XML Security Library

LibXML2
LibXSLT
OpenSSL

x509

x509 — X509 certificates implementation for NSS.

Stability Level

Stable, unless otherwise indicated

Description

Functions

xmlSecNssKeyDataX509GetKlass ()

xmlSecKeyDataId
xmlSecNssKeyDataX509GetKlass (void);

The NSS X509 key data klass (http://www.w3.org/TR/xmldsig-core/sec-X509Data).

Returns

the X509 data klass.


xmlSecNssKeyDataX509GetKeyCert ()

CERTCertificate *
xmlSecNssKeyDataX509GetKeyCert (xmlSecKeyDataPtr data);

Gets the certificate from which the key was extracted.

Parameters

data

the pointer to X509 key data.

Returns

the key's certificate or NULL if key data was not used for key extraction or an error occurs.


xmlSecNssKeyDataX509AdoptKeyCert ()

int
xmlSecNssKeyDataX509AdoptKeyCert (xmlSecKeyDataPtr data,
                                  CERTCertificate *cert);

Sets the key's certificate in data .

Parameters

data

the pointer to X509 key data.

cert

the pointer to NSS X509 certificate.

Returns

0 on success or a negative value if an error occurs.


xmlSecNssKeyDataX509AdoptCert ()

int
xmlSecNssKeyDataX509AdoptCert (xmlSecKeyDataPtr data,
                               CERTCertificate *cert);

Adds certificate to the X509 key data.

Parameters

data

the pointer to X509 key data.

cert

the pointer to NSS X509 certificate.

Returns

0 on success or a negative value if an error occurs.


xmlSecNssKeyDataX509GetCert ()

CERTCertificate *
xmlSecNssKeyDataX509GetCert (xmlSecKeyDataPtr data,
                             xmlSecSize pos);

Gets a certificate from X509 key data.

Parameters

data

the pointer to X509 key data.

pos

the desired certificate position.

Returns

the pointer to certificate or NULL if pos is larger than the number of certificates in data or an error occurs.


xmlSecNssKeyDataX509GetCertsSize ()

xmlSecSize
xmlSecNssKeyDataX509GetCertsSize (xmlSecKeyDataPtr data);

Gets the number of certificates in data .

Parameters

data

the pointer to X509 key data.

Returns

te number of certificates in data .


xmlSecNssKeyDataX509AdoptCrl ()

int
xmlSecNssKeyDataX509AdoptCrl (xmlSecKeyDataPtr data,
                              CERTSignedCrl *crl);

Adds CRL to the X509 key data.

Parameters

data

the pointer to X509 key data.

crl

the pointer to NSS X509 CRL.

Returns

0 on success or a negative value if an error occurs.


xmlSecNssKeyDataX509GetCrl ()

CERTSignedCrl *
xmlSecNssKeyDataX509GetCrl (xmlSecKeyDataPtr data,
                            xmlSecSize pos);

Gets a CRL from X509 key data.

Parameters

data

the pointer to X509 key data.

pos

the desired CRL position.

Returns

the pointer to CRL or NULL if pos is larger than the number of CRLs in data or an error occurs.


xmlSecNssKeyDataX509GetCrlsSize ()

xmlSecSize
xmlSecNssKeyDataX509GetCrlsSize (xmlSecKeyDataPtr data);

Gets the number of CRLs in data .

Parameters

data

the pointer to X509 key data.

Returns

te number of CRLs in data .


xmlSecNssX509CertGetKey ()

xmlSecKeyDataPtr
xmlSecNssX509CertGetKey (CERTCertificate *cert);

Extracts public key from the cert .

Parameters

cert

the certificate.

Returns

public key value or NULL if an error occurs.


xmlSecNssKeyDataRawX509CertGetKlass ()

xmlSecKeyDataId
xmlSecNssKeyDataRawX509CertGetKlass (void);

The raw X509 certificates key data klass.

Returns

raw X509 certificates key data klass.


xmlSecNssX509StoreGetKlass ()

xmlSecKeyDataStoreId
xmlSecNssX509StoreGetKlass (void);

The NSS X509 certificates key data store klass.

Returns

pointer to NSS X509 certificates key data store klass.


xmlSecNssX509StoreFindCert ()

CERTCertificate *
xmlSecNssX509StoreFindCert (xmlSecKeyDataStorePtr store,
                            xmlChar *subjectName,
                            xmlChar *issuerName,
                            xmlChar *issuerSerial,
                            xmlChar *ski,
                            xmlSecKeyInfoCtx *keyInfoCtx);

Searches store for a certificate that matches given criteria.

Parameters

store

the pointer to X509 key data store klass.

subjectName

the desired certificate name.

issuerName

the desired certificate issuer name.

issuerSerial

the desired certificate issuer serial number.

ski

the desired certificate SKI.

keyInfoCtx

the pointer to <dsig:KeyInfo/> element processing context.

Returns

pointer to found certificate or NULL if certificate is not found or an error occurs.


xmlSecNssX509StoreVerify ()

CERTCertificate *
xmlSecNssX509StoreVerify (xmlSecKeyDataStorePtr store,
                          CERTCertList *certs,
                          xmlSecKeyInfoCtx *keyInfoCtx);

Verifies certs list.

Parameters

store

the pointer to X509 key data store klass.

certs

the untrusted certificates stack.

keyInfoCtx

the pointer to <dsig:KeyInfo/> element processing context.

Returns

pointer to the first verified certificate from certs .


xmlSecNssX509StoreAdoptCert ()

int
xmlSecNssX509StoreAdoptCert (xmlSecKeyDataStorePtr store,
                             CERTCertificate *cert,
                             xmlSecKeyDataType type);

Adds trusted (root) or untrusted certificate to the store.

Parameters

store

the pointer to X509 key data store klass.

cert

the pointer to NSS X509 certificate.

type

the certificate type (trusted/untrusted).

Returns

0 on success or a negative value if an error occurs.

Types and Values

xmlSecNssKeyDataX509Id

#define             xmlSecNssKeyDataX509Id

The NSS X509 data klass.


xmlSecNssKeyDataRawX509CertId

#define             xmlSecNssKeyDataRawX509CertId

The NSS raw X509 certificate klass.


xmlSecNssX509StoreId

#define             xmlSecNssX509StoreId

The NSS X509 store klass.