X509CertStoreGetFirstCert (FUN) ¶ FUNCTION X509CertStoreGetFirstCert : RTS_IEC_HANDLE Get the first certificate of the certificate store. InOut: Scope Name Type Comment Return X509CertStoreGetFirstCert RTS_IEC_HANDLE Input hCertStore RTS_IEC_HANDLE Handle of to certificate store. hBackend RTS_IEC_HANDLE Pointer to a handle of the back-end where to iterate. RTS_INVALID_HANDLE if all back-ends should be iterated. A valid handle if only a specific back-end should be iterated. trustLevel RtsCertTrustLevel Category of certificates to iterate. pResult POINTER TO RTS_IEC_RESULT Result of the operation.
X509CertStoreGetNextCert (FUN) ¶ FUNCTION X509CertStoreGetNextCert : RTS_IEC_HANDLE Get the next certificate of the certificate store. If all certificates are read the function will return RTS_INVALID_HANDLE. InOut: Scope Name Type Comment Return X509CertStoreGetNextCert RTS_IEC_HANDLE Handle to the next certificate of the given category. Input hCertStore RTS_IEC_HANDLE Handle of to certificate store. hBackend RTS_IEC_HANDLE Pointer to a handle of the back-end where to iterate. RTS_INVALID_HANDLE if all back-ends should be iterated. A valid handle if only a specific back-end should be iterated. hCert RTS_IEC_HANDLE Handle to the last certificate got by X509CertStoreGetFirst or X509CertStoreGetNext pResult POINTER TO RTS_IEC_RESULT Result of the operation.
X509CertStoreGetRegisteredCert (FUN) ¶ FUNCTION X509CertStoreGetRegisteredCert : RTS_IEC_HANDLE Get the certificate available for a registered use case. If not certificate is available RTS_INVALID_HANDLE will be returned. The following rules apply for selecting the certificate: Check if a certificate is configured by the user. (The thumb-print is pinned for component and index). Use this one if available, return error if not available. If no certificate is configured filter the available certificates by subject, key usage, extended key usage and a valid timestamp. Return error if list is empty. Split the available certificates by signed and self signed certificates. Prefer the signed certificates over the self signed certificates: Select the certificate with the longest period of validity. If some certificates have the same period of validity select the one with the strongest key. InOut: Scope Name Type Comment Return X509CertStoreGetRegisteredCert RTS_IEC_HANDLE Handle to the certificate. Use X509CertClose to close the certificate. Input hCertStore RTS_IEC_HANDLE Handle of to certificate store. hUseCase RTS_IEC_HANDLE Handle to the registered use case. Retrieved using X509CertStoreRegister. pResult POINTER TO RTS_IEC_RESULT Pointer to error code
X509CertStoreOpen (FUN) ¶ FUNCTION X509CertStoreOpen : RTS_IEC_HANDLE Open the certificate store. InOut: Scope Name Type Comment Return X509CertStoreOpen RTS_IEC_HANDLE Handle to the certificate store Input componentID UDINT ID of the component opening the certificate store. pResult POINTER TO RTS_IEC_RESULT Result of the operation.
