XML Security Library

LibXML2
LibXSLT
OpenSSL

x509

x509 — X509 certificates support implementation for GnuTLS.

Description

X509 certificates support implementation for GnuTLS.

Functions

xmlSecGnuTLSKeyDataX509GetKlass ()

xmlSecKeyDataId
xmlSecGnuTLSKeyDataX509GetKlass (void);

The GnuTLS X509 key data klass (http://www.w3.org/TR/xmldsig-core/sec-X509Data).

Returns

the X509 data klass.


xmlSecGnuTLSKeyDataX509GetKeyCert ()

gnutls_x509_crt_t
xmlSecGnuTLSKeyDataX509GetKeyCert (xmlSecKeyDataPtr data);

Gets the certificate from which the key was extracted.

Parameters

data

the pointer to X509 key data.

Returns

the key's certificate or NULL if key data was not used for key extraction or an error occurs.


xmlSecGnuTLSKeyDataX509AdoptKeyCert ()

int
xmlSecGnuTLSKeyDataX509AdoptKeyCert (xmlSecKeyDataPtr data,
                                     gnutls_x509_crt_t cert);

Sets the key's certificate in data .

Parameters

data

the pointer to X509 key data.

cert

the pointer to GnuTLS X509 certificate.

Returns

0 on success or a negative value if an error occurs.


xmlSecGnuTLSKeyDataX509AdoptCert ()

int
xmlSecGnuTLSKeyDataX509AdoptCert (xmlSecKeyDataPtr data,
                                  gnutls_x509_crt_t cert);

Adds certificate to the X509 key data.

Parameters

data

the pointer to X509 key data.

cert

the pointer to GnuTLS X509 certificate.

Returns

0 on success or a negative value if an error occurs.


xmlSecGnuTLSKeyDataX509GetCert ()

gnutls_x509_crt_t
xmlSecGnuTLSKeyDataX509GetCert (xmlSecKeyDataPtr data,
                                xmlSecSize pos);

Gets a certificate from X509 key data.

Parameters

data

the pointer to X509 key data.

pos

the desired certificate position.

Returns

the pointer to certificate or NULL if pos is larger than the number of certificates in data or an error occurs.


xmlSecGnuTLSKeyDataX509GetCertsSize ()

xmlSecSize
xmlSecGnuTLSKeyDataX509GetCertsSize (xmlSecKeyDataPtr data);

Gets the number of certificates in data .

Parameters

data

the pointer to X509 key data.

Returns

te number of certificates in data .


xmlSecGnuTLSKeyDataX509AdoptCrl ()

int
xmlSecGnuTLSKeyDataX509AdoptCrl (xmlSecKeyDataPtr data,
                                 gnutls_x509_crl_t crl);

Adds crl to the X509 key data.

Parameters

data

the pointer to X509 key data.

crl

the pointer to GnuTLS X509 crl.

Returns

0 on success or a negative value if an error occurs.


xmlSecGnuTLSKeyDataX509GetCrl ()

gnutls_x509_crl_t
xmlSecGnuTLSKeyDataX509GetCrl (xmlSecKeyDataPtr data,
                               xmlSecSize pos);

Gets a crl from X509 key data.

Parameters

data

the pointer to X509 key data.

pos

the desired crl position.

Returns

the pointer to crl or NULL if pos is larger than the number of crls in data or an error occurs.


xmlSecGnuTLSKeyDataX509GetCrlsSize ()

xmlSecSize
xmlSecGnuTLSKeyDataX509GetCrlsSize (xmlSecKeyDataPtr data);

Gets the number of crls in data .

Parameters

data

the pointer to X509 key data.

Returns

te number of crls in data .


xmlSecGnuTLSX509CertGetKey ()

xmlSecKeyDataPtr
xmlSecGnuTLSX509CertGetKey (gnutls_x509_crt_t cert);

Extracts public key from the cert .

Parameters

cert

the certificate.

Returns

public key value or NULL if an error occurs.


xmlSecGnuTLSKeyDataRawX509CertGetKlass ()

xmlSecKeyDataId
xmlSecGnuTLSKeyDataRawX509CertGetKlass
                               (void);

The raw X509 certificates key data klass.

Returns

raw X509 certificates key data klass.


xmlSecGnuTLSX509StoreGetKlass ()

xmlSecKeyDataStoreId
xmlSecGnuTLSX509StoreGetKlass (void);

The GnuTLS X509 certificates key data store klass.

Returns

pointer to GnuTLS X509 certificates key data store klass.


xmlSecGnuTLSX509StoreFindCert ()

gnutls_x509_crt_t
xmlSecGnuTLSX509StoreFindCert (const xmlSecKeyDataStorePtr store,
                               const xmlChar *subjectName,
                               const xmlChar *issuerName,
                               const xmlChar *issuerSerial,
                               const xmlChar *ski,
                               const xmlSecKeyInfoCtx *keyInfoCtx);

Searches store for a certificate that matches given criteria.

Parameters

store

the pointer to X509 key data store klass.

subjectName

the desired certificate name.

issuerName

the desired certificate issuer name.

issuerSerial

the desired certificate issuer serial number.

ski

the desired certificate SKI.

keyInfoCtx

the pointer to <dsig:KeyInfo/> element processing context.

Returns

pointer to found certificate or NULL if certificate is not found or an error occurs.


xmlSecGnuTLSX509StoreVerify ()

gnutls_x509_crt_t
xmlSecGnuTLSX509StoreVerify (xmlSecKeyDataStorePtr store,
                             xmlSecPtrListPtr certs,
                             xmlSecPtrListPtr crls,
                             const xmlSecKeyInfoCtx *keyInfoCtx);

Verifies certs list.

Parameters

store

the pointer to X509 key data store klass.

certs

the untrusted certificates.

crls

the crls.

keyInfoCtx

the pointer to <dsig:KeyInfo/> element processing context.

Returns

pointer to the first verified certificate from certs .


xmlSecGnuTLSX509StoreAdoptCert ()

int
xmlSecGnuTLSX509StoreAdoptCert (xmlSecKeyDataStorePtr store,
                                gnutls_x509_crt_t cert,
                                xmlSecKeyDataType type);

Adds trusted (root) or untrusted certificate to the store.

Parameters

store

the pointer to X509 key data store klass.

cert

the pointer to GnuTLS X509 certificate.

type

the certificate type (trusted/untrusted).

Returns

0 on success or a negative value if an error occurs.

Types and Values

xmlSecGnuTLSKeyDataX509Id

#define             xmlSecGnuTLSKeyDataX509Id

The GnuTLS X509 data klass.


xmlSecGnuTLSKeyDataRawX509CertId

#define             xmlSecGnuTLSKeyDataRawX509CertId

The GnuTLS raw X509 certificate klass.


xmlSecGnuTLSX509StoreId

#define             xmlSecGnuTLSX509StoreId

The GnuTLS X509 store klass.