Novell Documentation: Novell Certificate Server Libraries for C

NPKIT_x509NovellExtensionInfo

Retrieves the Novell Security Attribute extension information encoded in the certificate if the Novell Security Attribute extension exists in the certificate.

Syntax

   #include "NPKIT_x509.h"
   
   NWRCODE NPKIT_x509NovellExtensionInfo
   (
      NPKIT_x509Context    context,
      unicode const      **version,
      unicode const      **URIReference,
      nbool8              *keyQEnforceQuality,
      nint16              *keyQCSCriteria,
      nint16              *keyQCSRating,
      nint16              *keyQCryptoCriteria,
      nint16              *keyQCryptoRating,
      nint16              *keyQKeyStorage,
      nbool8              *cryptoProEnforceQuality,
      nint16              *cryptoProCSCriteria,
      nint16              *cryptoProCSRating,
      nint16              *cryptoProCryptoCriteria,
      nint16              *cryptoProCryptoRating,
      nint16              *cryptoProKeyStorage,
      nint16              *certificateClass,
      nuint8 const       **EIDRootLabel,
      nint32              *EIDRootLabelLen,
      nuint8 const       **EIDEnterpriseLabel,
      nuint8 const        *EIDEnterpriseLabelLen,
      nuint8 const       **EIDRegistryLabel,
      nint32              *EIDRegistryLabelLen
   );

Parameters

context: (IN) Specifies the NPKIT_x509 context handle for the request. This is a nuint32 value.
version: (OUT) Points to a Unicode string containing the version of the Novell Security Attribute.
URIReference: (OUT) Points to a Unicode string containing a URI where more information about the Novell Security Attributes can be found.
keyQEnforceQuality: (OUT) Points to the enforce quality flag, which specifies whether the cryptography provider can use the private key on a platform that does not meet the minimum key quality attributes specified.
keyQCSCriteria: (OUT) Points to the computer security criteria under which the machine used to generate the key pair was evaluated (for example, TCSEC or Common Criteria).
keyQCSRating: (OUT) Points to the computer security rating of the machine used to generate the key pair (for example, TCSEC C2 EVALUATED).
keyQCryptoCriteria: (OUT) Points to the cryptographic module criteria under which the machine used to generate the key pair was evaluated (for example, FIPS 140-1).
keyQCryptoRating: (OUT) Points to the cryptographic module rating of the machine used to generate the key pair (for example, FIPS 140-1 VENDOR INSPECTED).
keyQKeyStorage: (OUT) Points to the key storage quality which represents the protection used to secure the private key (for example, password, biometric).
cryptoProEnforceQuality: (OUT) Points to the enforce quality flag, which specifies whether the user will use the private key on a platform that meets the minimum cryptography process attributes specified.
cryptoProCSCriteria: (OUT) Points to the computer security criteria under which the machine that uses the private key was evaluated (that is, TCSEC or Common Criteria).
cryptoProCSRating: (OUT) Points to the cryptographic module rating of the machine that uses the private key (that is, FIPS 140-1 VENDOR INSPECTED).
cryptoProCryptoCriteria: (OUT) Points to the cryptographic module criteria under which the machine that uses the private key was evaluated (that is, FIPS 140-1).
cryptoProCryptoRating: (OUT) Points to the cryptographic module rating of the machine that uses the private key (that is, FIPS 140-1 VENDOR INSPECTED).
cryptoProKeyStorage: (OUT) Points to the cryptography process storage quality which represents the protection used to secure the private key (for example, password, biometric).
certificateClass: (OUT) Points to the certificate class, which represents the amount of due diligence preformed by the CA before signing the certificate (for example, e-mail address, enterprise name, government agency).
EIDRootLabel: (OUT) Points to the enterprise identifier, which specifies the levels and categories for secrecy and integrity for the Root authority.
EIDRootLabelLen: (OUT) Specifies the length of the EIDRootLabel field.
EIDEnterpriseLabel: (OUT) Points to the enterprise identifier, which specifies the levels and categories for secrecy and integrity for the enterprise authority.
EIDEnterpriseLabelLen: (OUT) Points to the length of the EIDEnterpriseLabel field.
EIDRegistryLabel: (OUT) Points to the enterprise identifier which specifies the levels and categories for secrecy and integrity for the registry authority.
EIDRegistryLabelLen: (OUT) Points to the length of the EIDRegistryLabel field.

Return Values

Returns 0 if successful or a PKI error code if not successful. For a listing of NPKIT error codes, see Certificate Server Error Code Constants.

Remarks

Before calling this function, you must first successfully call NPKIT_x509DecodeCertificate. The Novell Security Attribute contains information about the cryptographic key quality and operating system’s security assurance.For more information about Novell Security Attributes, see Novell Certificate Extension Attributes - Novell Security Attributes. The Novell Security Attributes extension is optional. Therefore, not all certificates have Novell Security Attributes

Syntax

Parameters

Return Values

Remarks

See Also