Using the AKM API involves
- using ato_ks_create() to create one or more keystore management objects,
- using ato_ks_credential() to retrieve credentials
- using the AKM credential API to query the credential
Create an keystore object
struct _ato_Keystore ato_Keystore
The keystore object.
Definition: keystore.h:15
ATO_AKM_EXPORT int ato_ks_create(ato_Ctx *ctx, ato_Keystore **ks, const char *buffer, const ato_ksProperties *properties)
Create a keystore object from the XML stored in buffer.
Parameters are:
- context
- address of the keystore object to allocate
- a buffer containing the keystore XML content
Get a credential for a given user/alias
struct _ato_Credential ato_Credential
The credential object.
Definition: credential.h:14
ATO_AKM_EXPORT ato_Credential * ato_ks_credential(ato_Keystore *ks, const char *alias)
Return the credential corresponding to alias or NULL if not found.
Get DER encoded values
for the certificate and private key from the credential
printf("Warning: renewal for '%s' failed\n", alias);
ATO_AKM_EXPORT bool ato_cr_isrenewable(ato_Ctx *ctx, ato_Credential *cr)
Determines if the credential is ready to be renewed - see ato_cr_renew().
ATO_AKM_EXPORT int ato_cr_privatekey(ato_Ctx *ctx, ato_Credential *cr, ato_String **privatekey, const char *pwd)
Construct a decrypted private key object from the credential and return as a DER encoded array.
ATO_AKM_EXPORT int ato_cr_certificate(ato_Ctx *ctx, ato_Credential *cr, ato_String **certificate)
Construct a X509 certificate object from the credential and return as a DER encoded array.
struct _ato_String ato_String
Cleanup
ATO_AKM_EXPORT void * ato_ks_free(ato_Keystore *ks)
Free the keystore object if not NULL.
ATO_EXPORT void * ato_str_free(ato_String *str)