Certificate Components for C
|
| RSA BSAFE Cert-C |
Certificate Components for C |
| Crypto-C 6.2.1 Developer's Guide | ||
| Search |
#include "basetype.h"
#include "certlist.h"
#include "certattr.h"
#include "certname.h"
Go to the source code of this file.
Data Structures | |
| AIA_DESCRIPTION | |
| Represents the Authority Information Access (AIA) extension for X.509 v3 certificates, and specifies how to obtain CA information about the issuer of the certificate. More... | |
| ALTERNATE_NAME | |
| Holds a variety of name forms. More... | |
| AUTHORITY_KEY_ID | |
| Represents the Authority Key Identifier extension for X.509 v3 certificates and CRLs. More... | |
| BASIC_CONSTRAINTS | |
| Represents the Basic Constraints extension for X.509 certificates. More... | |
| DIST_POINT_NAME | |
Represents the ASN.1 DistributionPointName structure in RFC 2459. More... | |
| DISTRIBUTION_POINT | |
| Represents a CRL Distribution Point (DP) extension for X.509 v3 CRLs. More... | |
| EXTENDED_KEY_USAGE | |
| Represents the Extended Key Usage extension for X.509 v3 certificates. More... | |
| DEFINED_ATTRIBUTE | |
| Stores a domain-defined attribute of the O/R address. More... | |
| DEFINED_ATTRIBUTES | |
| Stores the domain-defined attributes of the O/R address. More... | |
| E163_4_ADDR | |
A type of extended network address in the EXTENSION_ATTRIBUTE structure. More... | |
| EDI_PARTY_NAME | |
| Contains an alternate name in a format agreed upon between communicating EDI partners. More... | |
| EXTENDED_NETWORK_ADDR | |
| Contains an extended network address. More... | |
| EXTENSION_ATTRIBUTE | |
| Stores an extension attribute of the O/R address. More... | |
| EXTENSION_ATTRIBUTES | |
When specifying an OR_ADDRESS structure (as a member of an ALTERNATE_NAME structure), use this structure to store the extension attributes of the O/R address. More... | |
| EXTENSION_INFO | |
Retrieves extension entry information from an opaque EXTENSIONS_OBJ by calling C_GetExtensionInfo(). More... | |
| EXTENSION_TYPE_INFO | |
| Displays or changes the default setting of a supported standard extension. More... | |
| GENERAL_NAMES | |
Represents the ASN.1 GeneralNames structure as described in RFC 2459. More... | |
| GENERAL_SUBTREE | |
| Specifies one or more naming subtrees, each defined by the name of the root of the subtree. More... | |
| ISSUING_DISTRIBUTION_POINT | |
| Represents an Issuing Distribution Point (DP) extension for X.509 v3 CRLs. More... | |
| NAME_CONSTRAINTS | |
| Contains a Name Constraints extension for X.509 v3 certificates. More... | |
| OCSP_ACCEPTABLE_RESPONSES | |
| Defines the acceptable OCSP response types. More... | |
| struct | OCSP_CRL_REFERENCE |
| Represents the CRL References extension for an OCSP response. More... | |
| OR_ADDRESS | |
| Contains an O/R address that is defined in the X.411 standard. More... | |
| ORG_UNIT_NAMES | |
| Contains an organizational unit name. More... | |
| OTHER_NAME | |
| Contains an application-defined alternate name. More... | |
| PDS_PARAMETER | |
| Contains a physical delivery system value. More... | |
| PERSONAL_NAME | |
| Contains a personal name. More... | |
| POLICY_CONSTRAINTS_36 | |
| Represents the Policy Constraints extension for X.509 v3 certificates. More... | |
| POLICY_INFO | |
| Represents the Certificate Policies extension for X.509 v3 certificates. More... | |
| POLICY_MAPPING | |
| Represents a Policy Mappings extension for an X.509 v3 certificate. More... | |
| PRESENTATION_ADDR | |
A type of extended network address in the EXTENSION_ATTRIBUTE structure. More... | |
| PRIVATE_KEY_USAGE_PERIOD | |
| Represents the Private Key Usage Period extension for X.509 v3 certificates. More... | |
| QualifierInfo | |
| Stores a policy qualifier. More... | |
| STANDARD_ATTRIBUTES | |
Stores the standard attributes of the O/R address when specifying an OR_ADDRESS structure (as a member of an ALTERNATE_NAME structure). More... | |
| TYPED_STRING | |
| Holds a typed string. More... | |
