| /freebsd-current/secure/caroot/untrusted/ |
| H A D | Makefile | 2 BINDIR= /usr/share/certs/untrusted
|
| /freebsd-current/crypto/openssl/test/recipes/ |
| H A D | 60-test_x509_store.t | 29 my ($cert, $purpose, $trustedpath, $untrusted, @opts) = @_;
34 for (@$untrusted) { push(@args, "-untrusted", srctop_file(@path, "$_.pem")) }
|
| H A D | 80-test_ocsp.t | 33 my $untrusted = shift;
34 if ($untrusted eq "") {
35 $untrusted = $CAfile;
48 "-verify_other", catfile($ocspdir, $untrusted),
|
| H A D | 25-test_verify.t | 21 my ($cert, $purpose, $trusted, $untrusted, @opts) = @_;
27 for (@$untrusted) { push(@args, "-untrusted", srctop_file(@path, "$_.pem")) }
108 # depending on whether the intermediate is the trusted or untrusted one.
125 "fail non-CA untrusted intermediate");
127 "fail non-CA untrusted intermediate");
143 "fail untrusted partial chain");
163 "fail untrusted partial issuer with ignored server trust");
|
| /freebsd-current/crypto/openssl/test/ |
| H A D | verify_extra_test.c | 54 * leaf and subinterCA are in the untrusted list (untrusted.pem)
66 STACK_OF(X509) *untrusted = NULL;
81 untrusted = load_certs_pem(untrusted_f);
90 if (!X509_STORE_CTX_init(sctx, store, x, untrusted))
102 sk_X509_pop_free(untrusted, X509_free);
231 STACK_OF(X509) *untrusted = sk_X509_new_null();
239 || !TEST_ptr(untrusted)
247 if (!TEST_true(sk_X509_push(untrusted, untrcert)))
251 if (!TEST_true(X509_STORE_CTX_init(ctx, NULL, eecert, untrusted)))
[all...] |
| /freebsd-current/secure/caroot/ |
| H A D | Makefile | 5 SUBDIR+= untrusted
|
| H A D | MAca-bundle.pl | 223 my $untrusted = 0;
237 $untrusted ++;
257 # weed out untrusted certificates
264 warn "Skipping untrusted $labels{$it}\n" if $debug;
265 $untrusted++;
271 print "## Untrusted certificates omitted from this bundle: $untrusted\n\n";
273 print STDERR "## Untrusted certificates omitted from this bundle: $untrusted\n";
|
| /freebsd-current/crypto/openssl/crypto/ts/ |
| H A D | ts_rsp_verify.c | 19 static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
93 STACK_OF(X509) *untrusted = NULL;
130 untrusted = sk_X509_new_reserve(NULL, sk_X509_num(certs)
132 if (untrusted == NULL
133 || !X509_add_certs(untrusted, certs, 0)
134 || !X509_add_certs(untrusted, token->d.sign->cert, 0))
136 if (!ts_verify_cert(store, untrusted, signer, &chain))
160 sk_X509_free(untrusted);
171 static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, argument
184 if (!X509_STORE_CTX_init(cert_ctx, store, signer, untrusted))
[all...] |
| /freebsd-current/usr.sbin/certctl/ |
| H A D | certctl.sh | 120 info "Skipping untrusted certificate $hash ($otherfile)"
172 verbose "Adding $filename to untrusted list"
261 info "Adding $UTFILE to untrusted list"
278 info "Removing $(basename "$UNTRUSTEDFILE") from untrusted list"
283 info "Removing $UTFILE from untrusted list"
304 echo " $SCRIPTNAME [-v] untrusted"
305 echo " List untrusted certificates"
309 echo " Add <file> to the list of untrusted certificates"
311 echo " Remove <file> from the list of untrusted certificates"
341 : ${UNTRUSTPATH:=${DESTDIR}${DISTBASE}/usr/share/certs/untrusted
[all...] |
| /freebsd-current/crypto/openssl/crypto/ocsp/ |
