S2OPC OPCUA Toolkit
Functions
sopc_key_manager.h File Reference

The SOPC_KeyManager provides an API for Asymmetric Key Management such as loading signed public keys (Certificate) and the corresponding private key. Also see sopc_key_manager_lib_itf.h for the complete API. More...

#include "sopc_crypto_decl.h"
#include "sopc_key_manager_lib_itf.h"

Go to the source code of this file.

Functions

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromData (const uint8_t *data, uint32_t len, SOPC_SerializedAsymmetricKey **key)
 Creates a serialized asymmetric key from a DER or PEM payload. More...
 
SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile (const char *path, SOPC_SerializedAsymmetricKey **key)
 Creates a serialized asymmetric key from a file in DER or PEM format. More...
 
SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile_WithPwd (const char *keyPath, SOPC_SerializedAsymmetricKey **key, char *password, uint32_t lenPassword)
 Creates a serialized asymmetric key from a file in DER or PEM format with an optional password for the encrypted private key (PEM format). More...
 
SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromKey (const SOPC_AsymmetricKey *pKey, bool is_public, SOPC_SerializedAsymmetricKey **out)
 Creates a serialized asymmetric key from an SOPC_AsymmetricKey structure. More...
 
SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_Deserialize (const SOPC_SerializedAsymmetricKey *key, bool is_public, SOPC_AsymmetricKey **res)
 Deserializes a serialized key. More...
 
void SOPC_KeyManager_SerializedAsymmetricKey_Delete (SOPC_SerializedAsymmetricKey *key)
 Releases all resources associated to a serialized asymmetric key. More...
 
SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_CreateFromDER (const uint8_t *der, uint32_t len, SOPC_SerializedCertificate **cert)
 Creates a serialized certificate from a DER payload. More...
 
SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_CreateFromFile (const char *path, SOPC_SerializedCertificate **cert)
 Creates a serialized certificate from a file in DER or PEM format. More...
 
void SOPC_KeyManager_SerializedCertificate_Delete (SOPC_SerializedCertificate *cert)
 Releases all resources associated to a serialized certificate. More...
 
SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_Deserialize (const SOPC_SerializedCertificate *cert, SOPC_CertificateList **res)
 Deserializes a serialized certificate. More...
 
const SOPC_BufferSOPC_KeyManager_SerializedCertificate_Data (const SOPC_SerializedCertificate *cert)
 Returns the data held in a serialized certificate. More...
 
const SOPC_BufferSOPC_KeyManager_SerializedCRL_Data (const SOPC_SerializedCRL *crl)
 Returns the data held in a serialized CRL. More...
 

Detailed Description

The SOPC_KeyManager provides an API for Asymmetric Key Management such as loading signed public keys (Certificate) and the corresponding private key. Also see sopc_key_manager_lib_itf.h for the complete API.

KeyManager is different than PKIProvider, which only handles signed public key validation and storage.

KeyManager API is context-less. The KeyManager is generic, and is not linked to the current security policy.

Function Documentation

◆ SOPC_KeyManager_SerializedAsymmetricKey_CreateFromData()

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromData ( const uint8_t *  data,
uint32_t  len,
SOPC_SerializedAsymmetricKey **  key 
)

Creates a serialized asymmetric key from a DER or PEM payload.

Parameters
datathe key data in DER or PEM format
lenlength of the data
[out]keythe created serialized key
Returns
SOPC_STATUS_OK on success, or an error code in case of failure.

◆ SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile()

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile ( const char *  path,
SOPC_SerializedAsymmetricKey **  key 
)

Creates a serialized asymmetric key from a file in DER or PEM format.

Parameters
pathpath to the file
[out]keythe created serialized key
Deprecated:
Use SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile_WithPwd instead
Returns
SOPC_STATUS_OK on success, or an error code in case of failure.

◆ SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile_WithPwd()

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile_WithPwd ( const char *  keyPath,
SOPC_SerializedAsymmetricKey **  key,
char *  password,
uint32_t  lenPassword 
)

Creates a serialized asymmetric key from a file in DER or PEM format with an optional password for the encrypted private key (PEM format).

Parameters
keyPathThe path to the DER/PEM file.
[out]keyA valid pointer pointing to NULL which will be set to the newly allocated serialized key.
passwordAn optional password (!= NULL). The password must be a zero-terminated string with at most lenPassword non null chars, and at least lenPassword + 1 allocated chars.
lenPasswordThe length of the password.
Note
Supported encryption algorithm: AES-128-CBC, AES-192-CBC and AES-256-CBC
Returns
SOPC_STATUS_OK on success, or an error code in case of failure.

◆ SOPC_KeyManager_SerializedAsymmetricKey_CreateFromKey()

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromKey ( const SOPC_AsymmetricKey pKey,
bool  is_public,
SOPC_SerializedAsymmetricKey **  out 
)

Creates a serialized asymmetric key from an SOPC_AsymmetricKey structure.

Parameters
pKeyA valid pointer to the asymmetric key (public/private) to serialize.
is_publicWhether the key is public or private.
[out]outA valid pointer pointing to NULL which will be set to the newly allocated serialized key
Returns
SOPC_STATUS_OK on success, or an error code in case of failure.

◆ SOPC_KeyManager_SerializedAsymmetricKey_Deserialize()

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_Deserialize ( const SOPC_SerializedAsymmetricKey key,
bool  is_public,
SOPC_AsymmetricKey **  res 
)

Deserializes a serialized key.

Parameters
keythe serialized key
is_publicwhether the serialized key is a public or a private key
[out]resA valid pointer pointing to NULL which will be set to the newly allocated SOPC_AsymmetricKey
Returns
SOPC_STATUS_OK on success, or an error code in case of failure.

◆ SOPC_KeyManager_SerializedAsymmetricKey_Delete()

void SOPC_KeyManager_SerializedAsymmetricKey_Delete ( SOPC_SerializedAsymmetricKey key)

Releases all resources associated to a serialized asymmetric key.

Parameters
keyThe serialized key

◆ SOPC_KeyManager_SerializedCertificate_CreateFromDER()

SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_CreateFromDER ( const uint8_t *  der,
uint32_t  len,
SOPC_SerializedCertificate **  cert 
)

Creates a serialized certificate from a DER payload.

Parameters
derthe certificate data in DER format
lenlength of the DER data
[out]certA valid pointer pointing to NULL which will be set to the newly allocated serialized certificate
Returns
SOPC_STATUS_OK on success, or an error code in case of failure.

◆ SOPC_KeyManager_SerializedCertificate_CreateFromFile()

SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_CreateFromFile ( const char *  path,
SOPC_SerializedCertificate **  cert 
)

Creates a serialized certificate from a file in DER or PEM format.

Parameters
pathpath to the file
[out]certA valid pointer pointing to NULL which will be set to the newly allocated serialized certificate
Returns
SOPC_STATUS_OK on success, or an error code in case of failure.

◆ SOPC_KeyManager_SerializedCertificate_Delete()

void SOPC_KeyManager_SerializedCertificate_Delete ( SOPC_SerializedCertificate cert)

Releases all resources associated to a serialized certificate.

Parameters
certThe serialized certificate

◆ SOPC_KeyManager_SerializedCertificate_Deserialize()

SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_Deserialize ( const SOPC_SerializedCertificate cert,
SOPC_CertificateList **  res 
)

Deserializes a serialized certificate.

Parameters
certthe serialized certificate
[out]resA valid pointer pointing to NULL which will be set to the newly allocated SOPC_CertificateList
Returns
SOPC_STATUS_OK on success, or an error code in case of failure.

◆ SOPC_KeyManager_SerializedCertificate_Data()

const SOPC_Buffer* SOPC_KeyManager_SerializedCertificate_Data ( const SOPC_SerializedCertificate cert)

Returns the data held in a serialized certificate.

Parameters
certthe serialized certificate
Returns
The data held in the serialized certificate. The returned memory is owned by the serialized certificate, and should not be modified or freed.

◆ SOPC_KeyManager_SerializedCRL_Data()

const SOPC_Buffer* SOPC_KeyManager_SerializedCRL_Data ( const SOPC_SerializedCRL crl)

Returns the data held in a serialized CRL.

Parameters
crlthe serialized CRL
Returns
The data held in the serialized CRL. The returned memory is owned by the serialized CRL, and should not be modified or freed.