Home
last modified time | relevance | path

Searched refs:trusted (Results 1 – 25 of 76) sorted by relevance

1234

/openssl/test/recipes/80-test_cmp_http_data/
H A Dtest_verification.csv4 1,default test, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK, -unp…
6 0,recipient missing arg, -section,, -recipient,,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK, -…
30 0,srvcert missing arg, -section,, -recipient,"""",BLANK,, -srvcert,, -trusted,trusted.crt,BLANK,,BL…
31 0,wrong srvcert and -trusted ignored, -section,, -recipient,"""",BLANK,, -srvcert,signer.crt,-trust…
37 0,trusted missing arg, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,,BLANK,,BLANK, -unprote…
39 0,trusted empty file, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,empty.txt,BLANK,,BLANK, …
40 0,trusted random file, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,random.bin,BLANK,,BLANK…
41 0,trusted file does not exist, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,idontexist,BLAN…
43 0,untrusted missing arg, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt, -untrust…
50 0,ignorekeyusage with parameter, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt,B…
[all …]
/openssl/test/
H A Dverify_extra_test.c184 STACK_OF(X509) *trusted = sk_X509_new_null(); in test_self_signed()
192 ret = ret && TEST_true(sk_X509_push(trusted, cert)); in test_self_signed()
194 X509_STORE_CTX_set0_trusted_stack(ctx, trusted); in test_self_signed()
199 sk_X509_free(trusted); in test_self_signed()
230 STACK_OF(X509) *trusted = sk_X509_new_null(); in do_test_purpose()
238 || !TEST_ptr(trusted) in do_test_purpose()
244 if (!TEST_true(sk_X509_push(trusted, trcert))) in do_test_purpose()
262 X509_STORE_CTX_set0_trusted_stack(ctx, trusted); in do_test_purpose()
269 OSSL_STACK_OF_X509_free(trusted); in do_test_purpose()
H A Dx509aux.c37 const int trusted = (strcmp(name, PEM_STRING_X509_TRUSTED) == 0); in test_certs() local
38 d2i_X509_t d2i = trusted ? d2i_X509_AUX : d2i_X509; in test_certs()
39 i2d_X509_t i2d = trusted ? i2d_X509_AUX : i2d_X509; in test_certs()
47 if (!trusted in test_certs()
123 if (trusted) { in test_certs()
/openssl/crypto/cmp/
H A Dcmp_vfy.c250 X509_STORE *ts = ctx->trusted; in cert_acceptable()
373 && (check_cert_path(ctx, ctx->trusted, cert) in check_msg_given_cert()
407 : check_cert_path(ctx, ctx->trusted, cert)) { in check_msg_with_certs()
442 if (ctx->trusted == NULL) { in check_msg_all_certs()
446 STACK_OF(X509) *trusted = X509_STORE_get1_all_certs(ctx->trusted); in check_msg_all_certs()
448 ret = check_msg_with_certs(ctx, trusted, in check_msg_all_certs()
453 OSSL_STACK_OF_X509_free(trusted); in check_msg_all_certs()
602 if (ctx->trusted != NULL) { in OSSL_CMP_validate_msg()
635 if (ctx->trusted == NULL && ctx->secretValue != NULL) { in OSSL_CMP_validate_msg()
860 if (ctx->trusted != NULL) { in ossl_cmp_msg_check_update()
[all …]
H A Dcmp_genm.c249 verify_ss_cert_trans(OSSL_CMP_CTX *ctx, X509 *trusted /* may be NULL */, in verify_ss_cert_trans() argument
257 if (trusted != NULL) { in verify_ss_cert_trans()
263 || !X509_STORE_add_cert(ts, trusted)) in verify_ss_cert_trans()
277 desc, trusted == NULL ? "using trust store" in verify_ss_cert_trans()
282 if (trusted != NULL) in verify_ss_cert_trans()
H A Dcmp_ctx.c38 DEFINE_OSSL_CMP_CTX_get0_NAME(trusted, trusted, X509_STORE) in DEFINE_OSSL_CMP_CTX_get0_NAME() argument
59 DEFINE_OSSL_set0_NAME(OSSL_CMP_CTX, trusted, trusted, X509_STORE)
213 X509_STORE_free(ctx->trusted); in OSSL_CMP_CTX_free()
/openssl/apps/
H A Dverify.c82 STACK_OF(X509) *untrusted = NULL, *trusted = NULL; in verify_main()
157 if (!load_certs(opt_arg(), 0, &trusted, NULL, "trusted certificates")) in verify_main()
201 if (trusted != NULL in verify_main()
224 if (check(store, NULL, untrusted, trusted, crls, show_chain, in verify_main()
229 if (check(store, argv[i], untrusted, trusted, crls, show_chain, in verify_main()
238 OSSL_STACK_OF_X509_free(trusted); in verify_main()
H A Dct_log_list.cnf2 # that are to be trusted.
/openssl/doc/man3/
H A DX509_STORE_add_cert.pod51 and validating chains of certificates terminating in trusted roots.
61 no information about trusted certificates or where such certificates
62 are located on disk, and is generally not usable. Normally, trusted
74 trusted entities such as root certificate authorities (CAs).
75 OpenSSL represents these trusted certificates internally as B<X509> objects
78 The public interfaces that operate on such trusted certificates still
98 X509_STORE_load_file_ex() loads trusted certificate(s) into an
105 X509_STORE_load_path() loads trusted certificate(s) into an
110 X509_STORE_load_store_ex() loads trusted certificate(s) into an
H A DX509_get_default_cert_file.pod7 retrieve default locations for trusted CA certificates
22 to a file containing trusted CA certificates. OpenSSL will use this as
23 the default path when it is asked to load trusted CA certificates
