Streamlined security for mobile and embedded devices
|
| RSA BSAFE Micro Edition Suite |
Streamlined security for mobile and embedded devices |
|
|
The certificates can be trusted or untrusted, chained or Root certificates. The module provides operations for creating and destroying a certificate store, and adding, deleting and retrieving a certificate from a store. A certificate can be retrieved by search functions using the certificate attributes. A user application can also assign identifiers to added certificates for future searches.
#include "r_com.h"
#include "r_lib.h"
#include "r_cert.h"
#include "r_pkey.h"
#include "r_crl.h"
Go to the source code of this file.
Data Structures | |
| R_CERT_STORE_CERT_DATA | |
| This structure is the public view of the data in the store. More... | |
Defines | |
| #define | R_CERT_STORE_CM_CERTIFICATE |
| Indicates a cable modem certificate. | |
| #define | R_CERT_STORE_CA_CERTIFICATE |
| Indicates a chain certificate. | |
| #define | R_CERT_STORE_CVC_CERTIFICATE |
| Indicates a code verification certificate. | |
| #define | R_CERT_STORE_MAN_CERTIFICATE |
| Indicates a cable modem manufacturer's certificate. | |
| #define | R_CERT_STORE_OWN_CERTIFICATE |
| Indicates an application-specific certificate. | |
| #define | R_CERT_STORE_UNKNOWN_CERTIFICATE |
| Indicates that the type of certificate stored is unknown. | |
| #define | R_CERT_STORE_ANY_CERTIFICATE |
| Indicates that any type of certificate may be stored. | |
| #define | R_CERT_STORE_CTX_INFO_R_LIB_CTX |
| Indicates the library context associated with the certificate store context. More... | |
| #define | R_CERT_STORE_CTX_INFO_FINGERPRINT_ALG |
| Indicates the digest algorithm to use when calculating the fingerprint of a certificate. More... | |
| #define | R_CERT_STORE_CTX_INFO_ENTRY_COUNT |
| Indicates the number of entries in the certificate store. More... | |
| #define | R_CERT_STORE_CTX_LOCK_READ |
| Indicates that the lock is being obtained to read data only. | |
| #define | R_CERT_STORE_CTX_LOCK_WRITE |
| Indicates that the lock is being obtained to write data. | |
| #define | R_CERT_STORE_INFO_R_CERT_STORE_CTX |
| Indicates the certificate store context associated with the object. More... | |
| #define | R_CERT_STORE_INFO_INDEX |
| Indicates the index of the entry in the certificate store. More... | |
| #define | R_CERT_STORE_INFO_CERTIFICATE_INFO |
| Indicates the stored certificate information. More... | |
| #define | R_CERT_STORE_INFO_CERTIFICATE |
| Indicates the certificate. More... | |
| #define | R_CERT_STORE_INFO_USER_ID |
| Indicates the user-defined identifier for the certificate. More... | |
| #define | R_CERT_STORE_INFO_STATE |
| Indicates the state of the certificate. More... | |
| #define | R_CERT_STORE_INFO_CLASS |
| Indicates the class of the certificate. More... | |
| #define | R_CERT_STORE_INFO_CALLBACK |
| Indicates the compare callback function of the certificate store object. More... | |
| #define | R_CERT_STORE_INFO_PRIV_KEY |
| Indicates the private key of the certificate currently loaded into the store object. More... | |
| #define | R_CERT_STORE_INFO_CRL |
| Indicates the list of revoked certicates that have been previously issued by the certificate currently loaded into the store object. More... | |
| #define | R_CERT_STORE_STATE_UNTRUSTED_CERTIFICATE |
| Indicates that the certificate is known to be untrusted. | |
| #define | R_CERT_STORE_STATE_TRUSTED_CERTIFICATE |
| Indicates that the certificate is known to be trusted. | |
| #define | R_CERT_STORE_STATE_CHAINED_CERTIFICATE |
| Indicates that the certificate is in a chain. | |
| #define | R_CERT_STORE_STATE_ROOT_CERTIFICATE |
| Indicates that the certificate is a Root certificate in a chain. | |
Typedefs | |
| typedef struct r_cert_store_method_st | R_CERT_STORE_METHOD |
| This structure contains the method table of a certificate store. | |
| typedef struct r_cert_store_ctx_st | R_CERT_STORE_CTX |
| The certificate store context is the object that holds the reference to the certificate store itself. More... | |
| typedef struct r_cert_store_st | R_CERT_STORE |
| The certificate store object is the interface between the user and the certificate store itself. More... | |
| typedef struct r_cert_store_cert_data_st | R_CERT_STORE_CERT_DATA |
| The certificate store data structure can be used to load or retrieve all the store entry details into/from an R_CERT_STORE object simultaneously (the alternative method requires making several calls to R_CERT_STORE_set_info() or R_CERT_STORE_get_info()). More... | |
