Functions
int	r_jwks_is_valid (jwks_t *jwks)

int	r_jwks_import_from_json_str (jwks_t jwks, const char input)

int	r_jwks_import_from_json_t (jwks_t jwks, json_t j_input)

int	r_jwks_import_from_uri (jwks_t jwks, const char uri, int x5u_flags)

jwks_t *	r_jwks_quick_import (rhn_import,...)

jwks_t *	r_jwks_copy (jwks_t *jwks)

size_t	r_jwks_size (jwks_t *jwks)

jwk_t *	r_jwks_get_at (jwks_t *jwks, size_t index)

jwk_t *	r_jwks_get_by_kid (jwks_t jwks, const char kid)

int	r_jwks_append_jwk (jwks_t jwks, jwk_t jwk)

int	r_jwks_set_at (jwks_t jwks, size_t index, jwk_t jwk)

int	r_jwks_remove_at (jwks_t *jwks, size_t index)

int	r_jwks_empty (jwks_t *jwks)

int	r_jwks_equal (jwks_t jwks1, jwks_t jwks2)

char *	r_jwks_export_to_json_str (jwks_t *jwks, int pretty)

json_t *	r_jwks_export_to_json_t (jwks_t *jwks)

gnutls_privkey_t *	r_jwks_export_to_gnutls_privkey (jwks_t jwks, size_t len)

gnutls_pubkey_t *	r_jwks_export_to_gnutls_pubkey (jwks_t jwks, size_t len, int x5u_flags)

int	r_jwks_export_to_pem_der (jwks_t jwks, int format, unsigned char output, size_t *output_len, int x5u_flags)

jwks_t *	r_jwks_search_json_t (jwks_t jwks, json_t j_match)

jwks_t *	r_jwks_search_json_str (jwks_t jwks, const char str_match)

Detailed Description

Manage JWK sets

Function Documentation

◆ r_jwks_append_jwk()

int r_jwks_append_jwk	(	jwks_t *	jwks,
		jwk_t *	jwk
	)

Append a jwk_t at the end of the array of jwk_t in the jwks_t

Parameters

jwks	the jwks_t * to append the jwk_t
jwk	the jwk_t * to be appended

Returns: RHN_OK on success, an error value on error

◆ r_jwks_copy()

jwks_t * r_jwks_copy ( jwks_t * jwks )

Return a copy of the JWKS

Parameters

jwks	the jwks to copy

Returns: a copy of the jwks

◆ r_jwks_empty()

int r_jwks_empty ( jwks_t * jwks )

Empty a JWKS

Parameters

jwks	the jwks_t * to update

Returns: RHN_OK on success, an error value on error

◆ r_jwks_equal()

int r_jwks_equal	(	jwks_t *	jwks1,
		jwks_t *	jwks2
	)

Compare 2 jwks The key content and order are compared

Parameters

jwks1	the first JWKS to compare
jwks2	the second JWKS to compare

Returns: 1 if both jwks1 and jwks2 are equal, 0 otherwise

◆ r_jwks_export_to_gnutls_privkey()

gnutls_privkey_t * r_jwks_export_to_gnutls_privkey	(	jwks_t *	jwks,
		size_t *	len
	)

Export a jwks_t into a gnutls_privkey_t format

Parameters

jwks	the jwks_t * to export
len	set the length of the output array

Returns: a heap-allocated gnutls_privkey_t * on success, NULL on error an index of the returned array may be NULL if the corresponding jwk isn't a private key

◆ r_jwks_export_to_gnutls_pubkey()

gnutls_pubkey_t * r_jwks_export_to_gnutls_pubkey	(	jwks_t *	jwks,
		size_t *	len,
		int	x5u_flags
	)

Export a jwks_t into a gnutls_pubkey_t format

Parameters

jwks	the jwks_t * to export
len	set the length of the output array
x5u_flags	Flags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return NULL

Returns: a heap-allocated gnutls_pubkey_t * on success, NULL on error

◆ r_jwks_export_to_json_str()

char * r_jwks_export_to_json_str	(	jwks_t *	jwks,
		int	pretty
	)

Export a jwks_t into a stringified JSON format

Parameters

jwks	the jwks_t * to export
pretty	indent or compact JSON output

Returns: a char * on success, NULL on error, must be r_free'd after use

◆ r_jwks_export_to_json_t()

json_t * r_jwks_export_to_json_t ( jwks_t * jwks )

Export a jwk_t into a json_t format

Parameters

jwks	the jwk_t * to export

Returns: a json_t * on success, NULL on error

◆ r_jwks_export_to_pem_der()

int r_jwks_export_to_pem_der	(	jwks_t *	jwks,
		int	format,
		unsigned char *	output,
		size_t *	output_len,
		int	x5u_flags
	)

Export a jwks_t into a DER or PEM format

Parameters

jwks	the jwks_t * to export
format	the format of the output, values available are R_FORMAT_PEM or R_FORMAT_DER
output	an unsigned char * that will contain the output
output_len	the size of output and will be set to the data size that has been written to output
x5u_flags	Flags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error

Returns: RHN_OK on success, an error value on error; RHN_ERROR_PARAM if output_len isn't large enough to hold the output, then output_len will be set to the required size

◆ r_jwks_get_at()

jwk_t * r_jwks_get_at	(	jwks_t *	jwks,
		size_t	index
	)

Get the jwk_t at the specified index of the jwks_t *

Parameters

jwks	the jwks_t * to evaluate
index	the index of the array to retrieve

Returns: a jwk_t * on success, NULL on error The returned jwk must be r_jwk_free after use

