| /openssl/crypto/x509/ |
| H A D | v3_pci.c | 78 if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data) in i2r_pci()
141 memcpy(&(*policy)->data[(*policy)->length], in process_pci_value()
144 (*policy)->data[(*policy)->length] = '\0'; in process_pci_value()
185 memcpy(&(*policy)->data[(*policy)->length], buf, n); in process_pci_value()
187 (*policy)->data[(*policy)->length] = '\0'; in process_pci_value()
202 memcpy(&(*policy)->data[(*policy)->length], in process_pci_value()
205 (*policy)->data[(*policy)->length] = '\0'; in process_pci_value()
231 *policy = NULL; in process_pci_value()
302 pci->proxyPolicy->policy = policy; in r2i_pci()
303 policy = NULL; in r2i_pci()
[all …]
|
| H A D | pcy_data.c | 38 X509_POLICY_DATA *ossl_policy_data_new(POLICYINFO *policy, in ossl_policy_data_new() argument
44 if (policy == NULL && cid == NULL) in ossl_policy_data_new()
71 ret->valid_policy = policy->policyid; in ossl_policy_data_new()
72 policy->policyid = NULL; in ossl_policy_data_new()
75 if (policy) { in ossl_policy_data_new()
76 ret->qualifier_set = policy->qualifiers; in ossl_policy_data_new()
77 policy->qualifiers = NULL; in ossl_policy_data_new()
|
| H A D | pcy_cache.c | 32 POLICYINFO *policy; in policy_cache_create() local
42 policy = sk_POLICYINFO_value(policies, i); in policy_cache_create()
43 data = ossl_policy_data_new(policy, NULL, crit); in policy_cache_create()
|
| H A D | v3_pcia.c | 52 ASN1_OPT(PROXY_POLICY, policy, ASN1_OCTET_STRING)
|
| /openssl/doc/man3/ |
| H A D | SSL_set_incoming_stream_policy.pod | 8 policy
18 int SSL_set_incoming_stream_policy(SSL *conn, int policy,
23 SSL_set_incoming_stream_policy() policy changes the incoming stream policy for a
24 QUIC connection. Depending on the policy configured, OpenSSL QUIC may
31 B<STOP_SENDING> or B<RESET_STREAM> frames generated to implement the policy. The
34 The valid values for I<policy> are:
|
| H A D | X509_VERIFY_PARAM_set_flags.pod | 44 ASN1_OBJECT *policy);
101 X509_VERIFY_PARAM_add0_policy() adds B<policy> to the acceptable policy set.
103 policy checking.
105 X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled
107 policy set is cleared. The B<policies> parameter can be B<NULL> to clear
108 an existing policy set.
267 no policy checking is performed. Additional information is sent to the
268 verification callback relating to policy checking.
272 policy> and B<inhibit policy mapping> flags respectively as defined in
278 to examine the valid policy tree and perform additional checks or simply
[all …]
|
| H A D | CT_POLICY_EVAL_CTX_new.pod | 11 Encapsulates the data required to evaluate whether SCTs meet a Certificate Transparency policy
34 Certificate Timestamps (SCTs) fulfil a Certificate Transparency (CT) policy.
35 This policy may be, for example, that at least one valid SCT is available. To
61 CT_POLICY_EVAL_CTX_new_ex() creates an empty policy evaluation context
|
| H A D | SSL_CTX_set_ct_validation_callback.pod | 9 control Certificate Transparency policy
60 Therefore, in applications that delay SCT policy enforcement until after
65 register a custom callback that may implement a different policy than either of
|
| /openssl/crypto/ts/ |
| H A D | ts_verify_ctx.c | 123 ASN1_OBJECT_free(ctx->policy); in TS_VERIFY_CTX_cleanup()
140 ASN1_OBJECT *policy; in TS_REQ_to_TS_VERIFY_CTX() local
154 if ((policy = req->policy_id) != NULL) { in TS_REQ_to_TS_VERIFY_CTX()
155 if ((ret->policy = OBJ_dup(policy)) == NULL) in TS_REQ_to_TS_VERIFY_CTX()
|
| H A D | ts_rsp_sign.c | 33 ASN1_OBJECT *policy);
194 if ((copy = OBJ_dup(policy)) == NULL) { in TS_RESP_CTX_add_policy()
371 ASN1_OBJECT *policy; in TS_RESP_create_response() local
391 if ((policy = ts_RESP_get_policy(ctx)) == NULL) in TS_RESP_create_response()
499 ASN1_OBJECT *policy = NULL; in ts_RESP_get_policy() local
507 policy = ctx->default_policy; in ts_RESP_get_policy()
513 policy = current; in ts_RESP_get_policy()
515 if (policy == NULL) { in ts_RESP_get_policy()
521 return policy; in ts_RESP_get_policy()
526 ASN1_OBJECT *policy) in ts_RESP_create_tst_info() argument
[all …]
|
| H A D | ts_req_utils.c | 79 int TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy) in TS_REQ_set_policy_id() argument
83 if (a->policy_id == policy) in TS_REQ_set_policy_id()
85 new_policy = OBJ_dup(policy); in TS_REQ_set_policy_id()
|
| H A D | ts_conf.c | 288 const char *policy, TS_RESP_CTX *ctx) in TS_CONF_set_def_policy() argument
293 if (policy == NULL) in TS_CONF_set_def_policy()
294 policy = NCONF_get_string(conf, section, ENV_DEFAULT_POLICY); in TS_CONF_set_def_policy()
295 if (policy == NULL) { in TS_CONF_set_def_policy()
299 if ((policy_obj = OBJ_txt2obj(policy, 0)) == NULL) { in TS_CONF_set_def_policy()
|
