S2OPC OPCUA Toolkit
Loading...
Searching...
No Matches
sopc_pki_stack.h
Go to the documentation of this file.
1/*
2 * Licensed to Systerel under one or more contributor license
3 * agreements. See the NOTICE file distributed with this work
4 * for additional information regarding copyright ownership.
5 * Systerel licenses this file to you under the Apache
6 * License, Version 2.0 (the "License"); you may not use this
7 * file except in compliance with the License. You may obtain
8 * a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19
33#ifndef SOPC_PKI_STACK_H_
34#define SOPC_PKI_STACK_H_
35
36#include "sopc_pki_stack_lib_itf.h"
37
38/*
39 * ------------------------------------------------------------------------------------------------
40 * Create API
41 * ------------------------------------------------------------------------------------------------
42 */
43
93SOPC_ReturnStatus SOPC_PKIProvider_CreateFromStore(const char* directoryStorePath, SOPC_PKIProvider** ppPKI);
94
124SOPC_ReturnStatus SOPC_PKIProvider_CreateFromList(SOPC_CertificateList* pTrustedCerts,
125 SOPC_CRLList* pTrustedCrl,
126 SOPC_CertificateList* pIssuerCerts,
127 SOPC_CRLList* pIssuerCrl,
128 SOPC_PKIProvider** ppPKI);
129
130/*
131 * ------------------------------------------------------------------------------------------------
132 * LeafProfile API
133 * ------------------------------------------------------------------------------------------------
134 */
135
153SOPC_ReturnStatus SOPC_PKIProvider_CreateLeafProfile(const char* securityPolicyUri, SOPC_PKI_LeafProfile** ppProfile);
154
165SOPC_ReturnStatus SOPC_PKIProvider_LeafProfileSetURI(SOPC_PKI_LeafProfile* pProfile, const char* applicationUri);
166
177SOPC_ReturnStatus SOPC_PKIProvider_LeafProfileSetURL(SOPC_PKI_LeafProfile* pProfile, const char* url);
178
194SOPC_ReturnStatus SOPC_PKIProvider_LeafProfileSetUsageFromType(SOPC_PKI_LeafProfile* pProfile, SOPC_PKI_Type PKIType);
195
207SOPC_ReturnStatus SOPC_PKIProvider_CheckLeafCertificate(const SOPC_CertificateList* pToValidate,
208 const SOPC_PKI_LeafProfile* pProfile,
209 uint32_t* error);
210
216void SOPC_PKIProvider_DeleteLeafProfile(SOPC_PKI_LeafProfile** ppProfile);
217
218/*
219 * ------------------------------------------------------------------------------------------------
220 * Profile API
221 * ------------------------------------------------------------------------------------------------
222 */
223
238SOPC_ReturnStatus SOPC_PKIProvider_CreateProfile(const char* securityPolicyUri, SOPC_PKI_Profile** ppProfile);
239
247SOPC_ReturnStatus SOPC_PKIProvider_CreateMinimalUserProfile(SOPC_PKI_Profile** ppProfile);
248
266SOPC_ReturnStatus SOPC_PKIProvider_ProfileSetUsageFromType(SOPC_PKI_Profile* pProfile, SOPC_PKI_Type PKIType);
267
278SOPC_ReturnStatus SOPC_PKIProvider_ProfileSetURI(SOPC_PKI_Profile* pProfile, const char* applicationUri);
279
290SOPC_ReturnStatus SOPC_PKIProvider_ProfileSetURL(SOPC_PKI_Profile* pProfile, const char* url);
291
297void SOPC_PKIProvider_DeleteProfile(SOPC_PKI_Profile** ppProfile);
298
309SOPC_ReturnStatus SOPC_PKIProvider_SetStorePath(const char* directoryStorePath, SOPC_PKIProvider* pPKI);
310
329SOPC_ReturnStatus SOPC_PKIProvider_ValidateCertificate(SOPC_PKIProvider* pPKI,
330 const SOPC_CertificateList* pToValidate,
331 const SOPC_PKI_Profile* pProfile,
332 uint32_t* error);
333
352SOPC_ReturnStatus SOPC_PKIProvider_WriteToStore(SOPC_PKIProvider* pPKI, const bool bEraseExistingFiles);
353
377SOPC_ReturnStatus SOPC_PKIProvider_WriteOrAppendToList(SOPC_PKIProvider* pPKI,
378 SOPC_CertificateList** ppTrustedCerts,
379 SOPC_CRLList** ppTrustedCrl,
380 SOPC_CertificateList** ppIssuerCerts,
381 SOPC_CRLList** ppIssuerCrl);
382
397SOPC_ReturnStatus SOPC_PKIProvider_WriteRejectedCertToStore(SOPC_PKIProvider* pPKI);
398
408SOPC_ReturnStatus SOPC_PKIProvider_CopyRejectedList(SOPC_PKIProvider* pPKI, SOPC_CertificateList** ppCert);
409
426SOPC_ReturnStatus SOPC_PKIProvider_UpdateFromList(SOPC_PKIProvider* pPKI,
427 const char* securityPolicyUri,
428 SOPC_CertificateList* pTrustedCerts,
429 SOPC_CRLList* pTrustedCrl,
430 SOPC_CertificateList* pIssuerCerts,
431 SOPC_CRLList* pIssuerCrl,
432 const bool bIncludeExistingList);
433
449SOPC_ReturnStatus SOPC_PKIProvider_RemoveCertificate(SOPC_PKIProvider* pPKI,
450 const char* pThumbprint,
451 const bool bIsTrusted,
452 bool* pIsRemoved,
453 bool* pIsIssuer);
454
465SOPC_ReturnStatus SOPC_PKIPermissive_Create(SOPC_PKIProvider** ppPKI);
466
484SOPC_ReturnStatus SOPC_PKIProvider_SetUpdateCb(SOPC_PKIProvider* pPKI,
485 SOPC_PKIProviderUpdateCb* pUpdateCb,
486 uintptr_t updateParam);
487
493void SOPC_PKIProvider_Free(SOPC_PKIProvider** ppPKI);
494
495#endif /* SOPC_PKI_STACK_H_ */
SOPC_ReturnStatus
enum _SOPC_ReturnStatus SOPC_ReturnStatus
Common enumerations for S2OPC.
