Next: , Previous: Cryptographic Functions, Up: Programming Manual


5.14 X.509 Functions

The functions described in this section are used by the STARTTLS functionality, see Kerberos via TLS.

shishi_x509ca_default_file_guess

— Function: char * shishi_x509ca_default_file_guess (Shishi * handle)

handle: Shishi library handle create by shishi_init().

Guesses the default X.509 CA certificate filename; it is $HOME/.shishi/client.ca.

Return value: Returns default X.509 client certificate filename as a string that has to be deallocated with free() by the caller.

shishi_x509ca_default_file_set

— Function: void shishi_x509ca_default_file_set (Shishi * handle, const char * x509cafile)

handle: Shishi library handle create by shishi_init().

x509cafile: string with new default x509 client certificate file name, or NULL to reset to default.

Set the default X.509 CA certificate filename used in the library. The certificate is used during TLS connections with the KDC to authenticate the KDC. The string is copied into the library, so you can dispose of the variable immediately after calling this function.

shishi_x509ca_default_file

— Function: const char * shishi_x509ca_default_file (Shishi * handle)

handle: Shishi library handle create by shishi_init().

Get filename for default X.509 CA certificate.

Return value: Returns the default X.509 CA certificate filename used in the library. The certificate is used during TLS connections with the KDC to authenticate the KDC. The string is not a copy, so don't modify or deallocate it.

shishi_x509cert_default_file_guess

— Function: char * shishi_x509cert_default_file_guess (Shishi * handle)

handle: Shishi library handle create by shishi_init().

Guesses the default X.509 client certificate filename; it is $HOME/.shishi/client.certs.

Return value: Returns default X.509 client certificate filename as a string that has to be deallocated with free() by the caller.

shishi_x509cert_default_file_set

— Function: void shishi_x509cert_default_file_set (Shishi * handle, const char * x509certfile)

handle: Shishi library handle create by shishi_init().

x509certfile: string with new default x509 client certificate file name, or NULL to reset to default.

Set the default X.509 client certificate filename used in the library. The certificate is used during TLS connections with the KDC to authenticate the client. The string is copied into the library, so you can dispose of the variable immediately after calling this function.

shishi_x509cert_default_file

— Function: const char * shishi_x509cert_default_file (Shishi * handle)

handle: Shishi library handle create by shishi_init().

Get filename for default X.509 certificate.

Return value: Returns the default X.509 client certificate filename used in the library. The certificate is used during TLS connections with the KDC to authenticate the client. The string is not a copy, so don't modify or deallocate it.

shishi_x509key_default_file_guess

— Function: char * shishi_x509key_default_file_guess (Shishi * handle)

handle: Shishi library handle create by shishi_init().

Guesses the default X.509 client key filename; it is $HOME/.shishi/client.key.

Return value: Returns default X.509 client key filename as a string that has to be deallocated with free() by the caller.

shishi_x509key_default_file_set

— Function: void shishi_x509key_default_file_set (Shishi * handle, const char * x509keyfile)

handle: Shishi library handle create by shishi_init().

x509keyfile: string with new default x509 client key file name, or NULL to reset to default.

Set the default X.509 client key filename used in the library. The key is used during TLS connections with the KDC to authenticate the client. The string is copied into the library, so you can dispose of the variable immediately after calling this function.

shishi_x509key_default_file

— Function: const char * shishi_x509key_default_file (Shishi * handle)

handle: Shishi library handle create by shishi_init().

Get filename for default X.509 key.

Return value: Returns the default X.509 client key filename used in the library. The key is used during TLS connections with the KDC to authenticate the client. The string is not a copy, so don't modify or deallocate it.