28 list of paths to a directories containing trusted CA certificates named in the
30 asked to load trusted CA certificates from a directory and no other path is
H A DPKCS7_verify.pod27 the trusted certificate store to use for chain verification.
56 using the trusted certificate store I<store> if supplied.
89 the signer's certificates) must be contained in the trusted store.
109 signer it cannot be trusted without additional evidence (such as a trusted
122 The trusted certificate store is not searched for the signer's certificates.
H A DOSSL_CMP_validate_msg.pod33 then all trusted certificates provided via L<OSSL_CMP_CTX_set0_trusted(3)>.
58 path using the given store of trusted certs (possibly including CRLs and a cert
59 verification callback) and non-trusted intermediate certs from the I<ctx>.
H A DCMS_verify.pod34 the trusted certificate store to use for chain verification.
69 using the trusted certificate store I<store> if supplied.
130 signer it cannot be trusted without additional evidence (such as a trusted
146 The trusted certificate store is not searched for the signing certificate.
H A DRAND_add.pod34 itself automatically using trusted system entropy sources.
42 random input obtained from polling various trusted entropy sources.
59 be a trusted entropy source. It is mixed into the internal state of the RNG as
H A DSSL_CTX_set_cert_store.pod32 In order to verify the certificates presented by the peer, trusted CA
37 Typically the trusted certificate store is handled indirectly via using
/openssl/test/recipes/80-test_cmp_http_data/Mock/
H A Dtest.cnf5 trusted = trusted.crt
79 trusted =
H A Dserver.cnf16 rsp_capubs = trusted.crt
/openssl/doc/man1/
H A Dopenssl-verify.pod.in16 [B<-trusted> I<filename>|I<uri>]
59 =item B<-trusted> I<filename>|I<uri>
61 A file or URI of (more or less) trusted certificates.
84 B<-trusted>, B<-untrusted> or B<-CRLfile> options.
H A Dopenssl-verification-options.pod26 and ending in a certificate that due to some policy is trusted.
41 for some reason is considered trusted
54 which is a collection of certificates that are trusted for certain uses.
76 enables all uses when trusted.
166 It must be trusted for the given use.
211 Do not load the default file of trusted certificates.
215 Use the specified directory as a collection of trusted certificates,
224 Do not use the default directory of trusted certificates.
241 Do not use the default store of trusted CA certificates.
404 via B<-CAfile>, B<-CApath>, B<-CAstore> or B<-trusted> are always used
[all …]
H A Dopenssl-x509.pod.in574 A B<trusted certificate> is an ordinary certificate which has several
579 must be "trusted". By default a trusted certificate must be stored
585 For example, a CA may be trusted for SSL client but not SSL server use.
597 Mark any certificate PEM output as <trusted> certificate rather than ordinary.
598 An ordinary or trusted certificate can be input but by default an ordinary
600 With the B<-trustout> option a trusted certificate is output. A trusted
610 Clears all the permitted or trusted uses of the certificate.
614 Adds a trusted certificate use.
618 enables all purposes when trusted.
783 Set a certificate to be trusted for SSL client use and change set its alias to
/openssl/demos/guide/
H A DREADME.md24 The above assumes that your default trusted certificate store containing trusted
35 your default trusted certificate store. The CA certificate to use is also
36 available in this directory. To use it you can override the default trusted
/openssl/test/recipes/
H A D25-test_req.t464 my $trusted = shift @_;
465 $trusted = $cert unless $trusted;
466 ok(run(app(["openssl", "verify", "-x509_strict", "-trusted", $trusted,
H A D25-test_verify.t21 my ($cert, $purpose, $trusted, $untrusted, @opts) = @_;
26 for (@$trusted) { push(@args, "-trusted", srctop_file(@path, "$_.pem")) }
/openssl/doc/man7/
H A DRAND.pod24 It seeds and reseeds itself automatically using trusted random sources
31 Although (re-)seeding is automatic, it can fail because no trusted random source
32 is available or the trusted source(s) temporarily fail to provide sufficient
H A Dossl-guide-tls-introduction.pod154 ".0". If they exist then you already have a suitable trusted certificate store.
157 3.2 onwards) will use the default Windows set of trusted CAs.
160 other location and it does not have a set of trusted CA certificates then you
162 page L<https://curl.se/docs/caextract.html> where you can download trusted
168 OpenSSL will look for its trusted certificate store. Set the B<SSL_CERT_PATH>
175 trusted certificate store.
177 You can test that your trusted certificate store is setup correctly by using it
197 unable to find a trusted CA for the chain of certificates provided by the server
198 in its trusted certificate store. Check your trusted certificate store

Completed in 58 milliseconds

1234