| /openssl/crypto/x509/ |
| H A D | v3_pci.c | 78 if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data) in i2r_pci()
141 memcpy(&(*policy)->data[(*policy)->length], in process_pci_value()
144 (*policy)->data[(*policy)->length] = '\0'; in process_pci_value()
187 memcpy(&(*policy)->data[(*policy)->length], buf, n); in process_pci_value()
189 (*policy)->data[(*policy)->length] = '\0'; in process_pci_value()
204 memcpy(&(*policy)->data[(*policy)->length], in process_pci_value()
207 (*policy)->data[(*policy)->length] = '\0'; in process_pci_value()
235 *policy = NULL; in process_pci_value()
306 pci->proxyPolicy->policy = policy; in r2i_pci()
307 policy = NULL; in r2i_pci()
[all …]
|
| H A D | pcy_data.c | 38 X509_POLICY_DATA *ossl_policy_data_new(POLICYINFO *policy, in ossl_policy_data_new() argument
44 if (policy == NULL && cid == NULL) in ossl_policy_data_new()
72 ret->valid_policy = policy->policyid; in ossl_policy_data_new()
73 policy->policyid = NULL; in ossl_policy_data_new()
76 if (policy) { in ossl_policy_data_new()
77 ret->qualifier_set = policy->qualifiers; in ossl_policy_data_new()
78 policy->qualifiers = NULL; in ossl_policy_data_new()
|
| H A D | pcy_cache.c | 32 POLICYINFO *policy; in policy_cache_create() local
42 policy = sk_POLICYINFO_value(policies, i); in policy_cache_create()
43 data = ossl_policy_data_new(policy, NULL, crit); in policy_cache_create()
|
| H A D | v3_pcia.c | 52 ASN1_OPT(PROXY_POLICY, policy, ASN1_OCTET_STRING)
|
| H A D | pcy_local.h | 138 X509_POLICY_DATA *ossl_policy_data_new(POLICYINFO *policy, const ASN1_OBJECT *id,
|
| /openssl/crypto/ts/ |
| H A D | ts_verify_ctx.c | 87 ASN1_OBJECT_free(ctx->policy); in TS_VERIFY_CTX_cleanup()
104 ASN1_OBJECT *policy; in TS_REQ_to_TS_VERIFY_CTX() local
118 if ((policy = req->policy_id) != NULL) { in TS_REQ_to_TS_VERIFY_CTX()
119 if ((ret->policy = OBJ_dup(policy)) == NULL) in TS_REQ_to_TS_VERIFY_CTX()
|
| H A D | ts_rsp_sign.c | 32 ASN1_OBJECT *policy);
213 if ((copy = OBJ_dup(policy)) == NULL) in TS_RESP_CTX_add_policy()
377 ASN1_OBJECT *policy; in TS_RESP_create_response() local
397 if ((policy = ts_RESP_get_policy(ctx)) == NULL) in TS_RESP_create_response()
501 ASN1_OBJECT *policy = NULL; in ts_RESP_get_policy() local
509 policy = ctx->default_policy; in ts_RESP_get_policy()
515 policy = current; in ts_RESP_get_policy()
517 if (policy == NULL) { in ts_RESP_get_policy()
523 return policy; in ts_RESP_get_policy()
528 ASN1_OBJECT *policy) in ts_RESP_create_tst_info() argument
[all …]
|
| H A D | ts_req_utils.c | 79 int TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy) in TS_REQ_set_policy_id() argument
83 if (a->policy_id == policy) in TS_REQ_set_policy_id()
85 new_policy = OBJ_dup(policy); in TS_REQ_set_policy_id()
|
| H A D | ts_conf.c | 288 const char *policy, TS_RESP_CTX *ctx) in TS_CONF_set_def_policy() argument
293 if (policy == NULL) in TS_CONF_set_def_policy()
294 policy = NCONF_get_string(conf, section, ENV_DEFAULT_POLICY); in TS_CONF_set_def_policy()
295 if (policy == NULL) { in TS_CONF_set_def_policy()
299 if ((policy_obj = OBJ_txt2obj(policy, 0)) == NULL) { in TS_CONF_set_def_policy()
|
| H A D | ts_rsp_utils.c | 68 int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy) in TS_TST_INFO_set_policy_id() argument
72 if (a->policy_id == policy) in TS_TST_INFO_set_policy_id()
74 new_policy = OBJ_dup(policy); in TS_TST_INFO_set_policy_id()
|
| H A D | ts_local.h | 138 ASN1_OBJECT *policy; member
|
| /openssl/apps/ |
| H A D | ts.c | 40 const EVP_MD *md, const char *policy, int no_nonce,
43 const char *policy, int no_nonce, int cert);
52 const char *policy, const char *in, int token_in,
58 const char *chain, const char *policy);
167 char *data = NULL, *digest = NULL, *policy = NULL; in ts_main() local
229 policy = opt_arg(); in ts_main()
323 ret = !query_command(data, digest, md, policy, no_nonce, cert, in ts_main()
399 const char *policy, int no_nonce, in query_command() argument
480 if (policy && (policy_obj = txt2obj(policy)) == NULL) in create_query()
699 const char *chain, const char *policy) in create_response() argument
[all …]
|
| H A D | ca.c | 96 STACK_OF(CONF_VALUE) *policy, CA_DB *db,
108 STACK_OF(CONF_VALUE) *policy, CA_DB *db,
117 STACK_OF(CONF_VALUE) *policy, CA_DB *db,
276 char *dgst = NULL, *policy = NULL, *keyfile = NULL; in ca_main() local
373 policy = opt_arg(); in ca_main()
835 if (policy == NULL in ca_main()
840 BIO_printf(bio_err, "policy is %s\n", policy); in ca_main()
945 if ((attribs = NCONF_get_section(conf, policy)) == NULL) { in ca_main()
1365 STACK_OF(CONF_VALUE) *policy, CA_DB *db, in certify()
1423 STACK_OF(CONF_VALUE) *policy, CA_DB *db, in certify_cert()
[all …]
|
| H A D | openssl.cnf | 50 # Refer to the OpenSSL security policy for more information.