| UNFORMATTED_POSTAL_ADDR | |
| Contains a non-formatted postal address. More... | |
Defines | |
| #define | TELETEX_PERSONAL_NAME |
| Contains a personal name. More... | |
| #define | TELETEX_DOMAIN_DEFINED_ATTRS |
| Contains an array of domain-defined attributes. More... | |
Typedefs | |
| typedef struct | TYPED_STRING |
| Holds a typed string. More... | |
| typedef struct | EXTENSION_TYPE_INFO |
| Displays or changes the default setting of a supported standard extension. More... | |
| typedef struct | EXTENSION_INFO |
Retrieves extension entry information from an opaque EXTENSIONS_OBJ by calling C_GetExtensionInfo(). | |
| typedef UINT4 | KEY_USAGE |
| Represents the Key Usage extension for X.509 v3 certificates. More... | |
| typedef ITEM | SUBJECT_KEY_ID |
| Represents a Subject Key Identifier extension for an X.509 v3 certificate. More... | |
| typedef ATTRIBUTES_OBJ | SUBJECT_DIR_ATTRIB |
| Represents a Subject Directory Attributes extension for an X.509 v3 certificate. More... | |
| typedef struct | OTHER_NAME |
| Contains an application-defined alternate name. More... | |
| typedef struct | EDI_PARTY_NAME |
| Contains an alternate name in a format agreed upon between communicating EDI partners. More... | |
| typedef struct | PERSONAL_NAME |
| Contains a personal name. More... | |
| typedef struct | ORG_UNIT_NAMES |
| Contains an organizational unit name. More... | |
| typedef struct | STANDARD_ATTRIBUTES |
Stores the standard attributes of the O/R address when specifying an OR_ADDRESS structure (as a member of an ALTERNATE_NAME structure). | |
| typedef struct | DEFINED_ATTRIBUTE |
| Stores a domain-defined attribute of the O/R address. More... | |
| typedef struct | DEFINED_ATTRIBUTES |
| Stores the domain-defined attributes of the O/R address. More... | |
| typedef struct | PDS_PARAMETER |
| Contains a physical delivery system value. More... | |
| typedef struct | UNFORMATTED_POSTAL_ADDR |
| Contains a non-formatted postal address. More... | |
| typedef struct | E163_4_ADDR |
A type of extended network address in the EXTENSION_ATTRIBUTE structure. More... | |
| typedef struct | PRESENTATION_ADDR |
A type of extended network address in the EXTENSION_ATTRIBUTE structure. More... | |
| typedef struct | EXTENDED_NETWORK_ADDR |
| Contains an extended network address. More... | |
| typedef struct | EXTENSION_ATTRIBUTE |
| Stores an extension attribute of the O/R address. More... | |
| typedef struct | EXTENSION_ATTRIBUTES |
When specifying an OR_ADDRESS structure (as a member of an ALTERNATE_NAME structure), use this structure to store the extension attributes of the O/R address. | |
| typedef struct | OR_ADDRESS |
| Contains an O/R address that is defined in the X.411 standard. More... | |
| typedef struct | ALTERNATE_NAME |
| Holds a variety of name forms. More... | |
| typedef ALTERNATE_NAME | GENERAL_NAME |
An application-defined ALTERNATE_NAME that can be converted to and from an ASN.1 data type, using ASN.1 encoding rules. More... | |
| typedef ALTERNATE_NAME | ISSUER_ALTNAME |
| Represents an Issuer Alternate Name extension for an X.509 v3 certificate or CRL. More... | |
| typedef ALTERNATE_NAME | SUBJECT_ALTNAME |
| Represents a Subject Alternate Name extension for an X.509 v3 certificate. More... | |
| typedef struct | AUTHORITY_KEY_ID |
| Represents the Authority Key Identifier extension for X.509 v3 certificates and CRLs. More... | |
| typedef struct | BASIC_CONSTRAINTS |
| Represents the Basic Constraints extension for X.509 certificates. More... | |
| typedef struct | PRIVATE_KEY_USAGE_PERIOD |
| Represents the Private Key Usage Period extension for X.509 v3 certificates. More... | |
| typedef struct | QualifierInfo |
| Stores a policy qualifier. More... | |
| typedef struct | POLICY_INFO |
| Represents the Certificate Policies extension for X.509 v3 certificates. More... | |
| typedef struct | POLICY_CONSTRAINTS_36 |
| Represents the Policy Constraints extension for X.509 v3 certificates. More... | |
