xref: /freebsd/crypto/heimdal/doc/doxyout/hx509/html/group__hx509__ca.html (revision 2e3507c25e42292b45a5482e116d278f5515d04d)
1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2<html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
3<title>Heimdalx509library: hx509 CA functions</title>
4<link href="doxygen.css" rel="stylesheet" type="text/css">
5<link href="tabs.css" rel="stylesheet" type="text/css">
6</head><body>
7<p>
8<a href="http://www.h5l.org/"><img src="http://www.h5l.org/keyhole-heimdal.png" alt="keyhole logo"/></a>
9</p>
10<!-- end of header marker -->
11<!-- Generated by Doxygen 1.5.6 -->
12<div class="navigation" id="top">
13  <div class="tabs">
14    <ul>
15      <li><a href="index.html"><span>Main&nbsp;Page</span></a></li>
16      <li><a href="pages.html"><span>Related&nbsp;Pages</span></a></li>
17      <li><a href="modules.html"><span>Modules</span></a></li>
18    </ul>
19  </div>
20</div>
21<div class="contents">
22<h1>hx509 CA functions</h1><table border="0" cellpadding="0" cellspacing="0">
23<tr><td></td></tr>
24<tr><td colspan="2"><br><h2>Functions</h2></td></tr>
25<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g627b48e10d0b3576aec5823d6098ea3a">hx509_ca_tbs_init</a> (hx509_context context, hx509_ca_tbs *tbs)</td></tr>
26
27<tr><td class="memItemLeft" nowrap align="right" valign="top">void&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g89eef97566653fbbe6ab32b59ea99299">hx509_ca_tbs_free</a> (hx509_ca_tbs *tbs)</td></tr>
28
29<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g6a124401ceb514cf16cf8e3721234d03">hx509_ca_tbs_set_notBefore</a> (hx509_context context, hx509_ca_tbs tbs, time_t t)</td></tr>
30
31<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#gc64ad4daabe3c912be50c2a32af4fe05">hx509_ca_tbs_set_notAfter</a> (hx509_context context, hx509_ca_tbs tbs, time_t t)</td></tr>
32
33<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g587184eedd56450858eb74cae842f084">hx509_ca_tbs_set_notAfter_lifetime</a> (hx509_context context, hx509_ca_tbs tbs, time_t delta)</td></tr>
34
35<tr><td class="memItemLeft" nowrap align="right" valign="top">struct units *&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g2809ea576f40642337c8bf49071723b0">hx509_ca_tbs_template_units</a> (void)</td></tr>
36
37<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g2d7c245443a81540ff993e7cc6f51ebb">hx509_ca_tbs_set_template</a> (hx509_context context, hx509_ca_tbs tbs, int flags, hx509_cert cert)</td></tr>
38
39<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g3e105ce23d67234c3b5d35a0752449cf">hx509_ca_tbs_set_ca</a> (hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)</td></tr>
40
41<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g215241c575ae3296e137f155a0a4dd6e">hx509_ca_tbs_set_proxy</a> (hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)</td></tr>
42
43<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#ge41a6e44a39c95e6c29376985f0b39b0">hx509_ca_tbs_set_domaincontroller</a> (hx509_context context, hx509_ca_tbs tbs)</td></tr>
44
45<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#ge12bfa65cf1112bf3181a5499e8f7ba6">hx509_ca_tbs_set_spki</a> (hx509_context context, hx509_ca_tbs tbs, const SubjectPublicKeyInfo *spki)</td></tr>
46
47<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g3f611617f0001575b723a4a9c0d9b3ca">hx509_ca_tbs_set_serialnumber</a> (hx509_context context, hx509_ca_tbs tbs, const heim_integer *serialNumber)</td></tr>
48
49<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g4d26e70019741e516dc92158914cd414">hx509_ca_tbs_add_eku</a> (hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid)</td></tr>
50
51<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g8c5b557c63342686630b62239396b96a">hx509_ca_tbs_add_crl_dp_uri</a> (hx509_context context, hx509_ca_tbs tbs, const char *uri, hx509_name issuername)</td></tr>
52
53<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g8e938c9e9b1fea29e5bf77a2824891e2">hx509_ca_tbs_add_san_otherName</a> (hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid, const heim_octet_string *os)</td></tr>
54
55<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#gede019208dbf7ad49cd077951887c4c3">hx509_ca_tbs_add_san_pkinit</a> (hx509_context context, hx509_ca_tbs tbs, const char *principal)</td></tr>
56
57<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#gbc4f3398499094a859fbceb769ba5051">hx509_ca_tbs_add_san_ms_upn</a> (hx509_context context, hx509_ca_tbs tbs, const char *principal)</td></tr>
58
59<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g6286a0d6f375949301d62215184e7275">hx509_ca_tbs_add_san_jid</a> (hx509_context context, hx509_ca_tbs tbs, const char *jid)</td></tr>
60
61<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g3f4c23c964ef2331b45f80fb5355ede7">hx509_ca_tbs_add_san_hostname</a> (hx509_context context, hx509_ca_tbs tbs, const char *dnsname)</td></tr>
62
63<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#gf621ee0bac71f4ee09881812f4c4d196">hx509_ca_tbs_add_san_rfc822name</a> (hx509_context context, hx509_ca_tbs tbs, const char *rfc822Name)</td></tr>
64
65<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g9e8cf374812308654e3d7270afb59da1">hx509_ca_tbs_set_subject</a> (hx509_context context, hx509_ca_tbs tbs, hx509_name subject)</td></tr>
66
67<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#ge22ea3d0201845dbc73f4b21502face6">hx509_ca_tbs_set_unique</a> (hx509_context context, hx509_ca_tbs tbs, const heim_bit_string *subjectUniqueID, const heim_bit_string *issuerUniqueID)</td></tr>
68
69<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g36432d6249ee668196a692c7286d09ce">hx509_ca_tbs_subject_expand</a> (hx509_context context, hx509_ca_tbs tbs, hx509_env env)</td></tr>
70
71<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g3f0ff00b9c54018e346eed759b25ae16">hx509_ca_sign</a> (hx509_context context, hx509_ca_tbs tbs, hx509_cert signer, hx509_cert *certificate)</td></tr>
72
73<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g310b010421b8a7c169566ef74ce319fb">hx509_ca_sign_self</a> (hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, hx509_cert *certificate)</td></tr>
74
75</table>
76<hr><a name="_details"></a><h2>Detailed Description</h2>
77See the <a class="el" href="page_ca.html">Hx509 CA functions</a> for description and examples. <hr><h2>Function Documentation</h2>
78<a class="anchor" name="g3f0ff00b9c54018e346eed759b25ae16"></a><!-- doxytag: member="ca.c::hx509_ca_sign" ref="g3f0ff00b9c54018e346eed759b25ae16" args="(hx509_context context, hx509_ca_tbs tbs, hx509_cert signer, hx509_cert *certificate)" -->
