|
| char * | r_jwk_export_to_json_str (jwk_t *jwk, int pretty) |
| |
| json_t * | r_jwk_export_to_json_t (jwk_t *jwk) |
| |
| gnutls_privkey_t | r_jwk_export_to_gnutls_privkey (jwk_t *jwk) |
| |
| gnutls_pubkey_t | r_jwk_export_to_gnutls_pubkey (jwk_t *jwk, int x5u_flags) |
| |
| gnutls_x509_crt_t | r_jwk_export_to_gnutls_crt (jwk_t *jwk, int x5u_flags) |
| |
| int | r_jwk_export_to_pem_der (jwk_t *jwk, int format, unsigned char *output, size_t *output_len, int x5u_flags) |
| |
| int | r_jwk_export_to_symmetric_key (jwk_t *jwk, unsigned char *key, size_t *key_len) |
| |
| char * | r_jwk_thumbprint (jwk_t *jwk, int hash, int x5u_flags) |
| |
| int | r_jwk_validate_x5c_chain (jwk_t *jwk, int x5u_flags) |
| |
| int | r_jwk_match_json_t (jwk_t *jwk, json_t *j_match) |
| |
| int | r_jwk_match_json_str (jwk_t *jwk, const char *str_match) |
| |
Export a jwk to JSON data, gnutls inner types or PEM/DER
◆ r_jwk_export_to_gnutls_crt()
| gnutls_x509_crt_t r_jwk_export_to_gnutls_crt |
( |
jwk_t * |
jwk, |
|
|
int |
x5u_flags |
|
) |
| |
Export a jwk_t into a gnutls_x509_crt_t format the jwt_t must contain a x5c or a x5u property pointing to a certificate
- Parameters
-
| jwk | the jwk_t * to export |
| x5u_flags | Flags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
- R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
- R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
- R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return NULL
|
- Returns
- a gnutls_x509_crt_t on success, NULL on error
◆ r_jwk_export_to_gnutls_privkey()
| gnutls_privkey_t r_jwk_export_to_gnutls_privkey |
( |
jwk_t * |
jwk | ) |
|
Export a jwk_t into a gnutls_privkey_t format
- Parameters
-
- Returns
- a gnutls_privkey_t on success, NULL on error
◆ r_jwk_export_to_gnutls_pubkey()
| gnutls_pubkey_t r_jwk_export_to_gnutls_pubkey |
( |
jwk_t * |
jwk, |
|
|
int |
x5u_flags |
|
) |
| |
Export a jwk_t into a gnutls_pubkey_t format
- Parameters
-
| jwk | the jwk_t * to export |
| x5u_flags | Flags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
- R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
- R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
- R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return NULL
|
- Returns
- a gnutls_pubkey_t on success, NULL on error
◆ r_jwk_export_to_json_str()
| char * r_jwk_export_to_json_str |
( |
jwk_t * |
jwk, |
|
|
int |
pretty |
|
) |
| |
Export a jwk_t into a stringified JSON format
- Parameters
-
| jwk | the jwk_t * to export |
| pretty | indent or compact JSON output |
- Returns
- a char * on success, NULL on error, must be r_free'd after use
◆ r_jwk_export_to_json_t()
| json_t * r_jwk_export_to_json_t |
( |
jwk_t * |
jwk | ) |
|
Export a jwk_t into a json_t format
- Parameters
-
- Returns
- a json_t * on success, NULL on error
◆ r_jwk_export_to_pem_der()
| int r_jwk_export_to_pem_der |
( |
jwk_t * |
jwk, |
|
|
int |
format, |
|
|
unsigned char * |
output, |
|
|
size_t * |
output_len, |
|
|
int |
x5u_flags |
|
) |
| |
Export a jwk_t into a DER or PEM format
- Parameters
-
| jwk | the jwk_t * to export |
| format | the format of the output, values available are R_FORMAT_PEM or R_FORMAT_DER |
| output | an unsigned char * that will contain the output |
| output_len | the size of output and will be set to the data size that has been written to output |
| x5u_flags | Flags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
- R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
- R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
- R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
|
- Returns
- RHN_OK on success, an error value on error
-
RHN_ERROR_PARAM if output_len isn't large enough to hold the output, then output_len will be set to the required size
◆ r_jwk_export_to_symmetric_key()
| int r_jwk_export_to_symmetric_key |
( |
jwk_t * |
jwk, |
|
|
unsigned char * |
key, |
|
|
size_t * |
key_len |
|
) |
| |
Export a jwk_t into a symmetric key in binary format
- Parameters
-
| jwk | the jwk_t * to export |
| key | an unsigned char * that will contain the key |
| key_len | the size of key and will be set to the data size that has been written to output |
- Returns
- RHN_OK on success, an error value on error
-
RHN_ERROR_PARAM if output_len isn't large enough to hold the output, then output_len will be set to the required size
◆ r_jwk_match_json_str()
| int r_jwk_match_json_str |
( |
jwk_t * |
jwk, |
|
|
const char * |
str_match |
|
) |
| |
Search if a jwk matches the given properties
- Parameters
-
| jwk | the jwk_t to look into |
| str_match | The query to match. Must be a stringified JSON object with key/values that will be compared against all keys in jwk All parameters must match Example, to match a RSA key with alg "RS256", the parameter str_match must contain: {kty: "RSA", alg: "RS256"} To match a RSA key with the kid "1", the parameter str_match must contain: {kty: "RSA", kid: "1"} |
- Returns
- RHN_OK on success RHN_ERROR_PARAM if input parameters are invalid RHN_ERROR_INVALID if str_match does not match
◆ r_jwk_match_json_t()
| int r_jwk_match_json_t |
( |
jwk_t * |
jwk, |
|
|
json_t * |
j_match |
|
) |
| |
Search if a jwk matches the given properties
- Parameters
-
| jwk | the jwk_t to look into |
| j_match | The query to match. Must be a JSON object with key/values that will be compared against all keys in jwk All parameters must match Example, to match a RSA key with alg "RS256", the parameter j_match must contain: {kty: "RSA", alg: "RS256"} To match a RSA key with the kid "1", the parameter j_match must contain: {kty: "RSA", kid: "1"} |
- Returns
- RHN_OK on success RHN_ERROR_PARAM if input parameters are invalid RHN_ERROR_INVALID if j_match does not match
◆ r_jwk_thumbprint()
| char * r_jwk_thumbprint |
( |
jwk_t * |
jwk, |
|
|
int |
hash, |
|
|
int |
x5u_flags |
|
) |
| |
Genrates a thumbprint of a jwk_t based on the RFC 7638
- Parameters
-
| jwk | the jwk_t * to translate into a thumbprint |
| hash | The hash funtion to use for the thumprint Values available for this parameter are
- R_JWK_THUMB_SHA256
- R_JWK_THUMB_SHA384
- R_JWK_THUMB_SHA512
|
| x5u_flags | Flags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
- R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
- R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
- R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
|
- Returns
- the jwk hashed and base64url encoded on success, NULL on error, must be r_free'd after use
◆ r_jwk_validate_x5c_chain()
| int r_jwk_validate_x5c_chain |
( |
jwk_t * |
jwk, |
|
|
int |
x5u_flags |
|
) |
| |
Verifies the certificate chain in the x5c array or the x5u The x5c chain must be complete up to the root certificate
- Parameters
-
| jwk | the jwk_t * to verify |
| x5u_flags | Flags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
- R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
- R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
- R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
|
- Returns
- RHN_OK on success, an error value on error
