sopc_key_manager.h File Reference

The SOPC_KeyManager provides an API for Asymmetric Key Management such as loading signed public keys (Certificate) and the corresponding private key. Also see sopc_key_manager_lib_itf.h for the complete API. More...

#include "sopc_crypto_decl.h"
#include "sopc_key_manager_lib_itf.h"

Go to the source code of this file.

Functions
SOPC_ReturnStatus	SOPC_KeyManager_SerializedAsymmetricKey_CreateFromData (const uint8_t *data, uint32_t len, SOPC_SerializedAsymmetricKey **key)
	Creates a serialized asymmetric key from a DER or PEM payload.
SOPC_ReturnStatus	SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile (const char *path, SOPC_SerializedAsymmetricKey **key)
	Creates a serialized asymmetric key from a file in DER or PEM format.
SOPC_ReturnStatus	SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile_WithPwd (const char *keyPath, SOPC_SerializedAsymmetricKey **key, char *password, uint32_t lenPassword)
	Creates a serialized asymmetric key from a file in DER or PEM format with an optional password for the encrypted private key (PEM format).
SOPC_ReturnStatus	SOPC_KeyManager_SerializedAsymmetricKey_CreateFromKey (const SOPC_AsymmetricKey *pKey, bool is_public, SOPC_SerializedAsymmetricKey **out)
	Creates a serialized asymmetric key from an SOPC_AsymmetricKey structure.
SOPC_ReturnStatus	SOPC_KeyManager_SerializedAsymmetricKey_Deserialize (const SOPC_SerializedAsymmetricKey *key, bool is_public, SOPC_AsymmetricKey **res)
	Deserializes a serialized key.
void	SOPC_KeyManager_SerializedAsymmetricKey_Delete (SOPC_SerializedAsymmetricKey *key)
	Releases all resources associated to a serialized asymmetric key.
SOPC_ReturnStatus	SOPC_KeyManager_SerializedCertificate_CreateFromDER (const uint8_t *der, uint32_t len, SOPC_SerializedCertificate **cert)
	Creates a serialized certificate from a DER payload.
SOPC_ReturnStatus	SOPC_KeyManager_SerializedCertificate_CreateFromFile (const char *path, SOPC_SerializedCertificate **cert)
	Creates a serialized certificate from a file in DER or PEM format.
void	SOPC_KeyManager_SerializedCertificate_Delete (SOPC_SerializedCertificate *cert)
	Releases all resources associated to a serialized certificate.
SOPC_ReturnStatus	SOPC_KeyManager_SerializedCertificate_Deserialize (const SOPC_SerializedCertificate *cert, SOPC_CertificateList **res)
	Deserializes a serialized certificate.
const SOPC_Buffer *	SOPC_KeyManager_SerializedCertificate_Data (const SOPC_SerializedCertificate *cert)
	Returns the data held in a serialized certificate.
const SOPC_Buffer *	SOPC_KeyManager_SerializedCRL_Data (const SOPC_SerializedCRL *crl)
	Returns the data held in a serialized CRL.

Detailed Description

The SOPC_KeyManager provides an API for Asymmetric Key Management such as loading signed public keys (Certificate) and the corresponding private key. Also see sopc_key_manager_lib_itf.h for the complete API.

KeyManager is different than PKIProvider, which only handles signed public key validation and storage.

KeyManager API is context-less. The KeyManager is generic, and is not linked to the current security policy.

Function Documentation

SOPC_KeyManager_SerializedAsymmetricKey_CreateFromData()

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromData	(	const uint8_t *	data,
		uint32_t	len,
		SOPC_SerializedAsymmetricKey **	key )

Creates a serialized asymmetric key from a DER or PEM payload.

Parameters

	data	the key data in DER or PEM format
	len	length of the data
[out]	key	the created serialized key

Returns

SOPC_STATUS_OK on success, or an error code in case of failure.

SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile()

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile	(	const char *	path,
		SOPC_SerializedAsymmetricKey **	key )

Creates a serialized asymmetric key from a file in DER or PEM format.

Parameters

	path	path to the file
[out]	key	the created serialized key

Deprecated

Use SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile_WithPwd instead

Returns

SOPC_STATUS_OK on success, or an error code in case of failure.

SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile_WithPwd()

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromFile_WithPwd	(	const char *	keyPath,
		SOPC_SerializedAsymmetricKey **	key,
		char *	password,
		uint32_t	lenPassword )

Creates a serialized asymmetric key from a file in DER or PEM format with an optional password for the encrypted private key (PEM format).

