x509_vfy.c - OpenGrok cross reference for /third_party/openssl/crypto/x509/x509

Lines Matching refs:purpose
396  * Check EE or CA certificate purpose.  For trusted certificates explicit local
400 static int check_purpose(X509_STORE_CTX *ctx, X509 *x, int purpose, int depth,
407      * settings trump the purpose constraints.
410      * ctx->param->trust are entirely independent of the purpose ordinals in
411      * ctx->param->purpose!
415      * related values of both param->trust and param->purpose.  It is however
416      * typically possible to infer associated trust values from a purpose value
419      * Therefore, we can only check for trust overrides when the purpose we're
420      * checking is the same as ctx->param->purpose and ctx->param->trust is
423     if (depth >= ctx->num_untrusted && purpose == ctx->param->purpose)
432         switch (X509_check_purpose(x, purpose, must_be_ca > 0)) {
448  * Check extensions of a cert chain for consistency with the supplied purpose.
456     int purpose, allow_proxy_certs, num = sk_X509_num(ctx->chain);
472         purpose = X509_PURPOSE_CRL_SIGN;
476         purpose = ctx->param->purpose;
584         if (purpose > 0 && !check_purpose(ctx, x, purpose, i, must_be_ca))
2204 int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
2209      * always be inferred from the purpose by X509_STORE_CTX_init().
2211     return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
2218      * trust for the purpose needs an override in a corner case.
2224  * This function is used to set the X509_STORE_CTX purpose and trust values.
2226  * purpose values which (if set) will be inherited by the ctx. If they aren't
2227  * set then we will usually have a default purpose in mind which should then
2229  * structure will have its own purpose and trust settings which the
2234                                    int purpose, int trust)
2238     /* If purpose not set use default */
2239     if (purpose == 0)
2240         purpose = def_purpose;
2242      * If purpose is set but we don't have a default then set the default to
2243      * the current purpose
2246         def_purpose = purpose;
2247     /* If we have a purpose then check it is valid */
2248     if (purpose != 0) {
2251         idx = X509_PURPOSE_get_by_id(purpose);
2265         /* If trust not set then get from purpose default */
2277     if (ctx->param->purpose == 0 && purpose != 0)
2278         ctx->param->purpose = purpose;
2433      * purpose if this still yields the default value.
2436         int idx = X509_PURPOSE_get_by_id(ctx->param->purpose);