OSSL_CMP_CTX_new.pod - OpenGrok cross reference for /freebsd/crypto/openssl/doc/man3/OSSL_CMP_CTX

Lines Matching refs:CMP
65 - functions for managing the CMP client context data structure
117  /* CMP message header and extra certificates: */
167 This is the context API for using CMP (Certificate Management Protocol) with
182 clearing the internal CMP transaction (aka session) status, PKIStatusInfo,
186 All other field values (i.e., CMP options) are retained for potential reuse.
212         Number of seconds a CMP request-response message round trip
254         is provided as the newPkey or client's pkey component of the CMP context.
294         Send request or response messages without CMP-level protection.
309         validating signature-based protection in received CMP messages.
310         Else, 'digitalSignature' must be allowed by CMP signer certificates.
319         this way has not been authenticated (at least not at CMP level).
337 is similar to L<ERR_print_errors_cb(3)> but uses the CMP log callback function
338 if set in the I<ctx> for uniformity with CMP logging if given. Otherwise it uses
341 OSSL_CMP_CTX_set1_serverPath() sets the HTTP path of the CMP server on the host,
342 also known as "CMP alias".
348 OSSL_CMP_CTX_set_serverPort() sets the port of the CMP server to connect to.
353 the given CMP server unless overruled by any "no_proxy" settings (see below).
404 The callback should send the CMP request message it obtains via the I<req>
421 This pins the accepted CMP server and
426 as default value for the recipient of CMP requests
427 and as default value for the expected sender of CMP responses.
430 expected in the sender field of incoming CMP messages.
433 CMP message signer, and attackers are not able to use arbitrary certificates
434 of a trusted PKI hierarchy to fraudulently pose as CMP server.
440 sets in the CMP context I<ctx> the certificate store of type X509_STORE
449 extracts from the CMP context I<ctx> the pointer to the currently set
453 of intermediate CAs that may be useful for path construction for the own CMP
455 CMP protection certificates, and when verifying newly enrolled certificates.
461 OSSL_CMP_CTX_set1_cert() sets the CMP signer certificate, also called protection
465 When using signature-based protection of CMP request messages
466 this CMP signer certificate will be included first in the extraCerts field.
474 OSSL_CMP_CTX_build_cert_chain() builds a certificate chain for the CMP signer
480 ignores any verification errors. Else the CMP signer certificate must be
489 CMP signer certificate set via OSSL_CMP_CTX_set1_cert().
505 CMP message headers can be determined (i.e., no CMP signer certificate
508 and the senderKID field of the CMP message header must be set.
510 the subjectKeyIdentifier of the CMP signer certificate as far as present.
515 PKIHeader of CMP request messages, i.e. the X509 name of the (CA) server.
517 The recipient field in the header of a CMP message is mandatory.
519 the subject of the CMP server certificate set using OSSL_CMP_CTX_set1_srvCert(),
522 the issuer of the CMP signer certificate,
526 added to the GeneralInfo field of the CMP PKIMessage header of a request
536 structure as the private or public key to be certified in the CMP context.
540 dependent on fields of the CMP context structure:
555 of outgoing CMP messages if no reference certificate is available.
581 It must be given for RR, else it defaults to the CMP signer certificate.
586 in CMP message headers.
587 Its issuer is used as default recipient in CMP message headers.
696 CMP is defined in RFC 4210 (and CRMF in RFC 4211).
734 Set up a CMP client context for sending requests and verifying responses:
756 Reset the transaction state of the CMP context and the credentials:
801 The OpenSSL CMP support was added in OpenSSL 3.0.