📄 tc.h
字号:
int tc_validate_one_cert(TC_CERT *cert,
int flags,
TC_CONTEXT *ctx);
/* import DER certificate into context */
int tc_import_cert (unsigned char *, /* DER encoded cert */
size_t, /* length of cert */
TC_CONTEXT *);
/* import Certificate struct into context */
int tc_add_cert (TC_CERT *cert,
TC_CONTEXT *ctx);
int tc_delete_cert (TC_Name *issuer,
TC_SerialNumber *serial,
TC_CONTEXT *ctx);
int tc_find_cert (TC_CERT **cert,
TC_Name *issuer,
TC_CONTEXT *ctx);
int tc_find_issuer(TC_CERT **issuer,
TC_CERT *cert,
TC_CONTEXT *ctx);
/*
-----
certificate requests
-----
*/
int tc_create_attrlist(TC_Attributes **list,
TC_CONTEXT *ctx);
int tc_add_attribute(TC_Attributes *list,
unsigned char *oid,
size_t oidLen,
unsigned char *attrDER,
size_t attrLen,
TC_CONTEXT *ctx);
int tc_set_signing_time(TC_Attributes *list,
TC_CONTEXT *ctx);
int tc_find_attribute(unsigned char **attrDER,
size_t *attrLen,
TC_CertificationRequest *cert,
unsigned char *oid,
size_t oidLen,
TC_CONTEXT *ctx);
void tc_free_attrlist(TC_Attributes *list,
TC_CONTEXT *ctx);
int tc_read_request(TC_CertificationRequest **request,
const char *fname,
TC_CONTEXT *ctx);
int tc_write_request(TC_CertificationRequest *request,
const char *fname,
TC_CONTEXT *ctx);
int tc_unpack_request (TC_CertificationRequest **request,
unsigned char *, /* DER encoded certrequest */
size_t,
TC_CONTEXT *ctx);
int tc_pack_request (unsigned char **ptr,
size_t *ptrlen,
TC_CertificationRequest *cert,
TC_CONTEXT *ctx);
int tc_create_request (TC_CertificationRequest **cert,
int version,
const unsigned char *sigoid,
size_t sigoidlen,
const unsigned char *sigparm,
size_t sigparmlen,
TC_Name *subject,
const unsigned char *keyoid,
size_t keyoidlen,
const unsigned char *pubkey,
size_t pubkeylen,
const unsigned char *keyparm,
size_t keyparmlen,
TC_Attributes *list,
TC_CONTEXT *ctx) ;
void tc_free_request(TC_CertificationRequest *,
TC_CONTEXT *ctx);
int tc_validate_request (TC_CertificationRequest *, /* certification request */
TC_CONTEXT *ctx);
/*
-----
certificate revocation lists
-----
*/
int tc_unpack_crl (TC_CertificateList **crl,
unsigned char *data,
size_t dataLen,
TC_CONTEXT *ctx);
int tc_pack_crl(unsigned char **ptr,
size_t *ptrlen,
TC_CertificateList *crl,
TC_CONTEXT *ctx);
int tc_read_crl(TC_CertificateList **crl,
const char *fname,
TC_CONTEXT *ctx);
int tc_write_crl(TC_CertificateList *crl,
const char *fname,
TC_CONTEXT *ctx);
int tc_create_crl (TC_CertificateList **crl,
const unsigned char *alg, /* alg to sign crl */
size_t algLen, /* len of `alg' */
const unsigned char *algParm,
size_t algParmLen,
TC_Name *issuer, /* crl issuer */
time_t nextUpdate, /* next crl update expected */
TC_ExtensionList *extensions, /* CRL ext's */
TC_CONTEXT *ctx);
void tc_free_crl(TC_CertificateList *crl, TC_CONTEXT *);
int tc_sign_crl (TC_CertificateList *crl,
TC_CONTEXT *ctx);
int tc_add_to_crl (TC_CertificateList *crl,
unsigned char *serial,
size_t serialLen,
time_t revocationDate,
TC_ExtensionList *entryExts, /* CRL entry exts */
TC_CONTEXT *ctx);
int tc_import_crl (unsigned char *crlData,
size_t crlDataLen,
TC_CONTEXT *ctx,
int flags);
int tc_add_crl (TC_CertificateList *crl,
TC_CONTEXT *ctx,
int flags);
int tc_delete_crl(TC_Name *issuer,
TC_CONTEXT *ctx);
int tc_reset_crl_times(
TC_CertificateList *crl,
int nextUpdateDays,
TC_CONTEXT *ctx);
/*
-----
Dnames
-----
*/
int tc_create_dname(TC_Name **dname, TC_CONTEXT *ctx);
int tc_free_dname(TC_Name *dname, TC_CONTEXT *ctx);
int tc_addAVAto_dname(
TC_Name *dname,
unsigned char *oid,
size_t oidlen,
unsigned char *der,
size_t derlen,
TC_CONTEXT *ctx);
int tc_make_dname_fromstring (
TC_Name *dname,
const char *name,
TC_CONTEXT *context);
int tc_get_dname(
TC_Name **dname,
void *cert,
int type,
TC_CONTEXT *context);
int tc_extractdname_fromcert (
char **name,
void *cert,
int whichName,
TC_CONTEXT *context);
int tc_extract_dname_string (
char **stringname,
TC_Name *dname,
TC_CONTEXT *context);
int tc_compare_dname (TC_Name *, TC_Name *, TC_CONTEXT *);
