S2OPC OPCUA Toolkit
sopc_key_manager.h
Go to the documentation of this file.
1 /*
2  * Licensed to Systerel under one or more contributor license
3  * agreements. See the NOTICE file distributed with this work
4  * for additional information regarding copyright ownership.
5  * Systerel licenses this file to you under the Apache
6  * License, Version 2.0 (the "License"); you may not use this
7  * file except in compliance with the License. You may obtain
8  * a copy of the License at
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing,
13  * software distributed under the License is distributed on an
14  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15  * KIND, either express or implied. See the License for the
16  * specific language governing permissions and limitations
17  * under the License.
18  */
19 
30 #ifndef SOPC_KEY_MANAGER_H_
31 #define SOPC_KEY_MANAGER_H_
32 
33 #include <stddef.h>
34 
35 #include "sopc_buffer.h"
36 #include "sopc_crypto_decl.h"
37 #include "sopc_secret_buffer.h"
38 
45 
52 
53 /* ------------------------------------------------------------------------------------------------
54  * AsymmetricKey API
55  * ------------------------------------------------------------------------------------------------
56  */
57 
78  uint32_t lenBuf,
79  bool is_public,
80  SOPC_AsymmetricKey** ppKey);
81 
105  SOPC_AsymmetricKey** ppKey,
106  char* password,
107  uint32_t lenPassword);
108 
119 
138  SOPC_AsymmetricKey** pKey);
139 
148 
170  bool is_public,
171  uint8_t* pDest,
172  uint32_t lenDest,
173  uint32_t* pLenWritten);
174 
193  const bool bIsPublic,
194  const char* filePath,
195  const char* pwd,
196  const uint32_t pwdLen);
197 
208  uint32_t len,
210 
223 
240  char* password,
241  uint32_t lenPassword);
242 
253  bool is_public,
255 
266  bool is_public,
267  SOPC_AsymmetricKey** res);
268 
275 
276 /* ------------------------------------------------------------------------------------------------
277  * Cert API
278  * ------------------------------------------------------------------------------------------------
279  */
280 
301  uint32_t lenDER,
302  SOPC_CertificateList** ppCert);
303 
324 
335 
353  uint8_t** ppDest,
354  uint32_t* pLenAllocated);
355 
366 
389  const SOPC_CertificateList* pCert,
390  uint8_t* pDest,
391  uint32_t lenDest);
392 
411 bool SOPC_KeyManager_Certificate_CheckApplicationUri(const SOPC_CertificateList* pCert, const char* applicationUri);
412 
431  char** ppApplicationUri,
432  size_t* pStringLength);
433 
445 
460  char** ppSubjectName,
461  uint32_t* pSubjectNameLen);
462 
478  char*** ppDnsNameArray,
479  uint32_t* pArrayLength);
480 
501  const SOPC_CRLList* pCRL,
502  bool* pbMatch);
503 
521  const SOPC_CertificateList* pCert,
522  bool* pbMatch);
523 
542  SOPC_CRLList** ppCRLList,
543  const char* pThumbprint,
544  bool* pbMatch,
545  bool* pbIsIssuer);
546 
557  uint32_t len,
559 
570 
580  SOPC_CertificateList** res);
581 
591 
604 
617 
629  SOPC_CertificateList** ppCertCopy);
630 
637 
638 /* ------------------------------------------------------------------------------------------------
639  * Certificate Revocation List API
640  * ------------------------------------------------------------------------------------------------
641  */
642 
663  uint32_t lenDER,
664  SOPC_CRLList** ppCRL);
665 
686 
697 
709 
721 
729 
730 /* ------------------------------------------------------------------------------------------------
731  * Certificate Signing request API
732  * ------------------------------------------------------------------------------------------------
733  */
734 
757  const bool bIsServer,
758  const char* mdType,
759  const char* uri,
760  char** pDnsArray,
761  uint32_t arrayLength,
762  SOPC_CSR** ppCSR);
763 
779  SOPC_AsymmetricKey* pKey,
780  uint8_t** ppDest,
781  uint32_t* pLenAllocated);
782 
789 
790 #endif /* SOPC_KEY_MANAGER_H_ */
SOPC_KeyManager_Certificate_IsSelfSigned
SOPC_ReturnStatus SOPC_KeyManager_Certificate_IsSelfSigned(const SOPC_CertificateList *pCert, bool *pbIsSelfSigned)
Whether the first item of a certificate list is self signed.
SOPC_KeyManager_Certificate_CheckApplicationUri
bool SOPC_KeyManager_Certificate_CheckApplicationUri(const SOPC_CertificateList *pCert, const char *applicationUri)
Verify the application URI embedded in a certificate.
