UA Server SDK C++ Bundle
1.3.3.206
|
Class for handling X509 certificates. More...
#include <uapkicertificate.h>
Public Types | |
enum | Validity { ValidityGood = 0, ErrorRejected, ErrorUntrusted, ErrorSignatureFailed, ErrorInvalidCA, ErrorInvalidPurpose, ErrorSelfSigned, ErrorRevoked, ErrorPathLengthExceeded, ErrorExpired, ErrorExpiredCA, ErrorValidityUnknown } |
Validity Enumeration. More... | |
Public Member Functions | |
UaPkiCertificate () | |
construction | |
UaPkiCertificate (const UaPkiCertificateInfo &info, const UaPkiIdentity &subject, const UaPkiPublicKey &subjectPublicKey, const UaPkiIdentity &issuer, const UaPkiPrivateKey &issuerPrivateKey) | |
Creates a new certificate. More... | |
UaPkiCertificate (const UaPkiCertificate ©) | |
construction | |
~UaPkiCertificate () | |
destruction | |
UaPkiCertificate | operator= (const UaPkiCertificate ©) |
Assigns another UaPkiCertificate to the current instance. More... | |
UaPkiPublicKey | publicKey () const |
Returns the public key of the certificate. More... | |
UaString | commonName () const |
Returns the certificates commonName field. More... | |
UaPkiIdentity | subject () const |
Returns the certificate identity. More... | |
UaPkiIdentity | issuer () const |
Returns the certificate issuer identity. More... | |
UaPkiCertificateInfo | info () const |
Returns information from X509v3 Extension subjectAltName. More... | |
UaDateTime | validFrom () const |
Returns the start date from the certificates valid time period. More... | |
UaDateTime | validTo () const |
Returns the end date from the certificates valid time period. More... | |
UaString | serialNumber () const |
Returns the certificates serial number. More... | |
int | signatureTypeNID () const |
ToDoDoc. More... | |
UaString | signatureTypeString () const |
ToDoDoc. More... | |
bool | isValid () const |
Returns true if the the certificate is still valid and not expired. More... | |
UaByteArray | toDER () const |
Encodes the certificate into a DER format. More... | |
int | toDERFile (const char *szFile) const |
Stores the certificate into DER encoded file. More... | |
int | toDERFile (const UaString &sFile) const |
Stores the certificate into DER encoded file. More... | |
UaByteArray | thumbPrint () const |
Creates the SHA1 thumb print of the certificate. More... | |
Validity | validate (const UaPkiCertificateCollection &trusted, const UaPkiCertificateCollection &untrusted) const |
Validates the certificate against a list of trusted certificates. More... | |
Static Public Member Functions | |
static UaByteArray | thumbPrint (const UaByteArray &DERData) |
Creates the SHA1 thumb print of the DER encoded certificate data. More... | |
static UaPkiCertificate | fromDER (const UaByteArray &DERdata) |
Loads a certificate from a DER encoded byte array. More... | |
static UaPkiCertificate | fromDERFile (const char *szFile) |
Loads a certificate from a DER encoded file. More... | |
static UaPkiCertificate | fromDERFile (const UaString &sFile) |
Loads a certificate from a DER encoded file. More... | |
Class for handling X509 certificates.
This class encapsulates OpenSSL X509 functionality and simplifies the certificate handling.
The following sample code demonstrates how to create a self signed certificate.
The following sample code demonstrates how to store a certificate as file e.g. in the application trust list.
Validity Enumeration.
UaPkiCertificate::UaPkiCertificate | ( | const UaPkiCertificateInfo & | info, |
const UaPkiIdentity & | subject, | ||
const UaPkiPublicKey & | subjectPublicKey, | ||
const UaPkiIdentity & | issuer, | ||
const UaPkiPrivateKey & | issuerPrivateKey | ||
) |
Creates a new certificate.
[in] | info | UA Application information. |
[in] | subject | The identity of the certificate owner. |
[in] | subjectPublicKey | The public key of the certificate. |
[in] | issuer | The identity of the certificate issuer. If subject == issuer a self signed certificate is created. |
[in] | issuerPrivateKey | The private key of the certificate issuer. This is needed to sign the certificate. |
UaString UaPkiCertificate::commonName | ( | ) | const |
Returns the certificates commonName field.
This functions is provided for convenience and returns the same as UaPkiCertificate::subject().commonName.
|
static |
Loads a certificate from a DER encoded byte array.
[in] | DERdata | The DER data typically received from the OPC UA protocol. |
|
static |
Loads a certificate from a DER encoded file.
[in] | szFile | The file name (local 8 bit encoding). |
|
static |
Loads a certificate from a DER encoded file.
[in] | sFile | The file name (UTF8 encoding). |
UaPkiCertificateInfo UaPkiCertificate::info | ( | ) | const |
Returns information from X509v3 Extension subjectAltName.
This function does not fill UaPkiCertificateInfo::validTime, use validFrom() and validTo() functions instead.
UaPkiIdentity UaPkiCertificate::issuer | ( | ) | const |
Returns the certificate issuer identity.
bool UaPkiCertificate::isValid | ( | ) | const |
Returns true if the the certificate is still valid and not expired.
UaPkiCertificate UaPkiCertificate::operator= | ( | const UaPkiCertificate & | copy | ) |
Assigns another UaPkiCertificate to the current instance.
copy | An existing UaPkiCertificate structure. |
UaPkiPublicKey UaPkiCertificate::publicKey | ( | ) | const |
Returns the public key of the certificate.
UaString UaPkiCertificate::serialNumber | ( | ) | const |
Returns the certificates serial number.
int UaPkiCertificate::signatureTypeNID | ( | ) | const |
ToDoDoc.
UaString UaPkiCertificate::signatureTypeString | ( | ) | const |
ToDoDoc.
UaPkiIdentity UaPkiCertificate::subject | ( | ) | const |
Returns the certificate identity.
UaByteArray UaPkiCertificate::thumbPrint | ( | ) | const |
Creates the SHA1 thumb print of the certificate.
|
static |
Creates the SHA1 thumb print of the DER encoded certificate data.
This method is provided for convenience but behaves like the function above. This avoid the temporary creation of an UaPkiCertificate instance if you have already DER encoded data.
[in] | DERData | The DER encoded certificate. |
UaByteArray UaPkiCertificate::toDER | ( | ) | const |
Encodes the certificate into a DER format.
This is used to send a certificate over OPC UA.
int UaPkiCertificate::toDERFile | ( | const char * | szFile | ) | const |
Stores the certificate into DER encoded file.
This is used for certificate management.
[in] | szFile | The file name of the DER encoded file to create (local 8 bit encoding). |
int UaPkiCertificate::toDERFile | ( | const UaString & | sFile | ) | const |
Stores the certificate into DER encoded file.
This is used for certificate management.
[in] | sFile | The file name of the DER encoded file to create (UTF8 encoding). |
UaPkiCertificate::Validity UaPkiCertificate::validate | ( | const UaPkiCertificateCollection & | trusted, |
const UaPkiCertificateCollection & | untrusted | ||
) | const |
Validates the certificate against a list of trusted certificates.
[in] | trusted | A list of certificates that are trusted. |
[in] | untrusted | A list of certificates that may be used to build the trust chain for validation. |
UaDateTime UaPkiCertificate::validFrom | ( | ) | const |
Returns the start date from the certificates valid time period.
UaDateTime UaPkiCertificate::validTo | ( | ) | const |
Returns the end date from the certificates valid time period.