Lines Matching refs:policy
130 KMF_POLICY_RECORD *policy) in parseValidation() argument
139 parseOCSPValidation(n, &policy->validation_info); in parseValidation()
140 policy->revocation |= KMF_REVOCATION_METHOD_OCSP; in parseValidation()
182 policy->revocation |= KMF_REVOCATION_METHOD_CRL; in parseValidation()
414 parsePolicyElement(xmlNodePtr node, KMF_POLICY_RECORD *policy) in parsePolicyElement() argument
422 policy->name = (char *)xmlGetProp(node, in parsePolicyElement()
428 policy->ignore_date = 1; in parsePolicyElement()
435 policy->ignore_unknown_ekus = 1; in parsePolicyElement()
442 policy->ignore_trust_anchor = 1; in parsePolicyElement()
449 policy->validity_adjusttime = c; in parsePolicyElement()
451 policy->validity_adjusttime = NULL; in parsePolicyElement()
454 policy->ta_name = (char *)xmlGetProp(node, in parsePolicyElement()
457 policy->ta_serial = (char *)xmlGetProp(node, in parsePolicyElement()
465 parseValidation(n, &policy->validation_info, in parsePolicyElement()
466 policy); in parsePolicyElement()
469 parseKeyUsageSet(n, &policy->ku_bits); in parsePolicyElement()
472 ret = parseExtKeyUsage(n, &policy->eku_set); in parsePolicyElement()
477 ret = parseMapper(n, &policy->mapper); in parsePolicyElement()
630 AddValidationNodes(xmlNodePtr parent, KMF_POLICY_RECORD *policy) in AddValidationNodes() argument
643 if (policy->revocation & KMF_REVOCATION_METHOD_OCSP) { in AddValidationNodes()
644 ret = AddOCSPNodes(mnode, &(policy->validation_info.ocsp_info)); in AddValidationNodes()
649 if (policy->revocation & KMF_REVOCATION_METHOD_CRL) { in AddValidationNodes()
650 ret = AddCRLNodes(mnode, &(policy->validation_info.crl_info)); in AddValidationNodes()
825 kmf_free_policy_record(KMF_POLICY_RECORD *policy) in kmf_free_policy_record() argument
827 if (policy == NULL) in kmf_free_policy_record()
830 FREE_POLICY_STR(policy->name) in kmf_free_policy_record()
831 FREE_POLICY_STR(policy->VAL_OCSP_BASIC.responderURI) in kmf_free_policy_record()
832 FREE_POLICY_STR(policy->VAL_OCSP_BASIC.proxy) in kmf_free_policy_record()
833 FREE_POLICY_STR(policy->VAL_OCSP_BASIC.response_lifetime) in kmf_free_policy_record()
834 FREE_POLICY_STR(policy->VAL_OCSP_RESP_CERT.name) in kmf_free_policy_record()
835 FREE_POLICY_STR(policy->VAL_OCSP_RESP_CERT.serial) in kmf_free_policy_record()
836 FREE_POLICY_STR(policy->validation_info.crl_info.basefilename) in kmf_free_policy_record()
837 FREE_POLICY_STR(policy->validation_info.crl_info.directory) in kmf_free_policy_record()
838 FREE_POLICY_STR(policy->validation_info.crl_info.proxy) in kmf_free_policy_record()
839 FREE_POLICY_STR(policy->validity_adjusttime) in kmf_free_policy_record()
840 FREE_POLICY_STR(policy->ta_name) in kmf_free_policy_record()
841 FREE_POLICY_STR(policy->ta_serial) in kmf_free_policy_record()
842 FREE_POLICY_STR(policy->mapper.mapname) in kmf_free_policy_record()
843 FREE_POLICY_STR(policy->mapper.pathname) in kmf_free_policy_record()
844 FREE_POLICY_STR(policy->mapper.options) in kmf_free_policy_record()
