Grid Community Toolkit  6.2.1705709074 (tag: v6.2.20240202)
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
Functions
Credential Operations

Credential Operations. More...

Functions

globus_result_t globus_gsi_cred_read (globus_gsi_cred_handle_t handle, X509_NAME *desired_subject)
 Read a credential. More...
 
globus_result_t globus_gsi_cred_read_proxy (globus_gsi_cred_handle_t handle, const char *proxy_filename)
 Read proxy credential. More...
 
globus_result_t globus_gsi_cred_read_proxy_bio (globus_gsi_cred_handle_t handle, BIO *bio)
 Read proxy credential from a BIO. More...
 
globus_result_t globus_gsi_cred_read_key (globus_gsi_cred_handle_t handle, const char *key_filename, int(*pw_cb)())
 Read a private key. More...
 
globus_result_t globus_gsi_cred_read_cert (globus_gsi_cred_handle_t handle, const char *cert_filename)
 Read a certificate chain from a file. More...
 
globus_result_t globus_gsi_cred_read_cert_bio (globus_gsi_cred_handle_t handle, BIO *bio)
 Read a certificate chain from a BIO. More...
 
globus_result_t globus_gsi_cred_read_cert_buffer (const char *pem_buf, globus_gsi_cred_handle_t *out_handle, X509 **out_cert, STACK_OF(X509)**out_cert_chain, char **out_subject)
 Read certificate chain from a buffer. More...
 
globus_result_t globus_gsi_cred_read_pkcs12 (globus_gsi_cred_handle_t handle, const char *pkcs12_filename)
 Read certificate and key from a PKCS12 file. More...
 
globus_result_t globus_gsi_cred_write (globus_gsi_cred_handle_t handle, BIO *bio)
 Write Credential. More...
 
globus_result_t globus_gsi_cred_write_proxy (globus_gsi_cred_handle_t handle, const char *proxy_filename)
 Write a proxy credential. More...
 
globus_result_t globus_gsi_cred_get_cert_type (globus_gsi_cred_handle_t handle, globus_gsi_cert_utils_cert_type_t *type)
 Get the X.509 certificate type. More...
 

Detailed Description

Credential Operations.

Read/Write a GSI Credential Handle.

This section defines operations to read and write GSI Credential handles.

Function Documentation

globus_result_t globus_gsi_cred_get_cert_type ( globus_gsi_cred_handle_t  handle,
globus_gsi_cert_utils_cert_type_t type 
)

Get the X.509 certificate type.

Determine the type of the given X509 certificate For the list of possible values returned, see globus_gsi_cert_utils_cert_type_t.

Parameters
handleThe credential handle containing the certificate
typeThe returned X509 certificate type
Returns
GLOBUS_SUCCESS or an error captured in a globus_result_t
globus_result_t globus_gsi_cred_read ( globus_gsi_cred_handle_t  handle,
X509_NAME *  desired_subject 
)

Read a credential.

Read a credential from a filesystem location. The credential to read will be determined by the search order specified in the handle attributes.

Parameters
handleThe credential handle to set. This credential handle should already be initialized using globus_gsi_cred_handle_init.
desired_subjectThe subject to check for when reading in a credential. The desired_subject should be either a exact match of the read cert's subject or should just contain the /CN entry. If null, the credential read in is the first match based on the system configuration (paths and environment variables)
Returns
GLOBUS_SUCCESS if no errors occurred, otherwise, an error object identifier is returned.
See Also
globus_gsi_cred_read_proxy()
globus_gsi_cred_read_cert_and_key()
Note
This function always searches for the desired credential. If you don't want to perform a search, then don't use this function. The search goes in the order of the handle attributes' search order.
globus_result_t globus_gsi_cred_read_cert ( globus_gsi_cred_handle_t  handle,
const char *  cert_filename 
)

Read a certificate chain from a file.

Read a cert from a file. Cert should be in PEM format. Will also read additional certificates as chain if present.

Parameters
[out]handlethe handle to set based on the certificate that is read
[in]cert_filenamethe filename of the certificate to read
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_cert_bio ( globus_gsi_cred_handle_t  handle,
BIO *  bio 
)

Read a certificate chain from a BIO.

Read a cert from a BIO. Cert should be in PEM format. Will also read additional certificates as chain if present.

Parameters
handlethe handle to set based on the certificate that is read
biothe bio to read the certificate from
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_cert_buffer ( const char *  pem_buf,
globus_gsi_cred_handle_t out_handle,
X509 **  out_cert,
STACK_OF(X509)**  out_cert_chain,
char **  out_subject 
)

Read certificate chain from a buffer.

Read a cert from a buffer. Cert should be in PEM format. Will also read additional certificates as chain if present. Any parameter besides pem_buf may be NULL.

Parameters
pem_bufThe buffer containing the PEM formatted cert and chain.
out_handleThe handle to initialize and set cert on.
out_certThe X509 certificate. This should be freed with X509_free().
out_cert_chainThe X509 certificate chain. This should be freed with sk_X509_free().
out_subjectThe identity name of the cert. This should be freed with OPENSSL_free().
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_key ( globus_gsi_cred_handle_t  handle,
const char *  key_filename,
int(*)()  pw_cb 
)

Read a private key.

Read a key from a PEM file.

Parameters
handlethe handle to set based on the key that is read
key_filenamethe filename of the key to read
pw_cbthe callback for obtaining a password for decrypting the key.
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_pkcs12 ( globus_gsi_cred_handle_t  handle,
const char *  pkcs12_filename 
)

Read certificate and key from a PKCS12 file.

Read a cert and key from a file. The file should be in PKCS12 format.

Parameters
handlethe handle to populate with the read credential
pkcs12_filenamethe filename containing the credential to read
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_proxy ( globus_gsi_cred_handle_t  handle,
const char *  proxy_filename 
)

Read proxy credential.

Read a proxy from a PEM file.

Parameters
[in,out]handleThe credential handle to set based on the proxy credential read from the file
[in]proxy_filenameThe file containing the proxy credential
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_proxy_bio ( globus_gsi_cred_handle_t  handle,
BIO *  bio 
)

Read proxy credential from a BIO.

Read a Proxy Credential from a BIO stream and set the credential handle to represent the read credential. The values read from the stream, in order, will be the signed certificate, the private key, and the certificate chain.

Parameters
handleThe credential handle to set. The credential should handle be initialized (i.e. not NULL).
bioThe stream to read the credential from
Returns
GLOBUS_SUCCESS unless an error occurred, in which case an error object is returned
globus_result_t globus_gsi_cred_write ( globus_gsi_cred_handle_t  handle,
BIO *  bio 
)

Write Credential.

Write out a credential to a BIO. The credential parameters written, in order, are the signed certificate, the RSA private key, and the certificate chain (a set of X509 certificates). the credential is written out in PEM format.

Parameters
handleThe credential to write out
bioThe BIO stream to write out to
Returns
GLOBUS_SUCCESS unless an error occurred, in which case an error object ID is returned.
globus_result_t globus_gsi_cred_write_proxy ( globus_gsi_cred_handle_t  handle,
const char *  proxy_filename 
)

Write a proxy credential.

Write out a credential to a file. The credential parameters written, in order, are the signed certificate, the RSA private key, and the certificate chain (a set of X509 certificates). the credential is written out in PEM format.

Parameters
handleThe credential to write out
proxy_filenameThe file to write out to
Returns
GLOBUS_SUCCESS unless an error occurred, in which case an error object ID is returned.