2.1 Converting from PKIAPI to NPKIAPI

Converting APIs from PKIAPI to NPKIAPI is relatively easy. Old functions in PKIAPI that were prefaced with NWPKI are now prefaced in NPKIAPI with NPKI. The NWx509 calls have been removed from NPKIAPI and their functionality is now part of NPKIT.

NWPKIVerifyCertificate and NWPKIIssuerSubjectNameMatch have been moved to NPKIT. Since NPKIAPI no longer requires the Novell Client, NWPKISetIdentity could not be ported to the newer APIs. (To reference documentation on these NWPKI functions, download the deprecated documentation at Novell Certificate Server Version 1.)

2.1.1 Updating Certificate Server Header Files

Certificate Server header files also have changed, as shown in the chart below:

Old Header File Name

New Header File Name

nwpki.h (DS specific functions)

npki.h

nwpkikey.h

npkikey.h

nwverify.h

nverify.h

nwx509.h

NPKIT_x509.h

pkierr.h

No change

nwpki.imp

npki.imp

nwpki.h (Non-DS specific verify functions)

NPKIT_Verify.h

 

NPKIT_PKCS12.h (New API functions)

2.1.2 Updating Verify Functions

The verify functions that were in PKIAPI have been ported to NPKIT. These versions of the APIs are eDirectory independent do not require a context.These functions are preceded with NPKIT_Verify.

The certificate revocation list (CRL) functions in NPKIT are preceded with NPKIT_CRL. The other NWx509 functions in NPKIT are now preceded with NPKIT_x509. The NPKIT CRL and NPKIT_x509 functions each require their own context. Below is a conversion table for quick reference.

NOTE:See the NPKIAPI or NPKIT documentation links for proper usage.

