Certificate: main


Functions
int	CST_delete_cert (CST *st, const cst_t_seqnum certID)
int	CST_append_X509 (CST st, X509 cert)
GSList *	CST_append_sk_X509 (CST st, CST_STACK_OF_X509 list)
CST_STACK_OF_X509 *	CST_get_chain (CST st, X509 cert)
GSList *	CST_get_chain_id_by_id (CST *st, const cst_t_seqnum certID)
GSList *	CST_get_chain_id (CST st, X509 x)
X509_NAME *	CST_get_issued_by_dn (X509 *cert)
X509_NAME *	CST_get_subject_dn (X509 *cert)
time_t	CST_get_valid_from (X509 *cert)
time_t	CST_get_valid_to (X509 *cert)
int	CST_is_expired (X509 *cert)
ASN1_INTEGER *	CST_get_serial_number (X509 *cert)
char *	CST_get_serial_number_t (X509 *cert)
char *	CST_get_fingerprint (X509 *cert)
char *	CST_get_fingerprint_MD5 (X509 *cert)
char *	CST_get_fingerprint_SHA1 (X509 *cert)
char *	CST_get_email (X509 *cert)
char *	CST_get_domain_name (X509 *cert)
char *	CST_get_public_key_alg (X509 *cert)
int	CST_check_purpose_x (X509 *x, const cst_t_cert_purpose purposes)
	Check purpose of X509.
int	CST_check_purpose (CST *st, const cst_t_seqnum certID, const cst_t_cert_purpose purpose)
	Check purpose of certificate in storage by his ID.
int	CST_is_root (X509 *cert)
int	CST_is_root_id (CST *st, const cst_t_seqnum certID)
int	CST_is_CA (X509 *cert)
int	CST_is_revoked (CST st, X509 cert)
int	CST_is_network (CST st, X509 cert)
char *	CST_get_network_URL (CST st, X509 cert)
int	CST_set_folder (CST *st, const cst_t_seqnum certID, const cst_t_cert_folder f)
cst_t_cert_folder	CST_get_folder (CST *st, const cst_t_seqnum certID)
int	CST_set_purpose (CST *st, const cst_t_seqnum certID, const cst_t_cert_purpose p, const int value)
int	CST_is_purpose (CST *st, const cst_t_seqnum certID, const cst_t_cert_purpose p)
int	CST_is_valid (CST st, X509 cert)
int	CST_is_valid_f (CST st, FILE file, GError **error)
int	CST_is_valid_f_DER (CST st, FILE file, GError **error)
int	CST_is_valid_for (CST st, X509 cert, const cst_t_cert_purpose purpose)
int	CST_get_state (CST st, X509 cert)
	Get state of certificate.
X509 *	CST_get_cert (CST *st, const cst_t_seqnum certID)

Function Documentation

GSList* CST_append_sk_X509	(	CST *	st,
		CST_STACK_OF_X509 *	list
	)

Append STACK_OF(X509) to storage

Parameters:

	st	Pointer to storage structure
	list	Stack of X509 certificates

Returns:

Pointer to GSList with error code for each element of stack. Use GPOINTER_TO_INT(i->data) to get result for each code. You need execute g_slist_free(result) to free resorces.

        STACK_OF(X509) * list = ...
        GSList * result = CST_append_sk_X509(st, list);
        GSList * i;
        for (i = result; i != NULL; i = i->next);
        {
            printf("Error code: %i\n", GPOINTER_TO_INT(i->data));
        }
        g_slist_free(list);

Possible error: CST_ERROR_CERT_EXIST

int CST_append_X509	(	CST *	st,
		X509 *	cert
	)

Append X509 certificate to storage

Parameters:

	st	Pointer to storage structure
	cert	Pointer to X509 structure

Returns:: Error code

Possible error: CST_ERROR_CERT_EXIST, CST_ERROR_DBSTRUCTURE_CORRUPT, CST_ERROR_IO, CST_ERROR_NOSPC

int CST_check_purpose	(	CST *	st,
		const cst_t_seqnum	certID,
		const cst_t_cert_purpose	purpose
	)

Check purpose of certificate in storage by his ID.

Parameters:

	st	Pointer to certificate storage
	certID	Certificate ID
	purpose	Purpose

Returns:: TRUE can set given purpose to certificate

int CST_check_purpose_x	(	X509 *	x,
		const cst_t_cert_purpose	purposes
	)

Check purpose of X509.

