Certificate Components for C
|
| RSA BSAFE Cert-C |
Certificate Components for C |
| Crypto-C 6.2.1 Developer's Guide | ||
| Search |
The file aglobal.h that is included here and elsewhere is a RSA BSAFE Crypto-C header and is found in the Crypto-C package. The typedef for POINTER that is used throughout Cert-C originates in aglobal.h.
#include "aglobal.h"
Go to the source code of this file.
Data Structures | |
| BIT_STRING | |
| A low-level structure that holds an ordered sequence of bits. More... | |
| GENERALIZED_TIME | |
| Stores a time value. More... | |
Typedefs | |
| typedef struct | BIT_STRING |
| A low-level structure that holds an ordered sequence of bits. More... | |
| typedef struct | GENERALIZED_TIME |
| Stores a time value. More... | |
| typedef POINTER | CERTC_CTX |
Use the Cert-C context, CERTC_CTX, to collect a number of common parameters and state variables. More... | |
| typedef POINTER | LIST_OBJ |
Use the LIST_OBJ object to store and pass a collection of abstract data types, including types defined by Cert-C and types defined by your application. More... | |
| typedef POINTER | NAME_OBJ |
Cert-C uses a NAME_OBJ object to represent the names of entities involved in privacy enhancement. More... | |
| typedef POINTER | ATTRIBUTES_OBJ |
Cert-C uses an ATTRIBUTES_OBJ object to store and pass extra information about the certificate subject in a certification request. More... | |
| typedef POINTER | EXTENSIONS_OBJ |
Cert-C represents X.509 v3 extensions with an EXTENSIONS_OBJ object. More... | |
| typedef POINTER | CERT_OBJ |
Cert-C represents certificate information with a CERT_OBJ object. More... | |
| typedef POINTER | CRL_ENTRIES_OBJ |
Some CRL functions act on CRL_ENTRIES_OBJ objects instead of on CRL_OBJ objects. More... | |
| typedef POINTER | CRL_OBJ |
Cert-C represents CRL information with a CRL_OBJ object. More... | |
| typedef POINTER | SERVICE |
| A service handle. More... | |
| typedef POINTER | DB_ITERATOR |
Use the database iterator handle, DB_ITERATOR, to sequentially retrieve records of a particular type from a database or a set of databases. More... | |
|
|
Cert-C uses an An attribute set is made up of attributes. Each attribute has an attribute type and one or more values. Some attribute types, such as the time at which a message is signed, can only have one value; other attribute types, such as a postal address, can have multiple values. There is no significance to the ordering of the different attribute types in an attribute set, or to the ordering of multiple values for a particular attribute type. |
|
|
A low-level structure that holds an ordered sequence of bits. This structure is used with C_BERDecodeBitString(), C_DEREncodeBitString() and C_DEREncodeNamedBitString(). It is also used in the
For example, given the following 12-bit string:
Create the following
|
|
|
Cert-C represents certificate information with a
A certificate's version can be
If a certificate's version is
If a certificate's version is |
|
|
Use the Cert-C context, |
|
|
Some CRL functions act on
Cert-C does not provide a way to create or destroy a
Cert-C provides functions to add and delete entries in the |
|
|
Cert-C represents CRL information with a
If the CRL version is |
|
|
Use the database iterator handle, |
|
|
Cert-C represents X.509 v3 extensions with an Each extension entry includes the extension type, its criticality, its handler, and a value list. There is only one extension entry for each extension type in the extensions object. The value list for some extension types can have only a single value at a time; the value list for other extension types can have multiple values at the same time.
When creating a
Cert-C supports the following five X.509 v3 extensions-object types:
Cert-C also supports application-defined extensions. All extensions added to an extensions object must be of the same extensions-object type. Therefore, it is necessary to provide an extensions-object type when calling the following functions: C_CreateExtension(), C_SetExtensionBER(), C_SetEncodedExtensionValue(), and C_SetExtensionsObjectBER(). |
|
|
Stores a time value. The time value is represented in the Generalized Time format, defined in the X.680 standard, ASN.1. The
For example, the following statements input the UTC time of 6 minutes, 27.000003 seconds after 9:00 P.M. on November 6, 1985 (the X.680 UTC time is
|
|
|
Use the Cert-C list objects: Cert-C uses a list object to store an extension's value list. It also uses a list object to store extension values that consist of multiple components, such as the Certificate Policies extension. Application-defined list objects: An application can use a list object as a container for any kind of value. Each value can even be defined by a different data structure, provided that the LIST_OBJ_ENTRY_HANDLER was set up correctly.
Cert-C provides functions that you can use to maintain list objects of common Cert-C data types. For example, it provides a set of functions to maintain list objects that contain ITEM structures, CERT_OBJ objects, and CRL_OBJ objects; these functions are declared in the |
|
|
Cert-C uses a An X.500-defined DN specifies a path through an X.500-defined directory tree. The DER encoding is a string of unsigned characters representing the path; the AVA list contains the AVAs that define each level traversed by the path through the tree. Each level involves one or more AVAs; the AVA list indicates whether successive AVAs are part of the same level or different levels. There is no significance to the order of AVAs within a level. Furthermore, some environments require that an AVA of any type appears only once within a level. However, Cert-C does not enforce this requirement. |
|
|
A service handle. This service handle can be used as an input parameter for some Cert-C functions. It can be bound to the service handle to a single service-provider instance, or to a sequence of service-provider instances, all of the same type. Use the C_BindService() and C_BindServices() functions to create a |