| typedef int(* | R_CERT_STORE_CB_T )(void *, void *) |
| The type of callback function that iterates over objects in the store. More... | |
| typedef int | R_CERT_STORE_CTX_INFO |
| Indicates the type of the information identifiers of the certificate store context. More... | |
| typedef int | R_CERT_STORE_INFO |
| Indicates the type of the information identifiers of the certificate store. More... | |
| typedef int | R_CERT_STORE_STATE |
| Indicates the type of the state identifiers of the certificate store. More... | |
| typedef int | R_CERT_STORE_CERT_TYPE |
| Indicates the type of the certificate in the certificate store. More... | |
| typedef int | R_CERT_STORE_INDEX |
| Indicates the type of the index. | |
Functions | |
| int | R_CERT_STORE_CTX_new (R_LIB_CTX *lib_ctx, R_RES_FLAG flag, R_CERT_STORE_CTX **ctx) |
| Creates a new certificate store context ctx by requesting the R_CERT_STORE resource from the library module and initializing the context state. More... | |
| int | R_CERT_STORE_CTX_free (R_CERT_STORE_CTX *ctx) |
| Deallocates the certificate store context ctx and clears all state information associated with ctx, including all certificates within the store. More... | |
| int | R_CERT_STORE_CTX_get_info (R_CERT_STORE_CTX *ctx, R_CERT_STORE_CTX_INFO info_id, void *value) |
| Returns information from the certificate store context. More... | |
| int | R_CERT_STORE_CTX_set_info (R_CERT_STORE_CTX *ctx, R_CERT_STORE_CTX_INFO info_id, void *value) |
| Sets information into the certificate store context ctx. More... | |
| int | R_CERT_STORE_CTX_lock (R_CERT_STORE_CTX *ctx, int lock_type) |
| Locks the certificate store context using the lock type lock_type. More... | |
| int | R_CERT_STORE_CTX_unlock (R_CERT_STORE_CTX *ctx, int lock_type) |
| Releases a lock specified in lock_type. More... | |
| int | R_CERT_STORE_new (R_CERT_STORE_CTX *ctx, R_CERT_STORE **obj) |
| Creates a new store object obj. More... | |
| int | R_CERT_STORE_free (R_CERT_STORE *obj) |
| Deallocates the store object obj and clears any state associated with the object. More... | |
| int | R_CERT_STORE_get_info (R_CERT_STORE *obj, R_CERT_STORE_INFO info_id, void *value) |
| Returns information from the certificate store object. More... | |
| int | R_CERT_STORE_set_info (R_CERT_STORE *obj, R_CERT_STORE_INFO info_id, void *value) |
| Sets information into the certificate store object for the specified information identifier. More... | |
| int | R_CERT_STORE_init (R_CERT_STORE *obj) |
| Initializes the state of the certificate store object. More... | |
| int | R_CERT_STORE_update (R_CERT_STORE *obj) |
| Updates the certificate store content using the certificate in the certificate store object obj. More... | |
| int | R_CERT_STORE_add (R_CERT_STORE *obj) |
| Adds the certificate associated with the certificate store object obj into the certificate store context. More... | |
| int | R_CERT_STORE_delete (R_CERT_STORE *obj) |
| Deletes the certificate entry in the certificate store object obj from the certificate store. More... | |
| int | R_CERT_STORE_CTX_get_entry_count (R_CERT_STORE_CTX *ctx, int *entries) |
| Returns the number of certificates in the R_CERT_STORE_CTX ctx. More... | |
| int | R_CERT_STORE_find (R_CERT_STORE *obj) |
| Calls a custom search callback, specified by the application, to retrieve a certificate from the store. More... | |
| int | R_CERT_STORE_next (R_CERT_STORE *obj) |
| Retrieves the certificate details of the certificate at the next index in the store. More... | |
| int | R_CERT_STORE_find_entry_by_subject (R_CERT_STORE *obj, R_CERT_NAME *subject, R_CERT_STORE_CERT_TYPE cert_class) |
| Loads the certificate store object obj with the details of the first certificate store entry found with subject name subject and certificate class cert_class. More... | |
| int | R_CERT_STORE_find_entry_by_issuer (R_CERT_STORE *obj, R_CERT_NAME *issuer, R_CERT_STORE_CERT_TYPE cert_class) |
| Loads the certificate store object obj with the details of the first certificate store entry found with issuer name issuer and certificate class cert_class. More... | |
| int | R_CERT_STORE_find_entry_by_pubkey (R_CERT_STORE *obj, R_PKEY *pubkey, R_CERT_STORE_CERT_TYPE cert_class) |
| Loads the certificate store object obj with the details of the first certificate store entry found with public key pubkey and certificate class cert_class. More... | |
