Scroll to navigation

globus_gsi_cert_utils(3) Library Functions Manual globus_gsi_cert_utils(3)

NAME

globus_gsi_cert_utils - Globus GSI Certificate Handling Utilities


- Globus GSI Certificate Handling Utilities.

SYNOPSIS

Modules


Activation
Activation. Cert Utils Constants
Cert Utils Constants.

Functions


globus_result_t globus_gsi_cert_utils_make_time (const ASN1_TIME *ctm, time_t *newtime)
Convert ASN1_TIME to time_t. globus_result_t globus_gsi_cert_utils_get_cert_type (X509 *cert, globus_gsi_cert_utils_cert_type_t *type)
Get the X509 certificate type. globus_result_t globus_gsi_cert_utils_get_x509_name (const char *subject_string, int length, X509_NAME *x509_name)
Get the certificate name. globus_result_t globus_gsi_cert_utils_get_base_name (X509_NAME *subject, STACK_OF(X509) *cert_chain)
Get the base certificate name from a certificate chain. globus_result_t globus_gsi_cert_utils_get_eec (STACK_OF(X509) *cert_chain, X509 **eec)
Get the end-entity certificate from a certificate chain. globus_result_t globus_gsi_cert_utils_get_identity_cert (STACK_OF(X509) *cert_chain, X509 **identity_cert)
Get the identity certificate from a certificate chain.

Detailed Description

Globus GSI Certificate Handling Utilities.

The Globus GSI Certificate Handling Utilities library. This library contains helper functions for dealing with certificates.

  • Activation
  • Globus GSI Certificate Handling Utilities
  • Cert Utils Constants

Function Documentation

globus_result_t globus_gsi_cert_utils_get_base_name (X509_NAME * subject, STACK_OF(X509) * cert_chain)

Get the base certificate name from a certificate chain. Get the base name of a proxy certificate. Given an X509 name, strip off the proxy related /CN components to get the base name of the certificate's subject

Parameters

subject Pointer to an X509_NAME object which gets stripped
cert_chain The certificate chain used to detect the number of CNs to strip. This is done by figuring out the number of proxies in the chain.

Returns

GLOBUS_SUCCESS

globus_result_t globus_gsi_cert_utils_get_cert_type (X509 * cert, globus_gsi_cert_utils_cert_type_t * type)

Get the X509 certificate type. Determine the type of the given X509 certificate For the list of possible values returned, see globus_gsi_cert_utils_cert_type_t.

Parameters

cert The X509 certificate
type The returned X509 certificate type

Returns

GLOBUS_SUCCESS or an error captured in a globus_result_t

globus_result_t globus_gsi_cert_utils_get_eec (STACK_OF(X509) * cert_chain, X509 ** eec)

Get the end-entity certificate from a certificate chain. Get the end-entity certificate associated with a certificate chain

Parameters

cert_chain Certificate chain to inspect.
eec Pointer to be set to the EEC value from within the cert chain. Must freed by the caller.

globus_result_t globus_gsi_cert_utils_get_identity_cert (STACK_OF(X509) * cert_chain, X509 ** identity_cert)

Get the identity certificate from a certificate chain. Get the identity-providing certificate associated with a certificate chain. This may be an independent proxy or a end-entity certificate.

Parameters

cert_chain Certificate chain to inspect.
identity_cert Pointer to be set to the certificate value from within the cert chain. Must freed by the caller.

globus_result_t globus_gsi_cert_utils_get_x509_name (const char * subject_string, int length, X509_NAME * x509_name)

Get the certificate name. Get the X509_NAME from a subject string. OpenSSL doesn't provide this function, probably because it shouldn't be used. If you are getting an X509_NAME from just a string, its impossible to verify its integrity.

Parameters

subject_string The subject in the format: '/O=Grid/OU=...'
length The length of the subject string
x509_name The resulting X509_NAME object

Returns

GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

globus_result_t globus_gsi_cert_utils_make_time (const ASN1_TIME * ctm, time_t * newtime)

Convert ASN1_TIME to time_t. Convert a ASN1_TIME structure to a time_t

Parameters

ctm The ASN1_TIME to convert
newtime The converted time

Returns

GLOBUS_SUCCESS or GLOBUS_FAILURE on error

Author

Generated automatically by Doxygen for globus_gsi_cert_utils from the source code.

Version 10.10 globus_gsi_cert_utils