ANSI C Based OPC UA Client/Server SDK  1.9.0.430
UaBasePki

Data Structures

struct  OpcUa_PkiIdentity
 Holds all information about a certificate issuer or subject. More...
 
struct  OpcUa_PkiCertificateInfo
 Holds all additional information of a certificate. More...
 
struct  OpcUa_PkiCertificate
 Encapsulates an OpenSSL certificate. More...
 
struct  OpcUa_PkiCSR
 Encapsulates an OpenSSL certificate signing request. More...
 
struct  OpcUa_PkiRsaKeyPair
 Encapsulates an OpenSSL key pair. More...
 
struct  OpcUa_PkiCRL
 Encapsulates an OpenSSL Certificate Revocation List. More...
 

Functions

OpcUa_StatusCode UaBase_PkiCertificate_Create (OpcUa_PkiCertificate **a_ppCertificate, OpcUa_PkiCertificateInfo a_certificateInfo, OpcUa_PkiIdentity a_subject, OpcUa_PkiRsaKeyPair a_subjectKeyPair, OpcUa_PkiIdentity a_issuer, OpcUa_PkiRsaKeyPair a_issuerKeyPair, OpcUa_X509SignatureAlgorithm a_signatureAlgorithm)
 Creates a new certificate. More...
 
OpcUa_StatusCode UaBase_PkiCertificate_Delete (OpcUa_PkiCertificate **a_ppCertificate)
 Deletes a certificate and frees it's memory. More...
 
OpcUa_StatusCode UaBase_PkiCertificate_ToDERFile (OpcUa_PkiCertificate *a_pCertificate, const OpcUa_CharA *a_sFile)
 Writes the certificate to the given file. More...
 
OpcUa_StatusCode UaBase_PkiCertificate_FromDER (OpcUa_ByteString *a_bsDER, OpcUa_PkiCertificate **a_ppCertificate)
 Gets a certificate from DER encoded ByteString. More...
 
OpcUa_StatusCode UaBase_PkiCertificate_HasExtension (OpcUa_PkiCertificate *a_pCertificate, OpcUa_X509Extension a_extension, OpcUa_Boolean *a_pExtensionExists)
 Check if certificate has extension. More...
 
OpcUa_StatusCode UaBase_PkiCertificate_GetExtension (OpcUa_PkiCertificate *a_pCertificate, OpcUa_X509Extension a_extension, OpcUa_String *a_pExtensionValue)
 Get extension from certificate. More...
 
int UaBase_PkiCertificate_Compare (OpcUa_PkiCertificate *a_pCertificateA, OpcUa_PkiCertificate *a_pCertificateB)
 Compare two certificates.
 
OpcUa_X509SignatureAlgorithm UaBase_PkiCertificate_GetSignatureAlgorithm (OpcUa_PkiCertificate *a_pCertificate)
 Get the algorithm used for signing the certificate.
 
OpcUa_Int32 UaBase_PkiCertificate_GetKeyLength (OpcUa_PkiCertificate *a_pCertificate)
 Get the key length of the key pair associated with the certificate.
 
OpcUa_Boolean UaBase_PkiCertificate_IsSelfSigned (OpcUa_PkiCertificate *a_pCertificate)
 Check if the certificate is self-signed.
 
OpcUa_StatusCode UaBase_PkiCSR_FromCertificate (OpcUa_PkiCSR **a_ppCSR, OpcUa_PkiCertificate *a_pCertificate, OpcUa_PkiRsaKeyPair *a_pSubjectPrivateKey)
 Create CSR based on a certificate.
 
OpcUa_StatusCode UaBase_PkiCSR_Create (OpcUa_PkiCSR **a_ppCSR, OpcUa_PkiCertificateInfo a_certificateInfo, OpcUa_PkiIdentity a_subject, OpcUa_PkiRsaKeyPair a_subjectKeyPair, OpcUa_Boolean a_bCACert)
 Create a new CSR.
 