| H A D | ts_rsp_utils.c | 68 int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy) in TS_TST_INFO_set_policy_id() argument
72 if (a->policy_id == policy) in TS_TST_INFO_set_policy_id()
74 new_policy = OBJ_dup(policy); in TS_TST_INFO_set_policy_id()
|
| /openssl/apps/ |
| H A D | ts.c | 40 const EVP_MD *md, const char *policy, int no_nonce,
43 const char *policy, int no_nonce, int cert);
52 const char *policy, const char *in, int token_in,
58 const char *chain, const char *policy);
167 char *data = NULL, *digest = NULL, *policy = NULL; in ts_main() local
229 policy = opt_arg(); in ts_main()
323 ret = !query_command(data, digest, md, policy, no_nonce, cert, in ts_main()
398 const char *policy, int no_nonce, in query_command() argument
479 if (policy && (policy_obj = txt2obj(policy)) == NULL) in create_query()
701 const char *chain, const char *policy) in create_response() argument
[all …]
|
| H A D | ca.c | 98 STACK_OF(CONF_VALUE) *policy, CA_DB *db,
110 STACK_OF(CONF_VALUE) *policy, CA_DB *db,
119 STACK_OF(CONF_VALUE) *policy, CA_DB *db,
282 char *dgst = NULL, *policy = NULL, *keyfile = NULL; in ca_main() local
381 policy = opt_arg(); in ca_main()
830 if (policy == NULL in ca_main()
835 BIO_printf(bio_err, "policy is %s\n", policy); in ca_main()
921 if ((attribs = NCONF_get_section(conf, policy)) == NULL) { in ca_main()
1339 STACK_OF(CONF_VALUE) *policy, CA_DB *db, in certify()
1397 STACK_OF(CONF_VALUE) *policy, CA_DB *db, in certify_cert()
[all …]
|
| H A D | openssl-vms.cnf | 50 # Refer to the OpenSSL security policy for more information.
120 policy = policy_match
122 # For the CA policy
131 # For the 'anything' policy
302 proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
|
| H A D | openssl.cnf | 50 # Refer to the OpenSSL security policy for more information.
120 policy = policy_match
122 # For the CA policy
131 # For the 'anything' policy
302 proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
|
| /openssl/doc/man7/ |
| H A D | proxy-certificates.pod | 66 proxyCertInfo = critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
75 policy = text:BC
77 The policy value has a specific syntax, I<syntag>:I<string>, where the
87 policy=text:räksmörgås
94 policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73
98 indicates that the text of the policy should be taken from a file.
104 Note that the proxy policy value is what determines the rights granted
149 so you must be careful to do the proxy policy interpretation at the
212 * It's REALLY important you keep the proxy policy check
272 process_rights((char *) pci->proxyPolicy->policy->data,
[all …]
|
| /openssl/test/ |
| H A D | test.cnf | 27 policy = policy_match
29 # For the CA policy
38 # For the 'anything' policy
|
| H A D | proxy.cnf | 28 proxyCertInfo = critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
60 policy = text:BC
|
| /openssl/test/recipes/90-test_includes_data/conf-includes/ |
| H A D | includes2.cnf | 1 # For the CA policy
10 # For the 'anything' policy
|
| /openssl/doc/HOWTO/ |
| H A D | documenting-functions-and-macros.md | 6 turned into an official [documentation-policy]. This policy is actively
9 [documentation-policy]: https://www.openssl.org/policies/technical/documentation-policy.html
|
| /openssl/include/openssl/ |
| H A D | x509_vfy.h.in | 335 /* Enable policy checking */
337 /* Policy variable require-explicit-policy */
339 /* Policy variable inhibit-any-policy */
341 /* Policy variable inhibit-policy-mapping */
343 /* Notify callback that policy is OK */
376 /* Internal use: mask of policy related options */
724 ASN1_OBJECT *policy);
762 #define X509_PCY_TREE_FAILURE -2 /* Failure to satisfy explicit policy */
770 #define X509_PCY_TREE_VALID 1 /* The policy tree is valid */
771 #define X509_PCY_TREE_EMPTY 2 /* The policy tree is empty */
[all …]
|
| /openssl/ |
| H A D | CONTRIBUTING.md | 70 4. Code provided should follow our [coding style] and [documentation policy]
81 [documentation policy]: https://openssl-library.org/policies/technical/documentation-policy/
|
| /openssl/doc/man1/ |
| H A D | openssl-verification-options.pod | 26 and ending in a certificate that due to some policy is trusted.
430 =item B<-policy> I<arg>
432 Enable policy processing and add I<arg> to the user-initial-policy-set (see
433 RFC5280). The policy I<arg> can be an object name or an OID in numeric form.
438 Set policy variable require-explicit-policy (see RFC5280).
442 Enables certificate policy processing.
446 Print out diagnostics related to policy processing.
450 Set policy variable inhibit-any-policy (see RFC5280).
454 Set policy variable inhibit-policy-mapping (see RFC5280).
500 Supported policy names include: B<default>, B<pkcs7>, B<smime_sign>,
|
