- Generated by
1.14.0
X.509 certificate builder, issuance policy, signing, and PEM encoding interface. More...
Go to the source code of this file.
Macros | |
| #define | QSC_X509_CERT_ISSUANCE_PROPAGATE_SUBJECT_ALT_NAME 0x00000001U |
| Permit propagation of the Subject Alternative Name extension from a CSR. | |
| #define | QSC_X509_CERT_ISSUANCE_PROPAGATE_EXTENDED_KEY_USAGE 0x00000002U |
| Permit propagation of the Extended Key Usage extension from a CSR. | |
| #define | QSC_X509_CERT_ISSUANCE_PROPAGATE_SUBJECT_KEY_IDENTIFIER 0x00000004U |
| Permit propagation of a Subject Key Identifier from a CSR. | |
| #define | QSC_X509_CERT_ISSUANCE_PROPAGATE_UNKNOWN_NON_CRITICAL 0x00000008U |
| Permit propagation of unknown non-critical CSR extensions. | |
| #define | QSC_X509_CERT_ISSUANCE_PROPAGATE_DEFAULT (QSC_X509_CERT_ISSUANCE_PROPAGATE_SUBJECT_ALT_NAME | QSC_X509_CERT_ISSUANCE_PROPAGATE_EXTENDED_KEY_USAGE) |
| Default CSR extension propagation policy. | |
| #define | QSC_X509_CERT_PROFILE_NONE 0U |
| No predefined issuance profile. | |
| #define | QSC_X509_CERT_PROFILE_ROOT_CA 1U |
| Predefined root CA certificate profile. | |
| #define | QSC_X509_CERT_PROFILE_INTERMEDIATE_CA 2U |
| Predefined intermediate CA certificate profile. | |
| #define | QSC_X509_CERT_PROFILE_TLS_SERVER 3U |
| Predefined TLS server certificate profile. | |
| #define | QSC_X509_CERT_PROFILE_TLS_CLIENT 4U |
| Predefined TLS client certificate profile. | |
Functions | |
| QSC_EXPORT_API void | qsc_x509_certificate_builder_initialize (qsc_x509_certificate_builder *builder) |
| Initialize a certificate builder instance. | |
| QSC_EXPORT_API void | qsc_x509_certificate_builder_clear (qsc_x509_certificate_builder *builder) |
| Clear a certificate builder instance. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_serial (qsc_x509_certificate_builder *builder, const uint8_t *serialnumber, size_t serialnumberlen) |
| Set the certificate serial number. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_issuer (qsc_x509_certificate_builder *builder, const qsc_x509_name *issuer) |
| Set the issuer distinguished name. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_subject (qsc_x509_certificate_builder *builder, const qsc_x509_name *subject) |
| Set the subject distinguished name. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_validity (qsc_x509_certificate_builder *builder, const qsc_x509_validity *validity) |
| Set the certificate validity interval. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_spki (qsc_x509_certificate_builder *builder, const qsc_x509_subject_public_key_info *spki) |
| Set the subject public key information. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_signature_algorithm (qsc_x509_certificate_builder *builder, const qsc_x509_algorithm_identifier *signaturealgorithm) |
| Set the certificate signature algorithm identifier. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_basic_constraints (qsc_x509_certificate_builder *builder, const qsc_x509_basic_constraints *basicconstraints) |
| Set the Basic Constraints extension content. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_key_usage (qsc_x509_certificate_builder *builder, const qsc_x509_key_usage *keyusage) |
| Set the Key Usage extension content. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_extended_key_usage (qsc_x509_certificate_builder *builder, const qsc_x509_extended_key_usage *extendedkeyusage) |
| Set the Extended Key Usage extension content. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_subject_key_identifier (qsc_x509_certificate_builder *builder, const qsc_x509_subject_key_identifier *subjectkeyidentifier) |
| Set the Subject Key Identifier extension content. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_authority_key_identifier (qsc_x509_certificate_builder *builder, const qsc_x509_authority_key_identifier *authoritykeyidentifier) |
| Set the Authority Key Identifier extension content. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_add_subject_alt_name_dns (qsc_x509_certificate_builder *builder, const char *dnsname, size_t dsnamelen) |
| Add a DNS subject alternative name entry. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_add_subject_alt_name_ip (qsc_x509_certificate_builder *builder, const uint8_t *address, size_t addresslen) |
| Add an IP-address subject alternative name entry. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_add_extension (qsc_x509_certificate_builder *builder, const qsc_x509_extension *extension) |
