File: get_certificate_info.xml

package info (click to toggle)
virtuoso-opensource 7.2.5.1%2Bdfsg1-0.1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 284,752 kB
  • sloc: ansic: 641,220; sql: 490,413; xml: 269,570; java: 83,893; javascript: 79,900; cpp: 36,927; sh: 31,648; cs: 25,702; php: 12,690; yacc: 10,227; lex: 7,601; makefile: 7,127; jsp: 4,523; awk: 1,697; perl: 1,013; ruby: 1,003; python: 326
file content (156 lines) | stat: -rw-r--r-- 6,268 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
 
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
 -  
 -  This file is part of the OpenLink Software Virtuoso Open-Source (VOS)
 -  project.
 -  
 -  Copyright (C) 1998-2018 OpenLink Software
 -  
 -  This project is free software; you can redistribute it and/or modify it
 -  under the terms of the GNU General Public License as published by the
 -  Free Software Foundation; only version 2 of the License, dated June 1991.
 -  
 -  This program is distributed in the hope that it will be useful, but
 -  WITHOUT ANY WARRANTY; without even the implied warranty of
 -  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 -  General Public License for more details.
 -  
 -  You should have received a copy of the GNU General Public License along
 -  with this program; if not, write to the Free Software Foundation, Inc.,
 -  51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
 -  
 -  
-->
<refentry id="fn_get_certificate_info">
  <refmeta>
    <refentrytitle>get_certificate_info</refentrytitle>
    <refmiscinfo>ws</refmiscinfo>
  </refmeta>
  <refnamediv>
    <refname>get_certificate_info</refname>
    <refpurpose>Returns information about the current client X509 certificate</refpurpose>
  </refnamediv>
  <refsynopsisdiv>
    <funcsynopsis id="fsyn_get_certificate_info">
      <funcprototype id="fproto_get_certificate_info">
        <funcdef>integer or string<function>get_certificate_info</function></funcdef>
        <paramdef>in <parameter>type</parameter>integer</paramdef>
        <paramdef>in <parameter><optional>cert_or_key_name</optional></parameter>varchar</paramdef>
	<paramdef>in <parameter><optional>in_format</optional></parameter>int</paramdef>
	<paramdef>in <parameter><optional>passwd</optional></parameter>varchar</paramdef>
        <paramdef>in <parameter><optional>ext_oid</optional></parameter>varchar</paramdef>
      </funcprototype>
    </funcsynopsis>
  </refsynopsisdiv>
  <refsect1 id="desc_get_certificate_info"><title>Description</title>
    <para>
This function will return information about the current client X509 certificate
(if successfully verified).  If there is no valid X509 certificate or the requested
information is not available it will return NULL.
</para>
<para>
If the optional <parameter>cert_or_key_name</parameter> is supplied it should contain
a encoded certificate (by default format is PEM). The certificate info is read from the first certificate in
that string.
</para>
<para>
    If the optional <parameter>cert_or_key_name</parameter> is supplied and <parameter>in_format</parameter>
    is equal to 3 (integer) the function will try to retrieve the certificate registered in the current user's 
    key store by name contained in <parameter>cert_or_key_name</parameter>.
</para>
  </refsect1>
  <refsect1 id="params_get_certificate_info"><title>Parameters</title>
    <refsect2><title>type</title>
      <para>type must be an integer.  It can be one of the following values:</para>
      <simplelist>
        <member>1 - return the certificate serial number as an integer</member>
        <member>2 - return the certificate subject name as a string</member>
        <member>3 - return the certificate issuer name as a string</member>
        <member>4 - return the certificate validity period start date as a string</member>
        <member>5 - return the certificate validity period end date as a string</member>
        <member>6 - return the certificate fingerprint</member>
        <member>7 - return the certificate extension value by OID</member>
	<member>8 - return the certificate name of the key from current user store</member>
	<member>9 - return a vector of three elements: the certificate's public key type, exponent and modulus</member>
	      <member>10 - return attribute value for given attribute name</member>
        <member>12 - return certificate's signature</member>
      </simplelist>
  </refsect2>
  
  <refsect2>
      <title>cert_or_key_name</title>
      <para>A string containing an encoded X.509 certificate or name of a key from 
	  current user store.
      </para>
  </refsect2>
  
  <refsect2>
      <title>in_format</title>
      <para>This is to designate encoding type of the value 'cert_or_key_name'</para>
      <simplelist>
        <member>0 (default) - PEM</member>
	<member>1 - DER (raw)</member>
	<member>2 - PKCS#12</member>
        <member>3 - the 'cert_or_key_name' is a name of a key from user's key store</member>
      </simplelist>
  </refsect2>
  
  <refsect2>
      <title>passwd</title>
      <para>Password to unlock PKCS#12 encoded certificate</para>
  </refsect2>
  
  <refsect2>
      <title>ext_oid</title>
      <para>X.509 extension object identifier</para>
  </refsect2>

  </refsect1>
  <refsect1 id="ret_get_certificate_info"><title>Return Types</title>
    <para>The requested information or NULL if the certificate is found to be invalid.</para></refsect1>
<!--
  <refsect1 id="errors_get_certificate_info"><title>Errors</title>
    <table><title>Errors signalled by</title>
      <tgroup cols="4">
       <thead><row><entry>SQLState</entry><entry>Error Code</entry><entry>Error Text</entry><entry>Description</entry></row></thead>
	<tbody>
	  <row>
	    <entry><errorcode></errorcode></entry>
	    <entry><errorcode></errorcode></entry>
	    <entry><errorname></errorname></entry>
	    <entry></entry>
	  </row>
	</tbody>
      </tgroup>
    </table>
  </refsect1>
  <refsect1 id="seealso_get_certificate_info"><title>See Also</title>
    <para><link linkend=""></link></para>
  </refsect1>
-->
   <refsect1 id="examples_get_certificate_info"><title>Examples</title>
    <example id="ex_get_certificate_info"><title>Simple examples</title>
<programlisting><![CDATA[
CREATE PROCEDURE get_mail_example (in cert any := null, in cert_type int := 0)
{
  declare alts, mail any;
  mail := get_certificate_info (10, cert, cert_type, '', 'emailAddress');
  if (mail is null)
    {
      alts := get_certificate_info (7, cert, cert_type, '', '1.10.16.25');
      if (alts is not null)
	{
	  alts := regexp_replace (alts, ',[ ]*', ',', 1, null);
	  alts := split_and_decode (alts, 0, '\0\0,:');
	  mail := get_keyword ('email', alts);
	}
    }
  return mail;
}
;
]]></programlisting>
    </example>
  </refsect1>
</refentry>