SOPC_PKI_Type
SOPC_PKI_Type
Type of PKI.
Definition sopc_pki_decl.h:129
SOPC_PKIProviderUpdateCb
void SOPC_PKIProviderUpdateCb(uintptr_t updateParam)
Type of the callback triggered on PKI certificates update.
Definition sopc_pki_decl.h:140
SOPC_PKIProvider_WriteOrAppendToList
SOPC_ReturnStatus SOPC_PKIProvider_WriteOrAppendToList(SOPC_PKIProvider *pPKI, SOPC_CertificateList **ppTrustedCerts, SOPC_CRLList **ppTrustedCrl, SOPC_CertificateList **ppIssuerCerts, SOPC_CRLList **ppIssuerCrl)
Extracts certificates from the PKI object.
SOPC_PKIProvider_CopyRejectedList
SOPC_ReturnStatus SOPC_PKIProvider_CopyRejectedList(SOPC_PKIProvider *pPKI, SOPC_CertificateList **ppCert)
Copy the list of certificate that have been rejected.
SOPC_PKIProvider_WriteRejectedCertToStore
SOPC_ReturnStatus SOPC_PKIProvider_WriteRejectedCertToStore(SOPC_PKIProvider *pPKI)
Write the rejected certificates files in the rejected folder of the PKI storage. The format of the wr...
SOPC_PKIProvider_ValidateCertificate
SOPC_ReturnStatus SOPC_PKIProvider_ValidateCertificate(SOPC_PKIProvider *pPKI, const SOPC_CertificateList *pToValidate, const SOPC_PKI_Profile *pProfile, uint32_t *error)
Validation function for a certificate with the PKI chain.
SOPC_PKIProvider_UpdateFromList
SOPC_ReturnStatus SOPC_PKIProvider_UpdateFromList(SOPC_PKIProvider *pPKI, const char *securityPolicyUri, SOPC_CertificateList *pTrustedCerts, SOPC_CRLList *pTrustedCrl, SOPC_CertificateList *pIssuerCerts, SOPC_CRLList *pIssuerCrl, const bool bIncludeExistingList)
Update the PKI with new lists of certificates and CRL.
SOPC_PKIProvider_ProfileSetURI
SOPC_ReturnStatus SOPC_PKIProvider_ProfileSetURI(SOPC_PKI_Profile *pProfile, const char *applicationUri)
Set the application URI to the PKI profile.
SOPC_PKIProvider_LeafProfileSetUsageFromType
SOPC_ReturnStatus SOPC_PKIProvider_LeafProfileSetUsageFromType(SOPC_PKI_LeafProfile *pProfile, SOPC_PKI_Type PKIType)
Set the keyUsage and extendedKeyUsage to the leaf profile from the PKI type.
SOPC_PKIProvider_Free
void SOPC_PKIProvider_Free(SOPC_PKIProvider **ppPKI)
Frees allocated PKIs.
SOPC_PKIPermissive_Create
SOPC_ReturnStatus SOPC_PKIPermissive_Create(SOPC_PKIProvider **ppPKI)
Creates a PKI Provider without security.
SOPC_PKIProvider_LeafProfileSetURI
SOPC_ReturnStatus SOPC_PKIProvider_LeafProfileSetURI(SOPC_PKI_LeafProfile *pProfile, const char *applicationUri)
Set the application URI to the leaf profile.
SOPC_PKIProvider_LeafProfileSetURL
SOPC_ReturnStatus SOPC_PKIProvider_LeafProfileSetURL(SOPC_PKI_LeafProfile *pProfile, const char *url)
Set the endpoint URL used for connection to the leaf profile.
