RSA Security logo

RSA BSAFE Cert-C
API Reference

CERT_FIELDS Reference

Used to view and update information in an opaque CERT_OBJ object.

The application calls the C_GetCertFields() and C_SetCertFields() functions.

Data Fields
version A UINT2 value that indicates the certificate's version number. Cert-C recognizes the following three certificate version numbers:
Version Number Description
CERT_VERSION_1 1988 format (This is the default.)
CERT_VERSION_2 1992 format (Supports issuerUniqueId and subjectUniqueId fields.)
CERT_VERSION_3 1995 format (Supports issuerUniqueId, subjectUniqueId, and certExtensions fields.)


Cert-C returns an error if the value of version does not agree with other data in certFields. For example, if the version is CERT_VERSION_1 and there are some extensions in the certExtensions field, an error is returned.
serialNumber An ITEM structure that specifies the certificate's serial number. The data member points to the internal location of the serialNumber in the CERT_OBJ object.
  • serialNumber.data The serial number in canonical format, with the most significant byte first.
  • serialNumber.len The length of the serial number. A serialNumber.len of 0 (zero) implies that the serial number is 0 (zero).
signatureAlgorithm An int value that indicates the algorithm used to create the certificate signature. For an unsigned certificate, this algorithm is used to sign the certificate. Cert-C supports the following signature algorithm types:
Signature Algorithm Type Description
SA_MD2_WITH_RSA_ENCRYPTION Signature operations that involve the MD2 digest algorithm and the RSA public-key algorithm
SA_MD5_WITH_RSA_ENCRYPTION Signature operations that involve the MD5 digest algorithm and the RSA public-key algorithm
SA_SHA1_WITH_RSA_ENCRYPTION Signature operations that involve the SHA-1 digest algorithm and the RSA public-key algorithm
SA_OIW_SHA1_WITH_RSA_ENCRYPTION Signature operations that involve the SHA-1 digest algorithm, the OAEP masking according to OIW (OSI Implementers' Workshop) syntax, and the RSA public-key algorithm
SA_DSA_WITH_SHA1 SHA-1 digest algorithm and the Digital Signature Algorithm
issuerName A NAME_OBJ object that contains the name of the issuer that signed the certificate. For an unsigned certificate or self-signed certificate, the issuerName is the same as the subjectName.
validity This is a structure consisting of two parts: start and end. These represent the time at which a certificate becomes valid, and the time at which it ceases to be valid. The time is specified as the number of seconds since 12:00 AM GMT, January 1, 1970.
  • validity.start A UINT4 value that indicates the time at which a certificate becomes valid.
  • validity.end A UINT4 value that indicates the time at which a certificate ceases to be valid.
subjectName A NAME_OBJ object that contains the certificate's subject name.
publicKey An ITEM structure that points to the certificate's DER-encoded public key. The data member points to the internal location of the publicKey in the CERT_OBJ object. Note that Cert-C supports key sizes of up to 2048 bits.
issuerUniqueID A BIT_STRING structure that points to the certificate issuer's unique identification. The data member points to the internal location of the issuerUniqueID in the CERT_OBJ object. This field applies only to CERT_VERSION_2 and CERT_VERSION_3 certificates. When you call C_SetCertFields() for CERT_VERSION_1 certificates, set the data field of this BIT_STRING to NULL_PTR and the len and unusedBits fields to 0 (zero).
subjectUniqueID A BIT_STRING structure that points to the certificate subject's unique identification. The data member points to the internal location of the subjectUniqueID in the CERT_OBJ object. This field applies only to CERT_VERSION_2 and CERT_VERSION_3 certificates. When you call C_SetCertFields() for CERT_VERSION_1 certificates, set the data field of this BIT_STRING to NULL_PTR and the len and unusedBits fields to 0 (zero).
certExtensions An EXTENSIONS_OBJ object that contains X.509 v3 extensions for the certificate. This field applies only to CERT_VERSION_3 certificates. When you call C_SetCertFields() for CERT_VERSION_1 or CERT_VERSION_2 certificates, set this field to (EXTENSIONS_OBJ) NULL_PTR.
reserved Set this field to NULL_PTR; it is reserved for future use.

#include <certapi.h> 

00176 typedef struct CERT_FIELDS {
00177   UINT2 version;
00178   ITEM serialNumber;
00179   int signatureAlgorithm;
00180   NAME_OBJ issuerName;
00181   struct {
00182     UINT4 start;
00183     UINT4 end;
00184   } validity;
00185   NAME_OBJ subjectName;
00186   ITEM publicKey;
00187   BIT_STRING issuerUniqueID;         /* version 2 and 3 only. Set data field */
00188                                             /* to NULL_PTR, len to 0 if omit */
00189   BIT_STRING subjectUniqueID;        /* version 2 and 3 only. Set data field */
00190                                             /* to NULL_PTR, len to 0 if omit */
00191   EXTENSIONS_OBJ certExtensions;                   /* version 3 only. Set to */
00192                                       /* (EXTENSIONS_OBJ)NULL_PTR if omitted */
00193   POINTER reserved;                        /* reserves for future expansion  */
00194 } CERT_FIELDS;
The documentation for this struct was generated from the following file:

RSA BSAFE® Cert-C 2.7 API Reference