/openssl/test/certs/ |
H A D | mkcert.sh | 120 local purpose= 125 p) purpose="$OPTARG";; 144 if [ -n "$purpose" ]; then 240 local purpose=serverAuth 246 p) purpose="$OPTARG";; 275 local purpose=serverAuth 280 p) purpose="$OPTARG";; 309 local purpose=serverAuth 314 p) purpose="$OPTARG";; 364 local purpose=serverAuth [all …]
|
/openssl/doc/man3/ |
H A D | X509_STORE_CTX_new.pod | 59 int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); 62 int purpose, int trust); 181 find an appropriate set of parameters from the purpose identifier I<name>. 213 custom "purpose" (see below) or supply a nondefault verification callback 217 verified in the I<ctx>. Built-in available values for the I<purpose> argument 223 possible to create a custom purpose value. Setting a purpose requests that 228 Potentially also further checks are done (depending on the purpose given). 251 The I<def_purpose> and I<purpose> arguments can have the same 254 X509_STORE_CTX_set_trust() above. Any of the I<def_purpose>, I<purpose> or 257 for verification is set from the I<purpose> argument unless the purpose was [all …]
|
H A D | X509_check_purpose.pod | 5 X509_check_purpose - Check the purpose of a certificate 15 This function checks if certificate I<x> was created with the purpose 45 =item E<32>1 if the certificate was created to perform the purpose represented by I<id> 47 =item E<32>0 if the certificate was not created to perform the purpose represented by I<id> 57 =item E<32>0 not a CA or does not have the purpose represented by I<id>
|
H A D | SSL_CTX_get0_param.pod | 18 int SSL_CTX_set_purpose(SSL_CTX *ctx, int purpose); 19 int SSL_set_purpose(SSL *ssl, int purpose); 34 set the purpose parameter on the verification parameters object. These functions
|
H A D | OPENSSL_FILE.pod | 32 The macro B<OPENSSL_MSTR_HELPER> is an auxiliary macro for this purpose.
|
H A D | X509_VERIFY_PARAM_set_flags.pod | 37 int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose); 90 X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B<param> 91 to B<purpose>. This determines the acceptable purpose of the certificate 93 The purpose requirement is cleared if B<purpose> is 0.
|
H A D | X509_STORE_CTX_get_error.pod | 234 =item B<X509_V_ERR_INVALID_PURPOSE: unsuitable certificate purpose> 236 The target certificate cannot be used for the specified purpose. 240 The root CA is not marked as trusted for the specified purpose. 244 The root CA is marked to reject the specified purpose. 463 consistent with the supplied purpose.
|
H A D | X509_get0_distinguishing_id.pod | 36 For the purpose off verifying a certificate or a certification request, a
|
H A D | CMS_final.pod | 17 CMS_final() finalises the structure B<cms>. Its purpose is to perform any
|
H A D | SSL_CTX_use_psk_identity_hint.pod | 70 ClientKeyExchange message from the client. The purpose of the callback function 80 or SSL_set_psk_find_session_callback() for this purpose instead. If TLSv1.3 has
|
H A D | RSA_sign_ASN1_OCTET_STRING.pod | 56 These functions serve no recognizable purpose.
