Detailed Description

The Globus GSI Certificate Handling Utilities library. This library contains helper functions for dealing with certificates.

  • Activation

  • Globus GSI Certificate Handling Utilities

  • Cert Utils Constants

Function Documentation

globus_result_t globus_gsi_cert_utils_get_base_name (X509_NAME *subject, STACK_OF(X509)*cert_chain)

Get the base certificate name from a certificate chain. Get the base name of a proxy certificate. Given an X509 name, strip off the proxy related /CN components to get the base name of the certificate's subject

Parameters:

subject Pointer to an X509_NAME object which gets stripped

cert_chain The certificate chain used to detect the number of CNs to strip. This is done by figuring out the number of proxies in the chain.

Returns:

GLOBUS_SUCCESS

globus_result_t globus_gsi_cert_utils_get_cert_type (X509 *cert, \fBglobus_gsi_cert_utils_cert_type_t\fP *type)

Get the X509 certificate type. Determine the type of the given X509 certificate For the list of possible values returned, see globus_gsi_cert_utils_cert_type_t.

Parameters:

cert The X509 certificate

type The returned X509 certificate type

Returns:

GLOBUS_SUCCESS or an error captured in a globus_result_t

globus_result_t globus_gsi_cert_utils_get_eec (STACK_OF(X509)*cert_chain, X509 **eec)

Get the end-entity certificate from a certificate chain. Get the end-entity certificate associated with a certificate chain

Parameters:

cert_chain Certificate chain to inspect.

eec Pointer to be set to the EEC value from within the cert chain. Must freed by the caller.

globus_result_t globus_gsi_cert_utils_get_identity_cert (STACK_OF(X509)*cert_chain, X509 **identity_cert)

Get the identity certificate from a certificate chain. Get the identity-providing certificate associated with a certificate chain. This may be an independent proxy or a end-entity certificate.

Parameters:

cert_chain Certificate chain to inspect.

identity_cert Pointer to be set to the certificate value from within the cert chain. Must freed by the caller.

globus_result_t globus_gsi_cert_utils_get_x509_name (char *subject_string, intlength, X509_NAME *x509_name)

Get the certificate name. Get the X509_NAME from a subject string. OpenSSL doesn't provide this function, probably because it shouldn't be used. If you are getting an X509_NAME from just a string, its impossible to verify its integrity.

Parameters:

subject_string The subject in the format: '/O=Grid/OU=...'

length The length of the subject string

x509_name The resulting X509_NAME object

Returns:

GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

globus_result_t globus_gsi_cert_utils_make_time (ASN1_UTCTIME *ctm, time_t *newtime)

Convert ASN1_UTCTIME to time_t. Convert a ASN1_UTCTIME structure to a time_t

Parameters:

ctm The ASN1_UTCTIME to convert

newtime The converted time

Returns:

GLOBUS_SUCCESS or an error captured in a globus_result_t

Author

Generated automatically by Doxygen for globus_gsi_cert_utils from the source code.