Parameters:

	x	X509 certificate
	purposes	Purpose

Returns:: TRUE if all purposes is ok for certificate

int CST_delete_cert	(	CST *	st,
		const cst_t_seqnum	certID
	)

Delete certificate

Parameters:

	st	Pointer to storage structure
	certID	Certificate ID

Returns:: Error code

Possible error: CST_ERROR_CERT_NOTFOUND

X509* CST_get_cert	(	CST *	st,
		const cst_t_seqnum	certID
	)

Get X509 by certID

CST_STACK_OF_X509* CST_get_chain	(	CST *	st,
		X509 *	cert
	)

Get cert chain for given certificate

Parameters:

	st	Pointer to storage structure
	cert	Certificate for which need chan

Returns:: Stack of certificates or NULL if not found chain

Possible error: CST_ERROR_CERT_NOTFOUND - if cert chain incomplite

GSList* CST_get_chain_id	(	CST *	st,
		X509 *	x
	)

Get cert chain for given certificate ID

Parameters:

	st	Pointer to storage structure
	x	X509 Certificate

Returns:: GSList * - is list of certificate ID

Example 2. Using search functions, which return GSList.

GSList* CST_get_chain_id_by_id	(	CST *	st,
		const cst_t_seqnum	certID
	)

Get cert chain for given certificate ID

Parameters:

	st	Pointer to storage structure
	certID	Certificate ID

Returns:: GSList * - is list of certificate ID

Example 2. Using search functions, which return GSList.

char* CST_get_domain_name ( X509 * cert )

Get domain name if exist or NULL

char* CST_get_email ( X509 * cert )

Get email if exist or NULL

char* CST_get_fingerprint ( X509 * cert )

Get fingerprint

char* CST_get_fingerprint_MD5 ( X509 * cert )

Get fingerprint MD5

char* CST_get_fingerprint_SHA1 ( X509 * cert )

Get fingerprint SHA1

cst_t_cert_folder CST_get_folder	(	CST *	st,
		const cst_t_seqnum	certID
	)

Get certificate folder

X509_NAME* CST_get_issued_by_dn ( X509 * cert )

Get issuer distinguished name (issued by)

char* CST_get_network_URL	(	CST *	st,
		X509 *	cert
	)

Get stored on network URL

Todo:: Need implement

char* CST_get_public_key_alg ( X509 * cert )

Get public key algorithm

ASN1_INTEGER* CST_get_serial_number ( X509 * cert )

Get serial number

char* CST_get_serial_number_t ( X509 * cert )

Get serial number in string

int CST_get_state	(	CST *	st,
		X509 *	cert
	)

Get state of certificate.

see: CST_STATE_REVOKED, CST_STATE_EXPIRED, ...

X509_NAME* CST_get_subject_dn ( X509 * cert )

Get subject distinguished name (issued to)

time_t CST_get_valid_from ( X509 * cert )

Get valid to

time_t CST_get_valid_to ( X509 * cert )

Get valid from

int CST_is_CA ( X509 * cert )

Check that certificate can be CA

Parameters:

cert

X509 certificate

Returns:: TRUE if "Basic Constraint" not present or in "Basic Constraint" CA = TRUE

int CST_is_expired ( X509 * cert )

If certificate expired or not valid yet return TRUE

int CST_is_network	(	CST *	st,
		X509 *	cert
	)

Get stored on network state

Todo:: Need implement

int CST_is_purpose	(	CST *	st,
		const cst_t_seqnum	certID,
		const cst_t_cert_purpose	p
	)

Check purpose (trust)

Returns:: boolean value. TRUE only if certificate found and all requested purposes is TRUE.

int CST_is_revoked	(	CST *	st,
		X509 *	cert
	)

Get revoked state

int CST_is_root ( X509 * cert )

Check that certificate is root

Parameters:

cert

X509 certificate

Returns:: TRUE if is root

int CST_is_root_id	(	CST *	st,
		const cst_t_seqnum	certID
	)

Check that certificate (certID) is root

Parameters:

	st	Pointer to storage structure
	certID	Certificate ID

Returns:: TRUE if certificate is root, FALSE if not root or not found

int CST_is_valid	(	CST *	st,
		X509 *	cert
	)

Check certificate validity

int CST_is_valid_f	(	CST *	st,
		FILE *	file,
		GError **	error
	)

Check certificate validity. Read certificate from file (PEM format).

int CST_is_valid_f_DER	(	CST *	st,
		FILE *	file,
		GError **	error
	)

Check certificate validity. Read certificate from file (DER format).

int CST_is_valid_for	(	CST *	st,
		X509 *	cert,
		const cst_t_cert_purpose	purpose
	)

Check certificate validity

int CST_set_folder	(	CST *	st,
		const cst_t_seqnum	certID,
		const cst_t_cert_folder	f
	)

Set certificate folder

int CST_set_purpose	(	CST *	st,
		const cst_t_seqnum	certID,
		const cst_t_cert_purpose	p,
		const int	value
	)

Set purose (trust settings)

Generated on Fri Sep 28 12:57:35 2007 for Certman by

1.5.1

Certificate: main

Functions

Function Documentation