| int | R_CERT_STORE_find_entry_by_fingerprint (R_CERT_STORE *obj, R_ITEM *fprint, R_CERT_STORE_CERT_TYPE cert_class) |
| Loads the certificate store object obj with the details of the first certificate store entry found with fingerprint fprint and certificate class cert_class. More... | |
| int | R_CERT_STORE_find_entry_by_issuer_and_serial (R_CERT_STORE *obj, R_CERT_NAME *issuer, R_ITEM *serial, int cert_class) |
| Loads the certificate store object obj with the details of the first certificate store entry found with issuer name issuer, serial number serial and certificate class cert_class. More... | |
| int | R_CERT_STORE_set_cert_data (R_CERT_STORE *obj, R_CERT_STORE_CERT_DATA *data) |
| Sets certificate information from the R_CERT_STORE_CERT_DATA structure data into the certificate store object obj. More... | |
| int | R_CERT_STORE_get_cert_data (R_CERT_STORE *obj, R_CERT_STORE_CERT_DATA *data) |
| Retrieves certificate information into the R_CERT_STORE_CERT_DATA structure data from the certificate store object obj. More... | |
| int | R_CERT_STORE_set_cert (R_CERT_STORE *obj, R_CERT *cert, R_ITEM *id) |
| Sets the certificate cert and user-defined identifier id into the certificate store object obj. More... | |
| int | R_CERT_STORE_get_cert (R_CERT_STORE *obj, R_CERT **cert, R_ITEM **id) |
| Retrieves the certificate cert and user-defined identifier id from the certificate store object obj. More... | |
| int | R_CERT_STORE_set_cert_state (R_CERT_STORE *obj, R_CERT_STORE_STATE state) |
| Sets the state of the certificate, which includes the trust level, into the certificate store object obj. More... | |
| int | R_CERT_STORE_get_cert_state (R_CERT_STORE *obj, R_CERT_STORE_STATE *state) |
| Retrieves the state of the certificate, which includes the trust level, from the certificate store object obj. More... | |
| int | R_CERT_STORE_set_cert_class (R_CERT_STORE *obj, R_CERT_STORE_CERT_TYPE cert_class) |
| Sets the class of the certificate into the certificate store object obj. More... | |
| int | R_CERT_STORE_get_cert_class (R_CERT_STORE *obj, R_CERT_STORE_CERT_TYPE *cert_class) |
| Retrieves the class of the certificate cert_class from the certificate store object obj. More... | |
| int | R_CERT_STORE_set_compare_func (R_CERT_STORE *obj, R_CERT_STORE_CB_T *func) |
| Sets the function to use for matching when searching through the certificates in the certificate store. More... | |
| int | R_CERT_STORE_cert_type_to_string (R_CERT_STORE_CERT_TYPE cert_type, unsigned int max_str_len, char *str) |
| Returns the string representation for the certificate types cert_type. More... | |
| int | R_CERT_STORE_cert_type_from_string (char *str, R_CERT_STORE_CERT_TYPE *cert_type) |
| Returns the certificate type for the string description str. More... | |
| int | R_CERT_STORE_STATE_to_string (R_CERT_STORE_STATE state, unsigned int max_str_len, char *str) |
| Returns the string representation of the state state of a certificate. More... | |
| int | R_CERT_STORE_STATE_from_string (char *str, R_CERT_STORE_STATE *state) |
| Returns the state flag for the string representation str of a certificate state state. More... | |
|
|
The certificate store object is the interface between the user and the certificate store itself. This object is loaded with the appropriate store details and added/updated/removed from the store via calls to R_CERT_STORE_add(), R_CERT_STORE_update() and R_CERT_STORE_delete(). A binary comparison of the user identifier (or the certificate in the case where the used id is
This structure provides access to: |
|
|
The certificate store data structure can be used to load or retrieve all the store entry details into/from an R_CERT_STORE object simultaneously (the alternative method requires making several calls to R_CERT_STORE_set_info() or R_CERT_STORE_get_info()). If this structure is used to populate the store all the fields must be initialized. Optional fields that are not required must be set to
This structure provides access to: |
|
|
The certificate store context is the object that holds the reference to the certificate store itself. The certificate store however cannot be updated directly by modifying the context. Instead an R_CERT_STORE object must be loaded with the certificate details and provided to the store context via calls to R_CERT_STORE_add(), R_CERT_STORE_delete() or R_CERT_STORE_update(). A binary comparison of the user identifier (or the certificate in the case where the user id is
This structure provides access to: |