open62541pp/open62541/pki_8h_source.html

/** This Source Code Form is subject to the terms of the Mozilla Public

 * License, v. 2.0. If a copy of the MPL was not distributed with this

 * file, You can obtain one at http://mozilla.org/MPL/2.0/.

 *

 *    Copyright 2018 (c) Mark Giraud, Fraunhofer IOSB

 */


#ifndef UA_PLUGIN_PKI_H_

#define UA_PLUGIN_PKI_H_


#include <open62541/types.h>

#include <open62541/types_generated.h>

#include <open62541/plugin/log.h>


_UA_BEGIN_DECLS


struct UA_CertificateVerification;

typedef struct UA_CertificateVerification UA_CertificateVerification;


struct UA_CertificateVerification {

    void *context;


    /* Verify the certificate against the configured policies and trust chain. */

    UA_StatusCode (*verifyCertificate)(const UA_CertificateVerification *cv,

                                       const UA_ByteString *certificate);


    /* Verify that the certificate has the applicationURI in the subject name. */

    UA_StatusCode (*verifyApplicationURI)(const UA_CertificateVerification *cv,

                                          const UA_ByteString *certificate,

                                          const UA_String *applicationURI);


    /* Get the expire date from certificate */

    UA_StatusCode (*getExpirationDate)(UA_DateTime *expiryDateTime,

                                       UA_ByteString *certificate);


    UA_StatusCode (*getSubjectName)(UA_String *subjectName,

                                    UA_ByteString *certificate);


    /* Delete the certificate verification context */

    void (*clear)(UA_CertificateVerification *cv);


    /* Pointer to logging pointer in the server/client configuration. If the

     * logging pointer is changed outside of the plugin, the new logger is used

     * automatically*/

    const UA_Logger *logging;

};


/** Decrypt a private key in PEM format using a password. The output is the key

 * in the binary DER format. Also succeeds if the PEM private key does not

 * require a password or is already in the DER format. The outDerKey memory is

 * allocated internally.

 *

 * Returns UA_STATUSCODE_BADSECURITYCHECKSFAILED if the password is wrong. */

UA_EXPORT UA_StatusCode

UA_PKI_decryptPrivateKey(const UA_ByteString privateKey,

                         const UA_ByteString password,

                         UA_ByteString *outDerKey);


_UA_END_DECLS


#endif /* UA_PLUGIN_PKI_H_ */

_UA_BEGIN_DECLS
#define _UA_BEGIN_DECLS
#undef UA_DEBUG_DUMP_PKGS
Definition config.h:100

_UA_END_DECLS
#define _UA_END_DECLS
Definition config.h:107

log.h

UA_PKI_decryptPrivateKey
UA_EXPORT UA_StatusCode UA_PKI_decryptPrivateKey(const UA_ByteString privateKey, const UA_ByteString password, UA_ByteString *outDerKey)
Decrypt a private key in PEM format using a password.

UA_CertificateVerification
Definition pki.h:22

UA_CertificateVerification::getSubjectName
UA_StatusCode(* getSubjectName)(UA_String *subjectName, UA_ByteString *certificate)
Definition pki.h:38

UA_CertificateVerification::verifyApplicationURI
UA_StatusCode(* verifyApplicationURI)(const UA_CertificateVerification *cv, const UA_ByteString *certificate, const UA_String *applicationURI)
Definition pki.h:30

UA_CertificateVerification::context
void * context
Definition pki.h:23

UA_CertificateVerification::getExpirationDate
UA_StatusCode(* getExpirationDate)(UA_DateTime *expiryDateTime, UA_ByteString *certificate)
Definition pki.h:35

UA_CertificateVerification::logging
const UA_Logger * logging
Definition pki.h:47

UA_CertificateVerification::clear
void(* clear)(UA_CertificateVerification *cv)
Definition pki.h:42

UA_CertificateVerification::verifyCertificate
UA_StatusCode(* verifyCertificate)(const UA_CertificateVerification *cv, const UA_ByteString *certificate)
Definition pki.h:26

UA_Logger
Definition log.h:44

UA_String
Definition types.h:119

types.h

UA_StatusCode
uint32_t UA_StatusCode
Definition types.h:82

types_generated.h