RSA Security logo

RSA BSAFE Cert-C
API Reference

PKI_CERTREQ_FIELDS Struct Reference

Contains the PKI message information that is specific to PKI certification request messages.

Note that not all of the fields of the structure are used by every PKI service provider. The application can indicate that specific fields are to be ignored when it sets the value of a PKI_MSG_OBJ, and the PKI service provider can indicate that specific fields are to be uninitialized when the application gets the value of a PKI_MSG_OBJ. Use PKI_CERTREQ_FIELDS with the C_SetPKICertRequestFields() and C_GetPKICertRequestFields() functions.

In Cert-C 2.5, a new object PKI_CERT_REQ_OBJ is introduced to handle certification requests. A new set of APIs are also introduced to retrieve and update the individual fields inside the request object. PKI_CERTREQ_FIELDS, C_SetPKICertRequestFields(), and C_GetPKICertRequestFields() are deprecated in this release, and will be removed from its successor.

Data Fields
flags An unsigned int value that indicates which fields in the PKI_CERTREQ_FIELDS structure are to be ignored by Cert-C. The flags field should contain some combination of the following bit-flags, or it should contain zero (0) if none of the listed conditions apply. Individual flags can be combined by 'OR'ing them together.
PKI Certification Request Flag Description
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ VERSION The certTemplate.version field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ SERIAL The certTemplate.serialNumber field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ SIGALG The certTemplate.signatureAlgorithm field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ ISSUERNAME The certTemplate.issuerName field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ VALIDSTART The certTemplate.validity.start field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ VALIDEND The certTemplate.validity.end field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ SUBJECTNAME The certTemplate.subjectName field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ PUBLICKEY The certTemplate.publicKey field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ ISSUERUID The certTemplate.issuerUniqueID field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ SUBJECTUID The certTemplate.subjectUniqueID field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ CERTEXTS The certTemplate.certExtensions field is undefined.
PKI_CERTREQFLAGS_IGNORE_TEMPLATE_ RESERVED The certTemplate.reserved field is undefined.
PKI_CERTREQFLAGS_IGNORE_CERTREQID The certReqID field is undefined.
PKI_CERTREQFLAGS_IGNORE_CONTROLS The controls field is undefined.
PKI_CERTREQFLAGS_IGNORE_POPTYPE The popType field is undefined.
PKI_CERTREQFLAGS_IGNORE_REGINFO The regInfo field is undefined.

certTemplate A CERT_FIELDS structure that contains a template of the new certificate contents. This template contains selected fields of the new certificate.
certReqID An ITEM structure that specifies a certification request identifier. The identifier associates a certification request message with subsequent messages about the same certification request. (A transaction identifier only applies to a single request/ response message pair. Certification dialogs may extend across several message pairs.) When formulating a request message, generally the application is not required to set this field. It is usually set by the PKI service provider when it encodes the message. When forming a subsequent message about the same certification request, the application generally copies this field from the corresponding request message.
controls An ATTRIBUTES_OBJ object that contains a set of control attributes that affect the processing of the certification request.
popType An unsigned int value that specifies the type of Proof-of-Possession (POP) information to include in the message. The choice of values for this field are:
POP Type Description
PKI_POP_RA_VERIFIED The RA has verified the POP of the EE's private key.
PKI_POP_SIGNATURE The POP of the EE's private key is demonstrated by the EE signing the certificate request.
PKI_POP_ENCRYPTION The POP of the EE's private key is demonstrated by the EE's ability to decrypt the certificate returned in the certificate response message.
PKI_POP_KEY_AGREE The POP of the EE's private key is demonstrated.

regInfo An ATTRIBUTES_OBJ object that contains registration information. The regInfo field should contain supplementary information related to the context of a certification request only when such information is required to fulfill the certification request. This information may include subscriber contact information, billing information, or other ancillary information that is useful in fulfilling the certification request.
Deprecated:
This structure is deprecated in Cert-C 2.5. New set and get APIs are introduced to retrieve and update individual fields. PKI_CERTREQ_FIELDS, C_SetPKICertRequestFields(), and C_GetPKICertRequestFields() are deprecated in this release, and will be removed from its successor.

#include <pkimsg.h> 

00804 typedef struct {
00805   unsigned int   flags;        /* bit-field of PKI_CERTREQFLAGS_*        */
00806   CERT_FIELDS    certTemplate; /* selected fields of new cert            */
00807   ITEM           certReqID;    /* ID to match request and response       */
00808   ATTRIBUTES_OBJ controls;     /* attributes affecting issuance          */
00809   unsigned int   popType;      /* proof-of-possession (one of PKI_POP_*) */
00810   ATTRIBUTES_OBJ regInfo;      /* supplementary information              */
00811 } PKI_CERTREQ_FIELDS;
The documentation for this struct was generated from the following file:

RSA BSAFE® Cert-C 2.7 API Reference