SOPC_KeyManager_SerializedAsymmetricKey_Deserialize
SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_Deserialize(const SOPC_SerializedAsymmetricKey *key, bool is_public, SOPC_AsymmetricKey **res)
Deserializes a serialized key.
SOPC_KeyManager_Certificate_CreateOrAddFromFile
SOPC_ReturnStatus SOPC_KeyManager_Certificate_CreateOrAddFromFile(const char *szPath, SOPC_CertificateList **ppCert)
Creates a new Certificate (signed public key) from a file in the DER or PEM format,...
SOPC_KeyManager_SerializedCertificate_Deserialize
SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_Deserialize(const SOPC_SerializedCertificate *cert, SOPC_CertificateList **res)
Deserializes a serialized certificate.
SOPC_CertificateList
The signed public key representation, or a chained list of such keys.
Definition: key_manager_lib.h:67
SOPC_SerializedCertificate
SOPC_Buffer SOPC_SerializedCertificate
A serialized representation of a certificate.
Definition: sopc_key_manager.h:51
SOPC_SerializedAsymmetricKey
SOPC_SecretBuffer SOPC_SerializedAsymmetricKey
A serialized representation of an asymmetric key.
Definition: sopc_key_manager.h:44
SOPC_KeyManager_CertificateList_FindCertInList
SOPC_ReturnStatus SOPC_KeyManager_CertificateList_FindCertInList(const SOPC_CertificateList *pList, const SOPC_CertificateList *pCert, bool *pbMatch)
Finds whether a certificate is in the given certificate list or not.
SOPC_KeyManager_CertificateList_RemoveCAWithoutCRL
SOPC_ReturnStatus SOPC_KeyManager_CertificateList_RemoveCAWithoutCRL(SOPC_CertificateList **ppCert, const SOPC_CRLList *pCRL, bool *pbMatch)
Removes (and frees) certificates from ppCert that do not have exactly one revocation list in pCRL.
SOPC_KeyManager_Certificate_GetSubjectName
SOPC_ReturnStatus SOPC_KeyManager_Certificate_GetSubjectName(const SOPC_CertificateList *pCert, char **ppSubjectName, uint32_t *pSubjectNameLen)
Returns the subject name of certificate pCert as a C String.
SOPC_KeyManager_Certificate_ToDER_Files
SOPC_ReturnStatus SOPC_KeyManager_Certificate_ToDER_Files(SOPC_CertificateList *pCerts, const char *directoryPath)
Write all the certificates of pCerts in DER files at destination directoryPath . File names are defin...
SOPC_KeyManager_Certificate_GetListLength
SOPC_ReturnStatus SOPC_KeyManager_Certificate_GetListLength(const SOPC_CertificateList *pCert, size_t *pLength)
Return the number of chained certificates in the certificate list pCert.
SOPC_KeyManager_CRL_Free
void SOPC_KeyManager_CRL_Free(SOPC_CRLList *pCRL)
Frees a Certificate created with SOPC_KeyManager_CRL_CreateOrAddFromFile or SOPC_KeyManager_CRL_Creat...
SOPC_KeyManager_SerializedCertificate_Data
const SOPC_Buffer * SOPC_KeyManager_SerializedCertificate_Data(const SOPC_SerializedCertificate *cert)
Returns the data held in a serialized certificate.
SOPC_KeyManager_CSR_ToDER
SOPC_ReturnStatus SOPC_KeyManager_CSR_ToDER(SOPC_CSR *pCSR, SOPC_AsymmetricKey *pKey, uint8_t **ppDest, uint32_t *pLenAllocated)
Encodes CSR pCSR as a DER buffer and writes the result in ppDest.
SOPC_KeyManager_Certificate_CreateOrAddFromDER
SOPC_ReturnStatus SOPC_KeyManager_Certificate_CreateOrAddFromDER(const uint8_t *bufferDER, uint32_t lenDER, SOPC_CertificateList **ppCert)
Creates a new Certificate (signed public key) from a DER encoded buffer, or add it to an existing cer...
SOPC_KeyManager_CRL_ToDER_Files
SOPC_ReturnStatus SOPC_KeyManager_CRL_ToDER_Files(SOPC_CRLList *pCrls, const char *directoryPath)
Write all the CRL ( pCrls ) in DER files. at destination directoryPath . File names are defined using...
SOPC_KeyManager_Certificate_Copy
SOPC_ReturnStatus SOPC_KeyManager_Certificate_Copy(const SOPC_CertificateList *pCert, SOPC_CertificateList **ppCertCopy)
Makes a copy of a given certificate list.
sopc_crypto_decl.h
Defines the common declarations for the cryptographic objects.
SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile
SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile(const char *path, SOPC_SerializedAsymmetricKey **key)
Creates a serialized asymmetric key from a file in DER or PEM format.
SOPC_KeyManager_Certificate_GetMaybeApplicationUri
SOPC_ReturnStatus SOPC_KeyManager_Certificate_GetMaybeApplicationUri(const SOPC_CertificateList *pCert, char **ppApplicationUri, size_t *pStringLength)
Copy the application URI embedded in a certificate.
SOPC_KeyManager_AsymmetricKey_ToPEMFile
SOPC_ReturnStatus SOPC_KeyManager_AsymmetricKey_ToPEMFile(SOPC_AsymmetricKey *pKey, const bool bIsPublic, const char *filePath, const char *pwd, const uint32_t pwdLen)
Write an asymmetric key to a PEM file.
SOPC_KeyManager_AsymmetricKey_CreateFromBuffer
SOPC_ReturnStatus SOPC_KeyManager_AsymmetricKey_CreateFromBuffer(const uint8_t *buffer, uint32_t lenBuf, bool is_public, SOPC_AsymmetricKey **ppKey)
Creates an asymmetric key (usually a private key) from in-memory buffer buffer.
SOPC_KeyManager_AsymmetricKey_ToDER
SOPC_ReturnStatus SOPC_KeyManager_AsymmetricKey_ToDER(const SOPC_AsymmetricKey *pKey, bool is_public, uint8_t *pDest, uint32_t lenDest, uint32_t *pLenWritten)
Encodes the pKey as a DER buffer, and writes the result in pDest.
SOPC_Buffer
Bytes buffer structure.
Definition: sopc_buffer.h:38
SOPC_KeyManager_Certificate_GetCstring_SHA1
char * SOPC_KeyManager_Certificate_GetCstring_SHA1(const SOPC_CertificateList *pCert)
Returns the SHA-1 thumbprint of a certificate.
SOPC_CryptoProvider
The SOPC_CryptoProvider context.
Definition: sopc_crypto_provider.h:47
SOPC_KeyManager_SerializedAsymmetricKey_CreateFromKey
SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromKey(const SOPC_AsymmetricKey *pKey, bool is_public, SOPC_SerializedAsymmetricKey **out)
Creates a serialized asymmetric key from an SOPC_AsymmetricKey structure.
SOPC_KeyManager_Certificate_ToDER
SOPC_ReturnStatus SOPC_KeyManager_Certificate_ToDER(const SOPC_CertificateList *pCert, uint8_t **ppDest, uint32_t *pLenAllocated)
Encodes a pCert as a DER buffer and writes the result in ppDest.
SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile_WithPwd
SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile_WithPwd(const char *keyPath, SOPC_SerializedAsymmetricKey **key, char *password, uint32_t lenPassword)
Creates a serialized asymmetric key from a file in DER or PEM format with an optional password for th...
SOPC_KeyManager_Certificate_GetSanDnsNames
SOPC_ReturnStatus SOPC_KeyManager_Certificate_GetSanDnsNames(const SOPC_CertificateList *pCert, char ***ppDnsNameArray, uint32_t *pArrayLength)
Returns all the DNS names of certificate pCert as an array of C String.
SOPC_KeyManager_AsymmetricKey_Free
void SOPC_KeyManager_AsymmetricKey_Free(SOPC_AsymmetricKey *pKey)
Frees a previously created asymmetric key created with SOPC_KeyManager_AsymmetricKey_CreateFromBuffer...
SOPC_KeyManager_CSR_Free
void SOPC_KeyManager_CSR_Free(SOPC_CSR *pCSR)
Frees a CSR created with SOPC_KeyManager_CSR_Create.
SOPC_KeyManager_CSR_Create
SOPC_ReturnStatus SOPC_KeyManager_CSR_Create(const char *subjectName, const bool bIsServer, const char *mdType, const char *uri, char **pDnsArray, uint32_t arrayLength, SOPC_CSR **ppCSR)
Create a certificate signing request signed with pKey.
SOPC_KeyManager_SerializedAsymmetricKey_Delete
void SOPC_KeyManager_SerializedAsymmetricKey_Delete(SOPC_SerializedAsymmetricKey *key)
Releases all resources associated to a serialized asymmetric key.
SOPC_KeyManager_CRL_CreateOrAddFromDER
SOPC_ReturnStatus SOPC_KeyManager_CRL_CreateOrAddFromDER(const uint8_t *bufferDER, uint32_t lenDER, SOPC_CRLList **ppCRL)
Creates a new Certificate Revocation List (CRL) from a DER encoded buffer, or add it to an existing C...