| Add a raw extension to the builder. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_encode_tbs_der (const qsc_x509_certificate_builder *builder, uint8_t *output, size_t *outputlen) |
| Encode the TBSCertificate portion as DER. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_sign (const qsc_x509_certificate_builder *builder, qsc_x509_certificate_sign_callback signcallback, void *context, uint8_t *output, size_t *outputlen) |
| Sign and encode a complete certificate. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_cert_issuance_validate_csr (const qsc_x509_csr *csr) |
| Validate a certificate signing request for issuance use. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_cert_issuance_filter_requested_extensions (const qsc_x509_csr *csr, uint32_t policyflags, qsc_x509_extensions *filteredextensions) |
| Filter CSR-requested extensions under issuer policy. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_cert_issuance_apply_csr_extensions (qsc_x509_certificate_builder *builder, const qsc_x509_csr *csr, uint32_t policyflags) |
| Apply CSR-requested extensions to a certificate builder. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_set_issuer_from_certificate (qsc_x509_certificate_builder *builder, const qsc_x509_certificate *issuer) |
| Set the issuer name from an issuer certificate. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_compute_subject_key_identifier (const qsc_x509_subject_public_key_info *spki, qsc_x509_subject_key_identifier *subjectkeyidentifier) |
| Compute a Subject Key Identifier from subject public key information. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_compute_authority_key_identifier (const qsc_x509_certificate *issuer, qsc_x509_authority_key_identifier *authoritykeyidentifier) |
| Compute an Authority Key Identifier from an issuer certificate. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_apply_generated_identifiers (qsc_x509_certificate_builder *builder, const qsc_x509_certificate *issuer) |
| Apply generated key identifiers to the builder. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_apply_profile (qsc_x509_certificate_builder *builder, uint32_t profile) |
| Apply a predefined certificate profile to the builder. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_builder_validate_profile (const qsc_x509_certificate_builder *builder, const qsc_x509_certificate *issuer, uint32_t profile) |
| Validate builder contents against a predefined profile. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_certificate_encode_pem (const uint8_t *der, size_t derlen, char *output, size_t *outputlen) |
| Encode a DER certificate into PEM. | |
X.509 certificate builder, issuance policy, signing, and PEM encoding interface.
This header exposes the public certificate construction interface used to assemble a qsc_x509_certificate_builder instance and encode it as a TBSCertificate DER object or as a complete signed X.509 certificate. The interface supports direct field-based certificate construction, CSR-assisted issuance, extension filtering under issuer policy, automatic issuer and key identifier derivation, profile application and validation, and final PEM conversion of a DER-encoded certificate.
The builder operates on externally defined X.509 object types declared in the associated X.509 headers. Callers initialize a builder, populate mandatory and optional certificate fields, optionally apply issuance policy or predefined profile constraints, and then either encode the TBSCertificate or sign the certificate through a caller-supplied signing callback.
| #define QSC_X509_CERT_ISSUANCE_PROPAGATE_DEFAULT (QSC_X509_CERT_ISSUANCE_PROPAGATE_SUBJECT_ALT_NAME | QSC_X509_CERT_ISSUANCE_PROPAGATE_EXTENDED_KEY_USAGE) |
Default CSR extension propagation policy.
This macro combines the default allowed CSR extension classes for issuance. The default policy permits propagation of Subject Alternative Name and Extended Key Usage.
| #define QSC_X509_CERT_ISSUANCE_PROPAGATE_EXTENDED_KEY_USAGE 0x00000002U |
Permit propagation of the Extended Key Usage extension from a CSR.
When this policy flag is enabled, requested extended key purpose identifiers present in a CSR may be transferred into the issued certificate.
| #define QSC_X509_CERT_ISSUANCE_PROPAGATE_SUBJECT_ALT_NAME 0x00000001U |
Permit propagation of the Subject Alternative Name extension from a CSR.