| typedef struct | EXTENDED_KEY_USAGE |
| Represents the Extended Key Usage extension for X.509 v3 certificates. More... | |
| typedef struct | GENERAL_SUBTREE |
| Specifies one or more naming subtrees, each defined by the name of the root of the subtree. | |
| typedef struct | NAME_CONSTRAINTS |
| Contains a Name Constraints extension for X.509 v3 certificates. More... | |
| typedef struct | POLICY_MAPPING |
| Represents a Policy Mappings extension for an X.509 v3 certificate. More... | |
| typedef struct | GENERAL_NAMES |
Represents the ASN.1 GeneralNames structure as described in RFC 2459. More... | |
| typedef struct | DIST_POINT_NAME |
Represents the ASN.1 DistributionPointName structure in RFC 2459. More... | |
| typedef struct | DISTRIBUTION_POINT |
| Represents a CRL Distribution Point (DP) extension for X.509 v3 CRLs. More... | |
| typedef struct | ISSUING_DISTRIBUTION_POINT |
| Represents an Issuing Distribution Point (DP) extension for X.509 v3 CRLs. More... | |
| typedef GENERAL_NAME | CERT_ISSUER |
| Represents a Certificate Issuer extension for X.509 v3 CRL entries. More... | |
| typedef struct | AIA_DESCRIPTION |
| Represents the Authority Information Access (AIA) extension for X.509 v3 certificates, and specifies how to obtain CA information about the issuer of the certificate. More... | |
| typedef unsigned int | REASON_CODE |
| Represents a Reason Code extension for X.509 v3 CRL entries. More... | |
| typedef struct | OCSP_ACCEPTABLE_RESPONSES |
| Defines the acceptable OCSP response types. More... | |
| typedef GENERALIZED_TIME | ARCHIVE_CUTOFF |
| Represents the Archive Cutoff extension for an OCSP response. More... | |
| typedef ITEM | INSTRUCTION_CODE |
| Represents a Hold Instruction Code extension for X.509 v3 CRL entries. More... | |
| typedef GENERALIZED_TIME | INVALID_DATE |
| Represents an Invalidity Date extension for X.509 v3 CRL entries. More... | |
Enumerations | |
| enum | OCSP_CRLREF_TYPE { OCSP_CRLREF_TYPE_UNSPECIFIED, OCSP_CRLREF_TYPE_URL, OCSP_CRLREF_TYPE_NUMBER, OCSP_CRLREF_TYPE_TIME } |
The OCSP_CRLREF_TYPE enumeration indicates the type of information contained in the OCSP_CRL_REFERENCE structure that is currently being used. More... | |
Functions | |
| int | C_GetExtensionTypeInfo (CERTC_CTX ctx, unsigned char *type, unsigned int typeLen, EXTENSION_TYPE_INFO *info) |
| Searches for the extension type in applContext. More... | |
| int | C_RegisterExtensionType (CERTC_CTX ctx, EXTENSION_TYPE_INFO *info) |
| Registers an application-defined extension type, or overrides the default setting of a supported standard extension type, with the value given in extenTypeInfo. More... | |
| int | C_UnregisterExtensionType (CERTC_CTX ctx, unsigned char *type, unsigned int typeLen) |
| Resets or removes a registered extension handler and extension type from applContext. More... | |
| int | C_CreateExtensionsObject (EXTENSIONS_OBJ *extensionsObject, unsigned int extensionsObjectType, CERTC_CTX ctx) |
| Creates an extensionsObject of type extensionsObjectType. More... | |
| void | C_DestroyExtensionsObject (EXTENSIONS_OBJ *extensionsObject) |
| Destroys all extensions in extensionsObject and deletes all associated value lists. More... | |
| int | C_FindExtensionByType (EXTENSIONS_OBJ extensionsObject, unsigned char *type, unsigned int typeLen, unsigned int *index) |
| Finds the extension of the type given in type. More... | |
| int | C_GetExtensionTypeByIndex (EXTENSIONS_OBJ extensionsObject, unsigned char **type, unsigned int *typeLen, unsigned int index) |
| Retrieves the extension type from extensionsObject at the index given in index. More... | |
| int | C_GetExtensionCount (EXTENSIONS_OBJ extensionsObject, unsigned int *count) |
| Retrieves the total number of extension entries in extensionsObject and returns it in count. More... | |
| void | C_ResetExtensionsObject (EXTENSIONS_OBJ extensionsObject) |
| Returns extensionsObject to the state it was in after it was created. More... | |
