www.openlinksw.com
docs.openlinksw.com

Book Home

Contents
Preface

Virtuoso Functions Guide

Administration
Aggregate Functions
Array Manipulation
BPEL APIs
Backup
Compression
Cursor
Date & Time Manipulation
Debug
Dictionary Manipulation
Encoding & Decoding
File Manipulation
Free Text
Hashing / Cryptographic
dsig_template_ext
md5
md5_final
md5_init
md5_update
tree_md5
x509_certificate_ver...
xenc_spki_read
xenc_x509_certificat...
xenc_bn2dec
xenc_decrypt_soap
xenc_delete_temp_key...
xenc_encrypt
xenc_get_key_algo
xenc_get_key_identif...
xenc_key_3des_create
xenc_key_3des_rand_c...
xenc_key_3des_read
xenc_key_aes_create
xenc_key_aes_rand_cr...
xenc_key_dsa_create
xenc_key_dsa_read
xenc_key_rsa_read
xenc_key_create_cert
xenc_key_exists
xenc_key_inst_create
xenc_key_remove
xenc_key_serialize
xenc_pem_export
xenc_pkcs12_export
xenc_set_primary_key
xenc_x509_generate
xenc_x509_ss_generat...
LDAP
Locale
Mail
Miscellaneous
Number
Phrases
RDF data
Remote SQL Data Source
Replication
SOAP
SQL
String
Transaction
Type Mapping
UDDI
User Defined Types & The CLR
VAD
Virtuoso Java PL API
Virtuoso Server Extension Interface (VSEI)
Web & Internet
XML
XPATH & XQUERY

Functions Index

xenc_x509_generate

Generates a X.509v3 certificate using client's public key
xenc_x509_generate (in ca_key_name varchar, in public_key_name varchar, in serial integer, in validity integer, in subject vector, in extensions vector);
Description

This function creates a X.509v3 certificate from a public key and sign the certificate with CA private key

Parameters
ca_key_name – The name of CA key, the key must have corresponding certificate.
public_key_name – The name of the public key used to create certificate, it is given by certificate owner to CA. Note that public key must be imported already in CA'a key space.
serial – The serial number
validity – Certificate's validity in days
subject – An array of name/value pairs representing the subject aka name enties
extensions – An array of name/value pairs to add as X.509v3 extensions to certificate
Return Types

Errors

This function can generate the following errors:

.

Examples
Issuing a certificate

The example bellow decode a public key sent from client and then issue a certificate and sign it with CA's key 'id_rsa'. The client's key is create as temp key.

       declare kname, cvalue varchar; 
       kname := xenc_SPKI_read (null, replace (get_keyword ('key', params), '\r\n', ''));
       xenc_x509_generate ('id_rsa', kname, sequence_next ('ca_id_rsa'), 365, 
		vector (
			'CN', get_keyword ('name', params, name),
			'C',  get_keyword ('c', params, name),
			'O',  get_keyword ('o', params, name),
			'OU', get_keyword ('ou', params, name),
			'emailAddress', get_keyword ('email', params)
			), 
		vector ('subjectAltName', 'URI:'||webid, 'nsComment', 'Virtuoso Generated Certificate', 
			'authorityKeyIdentifier', 'keyid,issuer:always'));

See Also

xenc_SPKI_read

xenc_x509_ss_generate