| H A D | ocsp_vfy.c | 32 STACK_OF(X509) *untrusted, STACK_OF(X509) **chain)
42 if (!X509_STORE_CTX_init(ctx, st, signer, untrusted)) {
103 STACK_OF(X509) *untrusted = NULL;
118 if ((untrusted = sk_X509_dup(bs->certs)) == NULL)
120 if (!X509_add_certs(untrusted, certs, X509_ADD_FLAG_DEFAULT))
123 ret = ocsp_verify_signer(signer, 1, st, flags, untrusted, &chain);
158 sk_X509_free(untrusted);
30 ocsp_verify_signer(X509 *signer, int response, X509_STORE *st, unsigned long flags, STACK_OF(X509) *untrusted, STACK_OF(X509) **chain) argument
|
| /freebsd-current/crypto/openssl/apps/ |
| H A D | verify.c | 61 {"untrusted", OPT_UNTRUSTED, '<', "A file of untrusted certificates"},
82 STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
148 if (!load_certs(opt_arg(), 0, &untrusted, NULL,
149 "untrusted certificates"))
224 if (check(store, NULL, untrusted, trusted, crls, show_chain,
229 if (check(store, argv[i], untrusted, trusted, crls, show_chain,
237 sk_X509_pop_free(untrusted, X509_free);
308 BIO_printf(bio_out, " (untrusted)");
|
| H A D | ts.c | 68 char *untrusted, X509_VERIFY_PARAM *vpm);
73 char *untrusted,
103 {"untrusted", OPT_UNTRUSTED, '<', "Extra untrusted certs"},
153 " -untrusted extra-certs.pem [-data file] [-digest hexstring]",
162 char *untrusted = NULL; local
274 untrusted = opt_arg();
338 CApath, CAfile, CAstore, untrusted,
849 const char *CAstore, char *untrusted,
869 CApath, CAfile, CAstore, untrusted,
846 verify_command(const char *data, const char *digest, const char *queryfile, const char *in, int token_in, const char *CApath, const char *CAfile, const char *CAstore, char *untrusted, X509_VERIFY_PARAM *vpm) argument
893 create_verify_ctx(const char *data, const char *digest, const char *queryfile, const char *CApath, const char *CAfile, const char *CAstore, char *untrusted, X509_VERIFY_PARAM *vpm) argument
[all...] |
| H A D | pkcs12.c | 120 {"untrusted", OPT_UNTRUSTED, '<', "Untrusted certificates for chain building"},
158 char *untrusted = NULL, *ciphername = NULL, *enc_flag = NULL; local
290 untrusted = opt_arg();
391 if (untrusted != NULL)
392 WARN_NO_EXPORT("untrusted");
577 /* Load any untrusted certificates for chain building */
578 if (untrusted != NULL) {
579 if (!load_certs(untrusted, 0, &untrusted_certs, passcerts,
580 "untrusted certificates"))
|
| /freebsd-current/crypto/openssl/crypto/cmp/ |
| H A D | cmp_ctx.c | 58 return ctx->untrusted;
62 * Set untrusted certificates for path construction in authentication of
67 STACK_OF(X509) *untrusted = NULL;
73 if (!ossl_x509_add_certs_new(&untrusted, certs,
76 sk_X509_pop_free(ctx->untrusted, X509_free);
77 ctx->untrusted = untrusted;
80 sk_X509_pop_free(untrusted, X509_free);
121 if ((ctx->untrusted = sk_X509_new_null()) == NULL)
202 sk_X509_pop_free(ctx->untrusted, X509_fre
[all...] |
| H A D | cmp_vfy.c | 124 cert, ctx->untrusted))
400 * Verify msg trying first ctx->untrusted, which should include extraCerts
420 if (check_msg_with_certs(ctx, ctx->untrusted, "untrusted certs",
432 msg->extraCerts, ctx->untrusted,
538 * else it is searched in msg->extraCerts, ctx->untrusted, in ctx->trusted
647 * Any msg->extraCerts are prepended to ctx->untrusted.