| int | C_GetExtensionsObjectDER (EXTENSIONS_OBJ extensionsObject, unsigned char **der, unsigned int *derLen) |
| Retrieves the DER-encoded value of all the extensions in extensionsObject. More... | |
| int | C_SetExtensionsObjectBER (EXTENSIONS_OBJ extensionsObject, unsigned char *ber, unsigned int berLen) |
| Sets extensionsObject with the new extension entries given in ber. More... | |
| int | C_GetExtensionsInAttributesObj (EXTENSIONS_OBJ extensionsObject, ATTRIBUTES_OBJ attributesObject) |
| Transfers the value of attributesObject into extensionsObject. More... | |
| int | C_GetAttributeInExtensionsObj (EXTENSIONS_OBJ extensionsObject, ATTRIBUTES_OBJ attributesObject) |
| Transfers data from extensionsObject to attributesObject. More... | |
| int | C_CreateExtension (EXTENSIONS_OBJ extensionsObject, unsigned char *type, unsigned int typeLen, unsigned int *index, int criticality, EXTENSION_HANDLER *newHandler) |
| Creates a new extension entry in extensionsObject. More... | |
| int | C_SetExtensionBER (EXTENSIONS_OBJ extensionsObject, unsigned int *index, unsigned char *ber, unsigned int berLen) |
| Instantiates an extension with the information in ber and berLen. More... | |
| int | C_GetExtensionValue (EXTENSIONS_OBJ extensionsObject, unsigned int extenIndex, unsigned int valueIndex, POINTER *value) |
| Retrieves the value referenced by valueIndex in the extension's value list. More... | |
| int | C_DestroyExtension (EXTENSIONS_OBJ extensionsObject, unsigned int index) |
| Destroys one extension as referenced by index. More... | |
| int | C_GetExtensionInfo (EXTENSIONS_OBJ extensionsObject, unsigned int index, EXTENSION_INFO *extensionInfo) |
| Retrieves information about the extension referenced by index, and places it in extensionInfo. More... | |
| int | C_AddExtensionValue (EXTENSIONS_OBJ extensionsObject, unsigned int index, POINTER value, unsigned int *valueIndex) |
| Adds an extension value to an existing extension entry in extensionsObject, which must be referenced by index. More... | |
| int | C_DeleteExtensionValue (EXTENSIONS_OBJ extensionsObject, unsigned int index, unsigned int valueIndex) |
| Deletes the extension value referenced by valueIndex in the extension entry referenced by index. More... | |
| int | C_GetExtensionDER (EXTENSIONS_OBJ extensionsObject, unsigned int index, unsigned char **valueDER, unsigned int *valueDERLen) |
| Retrieves the DER encoding of the extension entry referenced by index. More... | |
| int | C_GetEncodedExtensionValue (EXTENSIONS_OBJ extensionsObject, unsigned int index, unsigned char **encodedValue, unsigned int *encodedValueLen) |
| Retrieves the encoded form of the value(s) of the extension referenced by index. More... | |
| int | C_SetEncodedExtensionValue (EXTENSIONS_OBJ extensionsObject, unsigned int index, unsigned char *encodedValue, unsigned int encodedValueLen) |
| Sets the extension referenced by index with the value given in encodedValue and encodedValueLen. More... | |
| int | C_CompareExtension (EXTENSIONS_OBJ extensionsObject1, unsigned int extensionIndex1, EXTENSIONS_OBJ extensionsObject2, unsigned int extensionIndex2) |
| Compares two extensions. More... | |
| int | C_CompareExtensions (EXTENSIONS_OBJ extensionsObject1, EXTENSIONS_OBJ extensionsObject2) |
| Compares two extensions objects (each representing a set of extensions). More... | |
|
|
Contains an array of domain-defined attributes. It can be used as an extension attribute in an |
|
|
Contains a personal name. It can be used as an extension attribute in an |
|
|
Represents the Authority Information Access (AIA) extension for X.509 v3 certificates, and specifies how to obtain CA information about the issuer of the certificate. This information can include CA validation services and CA policy information, but it does not include CRLs. The location of CRLs is specified by the CRL Distribution Points extension. (See DISTRIBUTION_POINT.)
This extension has a |
|
|