79<div class="memitem">
80<div class="memproto">
81      <table class="memname">
82        <tr>
83          <td class="memname">int hx509_ca_sign           </td>
84          <td>(</td>
85          <td class="paramtype">hx509_context&nbsp;</td>
86          <td class="paramname"> <em>context</em>, </td>
87        </tr>
88        <tr>
89          <td class="paramkey"></td>
90          <td></td>
91          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
92          <td class="paramname"> <em>tbs</em>, </td>
93        </tr>
94        <tr>
95          <td class="paramkey"></td>
96          <td></td>
97          <td class="paramtype">hx509_cert&nbsp;</td>
98          <td class="paramname"> <em>signer</em>, </td>
99        </tr>
100        <tr>
101          <td class="paramkey"></td>
102          <td></td>
103          <td class="paramtype">hx509_cert *&nbsp;</td>
104          <td class="paramname"> <em>certificate</em></td><td>&nbsp;</td>
105        </tr>
106        <tr>
107          <td></td>
108          <td>)</td>
109          <td></td><td></td><td></td>
110        </tr>
111      </table>
112</div>
113<div class="memdoc">
114
115<p>
116Sign a to-be-signed certificate object with a issuer certificate.<p>
117The caller needs to at least have called the following functions on the to-be-signed certificate object:<ul>
118<li><a class="el" href="group__hx509__ca.html#g627b48e10d0b3576aec5823d6098ea3a">hx509_ca_tbs_init()</a></li><li><a class="el" href="group__hx509__ca.html#g9e8cf374812308654e3d7270afb59da1">hx509_ca_tbs_set_subject()</a></li><li><a class="el" href="group__hx509__ca.html#ge12bfa65cf1112bf3181a5499e8f7ba6">hx509_ca_tbs_set_spki()</a></li></ul>
119<p>
120When done the to-be-signed certificate object should be freed with <a class="el" href="group__hx509__ca.html#g89eef97566653fbbe6ab32b59ea99299">hx509_ca_tbs_free()</a>.<p>
121When creating self-signed certificate use <a class="el" href="group__hx509__ca.html#g310b010421b8a7c169566ef74ce319fb">hx509_ca_sign_self()</a> instead.<p>
122<dl compact><dt><b>Parameters:</b></dt><dd>
123  <table border="0" cellspacing="2" cellpadding="0">
124    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
125    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
126    <tr><td valign="top"></td><td valign="top"><em>signer</em>&nbsp;</td><td>the CA certificate object to sign with (need private key). </td></tr>
127    <tr><td valign="top"></td><td valign="top"><em>certificate</em>&nbsp;</td><td>return cerificate, free with <a class="el" href="group__hx509__cert.html#gd2f9bb0ddc4babb26a8ccd983db8c948">hx509_cert_free()</a>.</td></tr>
128  </table>
129</dl>
130<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
131
132</div>
133</div><p>
134<a class="anchor" name="g310b010421b8a7c169566ef74ce319fb"></a><!-- doxytag: member="ca.c::hx509_ca_sign_self" ref="g310b010421b8a7c169566ef74ce319fb" args="(hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, hx509_cert *certificate)" -->
135<div class="memitem">
136<div class="memproto">
137      <table class="memname">
138        <tr>
139          <td class="memname">int hx509_ca_sign_self           </td>
140          <td>(</td>
141          <td class="paramtype">hx509_context&nbsp;</td>
142          <td class="paramname"> <em>context</em>, </td>
143        </tr>
144        <tr>
145          <td class="paramkey"></td>
146          <td></td>
147          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
148          <td class="paramname"> <em>tbs</em>, </td>
149        </tr>
150        <tr>
151          <td class="paramkey"></td>
152          <td></td>
153          <td class="paramtype">hx509_private_key&nbsp;</td>
154          <td class="paramname"> <em>signer</em>, </td>
155        </tr>
156        <tr>
157          <td class="paramkey"></td>
158          <td></td>
159          <td class="paramtype">hx509_cert *&nbsp;</td>
160          <td class="paramname"> <em>certificate</em></td><td>&nbsp;</td>
161        </tr>
162        <tr>
163          <td></td>
164          <td>)</td>
165          <td></td><td></td><td></td>
166        </tr>
167      </table>
168</div>
169<div class="memdoc">
170
171<p>
172Work just like <a class="el" href="group__hx509__ca.html#g3f0ff00b9c54018e346eed759b25ae16">hx509_ca_sign()</a> but signs it-self.<p>
173<dl compact><dt><b>Parameters:</b></dt><dd>
174  <table border="0" cellspacing="2" cellpadding="0">
175    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
176    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
177    <tr><td valign="top"></td><td valign="top"><em>signer</em>&nbsp;</td><td>private key to sign with. </td></tr>
178    <tr><td valign="top"></td><td valign="top"><em>certificate</em>&nbsp;</td><td>return cerificate, free with <a class="el" href="group__hx509__cert.html#gd2f9bb0ddc4babb26a8ccd983db8c948">hx509_cert_free()</a>.</td></tr>
179  </table>
180</dl>
181<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
182
183</div>
184</div><p>
185<a class="anchor" name="g8c5b557c63342686630b62239396b96a"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_crl_dp_uri" ref="g8c5b557c63342686630b62239396b96a" args="(hx509_context context, hx509_ca_tbs tbs, const char *uri, hx509_name issuername)" -->
186<div class="memitem">
187<div class="memproto">
188      <table class="memname">
189        <tr>
190          <td class="memname">int hx509_ca_tbs_add_crl_dp_uri           </td>
191          <td>(</td>
192          <td class="paramtype">hx509_context&nbsp;</td>
193          <td class="paramname"> <em>context</em>, </td>
194        </tr>
195        <tr>
196          <td class="paramkey"></td>
197          <td></td>
198          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
199          <td class="paramname"> <em>tbs</em>, </td>
200        </tr>
201        <tr>
202          <td class="paramkey"></td>
203          <td></td>
204          <td class="paramtype">const char *&nbsp;</td>
205          <td class="paramname"> <em>uri</em>, </td>
206        </tr>
207        <tr>
208          <td class="paramkey"></td>
209          <td></td>
210          <td class="paramtype">hx509_name&nbsp;</td>
211          <td class="paramname"> <em>issuername</em></td><td>&nbsp;</td>
212        </tr>
213        <tr>
214          <td></td>
215          <td>)</td>
216          <td></td><td></td><td></td>
217        </tr>
218      </table>
219</div>
220<div class="memdoc">
221
222<p>
223Add CRL distribution point URI to the to-be-signed certificate object.<p>
