Lines Matching full:ca
85 int ca);
87 int ca);
89 int ca);
90 static int purpose_smime(const X509 *x, int ca);
92 int ca);
94 int ca);
96 int ca);
98 int ca);
99 static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);
100 static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca);
145 int X509_check_purpose(X509 *x, int id, int ca) in X509_check_purpose() argument
156 return pt->check_purpose(pt, x, ca); in X509_check_purpose()
439 if (bs->ca) in x509v3_cache_extensions()
443 || !bs->ca) { in x509v3_cache_extensions()
566 * CA checks common to all purposes return codes: 0 not a CA 1 is a CA 2
567 * basicConstraints absent so "maybe" a CA 3 basicConstraints absent but self
580 /* If basicConstraints says not a CA then say so */ in check_ca()
592 /* Older certificates could have Netscape-specific CA types */ in check_ca()
595 /* can this still be regarded a CA certificate? I doubt it */ in check_ca()
606 /* Check SSL CA: common checks for SSL client and server */
621 int ca) in check_purpose_ssl_client() argument
625 if (ca) in check_purpose_ssl_client()
645 int ca) in check_purpose_ssl_server() argument
649 if (ca) in check_purpose_ssl_server()
662 int ca) in check_purpose_ns_ssl_server() argument
665 ret = check_purpose_ssl_server(xp, x, ca); in check_purpose_ns_ssl_server()
666 if (!ret || ca) in check_purpose_ns_ssl_server()
675 static int purpose_smime(const X509 *x, int ca) in purpose_smime() argument
679 if (ca) { in purpose_smime()
702 int ca) in check_purpose_smime_sign() argument
705 ret = purpose_smime(x, ca); in check_purpose_smime_sign()
706 if (!ret || ca) in check_purpose_smime_sign()
714 int ca) in check_purpose_smime_encrypt() argument
717 ret = purpose_smime(x, ca); in check_purpose_smime_encrypt()
718 if (!ret || ca) in check_purpose_smime_encrypt()
726 int ca) in check_purpose_crl_sign() argument
728 if (ca) { in check_purpose_crl_sign()
741 * OCSP helper: this is *not* a full OCSP check. It just checks that each CA
745 static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca) in ocsp_helper() argument
748 * Must be a valid CA. Should we really support the "I don't know" value in ocsp_helper()
751 if (ca) in ocsp_helper()
758 int ca) in check_purpose_timestamp_sign() argument
762 /* If ca is true we must return if this is a valid CA certificate. */ in check_purpose_timestamp_sign()
763 if (ca) in check_purpose_timestamp_sign()
792 static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca) in no_check() argument