Holds a variety of name forms. It is a component of several X.509 v3 certificate extensions:
It is also a component of the following CRL extensions:
CERT_ISSUER and is used in PKI_POP_GEN_SIGNATURE_INFO. |
|
|
Represents the Archive Cutoff extension for an OCSP response. It indicates the OCSP responder has chosen to retain revocation information beyond the certificate's expiration date. The archive cutoff date is obtained by subtracting this retention period from the producedAt time in the OCSP response of the associated |
|
|
Represents the Authority Key Identifier extension for X.509 v3 certificates and CRLs. Identifies the public key that corresponds to the private key used to sign the certificate or CRL. The identification is based on the issuer's key identifier or on the issuer's name and serial number.
The certificate's or CRL's Authority Key Identifier extension can be used with the issuer's Subject Key Identifier extension to facilitate chain building. See Use this structure with C_AddExtensionValue() and C_GetExtensionValue(). |
|
|
Represents the Basic Constraints extension for X.509 certificates. It indicates whether or not the subject of the certificate can act as a CA, and specifies the constraints on that authority. The default criticality for this extension is |
|
|
Represents a Certificate Issuer extension for X.509 v3 CRL entries. This extension identifies the certificate issuer associated with an entry in an indirect CRL. An indirect CRL contains revocation notifications from CAs other than the CA that issued the CRL. The indirect CRL identifies only the issuer of the CRL, not the issuer of the certificates in the CRL. Therefore, the CA that issued the certificates in the CRL must be identified by a Certificate Issuer extension in each CRL entry. If a CRL's Issuing Distribution Point extension has the
Use the |
|
|
Stores a domain-defined attribute of the O/R address. Use this structure to fill the array of attributes in one of the following:
|
|
|
Stores the domain-defined attributes of the O/R address. When specifying an |
|
|
Represents the ASN.1
DISTRIBUTION_POINT contains a distPointName value of type URI, then distPointName's value must point to the current CRL for the associated reasons. The reasons value is issued by the associated cRLIssuer. If the DISTRIBUTION_POINT omits reasons, the CRL must include revocations for all reasons. If the DISTRIBUTION_POINT omits cRLIssuer, the CRL must be issued by the CA that issued the certificate. |
|
|
Represents a CRL Distribution Point (DP) extension for X.509 v3 CRLs. It identifies how the CRL DP is obtained. While both |
|
|
A type of extended network address in the |
|
|
Contains an alternate name in a format agreed upon between communicating EDI partners. It represents an |
|
|
Represents the Extended Key Usage extension for X.509 v3 certificates. This value indicates one or more purposes for which the public key in a certificate can be used. It can be used for these extended purposes in addition to, or in place of, the basic purposes indicated in the |
|
|
Contains an extended network address. It can be used as an extension attribute in an
To set the
|
|
|
Stores an extension attribute of the O/R address. Use this structure to fill the array of attributes in an |
|
|
Displays or changes the default setting of a supported standard extension. It also registers an application-defined extension type in the Cert-C context. This structure is used with C_GetExtensionTypeInfo() and C_RegisterExtensionType(). |
|
|
An application-defined
|
|
|
Represents the ASN.1 |
|
|
Represents a Hold Instruction Code extension for X.509 v3 CRL entries. This extension contains instructions about the action to be taken if a CRL entry indicates a certificate is on hold. It is an
Use the |
|
|
Represents an Invalidity Date extension for X.509 v3 CRL entries. It indicates the time at which the private key in the certificate was compromised or the time at which the certificate was determined to be invalid.