704 if (!X509_add_certs(ctx->untrusted, msg->extraCerts,
786 if (!X509_add_certs(ctx->untrusted, msg->extraCerts,
|
| H A D | cmp_protect.c | 144 /* if not yet done try to build chain using available untrusted certs */
148 ctx->chain = X509_build_chain(ctx->cert, ctx->untrusted, NULL, 0,
301 * from ctx->untrusted, and then ctx->extraCertsOut
|
| H A D | cmp_client.c | 471 * ctx->untrusted, which at this point already contains msg->extraCerts.
497 chain = X509_build_chain(cert, ctx->untrusted, out_trusted,
505 if (!X509_STORE_CTX_init(csc, out_trusted, cert, ctx->untrusted))
|
| /freebsd-current/contrib/wpa/src/crypto/ |
| H A D | tls_openssl_ocsp.c | 504 STACK_OF(X509) *untrusted = NULL, *certs = NULL, *chain = NULL;
565 untrusted = sk_X509_dup(basic->certs);
566 if (!untrusted)
579 if (!sk_X509_push(untrusted, extra_cert)) {
581 "OpenSSL: Could not add certificate to the untrusted stack");
618 signer = ocsp_find_signer(untrusted, rd->responderID);
646 if (!X509_STORE_CTX_init(&ctx, store, signer, untrusted))
838 sk_X509_free(untrusted);
|
| /freebsd-current/crypto/openssh/ |
| H A D | auth-options.c | 799 int untrusted)
827 untrusted ? "yes" : opts->cert_principals)) != 0 ||
829 untrusted ? "true" : opts->force_command)) != 0 ||
831 untrusted ? NULL : opts->required_from_host_cert)) != 0 ||
833 untrusted ? NULL : opts->required_from_host_keys)) != 0)
838 untrusted ? 0 : opts->nenv)) != 0 ||
840 untrusted ? 0 : opts->npermitopen)) != 0 ||
842 untrusted ? 0 : opts->npermitlisten)) != 0)
798 sshauthopt_serialise(const struct sshauthopt *opts, struct sshbuf *m, int untrusted) argument
|
| /freebsd-current/crypto/openssl/demos/certs/apps/ |
| H A D | mkacerts.sh | 44 $OPENSSL verify -CAfile root.pem -untrusted intca.pem \
|
| /freebsd-current/contrib/bmake/unit-tests/ |
| H A D | opt-debug-file.mk | 23 # untrusted input in variables.
|
| /freebsd-current/crypto/openssl/crypto/x509/ |
| H A D | x509_vfy.c | 256 if (ctx->cert == NULL && sk_X509_num(ctx->untrusted) >= 1)
257 ctx->cert = sk_X509_value(ctx->untrusted, 0);
887 * If no trusted certs in chain at all return untrusted and allow
1299 * untrusted certificates.
1301 for (i = 0; i < sk_X509_num(ctx->untrusted); i++) {
1302 crl_issuer = sk_X509_value(ctx->untrusted, i);
1327 if (!X509_STORE_CTX_init(&crl_ctx, ctx->store, x, ctx->untrusted))
2332 ctx->untrusted = chain;
2515 return ctx->untrusted;
2520 ctx->untrusted
[all...] |
| /freebsd-current/crypto/openssl/include/crypto/ |
| H A D | x509.h | 220 /* chain of X509s - untrusted - passed in */
221 STACK_OF(X509) *untrusted; member in struct:x509_store_ctx_st
255 /* number of untrusted certs */
|
| /freebsd-current/crypto/openssl/ssl/ |
| H A D | ssl_cert.c | 880 STACK_OF(X509) *chain = NULL, *untrusted = NULL;
911 untrusted = cpk->chain;
919 if (!X509_STORE_CTX_init(xs_ctx, chain_store, cpk->x509, untrusted)) {
|
| /freebsd-current/crypto/openssh/contrib/suse/ |
| H A D | openssh.spec | 54 two untrusted hosts over an insecure network. X11 connections and
68 two untrusted hosts over an insecure network. X11 connections and
|