224<dl compact><dt><b>Parameters:</b></dt><dd>
225  <table border="0" cellspacing="2" cellpadding="0">
226    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
227    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
228    <tr><td valign="top"></td><td valign="top"><em>uri</em>&nbsp;</td><td>uri to the CRL. </td></tr>
229    <tr><td valign="top"></td><td valign="top"><em>issuername</em>&nbsp;</td><td>name of the issuer.</td></tr>
230  </table>
231</dl>
232<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
233
234<p>
235issuername not supported
236</div>
237</div><p>
238<a class="anchor" name="g4d26e70019741e516dc92158914cd414"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_eku" ref="g4d26e70019741e516dc92158914cd414" args="(hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid)" -->
239<div class="memitem">
240<div class="memproto">
241      <table class="memname">
242        <tr>
243          <td class="memname">int hx509_ca_tbs_add_eku           </td>
244          <td>(</td>
245          <td class="paramtype">hx509_context&nbsp;</td>
246          <td class="paramname"> <em>context</em>, </td>
247        </tr>
248        <tr>
249          <td class="paramkey"></td>
250          <td></td>
251          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
252          <td class="paramname"> <em>tbs</em>, </td>
253        </tr>
254        <tr>
255          <td class="paramkey"></td>
256          <td></td>
257          <td class="paramtype">const heim_oid *&nbsp;</td>
258          <td class="paramname"> <em>oid</em></td><td>&nbsp;</td>
259        </tr>
260        <tr>
261          <td></td>
262          <td>)</td>
263          <td></td><td></td><td></td>
264        </tr>
265      </table>
266</div>
267<div class="memdoc">
268
269<p>
270An an extended key usage to the to-be-signed certificate object. Duplicates will detected and not added.<p>
271<dl compact><dt><b>Parameters:</b></dt><dd>
272  <table border="0" cellspacing="2" cellpadding="0">
273    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
274    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
275    <tr><td valign="top"></td><td valign="top"><em>oid</em>&nbsp;</td><td>extended key usage to add.</td></tr>
276  </table>
277</dl>
278<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
279
280</div>
281</div><p>
282<a class="anchor" name="g3f4c23c964ef2331b45f80fb5355ede7"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_hostname" ref="g3f4c23c964ef2331b45f80fb5355ede7" args="(hx509_context context, hx509_ca_tbs tbs, const char *dnsname)" -->
283<div class="memitem">
284<div class="memproto">
285      <table class="memname">
286        <tr>
287          <td class="memname">int hx509_ca_tbs_add_san_hostname           </td>
288          <td>(</td>
289          <td class="paramtype">hx509_context&nbsp;</td>
290          <td class="paramname"> <em>context</em>, </td>
291        </tr>
292        <tr>
293          <td class="paramkey"></td>
294          <td></td>
295          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
296          <td class="paramname"> <em>tbs</em>, </td>
297        </tr>
298        <tr>
299          <td class="paramkey"></td>
300          <td></td>
301          <td class="paramtype">const char *&nbsp;</td>
302          <td class="paramname"> <em>dnsname</em></td><td>&nbsp;</td>
303        </tr>
304        <tr>
305          <td></td>
306          <td>)</td>
307          <td></td><td></td><td></td>
308        </tr>
309      </table>
310</div>
311<div class="memdoc">
312
313<p>
314Add a Subject Alternative Name hostname to to-be-signed certificate object. A domain match starts with ., an exact match does not.<p>
315Example of a an domain match: .domain.se matches the hostname host.domain.se.<p>
316<dl compact><dt><b>Parameters:</b></dt><dd>
317  <table border="0" cellspacing="2" cellpadding="0">
318    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
319    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
320    <tr><td valign="top"></td><td valign="top"><em>dnsname</em>&nbsp;</td><td>a hostame.</td></tr>
321  </table>
322</dl>
323<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
324
325</div>
326</div><p>
327<a class="anchor" name="g6286a0d6f375949301d62215184e7275"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_jid" ref="g6286a0d6f375949301d62215184e7275" args="(hx509_context context, hx509_ca_tbs tbs, const char *jid)" -->
328<div class="memitem">
329<div class="memproto">
330      <table class="memname">
331        <tr>
332          <td class="memname">int hx509_ca_tbs_add_san_jid           </td>
333          <td>(</td>
334          <td class="paramtype">hx509_context&nbsp;</td>
335          <td class="paramname"> <em>context</em>, </td>
336        </tr>
337        <tr>
338          <td class="paramkey"></td>
339          <td></td>
340          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
341          <td class="paramname"> <em>tbs</em>, </td>
342        </tr>
343        <tr>
344          <td class="paramkey"></td>
345          <td></td>
346          <td class="paramtype">const char *&nbsp;</td>
347          <td class="paramname"> <em>jid</em></td><td>&nbsp;</td>
348        </tr>
349        <tr>
350          <td></td>
351          <td>)</td>
352          <td></td><td></td><td></td>
353        </tr>
354      </table>
355</div>
356<div class="memdoc">
357
358<p>
359Add a Jabber/XMPP jid Subject Alternative Name to the to-be-signed certificate object. The jid is an UTF8 string.<p>
360<dl compact><dt><b>Parameters:</b></dt><dd>
361  <table border="0" cellspacing="2" cellpadding="0">
362    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
363    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
364    <tr><td valign="top"></td><td valign="top"><em>jid</em>&nbsp;</td><td>string of an a jabber id in UTF8.</td></tr>
365  </table>
366</dl>
367<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
368
369</div>
370</div><p>
371<a class="anchor" name="gbc4f3398499094a859fbceb769ba5051"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_ms_upn" ref="gbc4f3398499094a859fbceb769ba5051" args="(hx509_context context, hx509_ca_tbs tbs, const char *principal)" -->
372<div class="memitem">
373<div class="memproto">
374      <table class="memname">
375        <tr>
376          <td class="memname">int hx509_ca_tbs_add_san_ms_upn           </td>
377          <td>(</td>
378          <td class="paramtype">hx509_context&nbsp;</td>
379          <td class="paramname"> <em>context</em>, </td>
380        </tr>
381        <tr>