OpcUa_StatusCode UaBase_PkiCSR_Delete (OpcUa_PkiCSR **a_ppCSR)
 Delete a CSR.
 
OpcUa_StatusCode UaBase_PkiCertificate_FromCSR (OpcUa_PkiCertificate **a_ppCertificate, OpcUa_PkiCSR *a_pCSR, OpcUa_PkiCertificate *a_pIssuerCertificate, OpcUa_PkiRsaKeyPair *a_pIssuerKeyPair, long a_validTime, long a_serialNumber)
 Create a certificate based on a CSR.
 
OpcUa_StatusCode UaBase_PkiCSR_SetSubjectName (OpcUa_PkiCSR *a_pCSR, OpcUa_String *a_pSubjectName, OpcUa_PkiRsaKeyPair *a_pSubjectPrivateKey)
 Set the SubjectName of a CSR.
 
OpcUa_StatusCode UaBase_PkiCSR_SetKey (OpcUa_PkiCSR *a_pCSR, OpcUa_PkiRsaKeyPair *a_pSubjectPrivateKey)
 Set the key of a CSR.
 
OpcUa_StatusCode UaBase_PkiCSR_ToDER (OpcUa_PkiCSR *a_pCSR, OpcUa_ByteString *a_pDER)
 Convert a CSR to a DER blob.
 
OpcUa_StatusCode UaBase_PkiCSR_ToDERFile (OpcUa_PkiCSR *a_pCSR, const OpcUa_CharA *a_sFile)
 Write a CSR to a DER file.
 
OpcUa_StatusCode UaBase_PkiCSR_FromDER (OpcUa_ByteString *a_bsDER, OpcUa_PkiCSR **a_ppCSR)
 Convert DER blob to a CSR.
 
OpcUa_StatusCode UaBase_PkiCSR_FromDERFile (const OpcUa_CharA *a_sFile, OpcUa_PkiCSR **a_ppCSR)
 Convert DER file to a CSR.
 
OpcUa_StatusCode UaBase_PkiRsaKeyPair_Create (OpcUa_PkiRsaKeyPair **a_ppKeyPair, OpcUa_Int32 a_iBits)
 Creates a new key pair. More...
 
OpcUa_StatusCode UaBase_PkiRsaKeyPair_Delete (OpcUa_PkiRsaKeyPair **a_ppKeyPair)
 Deletes a key pair and frees it's memory. More...
 
OpcUa_StatusCode UaBase_PkiRsaKeyPair_ToPEMFile (OpcUa_PkiRsaKeyPair *a_pKeyPair, const OpcUa_CharA *a_sFile)
 Writes the key pair to the given file. More...
 
OpcUa_StatusCode UaBase_PkiRsaKeyPair_FromPEM (OpcUa_ByteString *a_pData, OpcUa_PkiRsaKeyPair **a_ppKeyPair)
 Get a RSA key pair from PEM encoded blob.
 
OpcUa_StatusCode UaBase_PkiRsaKeyPair_GetLength (OpcUa_PkiRsaKeyPair *a_pKeyPair, OpcUa_Int32 *a_piBits)
 Get the key length in bits.
 
OpcUa_StatusCode UaBase_PkiRsaKeyPair_ToDER (OpcUa_PkiRsaKeyPair *a_pKeyPair, OpcUa_ByteString *a_pDER)
 Convert a RSA key pair to a DER blob.
 
OpcUa_StatusCode UaBase_PkiRsaKeyPair_FromDER (OpcUa_ByteString *a_pData, OpcUa_PkiRsaKeyPair **a_ppKeyPair)
 Get a RSA key pair from a DER blob.
 
OpcUa_StatusCode UaBase_PkiCRL_Create (OpcUa_PkiCRL **a_ppCRL, OpcUa_UInt64 a_uValidity, OpcUa_PkiIdentity a_issuer, OpcUa_UInt64 a_uCrlNumber)
 Creates a new Certificate Revocation List. More...
 