When this policy flag is enabled, a requested Subject Alternative Name extension contained in a certificate signing request may be copied into the certificate builder during CSR-based issuance processing.
| #define QSC_X509_CERT_ISSUANCE_PROPAGATE_SUBJECT_KEY_IDENTIFIER 0x00000004U |
Permit propagation of a Subject Key Identifier from a CSR.
This flag allows an SKI requested in the CSR to be accepted during issuance. In stricter issuance models, the issuer may instead compute and apply the identifier independently.
| #define QSC_X509_CERT_ISSUANCE_PROPAGATE_UNKNOWN_NON_CRITICAL 0x00000008U |
Permit propagation of unknown non-critical CSR extensions.
This flag relaxes extension filtering by allowing unrecognized extensions, provided they are non-critical, to be copied from the CSR into the issued certificate.
| #define QSC_X509_CERT_PROFILE_INTERMEDIATE_CA 2U |
Predefined intermediate CA certificate profile.
Selects the built-in intermediate certification authority issuance profile.
| #define QSC_X509_CERT_PROFILE_NONE 0U |
No predefined issuance profile.
Indicates that no built-in profile constraints are requested.
| #define QSC_X509_CERT_PROFILE_ROOT_CA 1U |
Predefined root CA certificate profile.
Selects the built-in root certification authority issuance profile.
| #define QSC_X509_CERT_PROFILE_TLS_CLIENT 4U |
Predefined TLS client certificate profile.
Selects the built-in end-entity TLS client issuance profile.
| #define QSC_X509_CERT_PROFILE_TLS_SERVER 3U |
Predefined TLS server certificate profile.
Selects the built-in end-entity TLS server issuance profile.
| QSC_EXPORT_API qsc_asn1_status qsc_x509_cert_issuance_apply_csr_extensions | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_csr * | csr, | ||
| uint32_t | policyflags ) |
Apply CSR-requested extensions to a certificate builder.
Filters and copies CSR extensions into the certificate builder according to the supplied issuance policy flags.
| builder | [struct] The destination certificate builder. |
| csr | [const][struct] The source certificate signing request. |
| policyflags | The CSR extension propagation policy bitmask. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_cert_issuance_filter_requested_extensions | ( | const qsc_x509_csr * | csr, |
| uint32_t | policyflags, | ||
| qsc_x509_extensions * | filteredextensions ) |
Filter CSR-requested extensions under issuer policy.
Examines the requested CSR extensions and emits only those extensions permitted by the supplied policy flag mask.
| csr | [const][struct] The source certificate signing request. |
| policyflags | The CSR extension propagation policy bitmask. |
| filteredextensions | [struct] The destination filtered extension set. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_cert_issuance_validate_csr | ( | const qsc_x509_csr * | csr | ) |
Validate a certificate signing request for issuance use.
Performs structural and issuance-related validation of a CSR before its contents are used to generate a certificate.
| csr | [const][struct] The certificate signing request to validate. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_add_extension | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_extension * | extension ) |
Add a raw extension to the builder.
Appends a caller-supplied extension object to the set of certificate extensions being assembled by the builder.
| builder | [struct] The destination certificate builder. |
| extension | [const][struct] The extension to add. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_add_subject_alt_name_dns | ( | qsc_x509_certificate_builder * | builder, |
| const char * | dnsname, | ||
| size_t | dsnamelen ) |
Add a DNS subject alternative name entry.
Appends a dNSName general-name entry to the Subject Alternative Name extension content held by the builder.
| builder | [struct] The destination certificate builder. |
| dnsname | [const] The DNS host name string. |
| dsnamelen | The length of the DNS host name string in bytes. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_add_subject_alt_name_ip | ( | qsc_x509_certificate_builder * | builder, |
| const uint8_t * | address, | ||
| size_t | addresslen ) |
Add an IP-address subject alternative name entry.