382          <td class="paramkey"></td>
383          <td></td>
384          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
385          <td class="paramname"> <em>tbs</em>, </td>
386        </tr>
387        <tr>
388          <td class="paramkey"></td>
389          <td></td>
390          <td class="paramtype">const char *&nbsp;</td>
391          <td class="paramname"> <em>principal</em></td><td>&nbsp;</td>
392        </tr>
393        <tr>
394          <td></td>
395          <td>)</td>
396          <td></td><td></td><td></td>
397        </tr>
398      </table>
399</div>
400<div class="memdoc">
401
402<p>
403Add Microsoft UPN Subject Alternative Name to the to-be-signed certificate object. The principal string is a UTF8 string.<p>
404<dl compact><dt><b>Parameters:</b></dt><dd>
405  <table border="0" cellspacing="2" cellpadding="0">
406    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
407    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
408    <tr><td valign="top"></td><td valign="top"><em>principal</em>&nbsp;</td><td>Microsoft UPN string.</td></tr>
409  </table>
410</dl>
411<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
412
413</div>
414</div><p>
415<a class="anchor" name="g8e938c9e9b1fea29e5bf77a2824891e2"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_otherName" ref="g8e938c9e9b1fea29e5bf77a2824891e2" args="(hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid, const heim_octet_string *os)" -->
416<div class="memitem">
417<div class="memproto">
418      <table class="memname">
419        <tr>
420          <td class="memname">int hx509_ca_tbs_add_san_otherName           </td>
421          <td>(</td>
422          <td class="paramtype">hx509_context&nbsp;</td>
423          <td class="paramname"> <em>context</em>, </td>
424        </tr>
425        <tr>
426          <td class="paramkey"></td>
427          <td></td>
428          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
429          <td class="paramname"> <em>tbs</em>, </td>
430        </tr>
431        <tr>
432          <td class="paramkey"></td>
433          <td></td>
434          <td class="paramtype">const heim_oid *&nbsp;</td>
435          <td class="paramname"> <em>oid</em>, </td>
436        </tr>
437        <tr>
438          <td class="paramkey"></td>
439          <td></td>
440          <td class="paramtype">const heim_octet_string *&nbsp;</td>
441          <td class="paramname"> <em>os</em></td><td>&nbsp;</td>
442        </tr>
443        <tr>
444          <td></td>
445          <td>)</td>
446          <td></td><td></td><td></td>
447        </tr>
448      </table>
449</div>
450<div class="memdoc">
451
452<p>
453Add Subject Alternative Name otherName to the to-be-signed certificate object.<p>
454<dl compact><dt><b>Parameters:</b></dt><dd>
455  <table border="0" cellspacing="2" cellpadding="0">
456    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
457    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
458    <tr><td valign="top"></td><td valign="top"><em>oid</em>&nbsp;</td><td>the oid of the OtherName. </td></tr>
459    <tr><td valign="top"></td><td valign="top"><em>os</em>&nbsp;</td><td>data in the other name.</td></tr>
460  </table>
461</dl>
462<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
463
464</div>
465</div><p>
466<a class="anchor" name="gede019208dbf7ad49cd077951887c4c3"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_pkinit" ref="gede019208dbf7ad49cd077951887c4c3" args="(hx509_context context, hx509_ca_tbs tbs, const char *principal)" -->
467<div class="memitem">
468<div class="memproto">
469      <table class="memname">
470        <tr>
471          <td class="memname">int hx509_ca_tbs_add_san_pkinit           </td>
472          <td>(</td>
473          <td class="paramtype">hx509_context&nbsp;</td>
474          <td class="paramname"> <em>context</em>, </td>
475        </tr>
476        <tr>
477          <td class="paramkey"></td>
478          <td></td>
479          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
480          <td class="paramname"> <em>tbs</em>, </td>
481        </tr>
482        <tr>
483          <td class="paramkey"></td>
484          <td></td>
485          <td class="paramtype">const char *&nbsp;</td>
486          <td class="paramname"> <em>principal</em></td><td>&nbsp;</td>
487        </tr>
488        <tr>
489          <td></td>
490          <td>)</td>
491          <td></td><td></td><td></td>
492        </tr>
493      </table>
494</div>
495<div class="memdoc">
496
497<p>
498Add Kerberos Subject Alternative Name to the to-be-signed certificate object. The principal string is a UTF8 string.<p>
499<dl compact><dt><b>Parameters:</b></dt><dd>
500  <table border="0" cellspacing="2" cellpadding="0">
501    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
502    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
503    <tr><td valign="top"></td><td valign="top"><em>principal</em>&nbsp;</td><td>Kerberos principal to add to the certificate.</td></tr>
504  </table>
505</dl>
506<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
507
508</div>
509</div><p>
510<a class="anchor" name="gf621ee0bac71f4ee09881812f4c4d196"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_rfc822name" ref="gf621ee0bac71f4ee09881812f4c4d196" args="(hx509_context context, hx509_ca_tbs tbs, const char *rfc822Name)" -->
511<div class="memitem">
512<div class="memproto">
513      <table class="memname">
514        <tr>
515          <td class="memname">int hx509_ca_tbs_add_san_rfc822name           </td>
516          <td>(</td>
517          <td class="paramtype">hx509_context&nbsp;</td>
518          <td class="paramname"> <em>context</em>, </td>
519        </tr>
520        <tr>
521          <td class="paramkey"></td>
522          <td></td>
523          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
524          <td class="paramname"> <em>tbs</em>, </td>
525        </tr>
526        <tr>
527          <td class="paramkey"></td>
528          <td></td>
529          <td class="paramtype">const char *&nbsp;</td>
530          <td class="paramname"> <em>rfc822Name</em></td><td>&nbsp;</td>
531        </tr>
532        <tr>
533          <td></td>
534          <td>)</td>
535          <td></td><td></td><td></td>
536        </tr>
537      </table>
538</div>
539<div class="memdoc">
540
541<p>
542Add a Subject Alternative Name rfc822 (email address) to to-be-signed certificate object.<p>
543<dl compact><dt><b>Parameters:</b></dt><dd>
544  <table border="0" cellspacing="2" cellpadding="0">
545    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
546    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
547    <tr><td valign="top"></td><td valign="top"><em>rfc822Name</em>&nbsp;</td><td>a string to a email address.</td></tr>
548  </table>
549</dl>
550<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
551
552</div>
553</div><p>
554<a class="anchor" name="g89eef97566653fbbe6ab32b59ea99299"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_free" ref="g89eef97566653fbbe6ab32b59ea99299" args="(hx509_ca_tbs *tbs)" -->
555<div class="memitem">
556<div class="memproto">
557      <table class="memname">
558        <tr>
559          <td class="memname">void hx509_ca_tbs_free           </td>
560          <td>(</td>
561          <td class="paramtype">hx509_ca_tbs *&nbsp;</td>
562          <td class="paramname"> <em>tbs</em>          </td>
563          <td>&nbsp;)&nbsp;</td>
564          <td></td>
565        </tr>
566      </table>
567</div>
568<div class="memdoc">
569
570<p>
571Free an To Be Signed object.<p>
572<dl compact><dt><b>Parameters:</b></dt><dd>
573  <table border="0" cellspacing="2" cellpadding="0">
574    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to free. </td></tr>
575  </table>
576</dl>
577
578</div>
579</div><p>
580<a class="anchor" name="g627b48e10d0b3576aec5823d6098ea3a"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_init" ref="g627b48e10d0b3576aec5823d6098ea3a" args="(hx509_context context, hx509_ca_tbs *tbs)" -->
581<div class="memitem">
582<div class="memproto">
583      <table class="memname">
584        <tr>
585          <td class="memname">int hx509_ca_tbs_init           </td>
586          <td>(</td>
587          <td class="paramtype">hx509_context&nbsp;</td>
588          <td class="paramname"> <em>context</em>, </td>
589        </tr>
590        <tr>
591          <td class="paramkey"></td>
592          <td></td>
593          <td class="paramtype">hx509_ca_tbs *&nbsp;</td>
594          <td class="paramname"> <em>tbs</em></td><td>&nbsp;</td>
595        </tr>
596        <tr>
597          <td></td>
598          <td>)</td>
599          <td></td><td></td><td></td>
600        </tr>
601      </table>
602</div>
603<div class="memdoc">
604
605<p>
606Allocate an to-be-signed certificate object that will be converted into an certificate.<p>
607<dl compact><dt><b>Parameters:</b></dt><dd>
608  <table border="0" cellspacing="2" cellpadding="0">
609    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
610    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>returned to-be-signed certicate object, free with <a class="el" href="group__hx509__ca.html#g89eef97566653fbbe6ab32b59ea99299">hx509_ca_tbs_free()</a>.</td></tr>
611  </table>
612</dl>
613<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
614
615</div>
616</div><p>
617<a class="anchor" name="g3e105ce23d67234c3b5d35a0752449cf"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_ca" ref="g3e105ce23d67234c3b5d35a0752449cf" args="(hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)" -->
618<div class="memitem">
619<div class="memproto">
620      <table class="memname">
621        <tr>
622          <td class="memname">int hx509_ca_tbs_set_ca           </td>
623          <td>(</td>
624          <td class="paramtype">hx509_context&nbsp;</td>
625          <td class="paramname"> <em>context</em>, </td>
626        </tr>
627        <tr>
628          <td class="paramkey"></td>
629          <td></td>
630          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
631          <td class="paramname"> <em>tbs</em>, </td>
632        </tr>
633        <tr>
634          <td class="paramkey"></td>
635          <td></td>
636          <td class="paramtype">int&nbsp;</td>
637          <td class="paramname"> <em>pathLenConstraint</em></td><td>&nbsp;</td>
638        </tr>
639        <tr>
640          <td></td>
641          <td>)</td>
642          <td></td><td></td><td></td>
643        </tr>
644      </table>
645</div>
646<div class="memdoc">
647
648<p>
649Make the to-be-signed certificate object a CA certificate. If the pathLenConstraint is negative path length constraint is used.<p>
650<dl compact><dt><b>Parameters:</b></dt><dd>
651  <table border="0" cellspacing="2" cellpadding="0">
652    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
653    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
654    <tr><td valign="top"></td><td valign="top"><em>pathLenConstraint</em>&nbsp;</td><td>path length constraint, negative, no constraint.</td></tr>
655  </table>
656</dl>
657<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
658
659</div>
660</div><p>
661<a class="anchor" name="ge41a6e44a39c95e6c29376985f0b39b0"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_domaincontroller" ref="ge41a6e44a39c95e6c29376985f0b39b0" args="(hx509_context context, hx509_ca_tbs tbs)" -->
662<div class="memitem">
663<div class="memproto">
664      <table class="memname">
665        <tr>
666          <td class="memname">int hx509_ca_tbs_set_domaincontroller           </td>
667          <td>(</td>
668          <td class="paramtype">hx509_context&nbsp;</td>
669          <td class="paramname"> <em>context</em>, </td>
670        </tr>
671        <tr>
672          <td class="paramkey"></td>
673          <td></td>
674          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
675          <td class="paramname"> <em>tbs</em></td><td>&nbsp;</td>
676        </tr>
677        <tr>
678          <td></td>
679          <td>)</td>
680          <td></td><td></td><td></td>
681        </tr>
682      </table>
683</div>
684<div class="memdoc">
685
686<p>
687Make the to-be-signed certificate object a windows domain controller certificate.<p>
688<dl compact><dt><b>Parameters:</b></dt><dd>
689  <table border="0" cellspacing="2" cellpadding="0">
690    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
691    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed.</td></tr>
692  </table>
693</dl>
694<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
695
696</div>
697</div><p>
698<a class="anchor" name="gc64ad4daabe3c912be50c2a32af4fe05"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_notAfter" ref="gc64ad4daabe3c912be50c2a32af4fe05" args="(hx509_context context, hx509_ca_tbs tbs, time_t t)" -->
699<div class="memitem">
700<div class="memproto">
701      <table class="memname">
702        <tr>
703          <td class="memname">int hx509_ca_tbs_set_notAfter           </td>
704          <td>(</td>
705          <td class="paramtype">hx509_context&nbsp;</td>
706          <td class="paramname"> <em>context</em>, </td>
707        </tr>
708        <tr>
709          <td class="paramkey"></td>
710          <td></td>
711          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
712          <td class="paramname"> <em>tbs</em>, </td>
713        </tr>
714        <tr>
715          <td class="paramkey"></td>
716          <td></td>
717          <td class="paramtype">time_t&nbsp;</td>
718          <td class="paramname"> <em>t</em></td><td>&nbsp;</td>
719        </tr>
720        <tr>
721          <td></td>
722          <td>)</td>
723          <td></td><td></td><td></td>
724        </tr>
725      </table>
726</div>
727<div class="memdoc">
728
729<p>
730Set the absolute time when the certificate is valid to.<p>
731<dl compact><dt><b>Parameters:</b></dt><dd>
732  <table border="0" cellspacing="2" cellpadding="0">
733    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
734    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
735    <tr><td valign="top"></td><td valign="top"><em>t</em>&nbsp;</td><td>time when the certificate will expire</td></tr>
736  </table>
737</dl>
738<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
739
740</div>
741</div><p>
742<a class="anchor" name="g587184eedd56450858eb74cae842f084"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_notAfter_lifetime" ref="g587184eedd56450858eb74cae842f084" args="(hx509_context context, hx509_ca_tbs tbs, time_t delta)" -->
743<div class="memitem">
744<div class="memproto">
745      <table class="memname">
746        <tr>
747          <td class="memname">int hx509_ca_tbs_set_notAfter_lifetime           </td>
748          <td>(</td>
749          <td class="paramtype">hx509_context&nbsp;</td>
750          <td class="paramname"> <em>context</em>, </td>
751        </tr>
752        <tr>
753          <td class="paramkey"></td>
754          <td></td>
755          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
756          <td class="paramname"> <em>tbs</em>, </td>
757        </tr>
758        <tr>
759          <td class="paramkey"></td>
760          <td></td>
761          <td class="paramtype">time_t&nbsp;</td>
762          <td class="paramname"> <em>delta</em></td><td>&nbsp;</td>
763        </tr>
764        <tr>
765          <td></td>
766          <td>)</td>
767          <td></td><td></td><td></td>
768        </tr>
769      </table>
770</div>
771<div class="memdoc">
772
773<p>
774Set the relative time when the certificiate is going to expire.<p>
775<dl compact><dt><b>Parameters:</b></dt><dd>
776  <table border="0" cellspacing="2" cellpadding="0">
777    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
778    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
779    <tr><td valign="top"></td><td valign="top"><em>delta</em>&nbsp;</td><td>seconds to the certificate is going to expire.</td></tr>
780  </table>
781</dl>
782<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
783
784</div>
785</div><p>
786<a class="anchor" name="g6a124401ceb514cf16cf8e3721234d03"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_notBefore" ref="g6a124401ceb514cf16cf8e3721234d03" args="(hx509_context context, hx509_ca_tbs tbs, time_t t)" -->
787<div class="memitem">
788<div class="memproto">
789      <table class="memname">
790        <tr>
791          <td class="memname">int hx509_ca_tbs_set_notBefore           </td>
792          <td>(</td>
793          <td class="paramtype">hx509_context&nbsp;</td>
794          <td class="paramname"> <em>context</em>, </td>
795        </tr>
796        <tr>
797          <td class="paramkey"></td>
798          <td></td>
799          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
800          <td class="paramname"> <em>tbs</em>, </td>
801        </tr>
802        <tr>
803          <td class="paramkey"></td>
804          <td></td>
805          <td class="paramtype">time_t&nbsp;</td>
806          <td class="paramname"> <em>t</em></td><td>&nbsp;</td>
807        </tr>
808        <tr>
809          <td></td>
810          <td>)</td>
811          <td></td><td></td><td></td>
812        </tr>
813      </table>
814</div>
815<div class="memdoc">
816
817<p>
818Set the absolute time when the certificate is valid from. If not set the current time will be used.<p>
819<dl compact><dt><b>Parameters:</b></dt><dd>
820  <table border="0" cellspacing="2" cellpadding="0">
821    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
822    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
823    <tr><td valign="top"></td><td valign="top"><em>t</em>&nbsp;</td><td>time the certificated will start to be valid</td></tr>
824  </table>
825</dl>
826<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
827
828</div>
829</div><p>
830<a class="anchor" name="g215241c575ae3296e137f155a0a4dd6e"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_proxy" ref="g215241c575ae3296e137f155a0a4dd6e" args="(hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)" -->
831<div class="memitem">
832<div class="memproto">
833      <table class="memname">
834        <tr>
835          <td class="memname">int hx509_ca_tbs_set_proxy           </td>
836          <td>(</td>
837          <td class="paramtype">hx509_context&nbsp;</td>
838          <td class="paramname"> <em>context</em>, </td>
839        </tr>
840        <tr>
841          <td class="paramkey"></td>
842          <td></td>
843          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
844          <td class="paramname"> <em>tbs</em>, </td>
845        </tr>
846        <tr>
847          <td class="paramkey"></td>
848          <td></td>
849          <td class="paramtype">int&nbsp;</td>
850          <td class="paramname"> <em>pathLenConstraint</em></td><td>&nbsp;</td>
851        </tr>
852        <tr>
853          <td></td>
854          <td>)</td>
855          <td></td><td></td><td></td>
856        </tr>
857      </table>
858</div>
859<div class="memdoc">
860
861<p>
862Make the to-be-signed certificate object a proxy certificate. If the pathLenConstraint is negative path length constraint is used.<p>
863<dl compact><dt><b>Parameters:</b></dt><dd>
864  <table border="0" cellspacing="2" cellpadding="0">
865    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
866    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
867    <tr><td valign="top"></td><td valign="top"><em>pathLenConstraint</em>&nbsp;</td><td>path length constraint, negative, no constraint.</td></tr>
868  </table>
869</dl>
870<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
871
872</div>
873</div><p>