SOPC_KeyManager_CRL_Copy
SOPC_ReturnStatus SOPC_KeyManager_CRL_Copy(const SOPC_CRLList *pCrl, SOPC_CRLList **ppCrlCopy)
Makes a copy of a given CRL list.
SOPC_KeyManager_SerializedCertificate_Delete
void SOPC_KeyManager_SerializedCertificate_Delete(SOPC_SerializedCertificate *cert)
Releases all resources associated to a serialized certificate.
SOPC_KeyManager_SerializedCertificate_CreateFromFile
SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_CreateFromFile(const char *path, SOPC_SerializedCertificate **cert)
Creates a serialized certificate from a file in DER format.
SOPC_CSR
The CSR representation.
Definition: key_manager_lib.h:94
SOPC_KeyManager_CRL_GetListLength
SOPC_ReturnStatus SOPC_KeyManager_CRL_GetListLength(const SOPC_CRLList *pCrl, size_t *pLength)
Returns the number of chained CRL in pCrl list.
SOPC_AsymmetricKey
The asymmetric key representation.
Definition: key_manager_lib.h:47
SOPC_KeyManager_CertificateList_RemoveCertFromSHA1
SOPC_ReturnStatus SOPC_KeyManager_CertificateList_RemoveCertFromSHA1(SOPC_CertificateList **ppCertList, SOPC_CRLList **ppCRLList, const char *pThumbprint, bool *pbMatch, bool *pbIsIssuer)
Remove a single Certificate from its thumbprint. If the Certificate is a CA Certificate then all the ...
SOPC_SecretBuffer
struct SOPC_SecretBuffer SOPC_SecretBuffer
Definition: sopc_secret_buffer.h:35
SOPC_KeyManager_SerializedAsymmetricKey_CreateFromData
SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromData(const uint8_t *data, uint32_t len, SOPC_SerializedAsymmetricKey **key)
Creates a serialized asymmetric key from a DER or PEM payload.
SOPC_KeyManager_AsymmetricKey_CreateFromCertificate
SOPC_ReturnStatus SOPC_KeyManager_AsymmetricKey_CreateFromCertificate(const SOPC_CertificateList *pCert, SOPC_AsymmetricKey **pKey)
Returns the public key of the signed public key.
SOPC_KeyManager_Certificate_GetThumbprint
SOPC_ReturnStatus SOPC_KeyManager_Certificate_GetThumbprint(const SOPC_CryptoProvider *pProvider, const SOPC_CertificateList *pCert, uint8_t *pDest, uint32_t lenDest)
Computes and writes the thumbprint of pCert to pDest.
SOPC_KeyManager_AsymmetricKey_GenRSA
SOPC_ReturnStatus SOPC_KeyManager_AsymmetricKey_GenRSA(uint32_t RSAKeySize, SOPC_AsymmetricKey **ppKey)
Generate an RSA asymmetric key.
SOPC_KeyManager_SerializedCertificate_CreateFromDER
SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_CreateFromDER(const uint8_t *der, uint32_t len, SOPC_SerializedCertificate **cert)
Creates a serialized certificate from a DER payload.
sopc_secret_buffer.h
SecretBuffer (mangled key) and ExposedBuffer (contiguous deciphered buffered) APIs.
SOPC_KeyManager_AsymmetricKey_CreateFromFile
SOPC_ReturnStatus SOPC_KeyManager_AsymmetricKey_CreateFromFile(const char *szPath, SOPC_AsymmetricKey **ppKey, char *password, uint32_t lenPassword)
Creates an asymmetric key (usually a private key) from a file in the DER or PEM format.
SOPC_CRLList
A list of Certificate Revocation Lists.
Definition: key_manager_lib.h:83
sopc_buffer.h
A buffer of bytes with a maximum size, length and position.
SOPC_KeyManager_Certificate_Free
void SOPC_KeyManager_Certificate_Free(SOPC_CertificateList *pCert)
Frees a Certificate created with SOPC_KeyManager_Certificate_CreateOrAddFromFile or SOPC_KeyManager_C...
SOPC_KeyManager_CRL_CreateOrAddFromFile
SOPC_ReturnStatus SOPC_KeyManager_CRL_CreateOrAddFromFile(const char *szPath, SOPC_CRLList **ppCRL)
Creates a new Certificate Revocation List (CRL) from a file in the DER or PEM format,...
SOPC_ReturnStatus
SOPC_ReturnStatus
Definition: libs2opc_client.h:64