Appends an iPAddress general-name entry to the Subject Alternative Name extension content held by the builder.
| builder | [struct] The destination certificate builder. |
| address | [const] The binary IP address. |
| addresslen | The length of the IP address in bytes. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_apply_generated_identifiers | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_certificate * | issuer ) |
Apply generated key identifiers to the builder.
Computes and assigns identifier extensions derived from the subject public key and, when supplied, the issuer certificate.
| builder | [struct] The destination certificate builder. |
| issuer | [const][struct] The optional issuer certificate used for AKI derivation. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_apply_profile | ( | qsc_x509_certificate_builder * | builder, |
| uint32_t | profile ) |
Apply a predefined certificate profile to the builder.
Adjusts builder state to conform to a named built-in issuance profile such as root CA, intermediate CA, TLS server, or TLS client.
| builder | [struct] The destination certificate builder. |
| profile | The predefined profile selector. |
| QSC_EXPORT_API void qsc_x509_certificate_builder_clear | ( | qsc_x509_certificate_builder * | builder | ) |
Clear a certificate builder instance.
Clears all builder state and releases or resets any internally held certificate-construction data. This function is used to erase or reinitialize a builder after use.
| builder | [struct] The certificate builder to clear. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_encode_tbs_der | ( | const qsc_x509_certificate_builder * | builder, |
| uint8_t * | output, | ||
| size_t * | outputlen ) |
Encode the TBSCertificate portion as DER.
Serializes the builder contents into the DER representation of the TBSCertificate structure without applying a signature. The caller may pass a null output buffer to query the required size through outputlen.
| builder | [const][struct] The source certificate builder. |
| output | The destination buffer receiving the DER encoding. |
| outputlen | The input capacity of output and, on success, the number of bytes written. |
| QSC_EXPORT_API void qsc_x509_certificate_builder_initialize | ( | qsc_x509_certificate_builder * | builder | ) |
Initialize a certificate builder instance.
Resets the builder to a clean default state suitable for certificate construction. This function shall be called before any other builder mutator is used on the object.
| builder | [struct] The certificate builder to initialize. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_authority_key_identifier | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_authority_key_identifier * | authoritykeyidentifier ) |
Set the Authority Key Identifier extension content.
Applies an Authority Key Identifier extension to the builder.
| builder | [struct] The destination certificate builder. |
| authoritykeyidentifier | [const][struct] The Authority Key Identifier value. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_basic_constraints | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_basic_constraints * | basicconstraints ) |
Set the Basic Constraints extension content.
Applies a Basic Constraints extension definition to the builder.
| builder | [struct] The destination certificate builder. |
| basicconstraints | [const][struct] The Basic Constraints value. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_extended_key_usage | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_extended_key_usage * | extendedkeyusage ) |
Set the Extended Key Usage extension content.
Applies an Extended Key Usage extension definition to the builder.
| builder | [struct] The destination certificate builder. |
| extendedkeyusage | [const][struct] The Extended Key Usage value. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_issuer | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_name * | issuer ) |
Set the issuer distinguished name.
Copies the issuer name into the builder for later certificate encoding.
| builder | [struct] The destination certificate builder. |
| issuer | [const][struct] The issuer distinguished name. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_issuer_from_certificate | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_certificate * | issuer ) |
Set the issuer name from an issuer certificate.
Extracts the issuer certificate subject name and applies it as the issuer distinguished name of the certificate being built.
| builder | [struct] The destination certificate builder. |
| issuer | [const][struct] The issuer certificate. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_key_usage | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_key_usage * | keyusage ) |
Set the Key Usage extension content.
Applies a Key Usage extension definition to the builder.
| builder | [struct] The destination certificate builder. |
| keyusage | [const][struct] The Key Usage value. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_serial | ( | qsc_x509_certificate_builder * | builder, |
| const uint8_t * | serialnumber, | ||
| size_t | serialnumberlen ) |
Set the certificate serial number.
Assigns the serial number that will be encoded into the certificate. The caller supplies the serial number as a raw byte string.
| builder | [struct] The destination certificate builder. |
| serialnumber | [const] The serial number byte array. |
| serialnumberlen | The length of the serial number in bytes. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_signature_algorithm | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_algorithm_identifier * | signaturealgorithm ) |
Set the certificate signature algorithm identifier.
