XML Security Library

LibXML2
LibXSLT
OpenSSL

x509

x509 — X509 certificates support implementation for OpenSSL.

Description

X509 certificates support implementation for OpenSSL.

Functions

xmlSecOpenSSLKeyDataX509GetKlass ()

xmlSecKeyDataId
xmlSecOpenSSLKeyDataX509GetKlass (void);

The OpenSSL X509 key data klass (http://www.w3.org/TR/xmldsig-core/sec-X509Data).

Returns

the X509 data klass.


xmlSecOpenSSLKeyDataX509GetKeyCert ()

X509 *
xmlSecOpenSSLKeyDataX509GetKeyCert (xmlSecKeyDataPtr data);

Gets the certificate from which the key was extracted.

Parameters

data

the pointer to X509 key data.

Returns

the key's certificate or NULL if key data was not used for key extraction or an error occurs.


xmlSecOpenSSLKeyDataX509AdoptKeyCert ()

int
xmlSecOpenSSLKeyDataX509AdoptKeyCert (xmlSecKeyDataPtr data,
                                      X509 *cert);

Sets the key's certificate in data .

Parameters

data

the pointer to X509 key data.

cert

the pointer to OpenSSL X509 certificate.

Returns

0 on success or a negative value if an error occurs.


xmlSecOpenSSLKeyDataX509AdoptCert ()

int
xmlSecOpenSSLKeyDataX509AdoptCert (xmlSecKeyDataPtr data,
                                   X509 *cert);

Adds certificate to the X509 key data.

Parameters

data

the pointer to X509 key data.

cert

the pointer to OpenSSL X509 certificate.

Returns

0 on success or a negative value if an error occurs.


xmlSecOpenSSLKeyDataX509GetCert ()

X509 *
xmlSecOpenSSLKeyDataX509GetCert (xmlSecKeyDataPtr data,
                                 xmlSecSize pos);

Gets a certificate from X509 key data.

Parameters

data

the pointer to X509 key data.

pos

the desired certificate position.

Returns

the pointer to certificate or NULL if pos is larger than the number of certificates in data or an error occurs.


xmlSecOpenSSLKeyDataX509GetCertsSize ()

xmlSecSize
xmlSecOpenSSLKeyDataX509GetCertsSize (xmlSecKeyDataPtr data);

Gets the number of certificates in data .

Parameters

data

the pointer to X509 key data.

Returns

te number of certificates in data .


xmlSecOpenSSLKeyDataX509AdoptCrl ()

int
xmlSecOpenSSLKeyDataX509AdoptCrl (xmlSecKeyDataPtr data,
                                  X509_CRL *crl);

Adds CRL to the X509 key data.

Parameters

data

the pointer to X509 key data.

crl

the pointer to OpenSSL X509 CRL.

Returns

0 on success or a negative value if an error occurs.


xmlSecOpenSSLKeyDataX509GetCrl ()

X509_CRL *
xmlSecOpenSSLKeyDataX509GetCrl (xmlSecKeyDataPtr data,
                                xmlSecSize pos);

Gets a CRL from X509 key data.

Parameters

data

the pointer to X509 key data.

pos

the desired CRL position.

Returns

the pointer to CRL or NULL if pos is larger than the number of CRLs in data or an error occurs.


xmlSecOpenSSLKeyDataX509GetCrlsSize ()

xmlSecSize
xmlSecOpenSSLKeyDataX509GetCrlsSize (xmlSecKeyDataPtr data);

Gets the number of CRLs in data .

Parameters

data

the pointer to X509 key data.

Returns

te number of CRLs in data .


xmlSecOpenSSLX509CertGetKey ()

xmlSecKeyDataPtr
xmlSecOpenSSLX509CertGetKey (X509 *cert);

Extracts public key from the cert .

Parameters

cert

the certificate.

Returns

public key value or NULL if an error occurs.


xmlSecOpenSSLKeyDataRawX509CertGetKlass ()

xmlSecKeyDataId
xmlSecOpenSSLKeyDataRawX509CertGetKlass
                               (void);

The raw X509 certificates key data klass.

