509_check_trust(x, ctx->param->trust, X509_TRUST_NO_SS_COMPAT); in check_purpose()
784 int trust; in check_trust() local
791 switch (trust = check_dane_issuer(ctx, num_untrusted)) { in check_trust()
794 return trust; in check_trust()
806 trust = X509_check_trust(x, ctx->param->trust, 0); in check_trust()
808 if (trust == X509_TRUST_TRUSTED) in check_trust()
810 if (trust == X509_TRUST_REJECTED) in check_trust()
839 trust = X509_check_trust(mx, ctx->param->trust, 0); in check_trust()
840 if (trust == X509_TRUST_REJECTED) { in check_trust()
2177 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) in X509_STORE_CTX_set_trust() argument
[all …]
/netbsd-src/crypto/external/bsd/openssl/dist/crypto/x509/
H A Dx509_trust.c18 static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
19 static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
20 static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
54 return (*a)->trust - (*b)->trust; in tr_cmp()
57 int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, in X509_TRUST_set_default()
61 default_trust = trust; in X509_TRUST_set_default()
106 tmp.trust = id; in X509_TRUST_get_by_id()
113 int X509_TRUST_set(int *t, int trust) in X509_TRUST_set() argument
115 if (X509_TRUST_get_by_id(trust) < 0) { in X509_TRUST_set()
119 *t = trust; in X509_TRUST_set()
[all …]
H A Dx_x509a.c27 ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
114 if (aux->trust == NULL in X509_add1_trust_object()
115 && (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL) in X509_add1_trust_object()
117 if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp)) in X509_add1_trust_object()
149 sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); in X509_trust_clear()
150 x->aux->trust = NULL; in X509_trust_clear()
165 return x->aux->trust; in STACK_OF()
H A Dx509_vfy.c424 tr_ok = X509_check_trust(x, ctx->param->trust, X509_TRUST_NO_SS_COMPAT); in check_purpose()
817 int trust; in check_trust() local
824 trust = check_dane_issuer(ctx, num_untrusted); in check_trust()
825 if (trust != X509_TRUST_UNTRUSTED) in check_trust()
826 return trust; in check_trust()
837 trust = X509_check_trust(x, ctx->param->trust, 0); in check_trust()
839 if (trust == X509_TRUST_TRUSTED) in check_trust()
841 if (trust == X509_TRUST_REJECTED) in check_trust()
873 trust = X509_check_trust(mx, ctx->param->trust, 0); in check_trust()
874 if (trust == X509_TRUST_REJECTED) { in check_trust()
[all …]
/netbsd-src/external/mpl/bind/dist/lib/dns/
H A Dncache.c40 * trust
138 dns_trust_t trust; in addoptout()
169 trust = 0xffff; in addoptout()
203 if (trust > rdataset->trust) { in addoptout()
204 trust = rdataset->trust; in addoptout()
226 (unsigned char)rdataset->trust); in addoptout()
260 if (trust == 0xffff) { in addoptout()
268 trust in addoptout()
130 dns_trust_t trust; addoptout() local
506 rdataset_settrust(dns_rdataset_t * rdataset,dns_trust_t trust) rdataset_settrust() argument
541 dns_trust_t trust = dns_trust_none; dns_ncache_getrdataset() local
615 dns_trust_t trust = dns_trust_none; dns_ncache_getsigrdataset() local
712 dns_trust_t trust; dns_ncache_current() local
[all...]
H A Drdataset.c44 dns_trust_totext(dns_trust_t trust) { in dns_trust_totext() argument
45 if (trust >= sizeof(trustnames) / sizeof(*trustnames)) { in dns_trust_totext()
48 return trustnames[trust]; in dns_trust_totext()
594 dns_rdataset_settrust(dns_rdataset_t *rdataset, dns_trust_t trust) { in dns_rdataset_additionaldata()
599 (rdataset->methods->settrust)(rdataset, trust); in dns_rdataset_additionaldata()
601 rdataset->trust = trust; in dns_rdataset_additionaldata()
660 dns_rdataset_settrust(dns_rdataset_t * rdataset,dns_trust_t trust) dns_rdataset_settrust() argument
H A Dvalidator.c195 * Mark the rdatasets in val->vstat with trust level "answer", in markanswer()
221 * Mark the RRsets in val->vstat with trust level secure. in validator_done()
429 validator_log(val, ISC_LOG_DEBUG(3), "%s with trust %s", in fetch_callback_dnskey()
432 dns_trust_totext(rdataset->trust)); in fetch_callback_dnskey()
437 rdataset->trust >= dns_trust_secure) in fetch_callback_dnskey()
460 * walking a trust chain, or an insecurity proof. in fetch_callback_dnskey()
473 * trust; false if we're attempting to prove insecurity. in fetch_callback_dnskey()
505 "dsset with trust %s", in fetch_callback_ds()
506 dns_trust_totext(rdataset->trust)); in fetch_callback_ds()
516 * chain of trust; no in fetch_callback_ds()
[all...]