int tc_is_self_signed(TC_CERT *cert, TC_CONTEXT *);
int tc_get_attributeValue(
char **value,
TC_Name *dname,
char *attributeType,
TC_CONTEXT *context);
/*
-----
PKIX compliance checks
-----
*/
enum TC_CertType_ {
TC_RootCertAuthority,
TC_CertificateAuthority,
TC_EndEntity
};
typedef enum TC_CertType_ TC_CertType;
int tc_CertCheckPKIXCompliance(
const TC_CERT *cert,
TC_CertType certType,
int **errorList,
int *numErrors,
TC_CONTEXT *ctx);
enum TC_CRLType_ {
TC_FullCRL,
TC_DeltaCRL
};
typedef enum TC_CRLType_ TC_CRLType;
int tc_CRLCheckPKIXCompliance(
const TC_CertificateList *crl,
TC_CRLType crlType,
TC_CONTEXT *ctx);
/*
-----
utilities
-----
*/
int tc_read_block(unsigned char **buf,
size_t *buflen,
const char *fname,
TC_CONTEXT *context);
int tc_write_block(const unsigned char *p,
const size_t plen,
const char *fname,
TC_CONTEXT *);
int tc_encode_base64 (unsigned char **out,
size_t *outlen,
const unsigned char *in,
size_t inlen,
TC_CONTEXT *ctx);
int tc_decode_base64 (unsigned char **out,
size_t *outlen,
const unsigned char *in,
TC_CONTEXT *ctx);
int tc_create_oid (unsigned char **p,
size_t *plen,
const char *oid,
TC_CONTEXT *ctx);
int tc_get_sigalgorithm(unsigned char **alg,
size_t *len,
TC_CERT *cert,
TC_CONTEXT *ctx);
int tc_get_serial(unsigned char **serial,
size_t *len,
TC_CERT *cert,
TC_CONTEXT *ctx);
int tc_get_key(unsigned char **key,
size_t *len,
int *nuub,
TC_CERT *cert,
TC_CONTEXT *ctx);
int tc_get_signature(unsigned char **sig,
size_t *len,
int *nuub,
TC_CERT *cert,
TC_CONTEXT *ctx);
int tc_get_version(int *version,
TC_CERT *cert,
TC_CONTEXT *ctx);
int tc_get_params(unsigned char **params,
size_t *len,
TC_CERT *cert,
TC_CONTEXT *ctx);
time_t tc_get_choiceoftime (TC_Time *,
TC_CONTEXT *);
int tc_encode_utctime (TC_UTCTime **, time_t, TC_CONTEXT *ctx);
int tc_EncodeGeneralizedTime(
TC_GeneralizedTime **gtTime,
time_t t,
TC_CONTEXT *ctx);
/************************************
* Globals Constants
************************************/
#define TC_ASN_BOOLEAN PKIID_BOOLEAN
#define TC_ASN_INTEGER PKIID_INTEGER
#define TC_ASN_BIT_STRING PKIID_BIT_STRING
#define TC_ASN_OCTET_STRING PKIID_OCTET_STRING
#define TC_ASN_NULL PKIID_NULL
#define TC_ASN_OBJECT_ID PKIID_OBJECT_ID
#define TC_ASN_SEQUENCE PKIID_SEQUENCE
#define TC_ASN_SEQUENCE_OF PKIID_SEQUENCE_OF
#define TC_ASN_SET PKIID_SET
#define TC_ASN_SET_OF PKIID_SET_OF
#define TC_ASN_NumericString PKIID_NumericString
#define TC_ASN_PrintableString PKIID_PrintableString
#define TC_ASN_T61String PKIID_T61String
#define TC_ASN_TeletexString PKIID_TeletexString
#define TC_ASN_VideotexString PKIID_VideotexString
#define TC_ASN_IA5String PKIID_IA5String
#define TC_ASN_UTCTime PKIID_UTCTime
#define TC_ASN_GeneralizedTime PKIID_GeneralizedTime
#define TC_ASN_GraphicString PKIID_GraphicString
#define TC_ASN_VisibleString PKIID_VisibleString
#define TC_ASN_ISO646String PKIID_ISO646String
#define TC_ASN_GeneralString PKIID_GeneralString
#define TC_ASN_CHOICE PKIID_CHOICE
extern const char *TC_errlist[]; /* library error messages */
/** renaming of compiler gen'd OID values */
/* RSA */
#define TC_ALG_RSA PKIrsaEncryption_OID
#define TC_ALG_RSA_MD2 PKImd2WithRSAEncryption_OID
#define TC_ALG_RSA_MD5 PKImd5WithRSAEncryption_OID
#define TC_ALG_RSA_SHA1 PKIsha1WithRSAEncryption_OID
#define TC_ALG_RSA_LEN PKIrsaEncryption_OID_LEN
#define TC_ALG_RSA_MD2_LEN PKImd2WithRSAEncryption_OID_LEN
#define TC_ALG_RSA_MD5_LEN PKImd5WithRSAEncryption_OID_LEN
#define TC_ALG_RSA_SHA1_LEN PKIsha1WithRSAEncryption_OID_LEN
/* DSA */
#define TC_ALG_DSA PKIid_dsa_OID
#define TC_ALG_DSA_SHA1 PKIid_dsa_with_sha1_OID
#define TC_ALG_DSA_LEN PKIid_dsa_OID_LEN
#define TC_ALG_DSA_SHA1_LEN PKIid_dsa_with_sha1_OID_LEN
/* should only used for testing with BSAFE 3.0 */
extern const unsigned char TC_ALG_RSA_DSA[];
extern const unsigned char TC_ALG_RSA_DSA_SHA1[];
#define TC_ALG_RSA_DSA_LEN 5
#define TC_ALG_RSA_DSA_SHA1_LEN 5
#endif /* _tc_h_ */
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -