RSA BSAFE Cert-C

Certificate Components for C

Crypto-C 6.2.1 Developer's Guide
Search

CERT_FIELDS Reference

Used to view and update information in an opaque CERT_OBJ object.

The application calls C_GetCertFields() and C_SetCertFields().

Samples:

cert.c, certutil.c, cftest.c, cmpku.c, cmpreq.c, cmprev.c, cms.c, crl.c, datamsg.c, dcrl.c, fulfill.c, kcscrs.c, kcsscep.c, keyutil.c, ldap.c, ldap2.c, mscapicert.c, myprint.c, p7stream.c, pkcs10.c, pkcs11db.c, pkcs11msg.c, pkcs12exp.c, pkiutil.c, saltname.c, scepreq.c, and verisign.c.

#include <certapi.h> 

typedef struct CERT_FIELDS {

  UINT2 version;

  ITEM serialNumber;

  int signatureAlgorithm;

  NAME_OBJ issuerName;

  struct {
    UINT4 start;
    UINT4 end;
  } validity;

  NAME_OBJ subjectName;

  ITEM publicKey;

  BIT_STRING issuerUniqueID;

  BIT_STRING subjectUniqueID;

  EXTENSIONS_OBJ certExtensions;

  POINTER reserved;
} CERT_FIELDS;

Data Fields

UINT2 version
 A UINT2 value that indicates the certificate's version number. More...

ITEM serialNumber
 An ITEM structure that specifies the certificate's serial number. More...

int signatureAlgorithm
 An int value that indicates the algorithm used to create the certificate signature. More...

NAME_OBJ issuerName
 A NAME_OBJ object that contains the name of the issuer that signed the certificate. More...

struct CERT_FIELDS::@1 validity
 This structure consists of two parts: start and end. More...

NAME_OBJ subjectName
 A NAME_OBJ that contains the certificate's subject name.

ITEM publicKey
 An ITEM structure that points to the certificate's DER-encoded public key. More...

BIT_STRING issuerUniqueID
 A BIT_STRING structure that points to the certificate issuer's unique identification. More...

BIT_STRING subjectUniqueID
 A BIT_STRING structure that points to the certificate subject's unique identification. More...

EXTENSIONS_OBJ certExtensions
 An EXTENSIONS_OBJ object that contains X.509 v3 extensions for the certificate. More...

POINTER reserved
 Set this field to NULL_PTR.
Reserved for future use.

Field Documentation

EXTENSIONS_OBJ certExtensions
 

An EXTENSIONS_OBJ object that contains X.509 v3 extensions for the certificate. This field applies only to CERT_VERSION_3 certificates. When you call C_SetCertFields() for CERT_VERSION_1 or CERT_VERSION_2 certificates, set this field to (EXTENSIONS_OBJ) NULL_PTR.

NAME_OBJ issuerName
 

A NAME_OBJ object that contains the name of the issuer that signed the certificate. For an unsigned certificate or self-signed certificate, the issuerName is the same as the subjectName.

BIT_STRING issuerUniqueID
 

A BIT_STRING structure that points to the certificate issuer's unique identification. The data member points to the internal location of issuerUniqueID in the CERT_OBJ. This field applies only to CERT_VERSION_2 and CERT_VERSION_3 certificates. When you call C_SetCertFields() for CERT_VERSION_1 certificates, set the data field of this BIT_STRING to NULL_PTR and the len and unusedBits fields to 0 (zero).

ITEM publicKey
 

An ITEM structure that points to the certificate's DER-encoded public key. The data member points to the internal location of the publicKey in the CERT_OBJ object. Cert-C supports key sizes of up to 2048 bits.

ITEM serialNumber
 

An ITEM structure that specifies the certificate's serial number. The data member points to the internal location of serialNumber in the CERT_OBJ object.

  • serialNumber.data The serial number in canonical format, with the most significant Byte first.
  • serialNumber.len The length of the serial number. A serialNumber.len of 0 (zero) implies that the serial number is 0 (zero).

int signatureAlgorithm
 

An int value that indicates the algorithm used to create the certificate signature. For an unsigned certificate, this algorithm is used to sign the certificate. Cert-C supports the following signature algorithm types:
Signature Algorithm Type Description
SA_MD2_WITH_RSA_ENCRYPTION Signature operations that involve MD2 and the RSA public key algorithm
SA_MD5_WITH_RSA_ENCRYPTION Signature operations that involve MD5 and the RSA public key algorithm
SA_SHA1_WITH_RSA_ENCRYPTION Signature operations that involve SHA-1 and the RSA public key algorithm
SA_OIW_SHA1_WITH_RSA_ENCRYPTION Signature operations that involve SHA-1, the OAEP masking according to OSI Implementers' Workshop (OIW) syntax, and the RSA public key algorithm
SA_DSA_WITH_SHA1 SHA-1 and DSA

BIT_STRING subjectUniqueID
 

A BIT_STRING structure that points to the certificate subject's unique identification. The data member points to the internal location of the subjectUniqueID in the CERT_OBJ. This field applies only to CERT_VERSION_2 and CERT_VERSION_3 certificates. When you call C_SetCertFields() for CERT_VERSION_1 certificates, set the data field of this BIT_STRING to NULL_PTR and the len and unusedBits fields to 0 (zero).

struct { ... } validity
 

This structure consists of two parts: start and end. These represent the time at which a certificate becomes valid, and the time at which it ceases to be valid. The time is specified as the number of seconds since 12:00 AM GMT, January 1, 1970.

  • validity.start A UINT4 value that indicates the time at which a certificate becomes valid.
  • validity.end A UINT4 value that indicates the time at which a certificate ceases to be valid.

UINT2 version
 

A UINT2 value that indicates the certificate's version number. Cert-C recognizes the following three certificate version numbers:
Version Number Description
CERT_VERSION_1 1988 format (default)
CERT_VERSION_2 1992 format (Supports issuerUniqueId and subjectUniqueId.)
CERT_VERSION_3 1995 format (Supports issuerUniqueId, subjectUniqueId and certExtensions) 




Cert-C returns an error if the value of version does not agree with other data in certFields. For example, if the version is CERT_VERSION_1 and there are some extensions in the certExtensions field, an error is returned.     

  







Copyright (c) 1999-2005 RSA Security Inc. All rights reserved.
067-001001-2720-001-000 - 2.7.2