874<a class="anchor" name="g3f611617f0001575b723a4a9c0d9b3ca"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_serialnumber" ref="g3f611617f0001575b723a4a9c0d9b3ca" args="(hx509_context context, hx509_ca_tbs tbs, const heim_integer *serialNumber)" -->
875<div class="memitem">
876<div class="memproto">
877      <table class="memname">
878        <tr>
879          <td class="memname">int hx509_ca_tbs_set_serialnumber           </td>
880          <td>(</td>
881          <td class="paramtype">hx509_context&nbsp;</td>
882          <td class="paramname"> <em>context</em>, </td>
883        </tr>
884        <tr>
885          <td class="paramkey"></td>
886          <td></td>
887          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
888          <td class="paramname"> <em>tbs</em>, </td>
889        </tr>
890        <tr>
891          <td class="paramkey"></td>
892          <td></td>
893          <td class="paramtype">const heim_integer *&nbsp;</td>
894          <td class="paramname"> <em>serialNumber</em></td><td>&nbsp;</td>
895        </tr>
896        <tr>
897          <td></td>
898          <td>)</td>
899          <td></td><td></td><td></td>
900        </tr>
901      </table>
902</div>
903<div class="memdoc">
904
905<p>
906Set the serial number to use for to-be-signed certificate object.<p>
907<dl compact><dt><b>Parameters:</b></dt><dd>
908  <table border="0" cellspacing="2" cellpadding="0">
909    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
910    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
911    <tr><td valign="top"></td><td valign="top"><em>serialNumber</em>&nbsp;</td><td>serial number to use for the to-be-signed certificate object.</td></tr>
912  </table>
913</dl>
914<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
915
916</div>
917</div><p>
918<a class="anchor" name="ge12bfa65cf1112bf3181a5499e8f7ba6"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_spki" ref="ge12bfa65cf1112bf3181a5499e8f7ba6" args="(hx509_context context, hx509_ca_tbs tbs, const SubjectPublicKeyInfo *spki)" -->
919<div class="memitem">
920<div class="memproto">
921      <table class="memname">
922        <tr>
923          <td class="memname">int hx509_ca_tbs_set_spki           </td>
924          <td>(</td>
925          <td class="paramtype">hx509_context&nbsp;</td>
926          <td class="paramname"> <em>context</em>, </td>
927        </tr>
928        <tr>
929          <td class="paramkey"></td>
930          <td></td>
931          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
932          <td class="paramname"> <em>tbs</em>, </td>
933        </tr>
934        <tr>
935          <td class="paramkey"></td>
936          <td></td>
937          <td class="paramtype">const SubjectPublicKeyInfo *&nbsp;</td>
938          <td class="paramname"> <em>spki</em></td><td>&nbsp;</td>
939        </tr>
940        <tr>
941          <td></td>
942          <td>)</td>
943          <td></td><td></td><td></td>
944        </tr>
945      </table>
946</div>
947<div class="memdoc">
948
949<p>
950Set the subject public key info (SPKI) in the to-be-signed certificate object. SPKI is the public key and key related parameters in the certificate.<p>
951<dl compact><dt><b>Parameters:</b></dt><dd>
952  <table border="0" cellspacing="2" cellpadding="0">
953    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
954    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
955    <tr><td valign="top"></td><td valign="top"><em>spki</em>&nbsp;</td><td>subject public key info to use for the to-be-signed certificate object.</td></tr>
956  </table>
957</dl>
958<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
959
960</div>
961</div><p>
962<a class="anchor" name="g9e8cf374812308654e3d7270afb59da1"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_subject" ref="g9e8cf374812308654e3d7270afb59da1" args="(hx509_context context, hx509_ca_tbs tbs, hx509_name subject)" -->
963<div class="memitem">
964<div class="memproto">
965      <table class="memname">
966        <tr>
967          <td class="memname">int hx509_ca_tbs_set_subject           </td>
968          <td>(</td>
969          <td class="paramtype">hx509_context&nbsp;</td>
970          <td class="paramname"> <em>context</em>, </td>
971        </tr>
972        <tr>
973          <td class="paramkey"></td>
974          <td></td>
975          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
976          <td class="paramname"> <em>tbs</em>, </td>
977        </tr>
978        <tr>
979          <td class="paramkey"></td>
980          <td></td>
981          <td class="paramtype">hx509_name&nbsp;</td>
982          <td class="paramname"> <em>subject</em></td><td>&nbsp;</td>
983        </tr>
984        <tr>
985          <td></td>
986          <td>)</td>
987          <td></td><td></td><td></td>
988        </tr>
989      </table>
990</div>
991<div class="memdoc">
992
993<p>
994Set the subject name of a to-be-signed certificate object.<p>
995<dl compact><dt><b>Parameters:</b></dt><dd>
996  <table border="0" cellspacing="2" cellpadding="0">
997    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
998    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
999    <tr><td valign="top"></td><td valign="top"><em>subject</em>&nbsp;</td><td>the name to set a subject.</td></tr>
1000  </table>
1001</dl>
1002<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
1003
1004</div>
1005</div><p>
1006<a class="anchor" name="g2d7c245443a81540ff993e7cc6f51ebb"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_template" ref="g2d7c245443a81540ff993e7cc6f51ebb" args="(hx509_context context, hx509_ca_tbs tbs, int flags, hx509_cert cert)" -->
1007<div class="memitem">
1008<div class="memproto">
1009      <table class="memname">
1010        <tr>
1011          <td class="memname">int hx509_ca_tbs_set_template           </td>
1012          <td>(</td>
1013          <td class="paramtype">hx509_context&nbsp;</td>
1014          <td class="paramname"> <em>context</em>, </td>
1015        </tr>
1016        <tr>
1017          <td class="paramkey"></td>
1018          <td></td>
1019          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
1020          <td class="paramname"> <em>tbs</em>, </td>
1021        </tr>
1022        <tr>
1023          <td class="paramkey"></td>
1024          <td></td>
1025          <td class="paramtype">int&nbsp;</td>
1026          <td class="paramname"> <em>flags</em>, </td>
1027        </tr>
1028        <tr>
1029          <td class="paramkey"></td>
1030          <td></td>
1031          <td class="paramtype">hx509_cert&nbsp;</td>
1032          <td class="paramname"> <em>cert</em></td><td>&nbsp;</td>
