Sortix nightly manual
This manual documents Sortix nightly, a development build that has not been officially released. You can instead view this document in the latest official manual.
| X509_POLICY_TREE_LEVEL_COUNT(3) | Library Functions Manual | X509_POLICY_TREE_LEVEL_COUNT(3) |
NAME
X509_policy_tree_level_count,
X509_policy_tree_get0_level,
X509_policy_level_node_count,
X509_policy_level_get0_node,
X509_policy_node_get0_policy,
X509_policy_node_get0_qualifiers,
X509_policy_node_get0_parent —
inspect X.509 policy tree objects
SYNOPSIS
#include
<openssl/x509_vfy.h>
int
X509_policy_tree_level_count(const
X509_POLICY_TREE *tree);
X509_POLICY_LEVEL *
X509_policy_tree_get0_level(const
X509_POLICY_TREE *tree,
int index);
int
X509_policy_level_node_count(X509_POLICY_LEVEL
*level);
X509_POLICY_NODE *
X509_policy_level_get0_node(X509_POLICY_LEVEL
*level, int
index);
const ASN1_OBJECT *
X509_policy_node_get0_policy(const
X509_POLICY_NODE *node);
STACK_OF(POLICYQUALINFO) *
X509_policy_node_get0_qualifiers(const
X509_POLICY_NODE *node);
const X509_POLICY_NODE *
X509_policy_node_get0_parent(const
X509_POLICY_NODE *node);
DESCRIPTION
The X509_POLICY_TREE object represents a valid_policy_tree as described in RFC 5280 section 6.1. The X509_POLICY_LEVEL object represents one level of such a tree, corresponding to one certificate. The X509_POLICY_NODE object represents one node in the tree.RETURN VALUES
X509_policy_tree_level_count() returns the
number of levels in the tree or 0 if the
tree argument is
NULL. If it is not 0, it equals the number
of certificates in the certification path the tree was created from, including
both the target certificate and the trust anchor.
X509_policy_tree_get0_level() returns an
internal pointer to the level of the tree
with the given index or
NULL if the
tree argument is
NULL or the
index is less than 0 or greater than or equal
to the number of levels in the tree. An
index of 0 corresponds to the trust anchor
and the last level corresponds to the target certificate.
X509_policy_level_node_count() returns the
number of nodes on the level, including an
anyPolicy node if it is present, or 0 if the
level argument is
NULL.
X509_policy_level_get0_node() returns an
internal pointer to the node on the level
with the given index or
NULL if the
level argument is
NULL or the
index is less than 0 or greater than or equal
to the number of nodes on the level. If an
anyPolicy node is present on the level, it can be
retrieved by passing an index of 0.
X509_policy_node_get0_policy() returns an
internal pointer to the valid_policy child
object of the node or NULL if the
node argument is
NULL. It represents a single policy that is
valid for the path from the trust anchor to the certificate corresponding to
the level containing the node.
X509_policy_node_get0_qualifiers() returns an
internal pointer to the qualifier_set child
object of the node or NULL if the
node argument is
NULL. It contains the policy qualifiers
associated with the valid_policy of the
node in the certificate corresponding to the
level containing the node.
X509_policy_node_get0_parent() returns
NULL if the
node argument is
NULL or located on level 0. Otherwise, it
returns an an internal pointer to the parent node of the
node argument. The parent node is always
located on the previous level.
SEE ALSO
ASN1_OBJECT_new(3), OBJ_obj2txt(3), POLICYQUALINFO_new(3), STACK_OF(3), X509_new(3), X509_policy_check(3), X509_policy_tree_get0_policies(3)STANDARDS
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, section 6.1: Basic Path ValidationHISTORY
These function first appeared in OpenSSL 0.9.8 and have been available since OpenBSD 4.5.| November 11, 2021 | Debian |