RSA Security logo

RSA BSAFE Cert-C
API Reference

pkcs10.h File Reference

This file defines the Cert-C certificate request object API and data types.

#include "basetype.h"
#include "certapi.h"

Go to the source code of this file.

Data Structures

struct  PKCS10_FIELDS
 Allows viewing and updating of an opaque PKCS10_OBJ object. More...


Typedefs

typedef POINTER PKCS10_OBJ
 Cert-C represents certificate-request information with a PKCS10_OBJ. More...


Functions

int C_CreatePKCS10Object (CERTC_CTX ctx, PKCS10_OBJ *pkcs10Object)
 Creates a PKCS #10 certificate-request object. More...

void C_DestroyPKCS10Object (PKCS10_OBJ *pkcs10Object)
 Destroys a PKCS #10 object and frees the memory used by pkcs10Object. More...

int C_GetPKCS10Fields (PKCS10_OBJ pkcs10Object, PKCS10_FIELDS *pkcs10Fields)
 Fills pkcs10Fields with the values found in the PKCS10_FIELDS data structure in pkcs10Object. More...

int C_SetPKCS10Fields (PKCS10_OBJ pkcs10Object, PKCS10_FIELDS *pkcs10Fields)
 Sets pkcs10Object to contain the value in pkcs10Fields. More...

int C_GetPKCS10DER (PKCS10_OBJ pkcs10Object, unsigned char **der, unsigned int *derLen)
 Obtains the DER encoding of the value of pkcs10Object, storing a pointer to the DER encoding in der and its length in derLen. More...

int C_SetPKCS10BER (PKCS10_OBJ pkcs10Object, unsigned char *ber, unsigned int berLen)
 Modifies the value of pkcs10Object to the BER-encoded values given in ber and berLen. More...

int C_SignPKCS10 (PKCS10_OBJ pkcs10Object, B_KEY_OBJ subjectPrivateKey, int signAlgorithmID)
 Signs a PKCS #10 object using subjectPrivateKey. More...

int C_VerifyPKCS10Signature (PKCS10_OBJ pkcs10Object)
 Checks the signature of the certificate in pkcs10Object using the public key in pkcs10Object. More...

Typedef Documentation

typedef POINTER PKCS10_OBJ
 

Cert-C represents certificate-request information with a PKCS10_OBJ. It is necessary to use a Cert-C function to view or modify information in a PKCS10_OBJ object. Do not assume that the PKCS10_OBJ object points to any specific information. Some examples of the functions that Cert-C provides to generate and manipulate PKCS #10 certificate requests are listed in the following table.

Function Description
C_CreatePKCS10Object() Creates a certificate-request object.
C_DestroyPKCS10Object() Destroys a certificate-request object, freeing the memory the certificate-request object occupied.
C_SetPKCS10Fields() Sets a certificate-request object with the values provided in a PKCS10_FIELDS structure.
C_SetPKCS10BER() Sets the BER encoding of a certificate-request object.
C_SignPKCS10() Signs a certificate-request object.
C_VerifyPKCS10Signature()   Checks the signature on a certificate-request object.
C_GetPKCS10Fields() Gets the content of the PKCS10_FIELDS structure in a certificate-request object.
C_GetPKCS10DER() Gets the DER encoding of a certificate-request object.

For more information on this object, see Cert-C Objects.

Function Documentation

int C_CreatePKCS10Object CERTC_CTX    ctx,
PKCS10_OBJ   pkcs10Object
;
 

Creates a PKCS #10 certificate-request object. If C_CreatePKCS10Object() is unsuccessful, no memory will be allocated and pkcs10Object will be set to (PKCS10_OBJ)NULL_PTR.

Parameters:
ctx This input parameter points to an initialized Cert-C context.
pkcs10Object This output parameter points to the location where the new PKCS #10 request object is to be created. The object keeps a pointer to the current Cert-C context.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

void C_DestroyPKCS10Object PKCS10_OBJ   pkcs10Object ;
 

Destroys a PKCS #10 object and frees the memory used by pkcs10Object. It sets pkcs10Object to (PKCS10_OBJ)NULL_PTR. If pkcs10Object is already (PKCS10_OBJ)NULL_PTR, then no action is taken.