OpcUa_StatusCode UaBase_PkiCRL_Delete (OpcUa_PkiCRL **a_ppCRL)
 Deletes a Certificate Revocation List and frees it's memory. More...
 
OpcUa_StatusCode UaBase_PkiCRL_AddRevoked (OpcUa_PkiCRL *a_pCRL, OpcUa_PkiCertificate a_certificate, OpcUa_DateTime a_revocationDate)
 Adds a certificate to the Certificate Revocation List. More...
 
OpcUa_StatusCode UaBase_PkiCRL_Sign (OpcUa_PkiCRL *a_pCRL, OpcUa_PkiRsaKeyPair a_issuerKeyPair)
 Signs a Certificate Revocation List. More...
 
OpcUa_StatusCode UaBase_PkiCRL_ToPEMFile (OpcUa_PkiCRL *a_pCRL, OpcUa_StringA a_sFile)
 Writes the Certificate Revocation List to the given file. More...
 
OpcUa_StatusCode UaBase_PkiCRL_FromDER (OpcUa_ByteString *a_bsDER, OpcUa_PkiCRL **a_ppCRL)
 Get Certificate Revocation List from DER encoded ByteString. More...
 
OpcUa_StatusCode UaBase_Pki_CheckKeyPair (OpcUa_ByteString *a_pCertificate, OpcUa_Key *a_pPrivateKey)
 Check if a private key matches a certificate. More...
 

Detailed Description

Function Documentation

OpcUa_StatusCode UaBase_Pki_CheckKeyPair ( OpcUa_ByteString a_pCertificate,
OpcUa_Key *  a_pPrivateKey 
)

Check if a private key matches a certificate.

Parameters
a_pCertificateThe certificate belonging to the private key.
a_pPrivateKeyThe private key belonging to the certificate.
OpcUa_StatusCode UaBase_PkiCertificate_Create ( OpcUa_PkiCertificate **  a_ppCertificate,
OpcUa_PkiCertificateInfo  a_certificateInfo,
OpcUa_PkiIdentity  a_subject,
OpcUa_PkiRsaKeyPair  a_subjectKeyPair,
OpcUa_PkiIdentity  a_issuer,
OpcUa_PkiRsaKeyPair  a_issuerKeyPair,
OpcUa_X509SignatureAlgorithm  a_signatureAlgorithm 
)

Creates a new certificate.

Parameters
a_ppCertificateA pointer to a variable to store the created certificate.
a_certificateInfoUA Application information.
a_subjectThe identity of the certificate owner.
a_subjectKeyPairThe key pair of the certificate. The public key part will be stored in the certificate.
a_issuerThe identity of the certificate issuer.
a_issuerKeyPairThe key pair of the certificate issuer. This is needed to sign the certificate.
a_signatureAlgorithmThe signature algorithm used to sign the certificate.
OpcUa_StatusCode UaBase_PkiCertificate_Delete ( OpcUa_PkiCertificate **  a_ppCertificate)

Deletes a certificate and frees it's memory.

Parameters
a_ppCertificateA pointer to a variable that points to a OpcUa_PkiCertificate.
OpcUa_StatusCode UaBase_PkiCertificate_FromDER ( OpcUa_ByteString a_bsDER,
OpcUa_PkiCertificate **  a_ppCertificate 
)

Gets a certificate from DER encoded ByteString.

Parameters
a_bsDERThe ByteString containing the DER encoded certificate.
a_ppCertificateThe created certificate is stored here.
OpcUa_StatusCode UaBase_PkiCertificate_GetExtension ( OpcUa_PkiCertificate a_pCertificate,
OpcUa_X509Extension  a_extension,
OpcUa_String a_pExtensionValue 
)

Get extension from certificate.

Parameters
a_pCertificateThe certificate to use.
a_extensionThe certificate extension to get.
a_pExtensionValueThe value of the specified extension.
OpcUa_StatusCode UaBase_PkiCertificate_HasExtension ( OpcUa_PkiCertificate a_pCertificate,
OpcUa_X509Extension  a_extension,
OpcUa_Boolean *  a_pExtensionExists 
)

Check if certificate has extension.