/netbsd-src/external/mpl/dhcp/bind/dist/lib/dns/
H A Dncache.c130 dns_trust_t trust; in addoptout() local
161 trust = 0xffff; in addoptout()
195 if (trust > rdataset->trust) { in addoptout()
196 trust = rdataset->trust; in addoptout()
218 (unsigned char)rdataset->trust); in addoptout()
252 if (trust == 0xffff) { in addoptout()
260 trust = dns_trust_authauthority; in addoptout()
262 trust = dns_trust_additional; in addoptout()
267 INSIST(trust != 0xffff); in addoptout()
274 if (!secure && trust > dns_trust_answer) { in addoptout()
[all …]
H A Drdataset.c44 dns_trust_totext(dns_trust_t trust) { in dns_trust_totext() argument
45 if (trust >= sizeof(trustnames) / sizeof(*trustnames)) { in dns_trust_totext()
48 return (trustnames[trust]); in dns_trust_totext()
67 rdataset->trust = 0; in dns_rdataset_init()
95 rdataset->trust = 0; in dns_rdataset_invalidate()
121 rdataset->trust = 0; in dns_rdataset_disassociate()
661 dns_rdataset_settrust(dns_rdataset_t *rdataset, dns_trust_t trust) { in dns_rdataset_settrust() argument
666 (rdataset->methods->settrust)(rdataset, trust); in dns_rdataset_settrust()
668 rdataset->trust = trust; in dns_rdataset_settrust()
H A Dvalidator.c425 dns_trust_totext(rdataset->trust)); in fetch_callback_dnskey()
430 rdataset->trust >= dns_trust_secure) in fetch_callback_dnskey()
546 dns_trust_totext(rdataset->trust)); in fetch_callback_ds()
666 dns_trust_totext(val->frdataset.trust)); in validator_callback_dnskey()
670 if (val->frdataset.trust >= dns_trust_secure) { in validator_callback_dnskey()
743 dns_trust_totext(val->frdataset.trust)); in validator_callback_ds()
810 dns_trust_totext(val->frdataset.trust)); in validator_callback_cname()
883 rdataset->trust == dns_trust_secure && in validator_callback_nsec()
1251 if ((DNS_TRUST_PENDING(val->frdataset.trust) || in seek_dnskey()
1252 DNS_TRUST_ANSWER(val->frdataset.trust)) && in seek_dnskey()
[all …]
/netbsd-src/external/bsd/unbound/dist/testdata/07-confroot.tdir/
H A D07-confroot.test32 trust-anchor-file: "$subdir/trustanchor.conf"
33 trust-anchor-file: "/subdir/trustanchor.conf"
34 trust-anchor-file: "trustanchor.conf"
77 trust-anchor-file: "$subdir/trustanchor.conf"
78 trust-anchor-file: "/subdir/trustanchor.conf"
79 trust-anchor-file: "trustanchor.conf"
108 trust-anchor-file: "$subdir/trustanchor.conf"
109 trust-anchor-file: "/subdir/trustanchor.conf"
110 trust-anchor-file: "trustanchor.conf"
139 #trust-anchor-file: "$subdir/trustanchor.conf"
[all …]
/netbsd-src/crypto/external/bsd/openssl.old/dist/doc/man3/
H A DX509_STORE_CTX_new.pod51 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
53 int purpose, int trust);
134 certificate itself. In addition the trust store containing trusted certificates
135 can declare what purposes we trust different certificates for. This "trust"
141 administrator might only trust it for the former. An X.509 certificate extension
158 purpose also has an associated default trust value which will also be set at the
159 same time. During verification this trust setting will be verified to check it
160 is consistent with the trust set by the system administrator for certificates in
163 X509_STORE_CTX_set_trust() sets the trust value for the target certificate
164 being verified in the I<ctx>. Built-in available values for the I<trust>
[all …]
H A DX509_VERIFY_PARAM_set_flags.pod36 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
89 X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
90 B<trust>.
107 neither the end-entity certificate nor the trust-anchor count against this
110 directly by the trust-anchor, while with a B<depth> limit of 1 there can be one
111 intermediate CA certificate between the trust-anchor and the end-entity
120 The signature algorithm security level is not enforced for the chain's I<trust
278 in L<X509_verify_cert(3)> will search the trust store for issuer certificates
282 This is especially important when some certificates in the trust store have
283 explicit trust settings (see "TRUST SETTINGS" in L<x509(1)>).
