globus_gsi_cert_utils(3) Globus GSI Certificate Handling Utilities

Modules


Activation

Cert Utils Constants

Functions


globus_result_t globus_gsi_cert_utils_make_time (ASN1_UTCTIME *ctm, time_t *newtime)
Convert ASN1_UTCTIME to time_t.
globus_result_t globus_gsi_cert_utils_get_cert_type (X509 *cert, globus_gsi_cert_utils_cert_type_t *type)
Get the X509 certificate type.
globus_result_t globus_gsi_cert_utils_get_x509_name (const char *subject_string, int length, X509_NAME *x509_name)
Get the certificate name.
globus_result_t globus_gsi_cert_utils_get_base_name (X509_NAME *subject, STACK_OF(X509)*cert_chain)
Get the base certificate name from a certificate chain.
globus_result_t globus_gsi_cert_utils_get_eec (STACK_OF(X509)*cert_chain, X509 **eec)
Get the end-entity certificate from a certificate chain.
globus_result_t globus_gsi_cert_utils_get_identity_cert (STACK_OF(X509)*cert_chain, X509 **identity_cert)
Get the identity certificate from a certificate chain.

Detailed Description

The Globus GSI Certificate Handling Utilities library. This library contains helper functions for dealing with certificates.

  • Activation
  • Globus GSI Certificate Handling Utilities
  • Cert Utils Constants

Function Documentation

globus_result_t globus_gsi_cert_utils_get_base_name (X509_NAME * subject, STACK_OF(X509)* cert_chain)

Get the base certificate name from a certificate chain. Get the base name of a proxy certificate. Given an X509 name, strip off the proxy related /CN components to get the base name of the certificate's subject

Parameters:

subject Pointer to an X509_NAME object which gets stripped
cert_chain The certificate chain used to detect the number of CNs to strip. This is done by figuring out the number of proxies in the chain.

Returns:

GLOBUS_SUCCESS

globus_result_t globus_gsi_cert_utils_get_cert_type (X509 * cert, globus_gsi_cert_utils_cert_type_t * type)

Get the X509 certificate type. Determine the type of the given X509 certificate For the list of possible values returned, see globus_gsi_cert_utils_cert_type_t.

Parameters:

cert The X509 certificate
type The returned X509 certificate type

Returns:

GLOBUS_SUCCESS or an error captured in a globus_result_t

globus_result_t globus_gsi_cert_utils_get_eec (STACK_OF(X509)* cert_chain, X509 ** eec)

Get the end-entity certificate from a certificate chain. Get the end-entity certificate associated with a certificate chain

Parameters:

cert_chain Certificate chain to inspect.
eec Pointer to be set to the EEC value from within the cert chain. Must freed by the caller.

globus_result_t globus_gsi_cert_utils_get_identity_cert (STACK_OF(X509)* cert_chain, X509 ** identity_cert)

Get the identity certificate from a certificate chain. Get the identity-providing certificate associated with a certificate chain. This may be an independent proxy or a end-entity certificate.

Parameters:

cert_chain Certificate chain to inspect.
identity_cert Pointer to be set to the certificate value from within the cert chain. Must freed by the caller.

globus_result_t globus_gsi_cert_utils_get_x509_name (const char * subject_string, int length, X509_NAME * x509_name)

Get the certificate name. Get the X509_NAME from a subject string. OpenSSL doesn't provide this function, probably because it shouldn't be used. If you are getting an X509_NAME from just a string, its impossible to verify its integrity.

Parameters:

subject_string The subject in the format: '/O=Grid/OU=...'
length The length of the subject string
x509_name The resulting X509_NAME object

Returns:

GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

globus_result_t globus_gsi_cert_utils_make_time (ASN1_UTCTIME * ctm, time_t * newtime)

Convert ASN1_UTCTIME to time_t. Convert a ASN1_UTCTIME structure to a time_t

Parameters:

ctm The ASN1_UTCTIME to convert
newtime The converted time

Returns:

GLOBUS_SUCCESS or an error captured in a globus_result_t

Author

Generated automatically by Doxygen for globus_gsi_cert_utils from the source code.