Grid Community Toolkit
6.2.1653033972 (tag: v6.2.20220524)
|
Globus GSI Certificate Handling Utilities. More...
Modules | |
Activation | |
Activation. | |
Cert Utils Constants | |
Cert Utils Constants. | |
Functions | |
globus_result_t | globus_gsi_cert_utils_make_time (const ASN1_UTCTIME *ctm, time_t *newtime) |
Convert ASN1_UTCTIME to time_t. More... | |
globus_result_t | globus_gsi_cert_utils_get_cert_type (X509 *cert, globus_gsi_cert_utils_cert_type_t *type) |
Get the X509 certificate type. More... | |
globus_result_t | globus_gsi_cert_utils_get_x509_name (const char *subject_string, int length, X509_NAME *x509_name) |
Get the certificate name. More... | |
globus_result_t | globus_gsi_cert_utils_get_base_name (X509_NAME *subject, STACK_OF(X509)*cert_chain) |
Get the base certificate name from a certificate chain. More... | |
globus_result_t | globus_gsi_cert_utils_get_eec (STACK_OF(X509)*cert_chain, X509 **eec) |
Get the end-entity certificate from a certificate chain. More... | |
globus_result_t | globus_gsi_cert_utils_get_identity_cert (STACK_OF(X509)*cert_chain, X509 **identity_cert) |
Get the identity certificate from a certificate chain. More... | |
Globus GSI Certificate Handling Utilities.
The Globus GSI Certificate Handling Utilities library. This library contains helper functions for dealing with certificates.
globus_result_t globus_gsi_cert_utils_get_base_name | ( | X509_NAME * | subject, |
STACK_OF(X509)* | cert_chain | ||
) |
Get the base certificate name from a certificate chain.
Get the base name of a proxy certificate. Given an X509 name, strip off the proxy related /CN components to get the base name of the certificate's subject
subject | Pointer to an X509_NAME object which gets stripped |
cert_chain | The certificate chain used to detect the number of CNs to strip. This is done by figuring out the number of proxies in the chain. |
globus_result_t globus_gsi_cert_utils_get_cert_type | ( | X509 * | cert, |
globus_gsi_cert_utils_cert_type_t * | type | ||
) |
Get the X509 certificate type.
Determine the type of the given X509 certificate For the list of possible values returned, see globus_gsi_cert_utils_cert_type_t.
cert | The X509 certificate |
type | The returned X509 certificate type |
globus_result_t globus_gsi_cert_utils_get_eec | ( | STACK_OF(X509)* | cert_chain, |
X509 ** | eec | ||
) |
Get the end-entity certificate from a certificate chain.
Get the end-entity certificate associated with a certificate chain
cert_chain | Certificate chain to inspect. |
eec | Pointer to be set to the EEC value from within the cert chain. Must freed by the caller. |
globus_result_t globus_gsi_cert_utils_get_identity_cert | ( | STACK_OF(X509)* | cert_chain, |
X509 ** | identity_cert | ||
) |
Get the identity certificate from a certificate chain.
Get the identity-providing certificate associated with a certificate chain. This may be an independent proxy or a end-entity certificate.
cert_chain | Certificate chain to inspect. |
identity_cert | Pointer to be set to the certificate value from within the cert chain. Must freed by the caller. |
globus_result_t globus_gsi_cert_utils_get_x509_name | ( | const char * | subject_string, |
int | length, | ||
X509_NAME * | x509_name | ||
) |
Get the certificate name.
Get the X509_NAME from a subject string. OpenSSL doesn't provide this function, probably because it shouldn't be used. If you are getting an X509_NAME from just a string, its impossible to verify its integrity.
subject_string | The subject in the format: "/O=Grid/OU=..." |
length | The length of the subject string |
x509_name | The resulting X509_NAME object |
globus_result_t globus_gsi_cert_utils_make_time | ( | const ASN1_UTCTIME * | ctm, |
time_t * | newtime | ||
) |
Convert ASN1_UTCTIME to time_t.
Convert a ASN1_UTCTIME structure to a time_t
ctm | The ASN1_UTCTIME to convert |
newtime | The converted time |