X509CertIsDateValid (FUN) ¶ FUNCTION X509CertIsDateValid : BOOL Check if a certificate has a valid date (notbefore and notafter is in the current time period) InOut: Scope Name Type Comment Return X509CertIsDateValid BOOL True if the certificate date is valid Input hCert RTS_IEC_HANDLE Handle of to certificate. pResult POINTER TO RTS_IEC_RESULT Pointer to error code. ERR_OK: Everything went fine, ERR_PARAMETER: hCert was invalid
X509CertIsSelfSigned (FUN) ¶ FUNCTION X509CertIsSelfSigned : BOOL Check if a certificate is selfsigned of is signed by a CA authority InOut: Scope Name Type Comment Return X509CertIsSelfSigned BOOL True if the certificate is self signed, False if the certificate is signed by a CA. Input hCert RTS_IEC_HANDLE Handle of to certificate. pResult POINTER TO RTS_IEC_RESULT Pointer to error code. ERR_OK if everything went fine, ERR_PARAMETER if hCert was invalid.
X509CertKeyClose (FUN) ¶ FUNCTION X509CertKeyClose : RTS_IEC_RESULT Release a PRIVATE OR PUBLIC key with THIS FUNCTION. THIS FUNCTION indicates that this key is not needed anymore and allows to clean up ressources used by this key InOut: Scope Name Type Comment Return X509CertKeyClose RTS_IEC_RESULT Result of the operation Input pKey POINTER TO RtsCryptoKey Pointer to the key
X509ParseCertificate (FUN) ¶ FUNCTION X509ParseCertificate : RTS_IEC_HANDLE Parse a certificate which is located in the memory (e.g received FROM a communication partner). Once parsed the certificate is stored in a temporary store. Use the function X509CertClose to close the certificate. InOut: Scope Name Type Comment Return X509ParseCertificate RTS_IEC_HANDLE Handle to the parsed certificate. Input pCert POINTER TO RtsByteString Binary encoded certificate. encoding RtsCertEncoding Encoding of the certificate. pResult POINTER TO RTS_IEC_RESULT Result of the operation
CMS ¶ X509CertCmsDecrypt (Function) X509CertCmsVerify (Function)
X509CertCmsDecrypt (FUN) ¶ FUNCTION X509CertCmsDecrypt : RTS_IEC_RESULT Decrypt a CMS container. InOut: Scope Name Type Comment Return X509CertCmsDecrypt RTS_IEC_RESULT ERR_OK if the container was successfully decrypted. ERR_PARAMETER if the given parameters are not consistent. Input hCertStore RTS_IEC_HANDLE Handle to the certificate store. hRecipientCert RTS_IEC_HANDLE Handle to the recipients certificate. A private key of the certificate has to be available. Though the certificate has to be located in the “own” store. pCms POINTER TO RtsByteString Pointer to a byte string storing the CMS container. encoding RtsCertEncoding Encoding of the CMS container. pOutData POINTER TO RtsByteString Pointer to a byte string where to store the extracted data.
X509CertCmsVerify (FUN) ¶ FUNCTION X509CertCmsVerify : RTS_IEC_RESULT Verifies a CMS signature. This function can handle both (detached and attached) signatures. The signers certificate has to be located in the CMS container. Otherwise the verify will fail. The signers certificate is always verified against the trusted certificate store on the PLC. InOut: Scope Name Type Comment Return X509CertCmsVerify RTS_IEC_RESULT ERR_OK if the signature is valid and the signer was trustworthy. ERR_SIGNATURE_MISMATCH if the signature is invalid and / or the signer was not trustworthy. ERR_PARAMETER if the given parameters are not consistent. Input hCertStore RTS_IEC_HANDLE Handle to the certificate store. pCms POINTER TO RtsByteString Pointer to a byte string storing the CMS container. encoding RtsCertEncoding Encoding of the CMS container. pInData POINTER TO RtsByteString Used only if the signature is detached. In this case this byte string has to store the data to be verified pOutData POINTER TO RtsByteString Pointer to a byte string where to store the extracted data.
CertificateStore ¶ X509CertCreateCSR (Function) X509CertCreateSelfSigned (Function) X509CertGetPrivateKey (Function) X509CertStoreAddCert (Function) X509CertStoreClose (Function) X509CertStoreGetFirstCert (Function) X509CertStoreGetNextCert (Function) X509CertStoreGetRegisteredCert (Function) X509CertStoreOpen (Function) X509CertStoreRegister (Function) X509CertStoreRemoveCert (Function) X509CertStoreSearchGetFirst (Function) X509CertStoreSearchGetNext (Function) X509CertStoreUnregister (Function) X509CertVerify (Function) X509CertVerify2 (Function)
X509CertCreateCSR (FUN) ¶ FUNCTION X509CertCreateCSR : RTS_IEC_RESULT Create a new certificate request. A new PRIVATE key will be generated and automatically stored in the key store. The certificate request can be sent to an official CA to get a signed certificate. InOut: Scope Name Type Comment Return X509CertCreateCSR RTS_IEC_RESULT Input hCertStore RTS_IEC_HANDLE Handle to the certificate store hBackend RTS_IEC_HANDLE Handle to the back-end where to store the generated certificate. RTS_INVALID_HANDLE should be used if no back- end is specified. pCertInfo POINTER TO RtsX509CertInfo Information of the certificate to be generated. ui32KeySize UDINT Size in bits of the private key. encoding RtsCertEncoding Encoding of the generated CSR. pCSR POINTER TO RtsByteString The signing request in binary form.
X509CertCreateSelfSigned (FUN) ¶ FUNCTION X509CertCreateSelfSigned : RTS_IEC_HANDLE Create a new self signed certificate. A private key is generated and automatically stored. InOut: Scope Name Type Comment Return X509CertCreateSelfSigned RTS_IEC_HANDLE Input hCertStore RTS_IEC_HANDLE Handle to the certificate store hBackend RTS_IEC_HANDLE Handle to the back-end where to store the generated certificate. RTS_INVALID_HANDLE should be used if no back- end is specified. pCertInfo POINTER TO RtsX509CertInfo Information of the certificate to be generated. ui32KeySize UDINT Size in bits of the private key. pResult POINTER TO RTS_IEC_RESULT Result of the operation. ERR_OK: Everything went fine. ERR_INVALID_HANDLE: Some input handle is invalid. ERR_PARAMETER: Some input parameter is invalid. ERR_OVERFLOW: The timestamps of the certificate would overflow. ERR_NOMEMORY: Not enough memory to perform this operation. ERR_FAILED: Creation of self signed certificate failed. failed
