RSA Security logo

RSA BSAFE Cert-C
API Reference

AUTHORITY_KEY_ID Reference

Represents the Authority Key Identifier extension for X.509 v3 certificates and CRLs.

It is used to identify the public key that corresponds to the private key used to sign the certificate or CRL. The identification is based on the issuer's key identifier or on the issuer's name and serial number.

The certificate's or CRL's Authority Key Identifier extension can be used together with the issuer's Subject Key Identifier extension to facilitate chain building. See SUBJECT_KEY_ID. The default criticality for this extension is NON_CRITICAL. A certificate or CRL can have only one Authority Key Identifier extension at a time.

Use the AUTHORITY_KEY_ID structure with the C_AddExtensionValue() and C_GetExtensionValue() functions.

Data Fields
keyIdentifier An ITEM structure that specifies the unique key identifier of the issuer that signs this certificate or CRL. This field can be used alone or together with the issuerNames and serialNumber pair. To omit this field, set the data member to NULL_PTR, and the len member to 0 (zero).
serialNumber An ITEM structure that specifies the issuer's certificate serial number. This field, together with the issuerNames field, forms a unique identifier for a certificate. To omit this field, set the data member to NULL_PTR and the len member to 0 (zero). If this field is omitted, then omit issuerNameCount and issuerNames.
issuerNameCount An unsigned int value that indicates the number of alternate names in the issuerNames array. If the serialNumber field is omitted, then omit this field.
issuerNames A pointer to an ALTERNATE_NAME array that contains a list of the issuer's alternative names. See the ALTERNATE_NAME data structure for more information. This field, together with the serialNumber field, forms the issuer's unique key identifier. To omit this field, set it to (NAME_OBJ)NULL_PTR. If this field is omitted, then omit serialNumber and set issuerNameCount to 0 (zero).

#include <certext.h> 

01781 typedef struct AUTHORITY_KEY_ID {
01782   ITEM            keyIdentifier;    /* Optional unique key identifier  OR */
01783   ITEM            serialNumber;     /* issuer's certificate serial number */
01784   unsigned int    issuerNameCount;  /* issuer name count */
01785   ALTERNATE_NAME *issuerNames;      /* list of issuerNames */
01786 } AUTHORITY_KEY_ID;
The documentation for this struct was generated from the following file:

RSA BSAFE® Cert-C 2.7 API Reference