<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<title>Heimdalx509library: hx509 CA functions</title>
<link href="doxygen.css" rel="stylesheet" type="text/css">
<link href="tabs.css" rel="stylesheet" type="text/css">
</head><body>
<p>
<a href="http://www.h5l.org/"><img src="http://www.h5l.org/keyhole-heimdal.png" alt="keyhole logo"/></a>
</p>
<!-- end of header marker -->
<!-- Generated by Doxygen 1.5.6 -->
<div class="navigation" id="top">
<div class="tabs">
<ul>
<li><a href="index.html"><span>Main Page</span></a></li>
<li><a href="pages.html"><span>Related Pages</span></a></li>
<li><a href="modules.html"><span>Modules</span></a></li>
</ul>
</div>
</div>
<div class="contents">
<h1>hx509 CA functions</h1><table border="0" cellpadding="0" cellspacing="0">
<tr><td></td></tr>
<tr><td colspan="2"><br><h2>Functions</h2></td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g627b48e10d0b3576aec5823d6098ea3a">hx509_ca_tbs_init</a> (hx509_context context, hx509_ca_tbs *tbs)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g89eef97566653fbbe6ab32b59ea99299">hx509_ca_tbs_free</a> (hx509_ca_tbs *tbs)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g6a124401ceb514cf16cf8e3721234d03">hx509_ca_tbs_set_notBefore</a> (hx509_context context, hx509_ca_tbs tbs, time_t t)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#gc64ad4daabe3c912be50c2a32af4fe05">hx509_ca_tbs_set_notAfter</a> (hx509_context context, hx509_ca_tbs tbs, time_t t)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g587184eedd56450858eb74cae842f084">hx509_ca_tbs_set_notAfter_lifetime</a> (hx509_context context, hx509_ca_tbs tbs, time_t delta)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">struct units * </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g2809ea576f40642337c8bf49071723b0">hx509_ca_tbs_template_units</a> (void)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g2d7c245443a81540ff993e7cc6f51ebb">hx509_ca_tbs_set_template</a> (hx509_context context, hx509_ca_tbs tbs, int flags, hx509_cert cert)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g3e105ce23d67234c3b5d35a0752449cf">hx509_ca_tbs_set_ca</a> (hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g215241c575ae3296e137f155a0a4dd6e">hx509_ca_tbs_set_proxy</a> (hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#ge41a6e44a39c95e6c29376985f0b39b0">hx509_ca_tbs_set_domaincontroller</a> (hx509_context context, hx509_ca_tbs tbs)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#ge12bfa65cf1112bf3181a5499e8f7ba6">hx509_ca_tbs_set_spki</a> (hx509_context context, hx509_ca_tbs tbs, const SubjectPublicKeyInfo *spki)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g3f611617f0001575b723a4a9c0d9b3ca">hx509_ca_tbs_set_serialnumber</a> (hx509_context context, hx509_ca_tbs tbs, const heim_integer *serialNumber)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g4d26e70019741e516dc92158914cd414">hx509_ca_tbs_add_eku</a> (hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g8c5b557c63342686630b62239396b96a">hx509_ca_tbs_add_crl_dp_uri</a> (hx509_context context, hx509_ca_tbs tbs, const char *uri, hx509_name issuername)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g8e938c9e9b1fea29e5bf77a2824891e2">hx509_ca_tbs_add_san_otherName</a> (hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid, const heim_octet_string *os)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#gede019208dbf7ad49cd077951887c4c3">hx509_ca_tbs_add_san_pkinit</a> (hx509_context context, hx509_ca_tbs tbs, const char *principal)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#gbc4f3398499094a859fbceb769ba5051">hx509_ca_tbs_add_san_ms_upn</a> (hx509_context context, hx509_ca_tbs tbs, const char *principal)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g6286a0d6f375949301d62215184e7275">hx509_ca_tbs_add_san_jid</a> (hx509_context context, hx509_ca_tbs tbs, const char *jid)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g3f4c23c964ef2331b45f80fb5355ede7">hx509_ca_tbs_add_san_hostname</a> (hx509_context context, hx509_ca_tbs tbs, const char *dnsname)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#gf621ee0bac71f4ee09881812f4c4d196">hx509_ca_tbs_add_san_rfc822name</a> (hx509_context context, hx509_ca_tbs tbs, const char *rfc822Name)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g9e8cf374812308654e3d7270afb59da1">hx509_ca_tbs_set_subject</a> (hx509_context context, hx509_ca_tbs tbs, hx509_name subject)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#ge22ea3d0201845dbc73f4b21502face6">hx509_ca_tbs_set_unique</a> (hx509_context context, hx509_ca_tbs tbs, const heim_bit_string *subjectUniqueID, const heim_bit_string *issuerUniqueID)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g36432d6249ee668196a692c7286d09ce">hx509_ca_tbs_subject_expand</a> (hx509_context context, hx509_ca_tbs tbs, hx509_env env)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g3f0ff00b9c54018e346eed759b25ae16">hx509_ca_sign</a> (hx509_context context, hx509_ca_tbs tbs, hx509_cert signer, hx509_cert *certificate)</td></tr>
<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__ca.html#g310b010421b8a7c169566ef74ce319fb">hx509_ca_sign_self</a> (hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, hx509_cert *certificate)</td></tr>
