Grid Community Toolkit  6.2.1653033972 (tag: v6.2.20220524)
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
Modules | Functions
Globus GSI Certificate Handling Utilities

Globus GSI Certificate Handling Utilities. More...

Modules

 Activation
 Activation.
 
 Cert Utils Constants
 Cert Utils Constants.
 

Functions

globus_result_t globus_gsi_cert_utils_make_time (const ASN1_UTCTIME *ctm, time_t *newtime)
 Convert ASN1_UTCTIME to time_t. More...
 
globus_result_t globus_gsi_cert_utils_get_cert_type (X509 *cert, globus_gsi_cert_utils_cert_type_t *type)
 Get the X509 certificate type. More...
 
globus_result_t globus_gsi_cert_utils_get_x509_name (const char *subject_string, int length, X509_NAME *x509_name)
 Get the certificate name. More...
 
globus_result_t globus_gsi_cert_utils_get_base_name (X509_NAME *subject, STACK_OF(X509)*cert_chain)
 Get the base certificate name from a certificate chain. More...
 
globus_result_t globus_gsi_cert_utils_get_eec (STACK_OF(X509)*cert_chain, X509 **eec)
 Get the end-entity certificate from a certificate chain. More...
 
globus_result_t globus_gsi_cert_utils_get_identity_cert (STACK_OF(X509)*cert_chain, X509 **identity_cert)
 Get the identity certificate from a certificate chain. More...
 

Detailed Description

Globus GSI Certificate Handling Utilities.

The Globus GSI Certificate Handling Utilities library. This library contains helper functions for dealing with certificates.

Function Documentation

globus_result_t globus_gsi_cert_utils_get_base_name ( X509_NAME *  subject,
STACK_OF(X509)*  cert_chain 
)

Get the base certificate name from a certificate chain.

Get the base name of a proxy certificate. Given an X509 name, strip off the proxy related /CN components to get the base name of the certificate's subject

Parameters
subjectPointer to an X509_NAME object which gets stripped
cert_chainThe certificate chain used to detect the number of CNs to strip. This is done by figuring out the number of proxies in the chain.
Returns
GLOBUS_SUCCESS
globus_result_t globus_gsi_cert_utils_get_cert_type ( X509 *  cert,
globus_gsi_cert_utils_cert_type_t type 
)

Get the X509 certificate type.

Determine the type of the given X509 certificate For the list of possible values returned, see globus_gsi_cert_utils_cert_type_t.

Parameters
certThe X509 certificate
typeThe returned X509 certificate type
Returns
GLOBUS_SUCCESS or an error captured in a globus_result_t
globus_result_t globus_gsi_cert_utils_get_eec ( STACK_OF(X509)*  cert_chain,
X509 **  eec 
)

Get the end-entity certificate from a certificate chain.

Get the end-entity certificate associated with a certificate chain

Parameters
cert_chainCertificate chain to inspect.
eecPointer to be set to the EEC value from within the cert chain. Must freed by the caller.
globus_result_t globus_gsi_cert_utils_get_identity_cert ( STACK_OF(X509)*  cert_chain,
X509 **  identity_cert 
)

Get the identity certificate from a certificate chain.

Get the identity-providing certificate associated with a certificate chain. This may be an independent proxy or a end-entity certificate.

Parameters
cert_chainCertificate chain to inspect.
identity_certPointer to be set to the certificate value from within the cert chain. Must freed by the caller.
globus_result_t globus_gsi_cert_utils_get_x509_name ( const char *  subject_string,
int  length,
X509_NAME *  x509_name 
)

Get the certificate name.

Get the X509_NAME from a subject string. OpenSSL doesn't provide this function, probably because it shouldn't be used. If you are getting an X509_NAME from just a string, its impossible to verify its integrity.

Parameters
subject_stringThe subject in the format: "/O=Grid/OU=..."
lengthThe length of the subject string
x509_nameThe resulting X509_NAME object
Returns
GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned
globus_result_t globus_gsi_cert_utils_make_time ( const ASN1_UTCTIME *  ctm,
time_t *  newtime 
)

Convert ASN1_UTCTIME to time_t.

Convert a ASN1_UTCTIME structure to a time_t

Parameters
ctmThe ASN1_UTCTIME to convert
newtimeThe converted time
Returns
GLOBUS_SUCCESS or an error captured in a globus_result_t