X.509 generic defines and structures. More...
#include "mbedtls/private_access.h"#include "mbedtls/build_info.h"#include "mbedtls/asn1.h"#include "mbedtls/pk.h"#include "mbedtls/rsa.h"
Include dependency graph for x509.h:
This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Data Structures | |
| struct | mbedtls_x509_time |
Typedefs | |
Structures for parsing X.509 certificates, CRLs and CSRs | |
| typedef mbedtls_asn1_buf | mbedtls_x509_buf |
| typedef mbedtls_asn1_bitstring | mbedtls_x509_bitstring |
| typedef mbedtls_asn1_named_data | mbedtls_x509_name |
| typedef mbedtls_asn1_sequence | mbedtls_x509_sequence |
| typedef struct mbedtls_x509_time | mbedtls_x509_time |
Functions | |
| int | mbedtls_x509_dn_gets (char *buf, size_t size, const mbedtls_x509_name *dn) |
| Store the certificate DN in printable form into buf; no more than size characters will be written. More... | |
| int | mbedtls_x509_serial_gets (char *buf, size_t size, const mbedtls_x509_buf *serial) |
| Store the certificate serial in printable form into buf; no more than size characters will be written. More... | |
| int | mbedtls_x509_time_is_past (const mbedtls_x509_time *to) |
| Check a given mbedtls_x509_time against the system time and tell if it's in the past. More... | |
| int | mbedtls_x509_time_is_future (const mbedtls_x509_time *from) |
| Check a given mbedtls_x509_time against the system time and tell if it's in the future. More... | |
| int | mbedtls_x509_get_name (unsigned char **p, const unsigned char *end, mbedtls_x509_name *cur) |
| int | mbedtls_x509_get_alg_null (unsigned char **p, const unsigned char *end, mbedtls_x509_buf *alg) |
| int | mbedtls_x509_get_alg (unsigned char **p, const unsigned char *end, mbedtls_x509_buf *alg, mbedtls_x509_buf *params) |
| int | mbedtls_x509_get_rsassa_pss_params (const mbedtls_x509_buf *params, mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, int *salt_len) |
| int | mbedtls_x509_get_sig (unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig) |
| int | mbedtls_x509_get_sig_alg (const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, void **sig_opts) |
| int | mbedtls_x509_get_time (unsigned char **p, const unsigned char *end, mbedtls_x509_time *t) |
| int | mbedtls_x509_get_serial (unsigned char **p, const unsigned char *end, mbedtls_x509_buf *serial) |
| int | mbedtls_x509_get_ext (unsigned char **p, const unsigned char *end, mbedtls_x509_buf *ext, int tag) |
| int | mbedtls_x509_key_size_helper (char *buf, size_t buf_size, const char *name) |
| int | mbedtls_x509_string_to_names (mbedtls_asn1_named_data **head, const char *name) |
| int | mbedtls_x509_set_extension (mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len) |
| int | mbedtls_x509_write_extensions (unsigned char **p, unsigned char *start, mbedtls_asn1_named_data *first) |
| int | mbedtls_x509_write_names (unsigned char **p, unsigned char *start, mbedtls_asn1_named_data *first) |
| int | mbedtls_x509_write_sig (unsigned char **p, unsigned char *start, const char *oid, size_t oid_len, unsigned char *sig, size_t size) |
Detailed Description
X.509 generic defines and structures.
Definition in file x509.h.
Macro Definition Documentation
| #define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER |
| #define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS /* Supported */ |
| #define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES |
| #define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_X509_EXT_CRL_DISTRIBUTION_POINTS |
| #define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE |
| #define MBEDTLS_X509_EXT_FRESHEST_CRL MBEDTLS_OID_X509_EXT_FRESHEST_CRL |
| #define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY MBEDTLS_OID_X509_EXT_INIHIBIT_ANYPOLICY |
| #define MBEDTLS_X509_EXT_ISSUER_ALT_NAME MBEDTLS_OID_X509_EXT_ISSUER_ALT_NAME |
| #define MBEDTLS_X509_EXT_KEY_USAGE MBEDTLS_OID_X509_EXT_KEY_USAGE |
| #define MBEDTLS_X509_EXT_NAME_CONSTRAINTS MBEDTLS_OID_X509_EXT_NAME_CONSTRAINTS |
| #define MBEDTLS_X509_EXT_NS_CERT_TYPE MBEDTLS_OID_X509_EXT_NS_CERT_TYPE |
| #define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS MBEDTLS_OID_X509_EXT_POLICY_CONSTRAINTS |
| #define MBEDTLS_X509_EXT_POLICY_MAPPINGS MBEDTLS_OID_X509_EXT_POLICY_MAPPINGS |
| #define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME /* Supported (DNS) */ |
| #define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_X509_EXT_SUBJECT_DIRECTORY_ATTRS |
| #define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER |
| #define MBEDTLS_X509_MAX_DN_NAME_SIZE 256 |
| #define MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */ |
| #define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */ |
| #define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */ |
| #define MBEDTLS_X509_NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */ |
| #define MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */ |
| #define MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */ |
| #define MBEDTLS_X509_SAFE_SNPRINTF |
Value:
do { \
if( ret < 0 || (size_t) ret >= n ) \
return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); \
\
n -= (size_t) ret; \
p += (size_t) ret; \
} while( 0 )
Function Documentation
| int mbedtls_x509_dn_gets | ( | char * | buf, |
| size_t | size, | ||
| const mbedtls_x509_name * | dn | ||
| ) |
Store the certificate DN in printable form into buf; no more than size characters will be written.
