UA Server SDK C++ Bundle
1.4.3.291
|
Class for handling X509 certificates. More...
#include <uapkicertificate.h>
Public Types | |
enum | Extension |
Extensions Enumeration. | |
Public Member Functions | |
UaPkiCertificate () | |
construction | |
UaPkiCertificate (const UaPkiCertificateInfo &info, const UaPkiIdentity &subject, const UaPkiPublicKey &subjectPublicKey, const UaPkiIdentity &issuer, const UaPkiPrivateKey &issuerPrivateKey) | |
Creates a new certificate. More... | |
UaPkiCertificate (const UaPkiCertificate ©) | |
construction | |
UaPkiCertificate (X509 *pCert) | |
construction | |
~UaPkiCertificate () | |
destruction | |
UaPkiCertificate | operator= (const UaPkiCertificate ©) |
Assigns another UaPkiCertificate to the current instance. More... | |
bool | operator== (const UaPkiCertificate &other) |
Compares the current instance to another certificate. More... | |
UaPkiPublicKey | publicKey () const |
Returns the public key of the certificate. More... | |
UaString | commonName () const |
Returns the certificates commonName field. More... | |
UaPkiIdentity | subject () const |
Returns the certificate identity. More... | |
UaPkiIdentity | issuer () const |
Returns the certificate issuer identity. More... | |
UaPkiCertificateInfo | info () const |
Returns information from X509v3 Extension subjectAltName. More... | |
UaDateTime | validFrom () const |
Returns the start date from the certificates valid time period. More... | |
UaDateTime | validTo () const |
Returns the end date from the certificates valid time period. More... | |
UaString | serialNumber () const |
Returns the certificates serial number. More... | |
int | signatureTypeNID () const |
ToDoDoc. More... | |
UaString | signatureTypeString () const |
ToDoDoc. More... | |
bool | isValid () const |
Returns true if the the certificate is still valid and not expired. More... | |
UaByteArray | toDER () const |
Encodes the certificate into a DER format. More... | |
int | toDERFile (const char *szFile) const |
Stores the certificate into DER encoded file. More... | |
int | toDERFile (const UaString &sFile) const |
Stores the certificate into DER encoded file. More... | |
int | toPEMFile (const char *szFile) const |
Stores the certificate into PEM encoded file. More... | |
int | toPEMFile (const UaString &sFile) const |
Stores the certificate into PEM encoded file. More... | |
UaByteArray | thumbPrint () const |
Creates the SHA1 thumb print of the certificate. More... | |
int | toWindowsStore (WindowsStoreLocation location, const UaString &sStoreName) const |
Stores the certificate in the given windows certificate store. More... | |
int | toWindowsStoreWithPrivateKey (WindowsStoreLocation location, const UaString &sStoreName, const UaPkiRsaKeyPair &subjectKeyPair) const |
Stores the certificate and it's private key in the given windows certificate store. More... | |
Static Public Member Functions | |
static UaByteArray | thumbPrint (const UaByteArray &DERData) |
Creates the SHA1 thumb print of the DER encoded certificate data. More... | |
static UaPkiCertificate | fromDER (const UaByteArray &DERdata) |
Loads a certificate from a DER encoded byte array. More... | |
static UaPkiCertificate | fromDERFile (const char *szFile) |
Loads a certificate from a DER encoded file. More... | |
static UaPkiCertificate | fromDERFile (const UaString &sFile) |
Loads a certificate from a DER encoded file. More... | |
static UaPkiCertificate | fromPEMFile (const char *szFile) |
Loads a certificate from a PEM encoded file. More... | |
static UaPkiCertificate | fromWindowsStore (WindowsStoreLocation location, const UaString &sStoreName, const UaByteArray &baThumbprint) |
Gets a certificate from the given windows certificate store. More... | |
static UaPkiCertificate | fromWindowsStoreWithPrivateKey (WindowsStoreLocation location, const UaString &sStoreName, const UaByteArray &baThumbprint, UaPkiRsaKeyPair &subjectKeyPair) |
Gets a certificate and it's private key from the given windows certificate store. More... | |
static int | deleteFromWindowsStore (WindowsStoreLocation location, const UaString &sStoreName, const UaByteArray &baThumbprint) |
Deletes a certificate from the given windows certificate store. More... | |
static UaPkiCertificate | nextCertInWindowsStore (WindowsStoreLocation location, const UaString &sStoreName, const UaPkiCertificate &previous=UaPkiCertificate()) |
Iterates over the certificates in a windows certificate store. More... | |
static UaDateTime | convertAsn1UtcTimeToDateTime (const char *szAsn1UtcTime, bool *pbOK=0) |
Converts an ASN.1 UTC Time String to a OPC UA DateTime. More... | |
static UaDateTime | convertAsn1GeneralizedTimeToDateTime (const char *szAsn1GeneralizedTime, bool *pbOK=0) |
Converts an ASN.1 Generalized Time String to a OPC UA DateTime. More... | |
Class for handling X509 certificates.
