File: xenc_x509_generate.xml

package info (click to toggle)
virtuoso-opensource 7.2.5.1%2Bdfsg1-0.3
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 285,240 kB
  • sloc: ansic: 641,220; sql: 490,413; xml: 269,570; java: 83,893; javascript: 79,900; cpp: 36,927; sh: 31,653; cs: 25,702; php: 12,690; yacc: 10,227; lex: 7,601; makefile: 7,129; jsp: 4,523; awk: 1,697; perl: 1,013; ruby: 1,003; python: 326
file content (109 lines) | stat: -rw-r--r-- 4,618 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
 
<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
  
  This file is part of the OpenLink Software Virtuoso Open-Source (VOS)
  project.
  
  Copyright (C) 1998-2018 OpenLink Software
  
  This project is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published by the
  Free Software Foundation; only version 2 of the License, dated June 1991.
  
  This program is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  General Public License for more details.
  
  You should have received a copy of the GNU General Public License along
  with this program; if not, write to the Free Software Foundation, Inc.,
  51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA

  : template.sh,v 1.5 2006/04/18 21:59:13 ivan Exp $
-->
<refentry id="fn_xenc_x509_generate">
  <refmeta>
    <refentrytitle>xenc_x509_generate</refentrytitle>
    <refmiscinfo>hash</refmiscinfo>
  </refmeta>
  <refnamediv>
    <refname>xenc_x509_generate</refname>
    <refpurpose>Generates a X.509v3 certificate using client's public key</refpurpose>
  </refnamediv>
  <refsynopsisdiv>
    <funcsynopsis id="fsyn_xenc_x509_generate">
      <funcprototype id="fproto_xenc_x509_generate">
        <funcdef><function>xenc_x509_generate</function></funcdef>
	<paramdef>in <parameter>ca_key_name</parameter> varchar</paramdef>
	<paramdef>in <parameter>public_key_name</parameter> varchar</paramdef>
	<paramdef>in <parameter>serial</parameter> integer</paramdef>
	<paramdef>in <parameter>validity</parameter> integer</paramdef>
	<paramdef>in <parameter>subject</parameter> vector</paramdef>
	<paramdef>in <parameter>extensions</parameter> vector</paramdef>
	<paramdef><optional>in <parameter>hours</parameter> integer</optional></paramdef>
      </funcprototype>
    </funcsynopsis>
  </refsynopsisdiv>
  <refsect1 id="desc_xenc_x509_generate">
    <title>Description</title>
    <para>This function creates a X.509v3 certificate from a public key and sign the certificate with CA private key</para>
  </refsect1>
  <refsect1 id="params_xenc_x509_generate">
    <title>Parameters</title>
    <refsect2><title>ca_key_name</title>
      <para>The name of CA key, the key must have corresponding certificate.</para>
    </refsect2>
    <refsect2><title>public_key_name</title>
      <para>The name of the public key used to create certificate, it is given by certificate owner to CA. Note that public key must be imported already in CA'a key space.</para>
    </refsect2>
    <refsect2><title>serial</title>
      <para>The serial number</para>
    </refsect2>
    <refsect2><title>validity</title>
      <para>Certificate's validity in days</para>
    </refsect2>
    <refsect2><title>subject</title>
	<para>An array of name/value pairs representing the subject aka name enties </para>
    </refsect2>
    <refsect2><title>extensions</title>
	<para>An array of name/value pairs to add as X.509v3 extensions to certificate</para>
    </refsect2>
    <refsect2><title>hours</title>
	<para>If specified it is added to the days which allows a more fine-grained control over 
		the expiration date.
  </para>
    </refsect2>
  </refsect1>
  <refsect1 id="examples_xenc_x509_generate">
    <title>Examples</title>
    <example id="ex_xenc_x509_generate"><title>Issuing a certificate</title>
      <para>The example below decodes a public key sent from client and 
      	then issue a certificate and sign it with CA's key 'id_rsa'. 
      	The client's key is create as temp key.</para>
      <screen><![CDATA[
       declare kname, cvalue varchar; 
       kname := xenc_SPKI_read (null, replace (get_keyword ('key', params), '\r\n', ''));
       xenc_x509_generate ('id_rsa', kname, sequence_next ('ca_id_rsa'), 365, 
		vector (
			'CN', get_keyword ('name', params, name),
			'C',  get_keyword ('c', params, name),
			'O',  get_keyword ('o', params, name),
			'OU', get_keyword ('ou', params, name),
			'emailAddress', get_keyword ('email', params)
			), 
		vector (
		  'subjectAltName',
		  'URI:'||webid,
		  'nsComment',
		  'Virtuoso Generated Certificate',
			'authorityKeyIdentifier',
			'keyid,issuer:always'));
]]></screen>
    </example>
  </refsect1>
  <refsect1 id="seealso_xenc_x509_generate">
    <title>See Also</title>
    <para><link linkend="fn_xenc_SPKI_read"><function>xenc_SPKI_read()</function></link></para>
    <para><link linkend="fn_xenc_x509_ss_generate"><function>xenc_x509_ss_generate()</function></link></para>
  </refsect1>
</refentry>