- Parameters
-
buf Buffer to write to size Maximum size of buffer dn The X509 name to represent
- Returns
- The length of the string written (not including the terminated nul byte), or a negative error code.
| int mbedtls_x509_get_alg | ( | unsigned char ** | p, |
| const unsigned char * | end, | ||
| mbedtls_x509_buf * | alg, | ||
| mbedtls_x509_buf * | params | ||
| ) |
| int mbedtls_x509_get_alg_null | ( | unsigned char ** | p, |
| const unsigned char * | end, | ||
| mbedtls_x509_buf * | alg | ||
| ) |
| int mbedtls_x509_get_ext | ( | unsigned char ** | p, |
| const unsigned char * | end, | ||
| mbedtls_x509_buf * | ext, | ||
| int | tag | ||
| ) |
| int mbedtls_x509_get_name | ( | unsigned char ** | p, |
| const unsigned char * | end, | ||
| mbedtls_x509_name * | cur | ||
| ) |
| int mbedtls_x509_get_rsassa_pss_params | ( | const mbedtls_x509_buf * | params, |
| mbedtls_md_type_t * | md_alg, | ||
| mbedtls_md_type_t * | mgf_md, | ||
| int * | salt_len | ||
| ) |
| int mbedtls_x509_get_serial | ( | unsigned char ** | p, |
| const unsigned char * | end, | ||
| mbedtls_x509_buf * | serial | ||
| ) |
| int mbedtls_x509_get_sig | ( | unsigned char ** | p, |
| const unsigned char * | end, | ||
| mbedtls_x509_buf * | sig | ||
| ) |
| int mbedtls_x509_get_sig_alg | ( | const mbedtls_x509_buf * | sig_oid, |
| const mbedtls_x509_buf * | sig_params, | ||
| mbedtls_md_type_t * | md_alg, | ||
| mbedtls_pk_type_t * | pk_alg, | ||
| void ** | sig_opts | ||
| ) |
| int mbedtls_x509_get_time | ( | unsigned char ** | p, |
| const unsigned char * | end, | ||
| mbedtls_x509_time * | t | ||
| ) |
| int mbedtls_x509_key_size_helper | ( | char * | buf, |
| size_t | buf_size, | ||
| const char * | name | ||
| ) |
| int mbedtls_x509_serial_gets | ( | char * | buf, |
| size_t | size, | ||
| const mbedtls_x509_buf * | serial | ||
| ) |
Store the certificate serial in printable form into buf; no more than size characters will be written.
- Parameters
-
buf Buffer to write to size Maximum size of buffer serial The X509 serial to represent
- Returns
- The length of the string written (not including the terminated nul byte), or a negative error code.
| int mbedtls_x509_set_extension | ( | mbedtls_asn1_named_data ** | head, |
| const char * | oid, | ||
| size_t | oid_len, | ||
| int | critical, | ||
| const unsigned char * | val, | ||
| size_t | val_len | ||
| ) |
| int mbedtls_x509_string_to_names | ( | mbedtls_asn1_named_data ** | head, |
| const char * | name | ||
| ) |
| int mbedtls_x509_time_is_future | ( | const mbedtls_x509_time * | from | ) |
Check a given mbedtls_x509_time against the system time and tell if it's in the future.
- Note
- Intended usage is "if( is_future( valid_from ) ) ERROR". Hence the return value of 1 if on internal errors.
- Parameters
-
from mbedtls_x509_time to check
- Returns
- 1 if the given time is in the future or an error occurred, 0 otherwise.
| int mbedtls_x509_time_is_past | ( | const mbedtls_x509_time * | to | ) |
Check a given mbedtls_x509_time against the system time and tell if it's in the past.
- Note
- Intended usage is "if( is_past( valid_to ) ) ERROR". Hence the return value of 1 if on internal errors.
- Parameters
-
to mbedtls_x509_time to check
- Returns
- 1 if the given time is in the past or an error occurred, 0 otherwise.
| int mbedtls_x509_write_extensions | ( | unsigned char ** | p, |
| unsigned char * | start, | ||
| mbedtls_asn1_named_data * | first | ||
| ) |
| int mbedtls_x509_write_names | ( | unsigned char ** | p, |
| unsigned char * | start, | ||
| mbedtls_asn1_named_data * | first | ||
| ) |
| int mbedtls_x509_write_sig | ( | unsigned char ** | p, |
| unsigned char * | start, | ||
| const char * | oid, | ||
| size_t | oid_len, | ||
| unsigned char * | sig, | ||
| size_t | size | ||
| ) |