[all …]
/netbsd-src/crypto/external/bsd/openssl/dist/doc/man3/
H A DX509_STORE_CTX_new.pod52 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
54 int purpose, int trust);
169 certificate itself. In addition the trust store containing trusted certificates
170 can declare what purposes we trust different certificates for. This "trust"
176 administrator might only trust it for the former. An X.509 certificate extension
193 purpose also has an associated default trust value which will also be set at the
194 same time. During verification this trust setting will be verified to check it
195 is consistent with the trust set by the system administrator for certificates in
198 X509_STORE_CTX_set_trust() sets the trust value for the target certificate
199 being verified in the I<ctx>. Built-in available values for the I<trust>
[all …]
H A DX509_VERIFY_PARAM_set_flags.pod38 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
95 X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
96 B<trust>.
114 neither the end-entity certificate nor the trust-anchor count against this
117 directly by the trust anchor, while with a B<depth> limit of 1 there can be one
118 intermediate CA certificate between the trust anchor and the end-entity
127 The signature algorithm security level is not enforced for the chain's I<trust
300 in L<X509_verify_cert(3)> searches the trust store for issuer certificates
304 This is especially important when some certificates in the trust store have
305 explicit trust settings (see "TRUST SETTINGS" in L<openssl-x509(1)>).
[all …]
/netbsd-src/external/mpl/mozilla-certdata/share/
H A DMakefile17 $D_CERTS!= cat ${.CURDIR:Q}/$D.trust
58 # and commit certs/ and *.trust.
66 rm -f ${TRUSTDOMAINS:=.trust}
71 -v CODETRUST=code.trust \
72 -v EMAILTRUST=email.trust \
74 -v SERVERTRUST=server.trust \
/netbsd-src/external/bsd/unbound/dist/services/cache/
H A Drrset.c140 if( newd->trust > cached->trust ) { in need_to_update_rrset()
152 if( newd->trust == cached->trust && !equal ) { in need_to_update_rrset()
389 if(updata->trust > cachedata->trust) in rrset_update_sec_status()
390 cachedata->trust = updata->trust; in rrset_update_sec_status()
437 if(cachedata->trust > updata->trust) in rrset_check_sec_status()
438 updata->trust = cachedata->trust; in rrset_check_sec_status()
/netbsd-src/external/mpl/bind/dist/doc/arm/
H A Dmanaged-keys.inc.rst17 BIND is able to maintain DNSSEC trust anchors using :rfc:`5011` key
25 To configure a validating resolver to use :rfc:`5011` to maintain a trust
26 anchor, configure the trust anchor using a :any:`trust-anchors` statement and
28 the :any:`trust-anchors` statement description.
33 To set up an authoritative zone for :rfc:`5011` trust anchor maintenance,
39 :rfc:`5011`-managed trust anchor takes note of the stand-by KSKs in the
43 trust anchor for the zone. Anytime after this 30-day acceptance timer
67 it appears, that key is never again accepted as a valid trust
/netbsd-src/external/bsd/unbound/dist/testdata/ede.tdir/bogus/
H A Dmake-broken-zone.sh18 …S 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d" > bogus/trust-anchors
23 cat $CSK.ds >> bogus/trust-anchors
47 cat $CSK.ds >> bogus/trust-anchors
58 cat $CSK.ds >> bogus/trust-anchors
69 cat $CSK.ds >> bogus/trust-anchors
/netbsd-src/external/bsd/unbound/dist/testdata/
H A Dautotrust_revtp.rpl6 trust-anchor-signaling: no
11 ; autotrust trust anchor file
24 SCENARIO_BEGIN Test autotrust with trust point revocation
113 ; autotrust trust anchor file
116 ; considered as if it has no trust anchors.
118 ; to restart the trust anchor, overwrite this file.
138 ; correct unsigned response works after trust point revocation.
H A Dautotrust_revtp_use.rpl8 trust-anchor-signaling: no
13 ; autotrust trust anchor file
26 SCENARIO_BEGIN Test autotrust with trust point revocation and instant use
124 ; correct unsigned response works after trust point revocation.
138 ; autotrust trust anchor file
141 ; considered as if it has no trust anchors.
143 ; to restart the trust anchor, overwrite this file.
H A Dautotrust_rollalgo_unknown.rpl6 trust-anchor-signaling: no
192 ; autotrust trust anchor file
210 ; autotrust trust anchor file
228 ; autotrust trust anchor file
246 ; autotrust trust anchor file
264 ; autotrust trust anchor file
283 ; autotrust trust anchor file
286 ; considered as if it has no trust anchors.
288 ; to restart the trust anchor, overwrite this file.
307 ; autotrust trust anchor file
[all …]
H A Dautotrust_revtp_read.rpl11 ; autotrust trust anchor file
14 ; considered as if it has no trust anchors.
16 ; to restart the trust anchor, overwrite this file.
30 SCENARIO_BEGIN Test autotrust with revoked trust point read back from config
98 ; correct unsigned response works after trust point revocation.

12345678910>>...28