Parameters:
pkcs10Object This is both an input and an output parameter. As an input parameter, it is the PKCS #10 object that Cert-C should destroy. As an output parameter, it is (LIST_OBJ)NULL_PTR.
Returns:
None.

int C_GetPKCS10DER PKCS10_OBJ    pkcs10Object,
unsigned char **    der,
unsigned int *    derLen
;
 

Obtains the DER encoding of the value of pkcs10Object, storing a pointer to the DER encoding in der and its length in derLen. Note: The fields returned from this function are read-only. You do not need to create any objects or items before calling this function. Do not call any functions that modify these fields. Do not call any C_Destroy*() functions on these fields.

Parameters:
pkcs10Object This input parameter is the PKCS #10 object.
der This output parameter is a pointer to the DER-encoded pkcs10Object value.
derLen This output parameter is a pointer to the length of the DER-encoded pkcs10Object value.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_GetPKCS10Fields PKCS10_OBJ    pkcs10Object,
PKCS10_FIELDS   pkcs10Fields
;
 

Fills pkcs10Fields with the values found in the PKCS10_FIELDS data structure in pkcs10Object. This may be the actual value or the current working value of the pkcs10Object, depending on whether C_SetPKCS10Fields() is called before calling this function.

Note: You do not need to create any objects or items before calling this function. After calling this function, you share the returned fields with the pkcs10Object. If you modify any of these fields, you must call the C_SetPKCS10Fields() function to ensure that the internal state of the object is consistent with these modifications.

Parameters:
pkcs10Object This input parameter is the PKCS #10 object.
pkcs10Fields This output parameter is the data structure for the PKCS #10 information.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_SetPKCS10BER PKCS10_OBJ    pkcs10Object,
unsigned char *    ber,
unsigned int    berLen
;
 

Modifies the value of pkcs10Object to the BER-encoded values given in ber and berLen. A separate copy of the BER-encoded pkcs10Object value is allocated inside the PKCS #10 object, so that ber can be changed after calling C_SetPKCS10BER().

Parameters:
pkcs10Object This is both an input and an output parameter. As an input parameter, it is the PKCS #10 object that Cert-C should update. As an output parameter, it is the updated PKCS #10 object.
ber This input parameter is the BER-encoded PKCS #10 object.
berLen This input parameter is the length of the BER-encoded PKCS #10 object.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_SetPKCS10Fields PKCS10_OBJ    pkcs10Object,
PKCS10_FIELDS   pkcs10Fields
;
 

Sets pkcs10Object to contain the value in pkcs10Fields. The value in pkcs10Fields can be the current working value of pkcs10Object, or of another PKCS #10 object. After calling this function, the value in pkcs10Fields becomes the actual value of pkcs10Object.

Parameters:
pkcs10Object This input and output parameter is the PKCS #10 object.
pkcs10Fields This input parameter is the data structure for the PKCS #10 information. The subjectName field is a NAME_OBJ object that represents the subject of pkcs10Object. The publicKey field is an ITEM that gives the DER encoding of the subject's public key. The attributes field is an ATTRIBUTES_OBJ object that contains additional information about the subject of the certificate request. If the certificate request needs to include X.509 v3 certificate extensions, the caller can add an attribute of type AT_X509_V3_EXTENSIONS and type length AT_X509_V3_EXTENSIONS_LEN, whose value is the encoding of extensions before this call. If any field in pkcs10Fields is created by the caller, or is different from the result returned by C_GetPKCS10Fields(), then that field in pkcs10Object is replaced with the value passed in pkcs10Fields. The replacement is a separate copy of the value in pkcs10Fields, and may be modified or destroyed after calling this function.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_SignPKCS10 PKCS10_OBJ    pkcs10Object,
B_KEY_OBJ    subjectPrivateKey,
int    signAlgorithmID
;
 

Signs a PKCS #10 object using subjectPrivateKey.

Parameters:
pkcs10Object This is both an input and an output parameter; it is the PKCS #10 object.
subjectPrivateKey This input parameter is the private key used to sign pkcs10Object.
signAlgorithmID This input parameter is the signature-algorithm identifier. Values for this parameter may be any of the SA_* values.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_VerifyPKCS10Signature PKCS10_OBJ    pkcs10Object ;
 

Checks the signature of the certificate in pkcs10Object using the public key in pkcs10Object.

Parameters:
pkcs10Object This input parameter is the PKCS #10 object.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.


RSA BSAFE® Cert-C 2.7 API Reference