◆ r_jwks_get_by_kid()

jwk_t * r_jwks_get_by_kid	(	jwks_t *	jwks,
		const char *	kid
	)

Get the jwk_t at the specified index of the jwks_t *

Parameters

jwks	the jwks_t * to evaluate
kid	the key id of the jwk to retreive

Returns: a jwk_t * on success, NULL on error The returned jwk must be r_jwk_free after use

◆ r_jwks_import_from_json_str()

int r_jwks_import_from_json_str	(	jwks_t *	jwks,
		const char *	input
	)

Import a JWKS in string format into a jwks_t

Parameters

jwks	the jwk_t * to import to
input	a JWKS in JSON stringified format If jwks is set, JWK will be appended

Returns: RHN_OK on success, an error value on error may return RHN_ERROR_PARAM if at least one JWK is invalid, but the will import the others

◆ r_jwks_import_from_json_t()

int r_jwks_import_from_json_t	(	jwks_t *	jwks,
		json_t *	j_input
	)

Import a JWKS in json_t format into a jwk_t

Parameters

jwks	the jwk_t * to import to
j_input	a JWK in json_t * format If jwks is set, JWK will be appended

Returns: RHN_OK on success, an error value on error may return RHN_ERROR_PARAM if at least one JWK is invalid, but the will import the others

◆ r_jwks_import_from_uri()

int r_jwks_import_from_uri	(	jwks_t *	jwks,
		const char *	uri,
		int	x5u_flags
	)

Import a JWKS from an uri

Parameters

jwks	the jwk_t * to import to
uri	an uri pointing to a JWKS If jwks is set, JWK will be appended
x5u_flags	Flags to retrieve x5u certificates Flags available are R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary

Returns: RHN_OK on success, an error value on error may return RHN_ERROR_PARAM if at least one JWK is invalid, but the will import the others

◆ r_jwks_is_valid()

int r_jwks_is_valid ( jwks_t * jwks )

Check if the jwks is valid

Parameters

jwks	the jwks_t * to test

Returns: RHN_OK on success, an error value on error Stops at the first error in the array Logs error message with yder on error

◆ r_jwks_quick_import()

jwks_t * r_jwks_quick_import	(	rhn_import	type,
			...
	)

Import data into a jwks parameters must be set of values with the mandatory parameters for each rhn_import See rhn_import documentation The parameters list MUST end with R_IMPORT_NONE See rhn_import documentation

Returns: a jwks containing the list of keys parsed

◆ r_jwks_remove_at()

int r_jwks_remove_at	(	jwks_t *	jwks,
		size_t	index
	)

Remove a jwk_t at the specified index of the jwks_t *

Parameters

jwks	the jwks_t * to evaluate
index	the index of the array to remove

Returns: RHN_OK on success, an error value on error

◆ r_jwks_search_json_str()

jwks_t * r_jwks_search_json_str	(	jwks_t *	jwks,
		const char *	str_match
	)

Search in a jwks_t for a subset matching the given query

Parameters

jwks	the jwks_t to look into
str_match	The query to match. Must be a stringified JSON object with key/values that will be compared against all keys in jwks All parameters must match Example, to look for all RSA keys, the parameter str_match must contain: {kty: "RSA"} To look for all RSA keys with the kid "1", the parameter str_match must contain: {kty: "RSA", kid: "1"}

Returns: a new jwks_t * containing all the matching keys, or an empty jwks_t if no match

◆ r_jwks_search_json_t()

jwks_t * r_jwks_search_json_t	(	jwks_t *	jwks,
		json_t *	j_match
	)

Search in a jwks_t for a subset matching the given query

Parameters

jwks	the jwks_t to look into
j_match	The query to match. Must be a JSON object with key/values that will be compared against all keys in jwks All parameters must match Example, to look for all RSA keys, the parameter j_match must contain: {kty: "RSA"} To look for all RSA keys with the kid "1", the parameter j_match must contain: {kty: "RSA", kid: "1"}

Returns: a new jwks_t * containing all the matching keys, or an empty jwks_t if no match

◆ r_jwks_set_at()

int r_jwks_set_at	(	jwks_t *	jwks,
		size_t	index,
		jwk_t *	jwk
	)

Update a jwk_t at the specified index of the jwks_t *

Parameters

jwks	the jwks_t * to evaluate
jwk	the jwk_t * to set
index	the index of the array to update

Returns: RHN_OK on success, an error value on error

◆ r_jwks_size()

size_t r_jwks_size ( jwks_t * jwks )

Get the number of jwk_t in a jwks_t

Parameters

jwks	the jwks_t * to evaluate

Returns: the number of jwk_t in a jwks_t

Functions

Detailed Description

Function Documentation

◆ r_jwks_append_jwk()

◆ r_jwks_copy()

◆ r_jwks_empty()

◆ r_jwks_equal()

◆ r_jwks_export_to_gnutls_privkey()

◆ r_jwks_export_to_gnutls_pubkey()

◆ r_jwks_export_to_json_str()

◆ r_jwks_export_to_json_t()

◆ r_jwks_export_to_pem_der()

◆ r_jwks_get_at()

◆ r_jwks_get_by_kid()

◆ r_jwks_import_from_json_str()

◆ r_jwks_import_from_json_t()

◆ r_jwks_import_from_uri()

◆ r_jwks_is_valid()

◆ r_jwks_quick_import()

◆ r_jwks_remove_at()

◆ r_jwks_search_json_str()

◆ r_jwks_search_json_t()

◆ r_jwks_set_at()

◆ r_jwks_size()