Main Page | Modules | Directories

Proxy Operations

Initiate a proxy operation. More...

Create Request

Inquire Request

Resign Certificate

Sign Request

Create Signed

Assemble credential


Detailed Description

Initiate a proxy operation.

This module contains the API functions for a user to request proxy request generation, proxy request inspection and proxy request signature.


Function Documentation

globus_result_t globus_gsi_proxy_create_req globus_gsi_proxy_handle_t  handle,
BIO *  output_bio
 

Create a proxy credential request.

This function creates a proxy credential request, ie. a unsigned certificate and the corresponding private key, based on the handle that is passed in. The public part of the request is written to the BIO supplied in the output_bio parameter. After the request is written, the PROXYCERTINFO extension contained in the handle is written to the BIO. The proxy handle is updated with the private key.

Parameters:
handle A GSI Proxy handle to use for the request operation.
output_bio A BIO to write the resulting request structure to.
Returns:
GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

globus_result_t globus_gsi_proxy_inquire_req globus_gsi_proxy_handle_t  handle,
BIO *  input_bio
 

Inquire a proxy credential request.

This function reads the public part of a proxy credential request from input_bio and if the request contains a ProxyCertInfo extension, updates the handle with the information contained in the extension.

Parameters:
handle A GSI Proxy handle to use for the inquire operation.
input_bio A BIO to read a request structure from.
Returns:
GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

globus_result_t globus_gsi_proxy_resign_cert globus_gsi_proxy_handle_t  handle,
globus_gsi_cred_handle_t  issuer_credential,
globus_gsi_cred_handle_t  peer_credential,
globus_gsi_cred_handle_t *  resigned_credential
 

Resign a existing certificate into a proxy.

This function use the public key in a existing certificate to create a new proxy certificate chained to the issuers credentials. This operation will add a ProxyCertInfo extension to the proxy certificate if values contained in the extension are specified in the handle.

Parameters:
handle A GSI Proxy handle to use for the signing operation.
issuer_credential The credential structure to be used for signing the proxy certificate.
peer_credential The credential structure that contains the certificate to be resigned.
resigned_credential A credential structure that upon return will contain the resigned certificate and associated certificate chain.
Returns:
GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

globus_result_t globus_gsi_proxy_sign_req globus_gsi_proxy_handle_t  handle,
globus_gsi_cred_handle_t  issuer_credential,
BIO *  output_bio
 

Sign a proxy certificate request.

This function signs the public part of a proxy credential request, i.e. the unsigned certificate, previously read by inquire req using the supplied issuer_credential. This operation will add a ProxyCertInfo extension to the proxy certificate if values contained in the extension are specified in the handle. The resulting signed certificate is written to the output_bio.

Parameters:
handle A GSI Proxy handle to use for the signing operation.
issuer_credential The credential structure to be used for signing the proxy certificate.
output_bio A BIO to write the resulting certificate to.
Returns:
GLOBUS_SUCCESS unless an error occurred, in which case, a globus error object ID is returned

globus_result_t globus_gsi_proxy_create_signed globus_gsi_proxy_handle_t  handle,
globus_gsi_cred_handle_t  issuer,
globus_gsi_cred_handle_t *  proxy_credential
 

Create Signed Proxy Certificate.

Parameters:
handle The proxy handle used to create and sign the proxy certificate
issuer The issuing credential, used for signing the proxy certificate
proxy_credential The new proxy credential, containing the signed cert, private key, etc.
Returns:
GLOBUS_SUCCESS if no error occurred, an error object ID otherwise

globus_result_t globus_gsi_proxy_assemble_cred globus_gsi_proxy_handle_t  handle,
globus_gsi_cred_handle_t *  proxy_credential,
BIO *  input_bio
 

Assemble a proxy credential.

This function assembles a proxy credential. It reads a signed proxy certificate and a associated certificate chain from the input_bio and combines them with a private key previously generated by a call to globus_gsi_proxy_create_req. The resulting credential is then returned through the proxy_credential parameter.

Parameters:
handle A GSI Proxy handle to use for the assemble operation.
proxy_credential This parameter will contain the assembled credential upon successful return.
input_bio A BIO to read a signed certificate and corresponding certificate chain from.
Returns:
GLOBUS_SUCCESS if no error occurred, an error object ID otherwise


about globus | globus toolkit | dev.globus

Comments? webmaster@globus.org