</table>
<hr><a name="_details"></a><h2>Detailed Description</h2>
See the <a class="el" href="page_ca.html">Hx509 CA functions</a> for description and examples. <hr><h2>Function Documentation</h2>
<a class="anchor" name="g3f0ff00b9c54018e346eed759b25ae16"></a><!-- doxytag: member="ca.c::hx509_ca_sign" ref="g3f0ff00b9c54018e346eed759b25ae16" args="(hx509_context context, hx509_ca_tbs tbs, hx509_cert signer, hx509_cert *certificate)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_sign </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_cert </td>
<td class="paramname"> <em>signer</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_cert * </td>
<td class="paramname"> <em>certificate</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Sign a to-be-signed certificate object with a issuer certificate.<p>
The caller needs to at least have called the following functions on the to-be-signed certificate object:<ul>
<li><a class="el" href="group__hx509__ca.html#g627b48e10d0b3576aec5823d6098ea3a">hx509_ca_tbs_init()</a></li><li><a class="el" href="group__hx509__ca.html#g9e8cf374812308654e3d7270afb59da1">hx509_ca_tbs_set_subject()</a></li><li><a class="el" href="group__hx509__ca.html#ge12bfa65cf1112bf3181a5499e8f7ba6">hx509_ca_tbs_set_spki()</a></li></ul>
<p>
When done the to-be-signed certificate object should be freed with <a class="el" href="group__hx509__ca.html#g89eef97566653fbbe6ab32b59ea99299">hx509_ca_tbs_free()</a>.<p>
When creating self-signed certificate use <a class="el" href="group__hx509__ca.html#g310b010421b8a7c169566ef74ce319fb">hx509_ca_sign_self()</a> instead.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>signer</em> </td><td>the CA certificate object to sign with (need private key). </td></tr>
<tr><td valign="top"></td><td valign="top"><em>certificate</em> </td><td>return cerificate, free with <a class="el" href="group__hx509__cert.html#gd2f9bb0ddc4babb26a8ccd983db8c948">hx509_cert_free()</a>.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g310b010421b8a7c169566ef74ce319fb"></a><!-- doxytag: member="ca.c::hx509_ca_sign_self" ref="g310b010421b8a7c169566ef74ce319fb" args="(hx509_context context, hx509_ca_tbs tbs, hx509_private_key signer, hx509_cert *certificate)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_sign_self </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_private_key </td>
<td class="paramname"> <em>signer</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_cert * </td>
<td class="paramname"> <em>certificate</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Work just like <a class="el" href="group__hx509__ca.html#g3f0ff00b9c54018e346eed759b25ae16">hx509_ca_sign()</a> but signs it-self.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>signer</em> </td><td>private key to sign with. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>certificate</em> </td><td>return cerificate, free with <a class="el" href="group__hx509__cert.html#gd2f9bb0ddc4babb26a8ccd983db8c948">hx509_cert_free()</a>.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g8c5b557c63342686630b62239396b96a"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_crl_dp_uri" ref="g8c5b557c63342686630b62239396b96a" args="(hx509_context context, hx509_ca_tbs tbs, const char *uri, hx509_name issuername)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_add_crl_dp_uri </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const char * </td>
<td class="paramname"> <em>uri</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_name </td>
<td class="paramname"> <em>issuername</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Add CRL distribution point URI to the to-be-signed certificate object.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>uri</em> </td><td>uri to the CRL. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>issuername</em> </td><td>name of the issuer.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
<p>
issuername not supported
</div>
</div><p>
<a class="anchor" name="g4d26e70019741e516dc92158914cd414"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_eku" ref="g4d26e70019741e516dc92158914cd414" args="(hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_add_eku </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const heim_oid * </td>
<td class="paramname"> <em>oid</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
An an extended key usage to the to-be-signed certificate object. Duplicates will detected and not added.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>oid</em> </td><td>extended key usage to add.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g3f4c23c964ef2331b45f80fb5355ede7"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_hostname" ref="g3f4c23c964ef2331b45f80fb5355ede7" args="(hx509_context context, hx509_ca_tbs tbs, const char *dnsname)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_add_san_hostname </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const char * </td>
<td class="paramname"> <em>dnsname</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Add a Subject Alternative Name hostname to to-be-signed certificate object. A domain match starts with ., an exact match does not.<p>