SOPC_PKIProvider_DeleteProfile
void SOPC_PKIProvider_DeleteProfile(SOPC_PKI_Profile **ppProfile)
Delete a PKI profile.
SOPC_PKIProvider_CreateFromList
SOPC_ReturnStatus SOPC_PKIProvider_CreateFromList(SOPC_CertificateList *pTrustedCerts, SOPC_CRLList *pTrustedCrl, SOPC_CertificateList *pIssuerCerts, SOPC_CRLList *pIssuerCrl, SOPC_PKIProvider **ppPKI)
Create the PKIProvider from list representation.
SOPC_PKIProvider_ProfileSetURL
SOPC_ReturnStatus SOPC_PKIProvider_ProfileSetURL(SOPC_PKI_Profile *pProfile, const char *url)
Set the endpoint URL used for connection to the PKI profile.
SOPC_PKIProvider_SetUpdateCb
SOPC_ReturnStatus SOPC_PKIProvider_SetUpdateCb(SOPC_PKIProvider *pPKI, SOPC_PKIProviderUpdateCb *pUpdateCb, uintptr_t updateParam)
Defines the callback to be called when a PKI certificates update is done with SOPC_PKIProvider_Update...
SOPC_PKIProvider_WriteToStore
SOPC_ReturnStatus SOPC_PKIProvider_WriteToStore(SOPC_PKIProvider *pPKI, const bool bEraseExistingFiles)
Write the certificate files in the updatedTrustList folder of the PKI storage. The updatedTrustList f...
SOPC_PKIProvider_SetStorePath
SOPC_ReturnStatus SOPC_PKIProvider_SetStorePath(const char *directoryStorePath, SOPC_PKIProvider *pPKI)
Redefines the directory store where the certificates will be stored with SOPC_PKIProvider_WriteToStor...
SOPC_PKIProvider_CreateProfile
SOPC_ReturnStatus SOPC_PKIProvider_CreateProfile(const char *securityPolicyUri, SOPC_PKI_Profile **ppProfile)
Create a PKI profile for a validation process. Backward interoperability is enabled....
SOPC_PKIProvider_RemoveCertificate
SOPC_ReturnStatus SOPC_PKIProvider_RemoveCertificate(SOPC_PKIProvider *pPKI, const char *pThumbprint, const bool bIsTrusted, bool *pIsRemoved, bool *pIsIssuer)
Remove all the certificates matching with the given thumbprint. If the Certificate is a CA Certificat...
SOPC_PKIProvider_ProfileSetUsageFromType
SOPC_ReturnStatus SOPC_PKIProvider_ProfileSetUsageFromType(SOPC_PKI_Profile *pProfile, SOPC_PKI_Type PKIType)
Set the properties to the PKI profile from the PKI type.
SOPC_PKIProvider_CreateLeafProfile
SOPC_ReturnStatus SOPC_PKIProvider_CreateLeafProfile(const char *securityPolicyUri, SOPC_PKI_LeafProfile **ppProfile)
Create a leaf certificate profile from security policy to check certificate properties.
SOPC_PKIProvider_CheckLeafCertificate
SOPC_ReturnStatus SOPC_PKIProvider_CheckLeafCertificate(const SOPC_CertificateList *pToValidate, const SOPC_PKI_LeafProfile *pProfile, uint32_t *error)
Check leaf certificate properties.
SOPC_PKIProvider_CreateMinimalUserProfile
SOPC_ReturnStatus SOPC_PKIProvider_CreateMinimalUserProfile(SOPC_PKI_Profile **ppProfile)
Create a minimal PKI profile for user validation process.
SOPC_PKIProvider_CreateFromStore
SOPC_ReturnStatus SOPC_PKIProvider_CreateFromStore(const char *directoryStorePath, SOPC_PKIProvider **ppPKI)
Creates the PKIProvider from a directory where certificates are stored.
SOPC_PKIProvider_DeleteLeafProfile
void SOPC_PKIProvider_DeleteLeafProfile(SOPC_PKI_LeafProfile **ppProfile)
Delete a leaf profile.
sopc_pki_stack_lib_itf.h
Defines the cryptographic abstraction interface for the minimal PKI implementation provided by the st...
SOPC_CRLList
A list of Certificate Revocation Lists.
Definition key_manager_cyclone.h:79
SOPC_CertificateList
The signed public key representation.
Definition key_manager_cyclone.h:60
SOPC_PKIProvider
The PKIProvider object for the Public Key Infrastructure.
Definition sopc_pki_struct_lib_internal.h:39
SOPC_PKI_LeafProfile
Structure containing the leaf certificate profile for validation with SOPC_PKIProvider_ValidateCertif...
Definition sopc_pki_struct_lib_internal.h:91
SOPC_PKI_Profile
Structure containing the validation configuration.
Definition sopc_pki_struct_lib_internal.h:146
Generated on Mon Feb 3 2025 15:08:45 for S2OPC OPCUA Toolkit by doxygen 1.12.0