This class encapsulates OpenSSL X509 functionality and simplifies the certificate handling.
The following sample code demonstrates how to create a self signed certificate.
The following sample code demonstrates how to store a certificate as file e.g. in the application trust list.
UaPkiCertificate::UaPkiCertificate | ( | const UaPkiCertificateInfo & | info, |
const UaPkiIdentity & | subject, | ||
const UaPkiPublicKey & | subjectPublicKey, | ||
const UaPkiIdentity & | issuer, | ||
const UaPkiPrivateKey & | issuerPrivateKey | ||
) |
Creates a new certificate.
[in] | info | UA Application information. |
[in] | subject | The identity of the certificate owner. |
[in] | subjectPublicKey | The public key of the certificate. |
[in] | issuer | The identity of the certificate issuer. If subject == issuer a self signed certificate is created. |
[in] | issuerPrivateKey | The private key of the certificate issuer. This is needed to sign the certificate. |
UaString UaPkiCertificate::commonName | ( | ) | const |
Returns the certificates commonName field.
This functions is provided for convenience and returns the same as UaPkiCertificate::subject().commonName.
|
static |
Converts an ASN.1 Generalized Time String to a OPC UA DateTime.
This is done by converting the ASN.1 Generalized Format (YYYYMMDDHHMMSS.fffZ) to an ISO8601 String ("YYYY-MM-DDThh:mm:ssZ") and then calling OpcUa_DateTime_GetDateTimeFromString().
|
static |
Converts an ASN.1 UTC Time String to a OPC UA DateTime.
This is done by converting the ASN.1 UTC Format (YYMMDDHHMMSSZ) to an ISO8601 String ("YYYY-MM-DDThh:mm:ssZ") and then calling OpcUa_DateTime_GetDateTimeFromString().
|
static |
Deletes a certificate from the given windows certificate store.
[in] | location | The system store location. |
[in] | sStoreName | The name of the certificate store to search in. |
[in] | baThumbprint | The thumb print of the certificate to delete. |
|
static |
Loads a certificate from a DER encoded byte array.
[in] | DERdata | The DER data typically received from the OPC UA protocol. |
|
static |
Loads a certificate from a DER encoded file.
[in] | szFile | The file name (local 8 bit encoding). |
|
static |
Loads a certificate from a DER encoded file.
[in] | sFile | The file name (UTF8 encoding). |
|
static |
Loads a certificate from a PEM encoded file.
[in] | szFile | The file name (local 8 bit encoding). |
|
static |
Gets a certificate from the given windows certificate store.
[in] | location | The system store location. |
[in] | sStoreName | The name of the certificate store to search in. |
[in] | baThumbprint | The thumb print of the certificate to load. |
|
static |
Gets a certificate and it's private key from the given windows certificate store.
[in] | location | The system store location. |
[in] | sStoreName | The name of the certificate store to search in. |
[in] | baThumbprint | The thumb print of the certificate to load. |
[out] | subjectKeyPair | This will contain the certificate's private key on success. |
UaPkiCertificateInfo UaPkiCertificate::info | ( | ) | const |
Returns information from X509v3 Extension subjectAltName.
This function does not fill UaPkiCertificateInfo::validTime, use validFrom() and validTo() functions instead.