The invalidity time can be earlier than the revocation time, which is the time at which the CA processed the revocation and updated the CRL. The default criticality for this extension is |
|
|
Represents an Issuer Alternate Name extension for an X.509 v3 certificate or CRL. It allows the issuer's alternative names to be bound to the certificate or CRL, in addition to the issuer's DN. The default criticality for this extension is |
|
|
Represents an Issuing Distribution Point (DP) extension for X.509 v3 CRLs. It identifies the CRL DP from which this CRL is distributed, and the types of information this CRL can contain. The default criticality for this extension is |
|
|
Represents the Key Usage extension for X.509 v3 certificates. This value indicates one or more purposes for which the public key in the certificate can be used. It can also be used for the purposes indicated in the Extended Key Usage extension. The default criticality for this extension is
|
|
|
Contains a Name Constraints extension for X.509 v3 certificates. This extension is used only in CA certificates. It describes the name space where all subject names of subsequent certificates in a certification path must be located. The name constraints can apply to a subject's DN or to a subject's alternative names. The default criticality for this extension is
|
|
|
Defines the acceptable OCSP response types. This structure is an input parameter to C_SetExtensionValue(). |
|
|
Contains an O/R address that is defined in the X.411 standard. It represents an x400Address in the |
|
|
Contains an organizational unit name. It can be used as either a standard attribute or as an extension attribute in an
|
|
|
Contains an application-defined alternate name. It represents an |
|
|
Contains a physical delivery system value. It can be used as an extension attribute in an |
|
|
Contains a personal name. It can be used as a standard attribute in an |
|
|
Represents the Policy Constraints extension for X.509 v3 certificates. This extension is used only in CA certificates. It constrains path validation by requiring a policy identifier or by prohibiting policy mapping. The default criticality for this extension is |
|
|
Represents the Certificate Policies extension for X.509 v3 certificates. It indicates the policy under which the certificate was issued and the purposes for which the certificate can be used. Applications with specific policy requirements can check the |
|
|
Represents a Policy Mappings extension for an X.509 v3 certificate. This extension is used only in CA certificates. It contains a pair of domain policies: one for the issuing CA, and another for the subject CA. These are considered to be equivalent by the issuing CA. The policy mapping indicates to the issuing CA that the subject CA's policy is comparable to its own policy. The default criticality for this extension is |
|
|
A type of extended network address in the |
|
|
Represents the Private Key Usage Period extension for X.509 v3 certificates. It allows the certificate issuer to specify a different validity period for the private key than for the certificate. The default criticality for this extension is |
|
|
Stores a policy qualifier. Use in the |
|
|
Represents a Reason Code extension for X.509 v3 CRL entries. It indicates the reason the certificate in the CRL entry was revoked. The default criticality for this extension is
It contains one of the following flags:
|
|
|
Represents a Subject Alternate Name extension for an X.509 v3 certificate. It allows the subject's alternative names to be bound to the certificate, in addition to the subject's DN. For the certificate to be valid, all of the alternative names must also be verified by the CA, because the alternative names are also definitively bound to the subject's public key. The default criticality for this extension is |
|
|