1033        </tr>
1034        <tr>
1035          <td></td>
1036          <td>)</td>
1037          <td></td><td></td><td></td>
1038        </tr>
1039      </table>
1040</div>
1041<div class="memdoc">
1042
1043<p>
1044Initialize the to-be-signed certificate object from a template certifiate.<p>
1045<dl compact><dt><b>Parameters:</b></dt><dd>
1046  <table border="0" cellspacing="2" cellpadding="0">
1047    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
1048    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
1049    <tr><td valign="top"></td><td valign="top"><em>flags</em>&nbsp;</td><td>bit field selecting what to copy from the template certifiate. </td></tr>
1050    <tr><td valign="top"></td><td valign="top"><em>cert</em>&nbsp;</td><td>template certificate.</td></tr>
1051  </table>
1052</dl>
1053<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
1054
1055</div>
1056</div><p>
1057<a class="anchor" name="ge22ea3d0201845dbc73f4b21502face6"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_unique" ref="ge22ea3d0201845dbc73f4b21502face6" args="(hx509_context context, hx509_ca_tbs tbs, const heim_bit_string *subjectUniqueID, const heim_bit_string *issuerUniqueID)" -->
1058<div class="memitem">
1059<div class="memproto">
1060      <table class="memname">
1061        <tr>
1062          <td class="memname">int hx509_ca_tbs_set_unique           </td>
1063          <td>(</td>
1064          <td class="paramtype">hx509_context&nbsp;</td>
1065          <td class="paramname"> <em>context</em>, </td>
1066        </tr>
1067        <tr>
1068          <td class="paramkey"></td>
1069          <td></td>
1070          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
1071          <td class="paramname"> <em>tbs</em>, </td>
1072        </tr>
1073        <tr>
1074          <td class="paramkey"></td>
1075          <td></td>
1076          <td class="paramtype">const heim_bit_string *&nbsp;</td>
1077          <td class="paramname"> <em>subjectUniqueID</em>, </td>
1078        </tr>
1079        <tr>
1080          <td class="paramkey"></td>
1081          <td></td>
1082          <td class="paramtype">const heim_bit_string *&nbsp;</td>
1083          <td class="paramname"> <em>issuerUniqueID</em></td><td>&nbsp;</td>
1084        </tr>
1085        <tr>
1086          <td></td>
1087          <td>)</td>
1088          <td></td><td></td><td></td>
1089        </tr>
1090      </table>
1091</div>
1092<div class="memdoc">
1093
1094<p>
1095Set the issuerUniqueID and subjectUniqueID<p>
1096These are only supposed to be used considered with version 2 certificates, replaced by the two extensions SubjectKeyIdentifier and IssuerKeyIdentifier. This function is to allow application using legacy protocol to issue them.<p>
1097<dl compact><dt><b>Parameters:</b></dt><dd>
1098  <table border="0" cellspacing="2" cellpadding="0">
1099    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
1100    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
1101    <tr><td valign="top"></td><td valign="top"><em>issuerUniqueID</em>&nbsp;</td><td>to be set </td></tr>
1102    <tr><td valign="top"></td><td valign="top"><em>subjectUniqueID</em>&nbsp;</td><td>to be set</td></tr>
1103  </table>
1104</dl>
1105<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
1106
1107</div>
1108</div><p>
1109<a class="anchor" name="g36432d6249ee668196a692c7286d09ce"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_subject_expand" ref="g36432d6249ee668196a692c7286d09ce" args="(hx509_context context, hx509_ca_tbs tbs, hx509_env env)" -->
1110<div class="memitem">
1111<div class="memproto">
1112      <table class="memname">
1113        <tr>
1114          <td class="memname">int hx509_ca_tbs_subject_expand           </td>
1115          <td>(</td>
1116          <td class="paramtype">hx509_context&nbsp;</td>
1117          <td class="paramname"> <em>context</em>, </td>
1118        </tr>
1119        <tr>
1120          <td class="paramkey"></td>
1121          <td></td>
1122          <td class="paramtype">hx509_ca_tbs&nbsp;</td>
1123          <td class="paramname"> <em>tbs</em>, </td>
1124        </tr>
1125        <tr>
1126          <td class="paramkey"></td>
1127          <td></td>
1128          <td class="paramtype">hx509_env&nbsp;</td>
1129          <td class="paramname"> <em>env</em></td><td>&nbsp;</td>
1130        </tr>
1131        <tr>
1132          <td></td>
1133          <td>)</td>
1134          <td></td><td></td><td></td>
1135        </tr>
1136      </table>
1137</div>
1138<div class="memdoc">
1139
1140<p>
1141Expand the the subject name in the to-be-signed certificate object using <a class="el" href="group__hx509__name.html#g42015083c70b6aa29c4f082998dbbece">hx509_name_expand()</a>.<p>
1142<dl compact><dt><b>Parameters:</b></dt><dd>
1143  <table border="0" cellspacing="2" cellpadding="0">
1144    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
1145    <tr><td valign="top"></td><td valign="top"><em>tbs</em>&nbsp;</td><td>object to be signed. </td></tr>
1146    <tr><td valign="top"></td><td valign="top"><em>env</em>&nbsp;</td><td>enviroment variable to expand variables in the subject name, see hx509_env_init().</td></tr>
1147  </table>
1148</dl>
1149<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
1150
1151</div>
1152</div><p>
1153<a class="anchor" name="g2809ea576f40642337c8bf49071723b0"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_template_units" ref="g2809ea576f40642337c8bf49071723b0" args="(void)" -->
1154<div class="memitem">
1155<div class="memproto">
1156      <table class="memname">
1157        <tr>
1158          <td class="memname">struct units* hx509_ca_tbs_template_units           </td>
1159          <td>(</td>
1160          <td class="paramtype">void&nbsp;</td>
1161          <td class="paramname">          </td>
1162          <td>&nbsp;)&nbsp;</td>
1163          <td><code> [read]</code></td>
1164        </tr>
1165      </table>
1166</div>
1167<div class="memdoc">
1168
1169<p>
1170Make of template units, use to build flags argument to <a class="el" href="group__hx509__ca.html#g2d7c245443a81540ff993e7cc6f51ebb">hx509_ca_tbs_set_template()</a> with parse_units().<p>
1171<dl class="return" compact><dt><b>Returns:</b></dt><dd>an units structure. </dd></dl>
1172
1173</div>
1174</div><p>
1175</div>
1176<hr size="1"><address style="text-align: right;"><small>
1177Generated on Wed Jan 11 14:07:41 2012 for Heimdalx509library by&nbsp;<a href="http://www.doxygen.org/index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.6</small></address>
1178</body>
1179</html>
1180