Parameters

	keyPath	The path to the DER/PEM file.
[out]	key	A valid pointer pointing to NULL which will be set to the newly allocated serialized key.
	password	An optional password (!= NULL). The password must be a zero-terminated string with at most lenPassword non null chars, and at least lenPassword + 1 allocated chars.
	lenPassword	The length of the password.

Note

Supported encryption algorithm: AES-128-CBC, AES-192-CBC and AES-256-CBC

Returns

SOPC_STATUS_OK on success, or an error code in case of failure.

SOPC_KeyManager_SerializedAsymmetricKey_CreateFromKey()

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_CreateFromKey	(	const SOPC_AsymmetricKey *	pKey,
		bool	is_public,
		SOPC_SerializedAsymmetricKey **	out )

Creates a serialized asymmetric key from an SOPC_AsymmetricKey structure.

Parameters

	pKey	A valid pointer to the asymmetric key (public/private) to serialize.
	is_public	Whether the key is public or private.
[out]	out	A valid pointer pointing to NULL which will be set to the newly allocated serialized key

Returns

SOPC_STATUS_OK on success, or an error code in case of failure.

SOPC_KeyManager_SerializedAsymmetricKey_Deserialize()

SOPC_ReturnStatus SOPC_KeyManager_SerializedAsymmetricKey_Deserialize	(	const SOPC_SerializedAsymmetricKey *	key,
		bool	is_public,
		SOPC_AsymmetricKey **	res )

Deserializes a serialized key.

Parameters

	key	the serialized key
	is_public	whether the serialized key is a public or a private key
[out]	res	A valid pointer pointing to NULL which will be set to the newly allocated SOPC_AsymmetricKey

Returns

SOPC_STATUS_OK on success, or an error code in case of failure.

SOPC_KeyManager_SerializedAsymmetricKey_Delete()

void SOPC_KeyManager_SerializedAsymmetricKey_Delete

(

SOPC_SerializedAsymmetricKey *

key

)

Releases all resources associated to a serialized asymmetric key.

Parameters

key	The serialized key

SOPC_KeyManager_SerializedCertificate_CreateFromDER()

SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_CreateFromDER	(	const uint8_t *	der,
		uint32_t	len,
		SOPC_SerializedCertificate **	cert )

Creates a serialized certificate from a DER payload.

Parameters

	der	the certificate data in DER format
	len	length of the DER data
[out]	cert	A valid pointer pointing to NULL which will be set to the newly allocated serialized certificate

Returns

SOPC_STATUS_OK on success, or an error code in case of failure.

SOPC_KeyManager_SerializedCertificate_CreateFromFile()

SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_CreateFromFile	(	const char *	path,
		SOPC_SerializedCertificate **	cert )

Creates a serialized certificate from a file in DER or PEM format.

Parameters

	path	path to the file
[out]	cert	A valid pointer pointing to NULL which will be set to the newly allocated serialized certificate

Returns

SOPC_STATUS_OK on success, or an error code in case of failure.

SOPC_KeyManager_SerializedCertificate_Delete()

void SOPC_KeyManager_SerializedCertificate_Delete

(

SOPC_SerializedCertificate *

cert

)

Releases all resources associated to a serialized certificate.

Parameters

cert	The serialized certificate

SOPC_KeyManager_SerializedCertificate_Deserialize()

SOPC_ReturnStatus SOPC_KeyManager_SerializedCertificate_Deserialize	(	const SOPC_SerializedCertificate *	cert,
		SOPC_CertificateList **	res )

Deserializes a serialized certificate.

Parameters

	cert	the serialized certificate
[out]	res	A valid pointer pointing to NULL which will be set to the newly allocated SOPC_CertificateList

Returns

SOPC_STATUS_OK on success, or an error code in case of failure.

SOPC_KeyManager_SerializedCertificate_Data()

const SOPC_Buffer * SOPC_KeyManager_SerializedCertificate_Data

(

const SOPC_SerializedCertificate *

cert

)

Returns the data held in a serialized certificate.

Parameters

cert	the serialized certificate

Returns

The data held in the serialized certificate. The returned memory is owned by the serialized certificate, and should not be modified or freed.

SOPC_KeyManager_SerializedCRL_Data()

const SOPC_Buffer * SOPC_KeyManager_SerializedCRL_Data

(

const SOPC_SerializedCRL *

crl

)

Returns the data held in a serialized CRL.

Parameters

crl	the serialized CRL

Returns

The data held in the serialized CRL. The returned memory is owned by the serialized CRL, and should not be modified or freed.