Returns

raw X509 certificates key data klass.


xmlSecOpenSSLX509StoreGetKlass ()

xmlSecKeyDataStoreId
xmlSecOpenSSLX509StoreGetKlass (void);

The OpenSSL X509 certificates key data store klass.

Returns

pointer to OpenSSL X509 certificates key data store klass.


xmlSecOpenSSLX509StoreFindCert ()

X509 *
xmlSecOpenSSLX509StoreFindCert (xmlSecKeyDataStorePtr store,
                                xmlChar *subjectName,
                                xmlChar *issuerName,
                                xmlChar *issuerSerial,
                                xmlChar *ski,
                                xmlSecKeyInfoCtx *keyInfoCtx);

Searches store for a certificate that matches given criteria.

Parameters

store

the pointer to X509 key data store klass.

subjectName

the desired certificate name.

issuerName

the desired certificate issuer name.

issuerSerial

the desired certificate issuer serial number.

ski

the desired certificate SKI.

keyInfoCtx

the pointer to <dsig:KeyInfo/> element processing context.

Returns

pointer to found certificate or NULL if certificate is not found or an error occurs.


xmlSecOpenSSLX509StoreVerify ()

X509 *
xmlSecOpenSSLX509StoreVerify (xmlSecKeyDataStorePtr store,
                              XMLSEC_STACK_OF_X509 *certs,
                              XMLSEC_STACK_OF_X509_CRL *crls,
                              xmlSecKeyInfoCtx *keyInfoCtx);

Verifies certs list.

Parameters

store

the pointer to X509 key data store klass.

certs

the untrusted certificates stack.

crls

the crls stack.

keyInfoCtx

the pointer to <dsig:KeyInfo/> element processing context.

Returns

pointer to the first verified certificate from certs .


xmlSecOpenSSLX509StoreAdoptCert ()

int
xmlSecOpenSSLX509StoreAdoptCert (xmlSecKeyDataStorePtr store,
                                 X509 *cert,
                                 xmlSecKeyDataType type);

Adds trusted (root) or untrusted certificate to the store.

Parameters

store

the pointer to X509 key data store klass.

cert

the pointer to OpenSSL X509 certificate.

type

the certificate type (trusted/untrusted).

Returns

0 on success or a negative value if an error occurs.


xmlSecOpenSSLX509StoreAdoptCrl ()

int
xmlSecOpenSSLX509StoreAdoptCrl (xmlSecKeyDataStorePtr store,
                                X509_CRL *crl);

Adds X509 CRL to the store.

Parameters

store

the pointer to X509 key data store klass.

crl

the pointer to OpenSSL X509_CRL.

Returns

0 on success or a negative value if an error occurs.


xmlSecOpenSSLX509StoreAddCertsPath ()

int
xmlSecOpenSSLX509StoreAddCertsPath (xmlSecKeyDataStorePtr store,
                                    const char *path);

Adds all certs in the path to the list of trusted certs in store .

Parameters

store

the pointer to OpenSSL x509 store.

path

the path to the certs dir.

Returns

0 on success or a negative value otherwise.


xmlSecOpenSSLX509StoreAddCertsFile ()

int
xmlSecOpenSSLX509StoreAddCertsFile (xmlSecKeyDataStorePtr store,
                                    const char *filename);

Adds all certs in file to the list of trusted certs in store . It is possible for file to contain multiple certs.

Parameters

store

the pointer to OpenSSL x509 store.

filename

the certs file.

Returns

0 on success or a negative value otherwise.

Types and Values

XMLSEC_STACK_OF_X509

#define XMLSEC_STACK_OF_X509            STACK_OF(X509)

Macro. To make docbook happy.


XMLSEC_STACK_OF_X509_CRL

#define XMLSEC_STACK_OF_X509_CRL        STACK_OF(X509_CRL)

Macro. To make docbook happy.


xmlSecOpenSSLKeyDataX509Id

#define             xmlSecOpenSSLKeyDataX509Id

The OpenSSL X509 data klass.


xmlSecOpenSSLKeyDataRawX509CertId

#define             xmlSecOpenSSLKeyDataRawX509CertId

The OpenSSL raw X509 certificate klass.


xmlSecOpenSSLX509StoreId

#define             xmlSecOpenSSLX509StoreId

The OpenSSL X509 store klass.