Example of a an domain match: .domain.se matches the hostname host.domain.se.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>dnsname</em> </td><td>a hostame.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g6286a0d6f375949301d62215184e7275"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_jid" ref="g6286a0d6f375949301d62215184e7275" args="(hx509_context context, hx509_ca_tbs tbs, const char *jid)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_add_san_jid </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const char * </td>
<td class="paramname"> <em>jid</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Add a Jabber/XMPP jid Subject Alternative Name to the to-be-signed certificate object. The jid is an UTF8 string.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>jid</em> </td><td>string of an a jabber id in UTF8.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="gbc4f3398499094a859fbceb769ba5051"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_ms_upn" ref="gbc4f3398499094a859fbceb769ba5051" args="(hx509_context context, hx509_ca_tbs tbs, const char *principal)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_add_san_ms_upn </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const char * </td>
<td class="paramname"> <em>principal</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Add Microsoft UPN Subject Alternative Name to the to-be-signed certificate object. The principal string is a UTF8 string.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>principal</em> </td><td>Microsoft UPN string.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g8e938c9e9b1fea29e5bf77a2824891e2"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_otherName" ref="g8e938c9e9b1fea29e5bf77a2824891e2" args="(hx509_context context, hx509_ca_tbs tbs, const heim_oid *oid, const heim_octet_string *os)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_add_san_otherName </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const heim_oid * </td>
<td class="paramname"> <em>oid</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const heim_octet_string * </td>
<td class="paramname"> <em>os</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Add Subject Alternative Name otherName to the to-be-signed certificate object.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>oid</em> </td><td>the oid of the OtherName. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>os</em> </td><td>data in the other name.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="gede019208dbf7ad49cd077951887c4c3"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_pkinit" ref="gede019208dbf7ad49cd077951887c4c3" args="(hx509_context context, hx509_ca_tbs tbs, const char *principal)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_add_san_pkinit </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const char * </td>
<td class="paramname"> <em>principal</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Add Kerberos Subject Alternative Name to the to-be-signed certificate object. The principal string is a UTF8 string.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>principal</em> </td><td>Kerberos principal to add to the certificate.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="gf621ee0bac71f4ee09881812f4c4d196"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_add_san_rfc822name" ref="gf621ee0bac71f4ee09881812f4c4d196" args="(hx509_context context, hx509_ca_tbs tbs, const char *rfc822Name)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_add_san_rfc822name </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const char * </td>
<td class="paramname"> <em>rfc822Name</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Add a Subject Alternative Name rfc822 (email address) to to-be-signed certificate object.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>rfc822Name</em> </td><td>a string to a email address.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g89eef97566653fbbe6ab32b59ea99299"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_free" ref="g89eef97566653fbbe6ab32b59ea99299" args="(hx509_ca_tbs *tbs)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">void hx509_ca_tbs_free </td>
<td>(</td>
<td class="paramtype">hx509_ca_tbs * </td>
<td class="paramname"> <em>tbs</em> </td>
<td> ) </td>
<td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Free an To Be Signed object.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to free. </td></tr>
</table>
</dl>
</div>
</div><p>
<a class="anchor" name="g627b48e10d0b3576aec5823d6098ea3a"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_init" ref="g627b48e10d0b3576aec5823d6098ea3a" args="(hx509_context context, hx509_ca_tbs *tbs)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_init </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs * </td>
<td class="paramname"> <em>tbs</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Allocate an to-be-signed certificate object that will be converted into an certificate.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>returned to-be-signed certicate object, free with <a class="el" href="group__hx509__ca.html#g89eef97566653fbbe6ab32b59ea99299">hx509_ca_tbs_free()</a>.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g3e105ce23d67234c3b5d35a0752449cf"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_ca" ref="g3e105ce23d67234c3b5d35a0752449cf" args="(hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_ca </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">int </td>
