globus_gsi_credential  7.6
 All Files Functions Typedefs Enumerations Enumerator Modules Pages
Credential Operations
Collaboration diagram for Credential Operations:

Read Credential

globus_result_t globus_gsi_cred_read (globus_gsi_cred_handle_t handle, X509_NAME *desired_subject)
 

Reading Proxy Credentials

globus_result_t globus_gsi_cred_read_proxy (globus_gsi_cred_handle_t handle, const char *proxy_filename)
 
globus_result_t globus_gsi_cred_read_proxy_bio (globus_gsi_cred_handle_t handle, BIO *bio)
 

Read Key

globus_result_t globus_gsi_cred_read_key (globus_gsi_cred_handle_t handle, char *key_filename, int(*pw_cb)())
 

Read Cert and chain from file

globus_result_t globus_gsi_cred_read_cert (globus_gsi_cred_handle_t handle, char *cert_filename)
 

Read Cert and chain from BIO stream

globus_result_t globus_gsi_cred_read_cert_bio (globus_gsi_cred_handle_t handle, BIO *bio)
 

Read Cert and chain from a buffer

globus_result_t globus_gsi_cred_read_cert_buffer (char *pem_buf, globus_gsi_cred_handle_t *out_handle, X509 **out_cert, STACK_OF(X509)**out_cert_chain, char **out_subject)
 

Read Cert & Key in PKCS12 Format

globus_result_t globus_gsi_cred_read_pkcs12 (globus_gsi_cred_handle_t handle, char *pkcs12_filename)
 

Write Credential

globus_result_t globus_gsi_cred_write (globus_gsi_cred_handle_t handle, BIO *bio)
 
globus_result_t globus_gsi_cred_write_proxy (globus_gsi_cred_handle_t handle, char *proxy_filename)
 

Get the X509 certificate type (EEC, CA, proxy type, etc.)

globus_result_t globus_gsi_cred_get_cert_type (globus_gsi_cred_handle_t handle, globus_gsi_cert_utils_cert_type_t *type)
 

Detailed Description

Read/Write a GSI Credential Handle.

This section defines operations to read and write GSI Credential handles.

Function Documentation

globus_result_t globus_gsi_cred_get_cert_type ( globus_gsi_cred_handle_t  handle,
globus_gsi_cert_utils_cert_type_t *  type 
)

Determine the type of the given X509 certificate For the list of possible values returned, see globus_gsi_cert_utils_cert_type_t.

Parameters
handleThe credential handle containing the certificate
typeThe returned X509 certificate type
Returns
GLOBUS_SUCCESS or an error captured in a globus_result_t
globus_result_t globus_gsi_cred_read ( globus_gsi_cred_handle_t  handle,
X509_NAME *  desired_subject 
)

Read a Credential from a filesystem location. The credential to read will be determined by the search order specified in the handle attributes.

Parameters
handleThe credential handle to set. This credential handle should already be initialized using globus_gsi_cred_handle_init.
desired_subjectThe subject to check for when reading in a credential. The desired_subject should be either a exact match of the read cert's subject or should just contain the /CN entry. If null, the credential read in is the first match based on the system configuration (paths and environment variables)
Returns
GLOBUS_SUCCESS if no errors occured, otherwise, an error object identifier is returned.
See also
globus_gsi_cred_read_proxy()
globus_gsi_cred_read_cert_and_key()
Note
This function always searches for the desired credential. If you don't want to perform a search, then don't use this function. The search goes in the order of the handle attributes' search order.
globus_result_t globus_gsi_cred_read_cert ( globus_gsi_cred_handle_t  handle,
char *  cert_filename 
)

Read a cert from a file. Cert should be in PEM format. Will also read additional certificates as chain if present.

Parameters
handlethe handle to set based on the certificate that is read
cert_filenamethe filename of the certificate to read
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_cert_bio ( globus_gsi_cred_handle_t  handle,
BIO *  bio 
)

Read a cert from a BIO. Cert should be in PEM format. Will also read additional certificates as chain if present.

Parameters
handlethe handle to set based on the certificate that is read
biothe bio to read the certificate from
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_cert_buffer ( char *  pem_buf,
globus_gsi_cred_handle_t out_handle,
X509 **  out_cert,
STACK_OF(X509)**  out_cert_chain,
char **  out_subject 
)

Read a cert from a buffer. Cert should be in PEM format. Will also read additional certificates as chain if present. Any paramter besides pem_buf may be NULL.

Parameters
pem_bufThe buffer containing the PEM formatted cert and chain.
out_handleThe handle to initialize and set cert on.
out_certThe X509 certificate. This should be freed with X509_free().
out_cert_chainThe X509 certificate chain. This should be freed with sk_X509_free().
out_subjectThe identity name of the cert. This should be freed with OPENSSL_free().
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_key ( globus_gsi_cred_handle_t  handle,
char *  key_filename,
int(*)()  pw_cb 
)

Read a key from a PEM file.

Parameters
handlethe handle to set based on the key that is read
key_filenamethe filename of the key to read
pw_cbthe callback for obtaining a password for decrypting the key.
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_pkcs12 ( globus_gsi_cred_handle_t  handle,
char *  pkcs12_filename 
)

Read a cert & key from a file. The file should be in PKCS12 format.

Parameters
handlethe handle to populate with the read credential
pkcs12_filenamethe filename containing the credential to read
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_proxy ( globus_gsi_cred_handle_t  handle,
const char *  proxy_filename 
)

Read a proxy from a PEM file.

Parameters
handleThe credential handle to set based on the proxy credential read from the file
proxy_filenameThe file containing the proxy credential
Returns
GLOBUS_SUCCESS or an error object identifier
globus_result_t globus_gsi_cred_read_proxy_bio ( globus_gsi_cred_handle_t  handle,
BIO *  bio 
)

Read a Proxy Credential from a BIO stream and set the credential handle to represent the read credential. The values read from the stream, in order, will be the signed certificate, the private key, and the certificate chain

Parameters
handleThe credential handle to set. The credential should handle be initialized (i.e. not NULL).
bioThe stream to read the credential from
Returns
GLOBUS_SUCCESS unless an error occurred, in which case an error object is returned
globus_result_t globus_gsi_cred_write ( globus_gsi_cred_handle_t  handle,
BIO *  bio 
)

Write out a credential to a BIO. The credential parameters written, in order, are the signed certificate, the RSA private key, and the certificate chain (a set of X509 certificates). the credential is written out in PEM format.

Parameters
handleThe credential to write out
bioThe BIO stream to write out to
Returns
GLOBUS_SUCCESS unless an error occurred, in which case an error object ID is returned.
globus_result_t globus_gsi_cred_write_proxy ( globus_gsi_cred_handle_t  handle,
char *  proxy_filename 
)

Write out a credential to a file. The credential parameters written, in order, are the signed certificate, the RSA private key, and the certificate chain (a set of X509 certificates). the credential is written out in PEM format.

Parameters
handleThe credential to write out
proxy_filenameThe file to write out to
Returns
GLOBUS_SUCCESS unless an error occurred, in which case an error object ID is returned.