UaPkiIdentity UaPkiCertificate::issuer | ( | ) | const |
Returns the certificate issuer identity.
bool UaPkiCertificate::isValid | ( | ) | const |
Returns true if the the certificate is still valid and not expired.
|
static |
Iterates over the certificates in a windows certificate store.
[in] | location | The system store location. |
[in] | sStoreName | The name of the certificate store to get the certificate from. |
[in] | previous | This parameter must be an empty UaPkiCertificate on the first call of the function. Set this parameter to the certificate returned by the last call of this function to get the next certificate in the store. |
UaPkiCertificate UaPkiCertificate::operator= | ( | const UaPkiCertificate & | copy | ) |
Assigns another UaPkiCertificate to the current instance.
copy | An existing UaPkiCertificate structure. |
bool UaPkiCertificate::operator== | ( | const UaPkiCertificate & | other | ) |
Compares the current instance to another certificate.
UaPkiPublicKey UaPkiCertificate::publicKey | ( | ) | const |
Returns the public key of the certificate.
UaString UaPkiCertificate::serialNumber | ( | ) | const |
Returns the certificates serial number.
int UaPkiCertificate::signatureTypeNID | ( | ) | const |
ToDoDoc.
UaString UaPkiCertificate::signatureTypeString | ( | ) | const |
ToDoDoc.
UaPkiIdentity UaPkiCertificate::subject | ( | ) | const |
Returns the certificate identity.
UaByteArray UaPkiCertificate::thumbPrint | ( | ) | const |
Creates the SHA1 thumb print of the certificate.
|
static |
Creates the SHA1 thumb print of the DER encoded certificate data.
This method is provided for convenience but behaves like the function above. This avoid the temporary creation of an UaPkiCertificate instance if you have already DER encoded data.
[in] | DERData | The DER encoded certificate. |
UaByteArray UaPkiCertificate::toDER | ( | ) | const |
Encodes the certificate into a DER format.
This is used to send a certificate over OPC UA.
int UaPkiCertificate::toDERFile | ( | const char * | szFile | ) | const |
Stores the certificate into DER encoded file.
This is used for certificate management.
[in] | szFile | The file name of the DER encoded file to create (local 8 bit encoding). |
int UaPkiCertificate::toDERFile | ( | const UaString & | sFile | ) | const |
Stores the certificate into DER encoded file.
This is used for certificate management.
[in] | sFile | The file name of the DER encoded file to create (UTF8 encoding). |
int UaPkiCertificate::toPEMFile | ( | const char * | szFile | ) | const |
Stores the certificate into PEM encoded file.
This is used for certificate management.
[in] | szFile | The file name of the PEM encoded file to create (local 8 bit encoding). |
int UaPkiCertificate::toPEMFile | ( | const UaString & | sFile | ) | const |
Stores the certificate into PEM encoded file.
This is used for certificate management.
[in] | sFile | The file name of the PEM encoded file to create (UTF8 encoding). |
int UaPkiCertificate::toWindowsStore | ( | WindowsStoreLocation | location, |
const UaString & | sStoreName | ||
) | const |
Stores the certificate in the given windows certificate store.
The windows certificate store identifies the certificate by all it's information, so no name parameter is needed.
[in] | location | The system store location. |
[in] | sStoreName | The name of the certificate store to use. |
int UaPkiCertificate::toWindowsStoreWithPrivateKey | ( | WindowsStoreLocation | location, |
const UaString & | sStoreName, | ||
const UaPkiRsaKeyPair & | subjectKeyPair | ||
) | const |
Stores the certificate and it's private key in the given windows certificate store.
The windows certificate store identifies the certificate by all it's information, so no name parameter is needed. If the store does not exist it will be created.
[in] | location | The system store location. |
[in] | sStoreName | The name of the certificate store to use. |
[in] | subjectKeyPair | The key pair of the certificate subject to store with the certificate. |
UaDateTime UaPkiCertificate::validFrom | ( | ) | const |
Returns the start date from the certificates valid time period.
UaDateTime UaPkiCertificate::validTo | ( | ) | const |
Returns the end date from the certificates valid time period.