NWPKIAPI Functions

NPKIAPI Functions

NWPKICreateContext

NPKICreateContext

NWPKIFreeContext

NPKIFreeContext

None

NPKIVersionInfo*

NWPKISetTreeName

NPKISetTreeName

NWPKIDSLogin

NPKIDSLogin

NWPKISetIdentity**

No longer available

NWPKIDSLogout

NPKIDSLogout

None

NPKIDSConnectToAddress*1

None

NPKIConnectToIPAddress*

NWPKIDeleteDSObject

NPKIDeleteDSObject

NWPKIFindKeyGenServersForUser

NPKIFindKeyGenServersForUser

NWPKIFindServersInContext

NPKIFindServersInContext

NWPKIServerNames

NPKIServerNames

NWPKIFindOrganizationalCA

NPKIFindOrganizationalCA

NWPKIGetServerUTCTime

NPKIGetServerUTCTime

NWPKIGetHostServerDN

NPKIGetHostServerDN

NWPKIGetServerCertificateStatus

NPKIGetServerCertificateStatus

NWPKIGetSASServiceName

NPKIGetSASServiceName

NWPKIGetServerInfo

NPKIGetServerInfo

NWPKIGetAlgorithmInfo

NPKIGetAlgorithmInfo

NWPKIGenerateCertificateFromCSR

NPKIGenerateCertificateFromCSR

NWPKICreateServerCertificate

NPKICreateServerCertificate

NWPKICSRInfo

NPKICSRInfo

NWPKICertInfo

NPKICertInfo

NWPKICreateUserCertificate

NPKICreateUserCertificate

NWPKIDeleteUserCertificate

NPKIDeleteUserCertificate

NWPKIReadAllNickNames

NPKIReadAllNickNames

NWPKINickName

NPKINickName

NWPKIStoreUserCertificate

NPKIStoreUserCertificate

None

NPKICertificateList*

None

NPKIStoreServerCertificatesFromCertificateList*

NWPKIFindUserCertificates

NPKIFindUserCertificates

NWPKIUserCertInfo

NPKIUserCertInfo

NWPKIImportServerKey

NPKIImportServerKey

NWPKIImportCAKey

NPKIImportCAKey

NWPKIExportUserKey

NPKIExportUserKey

NWPKIExportServerKey

NPKIExportServerKey

NWPKIExportCAKey

NPKIExportCAKey

NWPKICreateOrganizationalCA

NPKICreateOrganizationalCA

NWPKIGetServerCertificates

NPKIGetServerCertificates

NWPKIGetCACertificates

NPKIGetCACertificates

NWPKIChainCertInfo

NPKIChainCertInfo

NWPKIStoreServerCertificates

NPKIStoreServerCertificates

NWPKIFindServerCertificateNames

NPKIFindServerCertificateNames

NWPKIServerCertificateName

NPKIServerCertificateName

NWPKIGetWrappedServerKey

NPKIGetWrappedServerKey

NWPKIGetServerIPAndDNSInfo

NPKIGetServerIPAndDNSInfo

NWPKIGetServerIPAddress

NPKIGetServerIPAddress

NWPKIGetServerDNSName

NPKIGetServerDNSName

NWPKICreateTrustedRootContainer

NPKICreateTrustedRootContainer

NWPKICreateTrustedRoot

NPKICreateTrustedRoot

NWPKIFindTrustedRootsInContext

NPKIFindTrustedRootsInContext

NWPKIGetTrustedRootInfo

NPKIGetTrustedRootInfo

NWPKIVerifyCertificateWithTrustedRoots

NPKIVerifyCertificateWithTrustedRoots

NWPKIVerifyCertChain

NPKIVerifyCertChain1

NWPKIVerifyCertChainWithCallback

NPKIVerifyCertChainWithCallback1

NWPKIGetHandleToUserKey

NPKIGetHandleToUserKey

NWPKIGetHandleToServerKey

NPKIGetHandleToServerKey

2.1.3 Converting x509 Functions

The follow conversion table shows the quick references for x509 functions:

NOTE:* indicates new functionality; function not yet documented. ** indicates that functionality is not available.

NWPKIAPI x509 Functions

NPKIT x509 Functions

None

NPKIT_Version*

NWx509CreateContext

NPKIT_x509CreateContext

NWx509FreeContext

NPKIT_x509FreeContext

NWx509DecodeCertificate

NPKIT_x509DecodeCertificate

NWx509GetExtensionData

NPKIT_x509GetExtensionData

NWx509BasicConstraintsInfo

NPKIT_x509BasicConstraintsInfo

NWx509KeyUsageInfo

NPKIT_x509KeyUsageInfo

NWx509SubjectAltNamesInfo

NPKIT_x509SubjectAltNamesInfo

NWx509SubjectAltName

NPKIT_x509SubjectAltName

NWx509IssuerAltNamesInfo

NPKIT_x509IssuerAltNamesInfo

NWx509IssuerAltName

NPKIT_x509IssuerAltName

NWx509CRLDistributionPointsInfo

NPKIT_x509CRLDistributionPointsInfo

NWx509CRLDistributionPoint

NPKIT_x509CRLDistributionPoint

Not available

NPKIT_x509NovellExtensionInfo*

NWx509CreateContext

NPKIT_CRLCreateContext

NWx509FreeContext

NPKIT_CRLFreeContext

NWx509DecodeCRL

NPKIT_CRLDecode

NWx509CRLEntryInfo

NPKIT_CRLEntryInfo

NWx509CRLExtensionInfo

NPKIT_CRLExtensionInfo

NWx509CRLEntryExtensionInfo

NPKIT_CRLEntryExtensionInfo

NWx509CRLReasonCodeInfo

NPKIT_CRLReasonCodeInfo

NWx509CRLInvalidityDateInfo

NPKIT_CRLInvalidityDateInfo

NWPKIVerifyCertificate

NPKIT_VerifyCertificate

NWPKIVerifyCertChain

NPKIT_VerifyCertChain

NWPKIVerifyCertChainWithCallback

NPKIT_VerifyCertChainWithCallback

NWPKIIssuerSubjectNameMatch

NPKIT_VerifyIssuerSubjectNameMatch

None

NPKIT_PKCS12CreateContext*1

None

NPKIT_PKCS12FreeContext*1

None

NPKIT_PKCS12Encode*1

None

NPKIT_PKCS12Decode*1

None

NPKIT_PKCS12ChainElement*1