X509CertStoreRegister (FUN) ¶ FUNCTION X509CertStoreRegister : RTS_IEC_HANDLE Register your certificate at the certificate store. This has to be done in order to allow the user the view the different configured certificates and to generate missing certificates or to renew outdated certificates. Register the same information you are using in the X509CertStoreSearch function. InOut: Scope Name Type Comment Return X509CertStoreRegister RTS_IEC_HANDLE Input hCertStore RTS_IEC_HANDLE Handle of to certificate store. cmpID UDINT Component ID which registered the certificate pCertInfo POINTER TO RtsX509CertInfo Certificate information to be registered. Should match the information needed to use the Search function. pResult POINTER TO RTS_IEC_RESULT Pointer to error code
CmpX509Cert Implementation Library Documentation ¶ Company System Title CmpX509Cert Implementation Version 3.5.19.0 Categories System|SysLibs Author CODESYS Development GmbH Placeholder CmpX509Cert Implementation Description 1 ¶ This library contains the functions to access the runtime certificate store and allow the handling of certificates in different formats Contents: ¶ BasicCertificateHandling X509CertCheckHost (Function) X509CertCheckIP (Function) X509CertClose (Function) X509CertGetBinary (Function) X509CertGetContent (Function) X509CertGetPublicKey (Function) X509CertGetThumbprint (Function) X509CertHasExtendedKeyUsage (Function) X509CertHasKeyUsage (Function) X509CertIsAuthority (Function) X509CertIsDateValid (Function) X509CertIsSelfSigned (Function) X509CertKeyClose (Function) X509ParseCertificate (Function) CMS X509CertCmsDecrypt (Function) X509CertCmsVerify (Function) CertificateStore X509CertCreateCSR (Function) X509CertCreateSelfSigned (Function) X509CertGetPrivateKey (Function) X509CertStoreAddCert (Function) X509CertStoreClose (Function) X509CertStoreGetFirstCert (Function) X509CertStoreGetNextCert (Function) X509CertStoreGetRegisteredCert (Function) X509CertStoreOpen (Function) X509CertStoreRegister (Function) X509CertStoreRemoveCert (Function) X509CertStoreSearchGetFirst (Function) X509CertStoreSearchGetNext (Function) X509CertStoreUnregister (Function) X509CertVerify (Function) X509CertVerify2 (Function) UtilityFunctions RtsOIDClear (Function) RtsOIDCreate (Function) RtsOIDGetID (Function) RtsOIDGetName (Function) X509CertInfoExit (Function) X509CertInfoInit (Function) Indices and tables ¶ 1 Based on CmpX509Cert Implementation.library, last modified 02.03.2023, 11:03:42. LibDoc 4.4.0.0-b.27 The content file CmpX509Cert Implementation.clean.json was generated with CODESYS V3.5 SP16 Patch 3 on 02.03.2023, 11:03:44.
BasicCertificateHandling ¶ X509CertCheckHost (Function) X509CertCheckIP (Function) X509CertClose (Function) X509CertGetBinary (Function) X509CertGetContent (Function) X509CertGetPublicKey (Function) X509CertGetThumbprint (Function) X509CertHasExtendedKeyUsage (Function) X509CertHasKeyUsage (Function) X509CertIsAuthority (Function) X509CertIsDateValid (Function) X509CertIsSelfSigned (Function) X509CertKeyClose (Function) X509ParseCertificate (Function)
X509CertCheckHost (FUN) ¶ FUNCTION X509CertCheckHost : BOOL Check if a certificate is bound to a specific host name. Both subject and subject alternative names are checked. InOut: Scope Name Type Comment Return X509CertCheckHost BOOL True if the host name is part of the certificate. Input hCert RTS_IEC_HANDLE Handle of to certificate. pHost POINTER TO STRING Hostname to check. flags RtsX509CertCheckFlags Flags how to check for the host name. Values of the enumeration can be combined. pResult POINTER TO RTS_IEC_RESULT Pointer to the error code. ERR_PARAMETER: hCert is invalid, ERR_OK: everything went fine.
X509CertCheckIP (FUN) ¶ FUNCTION X509CertCheckIP : BOOL Check if a certificate is bound to a specific IP Address. InOut: Scope Name Type Comment Return X509CertCheckIP BOOL True if the IP is part of the certificate. Input hCert RTS_IEC_HANDLE Handle of to certificate. pIP POINTER TO SysSocket_Interfaces.INADDR IP adress to check in network byte order flags RtsX509CertCheckFlags Flags how to check for the IP address. Values of the enumeration can be combined. pResult POINTER TO RTS_IEC_RESULT Pointer to the error code. ERR_PARAMETER: hCert is invalid, ERR_OK: everything went fine.
X509CertClose (FUN) ¶ FUNCTION X509CertClose : RTS_IEC_RESULT Close the certificate. InOut: Scope Name Type Comment Return X509CertClose RTS_IEC_RESULT Result of the operation. Input hCert RTS_IEC_HANDLE Handle of to certificate.