120 policy = policy_match
122 # For the CA policy
131 # For the 'anything' policy
302 proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
|
| H A D | openssl-vms.cnf | 50 # Refer to the OpenSSL security policy for more information.
120 policy = policy_match
122 # For the CA policy
131 # For the 'anything' policy
302 proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
|
| /openssl/doc/man7/ |
| H A D | proxy-certificates.pod | 66 proxyCertInfo = critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
75 policy = text:BC
77 The policy value has a specific syntax, I<syntag>:I<string>, where the
87 policy=text:räksmörgås
94 policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73
98 indicates that the text of the policy should be taken from a file.
104 Note that the proxy policy value is what determines the rights granted
149 so you must be careful to do the proxy policy interpretation at the
212 * It's REALLY important you keep the proxy policy check
272 process_rights((char *) pci->proxyPolicy->policy->data,
[all …]
|
| /openssl/test/ |
| H A D | test.cnf | 27 policy = policy_match
29 # For the CA policy
38 # For the 'anything' policy
|
| H A D | proxy.cnf | 28 proxyCertInfo = critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
60 policy = text:BC
|
| /openssl/test/recipes/90-test_includes_data/conf-includes/ |
| H A D | includes2.cnf | 1 # For the CA policy
10 # For the 'anything' policy
|
| H A D | includes1.cnf | 32 policy = policy_match
|
| /openssl/doc/man3/ |
| H A D | X509_VERIFY_PARAM_set_flags.pod | 44 ASN1_OBJECT *policy);
100 X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled
101 by default) and adds B<policy> to the acceptable policy set.
103 X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled
104 by default) and sets the acceptable policy set to B<policies>. Any existing
105 policy set is cleared. The B<policies> parameter can be B<NULL> to clear
106 an existing policy set.
265 no policy checking is performed. Additional information is sent to the
266 verification callback relating to policy checking.
270 policy> and B<inhibit policy mapping> flags respectively as defined in
[all …]
|
| H A D | CT_POLICY_EVAL_CTX_new.pod | 11 Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy
34 Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy.
35 This policy may be, for example, that at least one valid SCT is available. To
61 CT_POLICY_EVAL_CTX_new_ex() creates an empty policy evaluation context
|
| H A D | SSL_CTX_set_ct_validation_callback.pod | 9 control Certificate Transparency policy
60 Therefore, in applications that delay SCT policy enforcement until after
65 register a custom callback that may implement a different policy than either of
|
| /openssl/include/openssl/ |
| H A D | x509_vfy.h.in | 334 /* Enable policy checking */
336 /* Policy variable require-explicit-policy */
338 /* Policy variable inhibit-any-policy */
340 /* Policy variable inhibit-policy-mapping */
342 /* Notify callback that policy is OK */
375 /* Internal use: mask of policy related options */
714 ASN1_OBJECT *policy);
752 #define X509_PCY_TREE_FAILURE -2 /* Failure to satisfy explicit policy */
760 #define X509_PCY_TREE_VALID 1 /* The policy tree is valid */
761 #define X509_PCY_TREE_EMPTY 2 /* The policy tree is empty */
[all …]
|
| /openssl/doc/man1/ |
| H A D | openssl-verification-options.pod | 26 and ending in a certificate that due to some policy is trusted.
430 =item B<-policy> I<arg>
432 Enable policy processing and add I<arg> to the user-initial-policy-set (see
433 RFC5280). The policy I<arg> can be an object name an OID in numeric form.
438 Set policy variable require-explicit-policy (see RFC5280).
442 Enables certificate policy processing.
446 Print out diagnostics related to policy processing.
450 Set policy variable inhibit-any-policy (see RFC5280).
454 Set policy variable inhibit-policy-mapping (see RFC5280).
500 Supported policy names include: B<default>, B<pkcs7>, B<smime_sign>,
|
