Read/Write a GSI Credential Handle.
This section defines operations to read and write GSI Credential handles.
globus_result_t globus_gsi_cred_get_cert_type |
( |
globus_gsi_cred_handle_t |
handle, |
|
|
globus_gsi_cert_utils_cert_type_t * |
type |
|
) |
| |
Determine the type of the given X509 certificate For the list of possible values returned, see globus_gsi_cert_utils_cert_type_t.
- Parameters
-
handle | The credential handle containing the certificate |
type | The returned X509 certificate type |
- Returns
- GLOBUS_SUCCESS or an error captured in a globus_result_t
Read a Credential from a filesystem location. The credential to read will be determined by the search order specified in the handle attributes.
- Parameters
-
handle | The credential handle to set. This credential handle should already be initialized using globus_gsi_cred_handle_init. |
desired_subject | The subject to check for when reading in a credential. The desired_subject should be either a exact match of the read cert's subject or should just contain the /CN entry. If null, the credential read in is the first match based on the system configuration (paths and environment variables) |
- Returns
- GLOBUS_SUCCESS if no errors occured, otherwise, an error object identifier is returned.
- See also
- globus_gsi_cred_read_proxy()
-
globus_gsi_cred_read_cert_and_key()
- Note
- This function always searches for the desired credential. If you don't want to perform a search, then don't use this function. The search goes in the order of the handle attributes' search order.
Read a cert from a file. Cert should be in PEM format. Will also read additional certificates as chain if present.
- Parameters
-
handle | the handle to set based on the certificate that is read |
cert_filename | the filename of the certificate to read |
- Returns
- GLOBUS_SUCCESS or an error object identifier
Read a cert from a BIO. Cert should be in PEM format. Will also read additional certificates as chain if present.
- Parameters
-
handle | the handle to set based on the certificate that is read |
bio | the bio to read the certificate from |
- Returns
- GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_cert_buffer |
( |
char * |
pem_buf, |
|
|
globus_gsi_cred_handle_t * |
out_handle, |
|
|
X509 ** |
out_cert, |
|
|
STACK_OF(X509)** |
out_cert_chain, |
|
|
char ** |
out_subject |
|
) |
| |
Read a cert from a buffer. Cert should be in PEM format. Will also read additional certificates as chain if present. Any paramter besides pem_buf may be NULL.
- Parameters
-
pem_buf | The buffer containing the PEM formatted cert and chain. |
out_handle | The handle to initialize and set cert on. |
out_cert | The X509 certificate. This should be freed with X509_free(). |
out_cert_chain | The X509 certificate chain. This should be freed with sk_X509_free(). |
out_subject | The identity name of the cert. This should be freed with OPENSSL_free(). |
- Returns
- GLOBUS_SUCCESS or an error object identifier
Read a key from a PEM file.
- Parameters
-
handle | the handle to set based on the key that is read |
key_filename | the filename of the key to read |
pw_cb | the callback for obtaining a password for decrypting the key. |
- Returns
- GLOBUS_SUCCESS or an error object identifier
Read a cert & key from a file. The file should be in PKCS12 format.
- Parameters
-
handle | the handle to populate with the read credential |
pkcs12_filename | the filename containing the credential to read |
- Returns
- GLOBUS_SUCCESS or an error object identifier
Read a proxy from a PEM file.
- Parameters
-
handle | The credential handle to set based on the proxy credential read from the file |
proxy_filename | The file containing the proxy credential |
- Returns
- GLOBUS_SUCCESS or an error object identifier
Read a Proxy Credential from a BIO stream and set the credential handle to represent the read credential. The values read from the stream, in order, will be the signed certificate, the private key, and the certificate chain
- Parameters
-
handle | The credential handle to set. The credential should handle be initialized (i.e. not NULL). |
bio | The stream to read the credential from |
- Returns
- GLOBUS_SUCCESS unless an error occurred, in which case an error object is returned
Write out a credential to a BIO. The credential parameters written, in order, are the signed certificate, the RSA private key, and the certificate chain (a set of X509 certificates). the credential is written out in PEM format.
- Parameters
-
handle | The credential to write out |
bio | The BIO stream to write out to |
- Returns
- GLOBUS_SUCCESS unless an error occurred, in which case an error object ID is returned.
Write out a credential to a file. The credential parameters written, in order, are the signed certificate, the RSA private key, and the certificate chain (a set of X509 certificates). the credential is written out in PEM format.
- Parameters
-
handle | The credential to write out |
proxy_filename | The file to write out to |
- Returns
- GLOBUS_SUCCESS unless an error occurred, in which case an error object ID is returned.