<td class="paramname"> <em>pathLenConstraint</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Make the to-be-signed certificate object a CA certificate. If the pathLenConstraint is negative path length constraint is used.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>pathLenConstraint</em> </td><td>path length constraint, negative, no constraint.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="ge41a6e44a39c95e6c29376985f0b39b0"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_domaincontroller" ref="ge41a6e44a39c95e6c29376985f0b39b0" args="(hx509_context context, hx509_ca_tbs tbs)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_domaincontroller </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Make the to-be-signed certificate object a windows domain controller certificate.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="gc64ad4daabe3c912be50c2a32af4fe05"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_notAfter" ref="gc64ad4daabe3c912be50c2a32af4fe05" args="(hx509_context context, hx509_ca_tbs tbs, time_t t)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_notAfter </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">time_t </td>
<td class="paramname"> <em>t</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Set the absolute time when the certificate is valid to.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>t</em> </td><td>time when the certificate will expire</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g587184eedd56450858eb74cae842f084"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_notAfter_lifetime" ref="g587184eedd56450858eb74cae842f084" args="(hx509_context context, hx509_ca_tbs tbs, time_t delta)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_notAfter_lifetime </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">time_t </td>
<td class="paramname"> <em>delta</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Set the relative time when the certificiate is going to expire.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>delta</em> </td><td>seconds to the certificate is going to expire.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g6a124401ceb514cf16cf8e3721234d03"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_notBefore" ref="g6a124401ceb514cf16cf8e3721234d03" args="(hx509_context context, hx509_ca_tbs tbs, time_t t)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_notBefore </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">time_t </td>
<td class="paramname"> <em>t</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Set the absolute time when the certificate is valid from. If not set the current time will be used.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>t</em> </td><td>time the certificated will start to be valid</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g215241c575ae3296e137f155a0a4dd6e"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_proxy" ref="g215241c575ae3296e137f155a0a4dd6e" args="(hx509_context context, hx509_ca_tbs tbs, int pathLenConstraint)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_proxy </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">int </td>
<td class="paramname"> <em>pathLenConstraint</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Make the to-be-signed certificate object a proxy certificate. If the pathLenConstraint is negative path length constraint is used.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>pathLenConstraint</em> </td><td>path length constraint, negative, no constraint.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g3f611617f0001575b723a4a9c0d9b3ca"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_serialnumber" ref="g3f611617f0001575b723a4a9c0d9b3ca" args="(hx509_context context, hx509_ca_tbs tbs, const heim_integer *serialNumber)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_serialnumber </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const heim_integer * </td>
<td class="paramname"> <em>serialNumber</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Set the serial number to use for to-be-signed certificate object.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>serialNumber</em> </td><td>serial number to use for the to-be-signed certificate object.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="ge12bfa65cf1112bf3181a5499e8f7ba6"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_spki" ref="ge12bfa65cf1112bf3181a5499e8f7ba6" args="(hx509_context context, hx509_ca_tbs tbs, const SubjectPublicKeyInfo *spki)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_spki </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const SubjectPublicKeyInfo * </td>