Represents a Subject Directory Attributes extension for an X.509 v3 certificate. It contains additional attribute values, beyond those already contained in the subject's DN, that can be used to identify the subject of the certificate. The |
|
|
Represents a Subject Key Identifier extension for an X.509 v3 certificate. It is an
NON_CRITICAL. A certificate can have only one Subject Key Identifier extension at a time. Use the SUBJECT_KEY_ID structure with the C_AddExtensionValue() and C_GetExtensionValue() functions. |
|
|
Holds a typed string. It can be used as either a standard attribute or an extension attribute in an
|
|
|
Contains a non-formatted postal address. It can be used as an extension attribute in an |
|
|
The
|
|
||||||||||||||||||||
|
Adds an extension value to an existing extension entry in extensionsObject, which must be referenced by index.
|
|
||||||||||||||||||||
|
Compares two extensions. The extensions match if they are of the same type, and if at least one value of the first extension matches a value of the second extension. In general, the entire DER encoding of both extensions must be identical for the extensions to match. However, this function implements more permissive matching rules for extensions of the following types:
For key usage extensions, this function compares the individual bits of the first extension with the second. The extension match if all of the bits set in the first extension are also set in the second. For extended key usage extensions, this function compares the individual key purpose identifiers of the two extensions. The extensions match if at least one identifier from the first extension is also contained in the second extension.
|
|
||||||||||||
|
Compares two extensions objects (each representing a set of extensions). The extensions objects match if each extension in the first object matches the corresponding extension in the second object. Call C_CompareExtension() to compare individual extensions.
|
|
||||||||||||||||||||||||||||
|
Creates a new extension entry in extensionsObject. If the extension type already exists in the extensions object, an error is returned. C_CreateExtensionsObject() constrains the extension type that can be created. If the extension type is not allowed, an error is returned. Otherwise, a new extension is created with the type set to type. Separate copies of type and newHandler are created for the new extension. The extension's value list is empty at this point.
|
|
||||||||||||||||
|
Creates an extensionsObject of type extensionsObjectType. The extensionsObjectType constrains the types of extensions that can be added to the extensionsObject. If applContext is not
|
|
||||||||||||||||
|
Deletes the extension value referenced by valueIndex in the extension entry referenced by index. All of the extension's values after the deleted value are shifted back by one. If the extension or the extension value is not found, an error is returned. Otherwise, the value is destroyed. The extension type handler's
|
|
||||||||||||
|
Destroys one extension as referenced by index. If the extension is not found, an error is returned. Otherwise, the extension and its associated value list are deleted. All the extensions after the deleted extension are shifted back by one in the extension index.
|
|
|
Destroys all extensions in extensionsObject and deletes all associated value lists. Frees all memory used, and sets extensionsObject to
|
|
||||||||||||||||||||
|
Finds the extension of the type given in type. If an extension is found, its index is returned in index. Otherwise, an error is returned.
|
|
||||||||||||
|
Transfers data from extensionsObject to attributesObject. If attributesObject does not include an attribute of the type
|
|
||||||||||||||||||||
|
Retrieves the encoded form of the value(s) of the extension referenced by index. If the extension is found, its value list is encoded (by calling the extension handler's
|
|
||||||||||||
|
Retrieves the total number of extension entries in extensionsObject and returns it in count.