Parameters
a_pCertificateThe certificate to use.
a_extensionThe certificate extension to check for.
a_pExtensionExistsTrue if the certificate contains the specified extension.
OpcUa_StatusCode UaBase_PkiCertificate_ToDERFile ( OpcUa_PkiCertificate a_pCertificate,
const OpcUa_CharA *  a_sFile 
)

Writes the certificate to the given file.

Parameters
a_pCertificateThe certificate to store.
a_sFileThe file to store the certificate in.
OpcUa_StatusCode UaBase_PkiCRL_AddRevoked ( OpcUa_PkiCRL a_pCRL,
OpcUa_PkiCertificate  a_certificate,
OpcUa_DateTime  a_revocationDate 
)

Adds a certificate to the Certificate Revocation List.

Parameters
a_pCRLThe CRL to use.
a_certificateThe certificate to store in the CRL.
a_revocationDateThe revocation date to set.
OpcUa_StatusCode UaBase_PkiCRL_Create ( OpcUa_PkiCRL **  a_ppCRL,
OpcUa_UInt64  a_uValidity,
OpcUa_PkiIdentity  a_issuer,
OpcUa_UInt64  a_uCrlNumber 
)

Creates a new Certificate Revocation List.

Parameters
a_ppCRLA pointer to a variable to store a pointer to the created CRL.
a_uValidityTime from now in seconds until a new CRL will be created.
a_issuerThe issuer of the CRL.
a_uCrlNumberThe consecutive number of the CRL.
OpcUa_StatusCode UaBase_PkiCRL_Delete ( OpcUa_PkiCRL **  a_ppCRL)

Deletes a Certificate Revocation List and frees it's memory.

Parameters
a_ppCRLA pointer to a variable that points to a OpcUa_PkiCRL.
OpcUa_StatusCode UaBase_PkiCRL_FromDER ( OpcUa_ByteString a_bsDER,
OpcUa_PkiCRL **  a_ppCRL 
)

Get Certificate Revocation List from DER encoded ByteString.

Parameters
a_bsDERThe ByteString containing the DER encoded CRL.
a_ppCRLThe created CRL is stored here.
OpcUa_StatusCode UaBase_PkiCRL_Sign ( OpcUa_PkiCRL a_pCRL,
OpcUa_PkiRsaKeyPair  a_issuerKeyPair 
)

Signs a Certificate Revocation List.

Parameters
a_pCRLThe CRL to sign.
a_issuerKeyPairThe key pair used to sign the CRL.
OpcUa_StatusCode UaBase_PkiCRL_ToPEMFile ( OpcUa_PkiCRL a_pCRL,
OpcUa_StringA  a_sFile 
)

Writes the Certificate Revocation List to the given file.

Parameters
a_pCRLThe CRL to store.
a_sFileThe file to store the CRL in.
OpcUa_StatusCode UaBase_PkiRsaKeyPair_Create ( OpcUa_PkiRsaKeyPair **  a_ppKeyPair,
OpcUa_Int32  a_iBits 
)

Creates a new key pair.

Parameters
a_ppKeyPairA pointer to a variable to store a pointer to the created key pair.
a_iBitsRSA modulus (key size) which should be 1024, 2048 or 4096.
OpcUa_StatusCode UaBase_PkiRsaKeyPair_Delete ( OpcUa_PkiRsaKeyPair **  a_ppKeyPair)

Deletes a key pair and frees it's memory.

Parameters
a_ppKeyPairA pointer to a variable that points to a OpcUa_PkiRsaKeyPair.
OpcUa_StatusCode UaBase_PkiRsaKeyPair_ToPEMFile ( OpcUa_PkiRsaKeyPair a_pKeyPair,
const OpcUa_CharA *  a_sFile 
)

Writes the key pair to the given file.

Parameters
a_pKeyPairThe key pair to store.
a_sFileThe file to store the key pair in.