<td class="paramname"> <em>spki</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Set the subject public key info (SPKI) in the to-be-signed certificate object. SPKI is the public key and key related parameters in the certificate.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>spki</em> </td><td>subject public key info to use for the to-be-signed certificate object.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g9e8cf374812308654e3d7270afb59da1"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_subject" ref="g9e8cf374812308654e3d7270afb59da1" args="(hx509_context context, hx509_ca_tbs tbs, hx509_name subject)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_subject </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_name </td>
<td class="paramname"> <em>subject</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Set the subject name of a to-be-signed certificate object.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>subject</em> </td><td>the name to set a subject.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g2d7c245443a81540ff993e7cc6f51ebb"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_template" ref="g2d7c245443a81540ff993e7cc6f51ebb" args="(hx509_context context, hx509_ca_tbs tbs, int flags, hx509_cert cert)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_template </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">int </td>
<td class="paramname"> <em>flags</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_cert </td>
<td class="paramname"> <em>cert</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Initialize the to-be-signed certificate object from a template certifiate.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>flags</em> </td><td>bit field selecting what to copy from the template certifiate. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>cert</em> </td><td>template certificate.</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="ge22ea3d0201845dbc73f4b21502face6"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_set_unique" ref="ge22ea3d0201845dbc73f4b21502face6" args="(hx509_context context, hx509_ca_tbs tbs, const heim_bit_string *subjectUniqueID, const heim_bit_string *issuerUniqueID)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_set_unique </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const heim_bit_string * </td>
<td class="paramname"> <em>subjectUniqueID</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">const heim_bit_string * </td>
<td class="paramname"> <em>issuerUniqueID</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Set the issuerUniqueID and subjectUniqueID<p>
These are only supposed to be used considered with version 2 certificates, replaced by the two extensions SubjectKeyIdentifier and IssuerKeyIdentifier. This function is to allow application using legacy protocol to issue them.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>issuerUniqueID</em> </td><td>to be set </td></tr>
<tr><td valign="top"></td><td valign="top"><em>subjectUniqueID</em> </td><td>to be set</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g36432d6249ee668196a692c7286d09ce"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_subject_expand" ref="g36432d6249ee668196a692c7286d09ce" args="(hx509_context context, hx509_ca_tbs tbs, hx509_env env)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int hx509_ca_tbs_subject_expand </td>
<td>(</td>
<td class="paramtype">hx509_context </td>
<td class="paramname"> <em>context</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_ca_tbs </td>
<td class="paramname"> <em>tbs</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">hx509_env </td>
<td class="paramname"> <em>env</em></td><td> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td><td></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Expand the the subject name in the to-be-signed certificate object using <a class="el" href="group__hx509__name.html#g42015083c70b6aa29c4f082998dbbece">hx509_name_expand()</a>.<p>
<dl compact><dt><b>Parameters:</b></dt><dd>
<table border="0" cellspacing="2" cellpadding="0">
<tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>tbs</em> </td><td>object to be signed. </td></tr>
<tr><td valign="top"></td><td valign="top"><em>env</em> </td><td>enviroment variable to expand variables in the subject name, see hx509_env_init().</td></tr>
</table>
</dl>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>An hx509 error code, see <a class="el" href="group__hx509__error.html#g15791abff76719acb531223fdcbcac87">hx509_get_error_string()</a>. </dd></dl>
</div>
</div><p>
<a class="anchor" name="g2809ea576f40642337c8bf49071723b0"></a><!-- doxytag: member="ca.c::hx509_ca_tbs_template_units" ref="g2809ea576f40642337c8bf49071723b0" args="(void)" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">struct units* hx509_ca_tbs_template_units </td>
<td>(</td>
<td class="paramtype">void </td>
<td class="paramname"> </td>
<td> ) </td>
<td><code> [read]</code></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>
Make of template units, use to build flags argument to <a class="el" href="group__hx509__ca.html#g2d7c245443a81540ff993e7cc6f51ebb">hx509_ca_tbs_set_template()</a> with parse_units().<p>
<dl class="return" compact><dt><b>Returns:</b></dt><dd>an units structure. </dd></dl>
</div>
</div><p>
</div>
<hr size="1"><address style="text-align: right;"><small>
Generated on Wed Jan 11 14:07:41 2012 for Heimdalx509library by <a href="http://www.doxygen.org/index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.6</small></address>
</body>
</html>