|
|
||||||||||||||||||||
|
Retrieves the DER encoding of the extension entry referenced by index. If the extension is found, valueDER is set to the DER encoding of the extension with the length valueDERLen. Otherwise, an error is returned. valueDER includes the encoding of the extension type and criticality, and the DER encoding of the extension's value(s). If this function is called on an extension that currently has no extension value, an error is returned. For an unknown extension type, if the extension value is already DER-encoded, then its value is saved as is. Otherwise, it is encoded as an octet string.
|
|
||||||||||||||||
|
Retrieves information about the extension referenced by index, and places it in extensionInfo. The data structure for extensionInfo is
|
|
||||||||||||
|
Transfers the value of attributesObject into extensionsObject. If attributesObject does not contain an attribute of the type
|
|
||||||||||||||||
|
Retrieves the DER-encoded value of all the extensions in extensionsObject. For each extension type in the extensionsObject, the corresponding
|
|
||||||||||||||||||||
|
Retrieves the extension type from extensionsObject at the index given in index.
|
|
||||||||||||||||||||
|
Searches for the extension type in applContext. If it is not found, it searches the default standard extension table that Cert-C provides. An error is returned if an extension type is not found. Otherwise, the associated extension's information is copied into info. For example, to encode an extension value with an encoding scheme other than DER encoding, an application might call this function to obtain a copy of the extension handler. In this case, it overrides the handler's
|
|
||||||||||||||||||||
|
Retrieves the value referenced by valueIndex in the extension's value list. The target extension is referenced by the extenIndex. The pointer to the extension value that is referenced by the valueIndex is saved in value. The data structure for value depends on the extension type. This function is intended to obtain a read-only value. Do not attempt to call a
|
|
||||||||||||
|
Registers an application-defined extension type, or overrides the default setting of a supported standard extension type, with the value given in extenTypeInfo. When an extension type and its handler are registered, a new entry is created in applContext, with the given information in extenTypeInfo. The data structure for extenTypeInfo is
|
|
|
Returns extensionsObject to the state it was in after it was created. It does this by deleting all the extensions and their value lists, and freeing any memory that was held by the object. The object type is the same as when the object was created.
|
|
||||||||||||||||||||
|
Sets the extension referenced by index with the value given in encodedValue and encodedValueLen. If an extension-type handler is not registered, then the encodedValue is added as an uninterpreted
|
|
||||||||||||||||||||
|
Instantiates an extension with the information in ber and berLen. If an extension of the same type already exists in extensionsObject, its value is overridden with the new data. Otherwise, a new extension entry is created.
For extension types whose criticalities can be overridden, if the incoming extension criticality is
For extension types whose criticalities cannot be overridden, if the incoming criticality is not the same as the default or registered criticality,
If an extension type is unknown and the incoming criticality is
For an unknown noncritical extension type, if the extension value is not BER-encoded, this function returns an error. If it is BER-encoded and not of type
|
|
||||||||||||||||
|
Sets extensionsObject with the new extension entries given in ber. The extension types in ber must be compatible with the object type of the extensionsObject. If extensionsObject is already set with extension entries before calling this function, they are overwritten with any new extension entries. A separate copy of ber is created internally for extensionsObject, so that ber can be modified by the caller after calling this function. The incoming extensions are checked against the object type of the extensionsObject. If an extension type is unknown and the incoming criticality is
|
|
||||||||||||||||
|
Resets or removes a registered extension handler and extension type from applContext. If type is an application-defined extension type, this function removes the extension and its setting from applContext. After this point, any attempt to create or use this extension type results in an error. However, this does not affect those extensions of the same type that were created before this call. If the extension type is one of the supported standard extension types, and the corresponding setting was overridden, then this function resets the extension to the default value. After this point, the default setting is used for any attempt to create or use this extension type. However, this function does not affect those extensions of the same extension type that were created before this call. If the extension type is one of the supported standard extension types, and it was not overridden, then
|