845 FREE_POLICY_STR(policy->mapper.dir) in kmf_free_policy_record()
847 kmf_free_eku_policy(&policy->eku_set); in kmf_free_policy_record()
849 (void) memset(policy, 0, sizeof (KMF_POLICY_RECORD)); in kmf_free_policy_record()
964 if (handle->policy != NULL) { in kmf_set_policy()
965 kmf_free_policy_record(handle->policy); in kmf_set_policy()
966 free(handle->policy); in kmf_set_policy()
969 handle->policy = newpolicy; in kmf_set_policy()
1200 addPolicyNode(xmlNodePtr pnode, KMF_POLICY_RECORD *policy) in addPolicyNode() argument
1204 if (pnode != NULL && policy != NULL) { in addPolicyNode()
1205 if (newprop(pnode, KMF_POLICY_NAME_ATTR, policy->name) != 0) { in addPolicyNode()
1209 if (policy->ignore_date) { in addPolicyNode()
1217 if (policy->ignore_unknown_ekus) { in addPolicyNode()
1225 if (policy->ignore_trust_anchor) { in addPolicyNode()
1233 if (policy->validity_adjusttime) { in addPolicyNode()
1235 policy->validity_adjusttime)) { in addPolicyNode()
1242 policy->ta_name) != 0) { in addPolicyNode()
1248 policy->ta_serial) != 0) { in addPolicyNode()
1256 if (ret = AddValidationNodes(pnode, policy)) { in addPolicyNode()
1260 if ((ret = AddKeyUsageNodes(pnode, policy->ku_bits))) { in addPolicyNode()
1264 if ((ret = AddExtKeyUsageNodes(pnode, &policy->eku_set))) { in addPolicyNode()
1267 if ((ret = AddMapperPolicyNodes(pnode, &policy->mapper))) { in addPolicyNode()
1283 kmf_verify_policy(KMF_POLICY_RECORD *policy) in kmf_verify_policy() argument
1288 if (policy->name == NULL || !strlen(policy->name)) in kmf_verify_policy()
1292 if (policy->ta_name != NULL && in kmf_verify_policy()
1293 strcasecmp(policy->ta_name, "search") == 0) { in kmf_verify_policy()
1295 } else if (policy->ta_name != NULL && policy->ta_serial != NULL) { in kmf_verify_policy()
1297 } else if (policy->ta_name == NULL && policy->ta_serial == NULL) { in kmf_verify_policy()
1307 if (has_ta == B_FALSE && policy->ignore_trust_anchor == B_FALSE) in kmf_verify_policy()
1310 if (policy->revocation & KMF_REVOCATION_METHOD_OCSP) { in kmf_verify_policy()
1315 if ((policy->VAL_OCSP_BASIC.responderURI == NULL && in kmf_verify_policy()
1316 policy->VAL_OCSP_BASIC.uri_from_cert == B_FALSE) || in kmf_verify_policy()
1317 (policy->VAL_OCSP_BASIC.responderURI != NULL && in kmf_verify_policy()
1318 policy->VAL_OCSP_BASIC.uri_from_cert == B_TRUE)) in kmf_verify_policy()
1325 if ((policy->VAL_OCSP_RESP_CERT.name != NULL && in kmf_verify_policy()
1326 policy->VAL_OCSP_RESP_CERT.serial == NULL) || in kmf_verify_policy()
1327 (policy->VAL_OCSP_RESP_CERT.name == NULL && in kmf_verify_policy()
1328 policy->VAL_OCSP_RESP_CERT.serial != NULL)) in kmf_verify_policy()
1341 kmf_add_policy_to_db(KMF_POLICY_RECORD *policy, char *dbfilename, in kmf_add_policy_to_db() argument
1349 if (policy == NULL || dbfilename == NULL) in kmf_add_policy_to_db()
1353 if (ret = kmf_verify_policy(policy)) in kmf_add_policy_to_db()
1384 ret = deletePolicyNode(node, policy->name); in kmf_add_policy_to_db()
1415 ret = addPolicyNode(pnode, policy); in kmf_add_policy_to_db()