Assigns the outer certificate signature algorithm identifier and the corresponding TBSCertificate signature field used during signing.
| builder | [struct] The destination certificate builder. |
| signaturealgorithm | [const][struct] The signature algorithm identifier. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_spki | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_subject_public_key_info * | spki ) |
Set the subject public key information.
Assigns the SubjectPublicKeyInfo structure that identifies the public-key algorithm and embeds the subject public key value.
| builder | [struct] The destination certificate builder. |
| spki | [const][struct] The subject public key information structure. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_subject | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_name * | subject ) |
Set the subject distinguished name.
Copies the subject name into the builder for later certificate encoding.
| builder | [struct] The destination certificate builder. |
| subject | [const][struct] The subject distinguished name. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_subject_key_identifier | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_subject_key_identifier * | subjectkeyidentifier ) |
Set the Subject Key Identifier extension content.
Applies a Subject Key Identifier extension to the builder.
| builder | [struct] The destination certificate builder. |
| subjectkeyidentifier | [const][struct] The Subject Key Identifier value. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_set_validity | ( | qsc_x509_certificate_builder * | builder, |
| const qsc_x509_validity * | validity ) |
Set the certificate validity interval.
Copies the not-before and not-after validity values into the builder. The interval is rejected when notBefore is later than notAfter.
| builder | [struct] The destination certificate builder. |
| validity | [const][struct] The validity interval to apply. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_sign | ( | const qsc_x509_certificate_builder * | builder, |
| qsc_x509_certificate_sign_callback | signcallback, | ||
| void * | context, | ||
| uint8_t * | output, | ||
| size_t * | outputlen ) |
Sign and encode a complete certificate.
Encodes the TBSCertificate, invokes the caller-supplied signing callback to produce the certificate signature, and then emits the final DER-encoded Certificate structure.
| builder | [const][struct] The source certificate builder. |
| signcallback | The signing callback used to produce the certificate signature. |
| context | The opaque caller-defined signing context passed to the callback. |
| output | The destination buffer receiving the DER certificate. |
| outputlen | The input capacity of output and, on success, the number of bytes written. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_builder_validate_profile | ( | const qsc_x509_certificate_builder * | builder, |
| const qsc_x509_certificate * | issuer, | ||
| uint32_t | profile ) |
Validate builder contents against a predefined profile.
Checks whether the populated builder state is consistent with the selected certificate profile and, when applicable, with the supplied issuer certificate.
| builder | [const][struct] The source certificate builder. |
| issuer | [const][struct] The optional issuer certificate. |
| profile | The predefined profile selector. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_certificate_encode_pem | ( | const uint8_t * | der, |
| size_t | derlen, | ||
| char * | output, | ||
| size_t * | outputlen ) |
Encode a DER certificate into PEM.
Converts a DER-encoded certificate into the textual PEM representation, including the BEGIN CERTIFICATE and END CERTIFICATE encapsulation markers.
| der | [const] The DER-encoded certificate input. |
| derlen | The length of the DER input in bytes. |
| output | The destination character buffer receiving the PEM text. |
| outputlen | The input capacity of output and, on success, the number of characters written. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_compute_authority_key_identifier | ( | const qsc_x509_certificate * | issuer, |
| qsc_x509_authority_key_identifier * | authoritykeyidentifier ) |
Compute an Authority Key Identifier from an issuer certificate.
Derives an AKI value from the issuer certificate information and stores the result in the destination identifier object.
| issuer | [const][struct] The issuer certificate. |
| authoritykeyidentifier | [struct] The destination Authority Key Identifier. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_compute_subject_key_identifier | ( | const qsc_x509_subject_public_key_info * | spki, |
| qsc_x509_subject_key_identifier * | subjectkeyidentifier ) |
Compute a Subject Key Identifier from subject public key information.
Derives an SKI value from the supplied SubjectPublicKeyInfo structure and stores the result in the destination identifier object.
| spki | [const][struct] The subject public key information source. |
| subjectkeyidentifier | [struct] The destination Subject Key Identifier. |
1.14.0