|
H A D | SSL_get_certificate.pod | 47 example for the purpose of identifying a certificate's OCSP responder URL so
|
H A D | OPENSSL_init_ssl.pod | 27 function OPENSSL_init_ssl() can be used for this purpose. Calling
|
H A D | SSL_CTX_set_psk_client_callback.pod | 105 The purpose of the callback function is to select the PSK identity and 119 or SSL_set_psk_use_session_callback() for this purpose instead. If TLSv1.3 has
|
/openssl/crypto/x509/ |
H A D | v3_purp.c | 77 return (*a)->purpose - (*b)->purpose; in xp_cmp() 103 int X509_PURPOSE_set(int *p, int purpose) in X509_PURPOSE_set() argument 105 if (X509_PURPOSE_get_by_id(purpose) == -1) { in X509_PURPOSE_set() 109 *p = purpose; in X509_PURPOSE_set() 143 int X509_PURPOSE_get_by_id(int purpose) in X509_PURPOSE_get_by_id() argument 148 if (purpose >= X509_PURPOSE_MIN && purpose <= X509_PURPOSE_MAX) in X509_PURPOSE_get_by_id() 149 return purpose - X509_PURPOSE_MIN; in X509_PURPOSE_get_by_id() 152 tmp.purpose = purpose; in X509_PURPOSE_get_by_id() 196 ptmp->purpose = id; in X509_PURPOSE_add() 244 return xp->purpose; in X509_PURPOSE_get_id()
|
H A D | x509_vfy.c | 518 if (depth >= ctx->num_untrusted && purpose == ctx->param->purpose) in check_purpose() 567 purpose = X509_PURPOSE_CRL_SIGN; in check_extensions() 571 purpose = ctx->param->purpose; in check_extensions() 679 if (purpose > 0 && !check_purpose(ctx, x, purpose, i, must_be_ca)) in check_extensions() 2374 if (purpose == 0) in X509_STORE_CTX_purpose_inherit() 2375 purpose = def_purpose; in X509_STORE_CTX_purpose_inherit() 2381 def_purpose = purpose; in X509_STORE_CTX_purpose_inherit() 2383 if (purpose != 0) { in X509_STORE_CTX_purpose_inherit() 2386 idx = X509_PURPOSE_get_by_id(purpose); in X509_STORE_CTX_purpose_inherit() 2412 if (ctx->param->purpose == 0 && purpose != 0) in X509_STORE_CTX_purpose_inherit() [all …]
|
H A D | x509_vpm.c | 170 x509_verify_param_copy(purpose, 0); in X509_VERIFY_PARAM_inherit() 299 int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose) in X509_VERIFY_PARAM_set_purpose() argument 301 return X509_PURPOSE_set(¶m->purpose, purpose); in X509_VERIFY_PARAM_set_purpose()
|
H A D | x509_local.h | 26 int purpose; /* purpose to check untrusted certificates */ member
|
/openssl/test/recipes/ |
H A D | 60-test_x509_store.t | 29 my ($cert, $purpose, $trustedpath, $untrusted, @opts) = @_; 32 push(@args, "$purpose", @opts);
|
H A D | 25-test_verify.t | 21 my ($cert, $purpose, $trusted, $untrusted, @opts) = @_; 24 push(@args, "-purpose", $purpose) if $purpose ne "";
|
/openssl/test/ |
H A D | verify_extra_test.c | 225 static int do_test_purpose(int purpose, int expected) in do_test_purpose() argument 254 if (!TEST_true(X509_STORE_CTX_set_purpose(ctx, purpose))) in do_test_purpose()
|
/openssl/test/recipes/80-test_cmp_http_data/ |
H A D | test_verification.csv | 10 …me: C too long, -section,, -recipient,/CN=ECC Issuing CA v10/OU=For test purpose only/O=CMPforOpen… 18 …n,, -recipient,_CA_DN, -expect_sender,/CN=ECC Issuing CA v10/OU=For test purpose only/C=DE,BLANK,,… 21 …recipient,_CA_DN, -expect_sender,/C=DE/CN=ECC Issuing CA v10/OU=For test purpose only/OCMPforOpenS…
|
/openssl/doc/man1/ |
H A D | openssl-verification-options.pod | 27 Verification is done relative to the given I<purpose>, which is the intended use 28 of the target certificate, such as SSL server, or by default for any purpose. 154 for consistency with the supplied purpose. 155 If the B<-purpose> option is not given then no such checks are done 159 must have extensions compatible with the specified purpose. 456 =item B<-purpose> I<purpose> 502 These mimics the combinations of purpose and trust settings used in SSL, CMS 504 As of OpenSSL 1.1.0, the trust model is inferred from the purpose when not 506 corresponding B<-purpose> settings. 551 Options like B<-purpose> lead to checking the certificate extensions,
|
/openssl/ |
H A D | NOTES-DJGPP.md | 42 device" (`/dev/urandom` or `/dev/random`) that serves this purpose."
|
/openssl/include/openssl/ |
H A D | x509_vfy.h.in | 89 # define X509_TRUST_DEFAULT 0 /* Only valid in purpose settings */ 410 int X509_STORE_set_purpose(X509_STORE *xs, int purpose); 678 int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); 681 int purpose, int trust); 717 int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
|