|
void | mbedtls_x509write_crt_init (mbedtls_x509write_cert *ctx) |
| Initialize a CRT writing context. More...
|
|
void | mbedtls_x509write_crt_set_version (mbedtls_x509write_cert *ctx, int version) |
| Set the verion for a Certificate Default: MBEDTLS_X509_CRT_VERSION_3. More...
|
|
int | mbedtls_x509write_crt_set_serial (mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial) |
| Set the serial number for a Certificate. More...
|
|
int | mbedtls_x509write_crt_set_validity (mbedtls_x509write_cert *ctx, const char *not_before, const char *not_after) |
| Set the validity period for a Certificate Timestamps should be in string format for UTC timezone i.e. More...
|
|
int | mbedtls_x509write_crt_set_issuer_name (mbedtls_x509write_cert *ctx, const char *issuer_name) |
| Set the issuer name for a Certificate Issuer names should contain a comma-separated list of OID types and values: e.g. More...
|
|
int | mbedtls_x509write_crt_set_subject_name (mbedtls_x509write_cert *ctx, const char *subject_name) |
| Set the subject name for a Certificate Subject names should contain a comma-separated list of OID types and values: e.g. More...
|
|
void | mbedtls_x509write_crt_set_subject_key (mbedtls_x509write_cert *ctx, mbedtls_pk_context *key) |
| Set the subject public key for the certificate. More...
|
|
void | mbedtls_x509write_crt_set_issuer_key (mbedtls_x509write_cert *ctx, mbedtls_pk_context *key) |
| Set the issuer key used for signing the certificate. More...
|
|
void | mbedtls_x509write_crt_set_md_alg (mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg) |
| Set the MD algorithm to use for the signature (e.g. More...
|
|
int | mbedtls_x509write_crt_set_extension (mbedtls_x509write_cert *ctx, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len) |
| Generic function to add to or replace an extension in the CRT. More...
|
|
int | mbedtls_x509write_crt_set_basic_constraints (mbedtls_x509write_cert *ctx, int is_ca, int max_pathlen) |
| Set the basicConstraints extension for a CRT. More...
|
|
int | mbedtls_x509write_crt_set_subject_key_identifier (mbedtls_x509write_cert *ctx) |
| Set the subjectKeyIdentifier extension for a CRT Requires that mbedtls_x509write_crt_set_subject_key() has been called before. More...
|
|
int | mbedtls_x509write_crt_set_authority_key_identifier (mbedtls_x509write_cert *ctx) |
| Set the authorityKeyIdentifier extension for a CRT Requires that mbedtls_x509write_crt_set_issuer_key() has been called before. More...
|
|
int | mbedtls_x509write_crt_set_key_usage (mbedtls_x509write_cert *ctx, unsigned int key_usage) |
| Set the Key Usage Extension flags (e.g. More...
|
|
int | mbedtls_x509write_crt_set_ns_cert_type (mbedtls_x509write_cert *ctx, unsigned char ns_cert_type) |
| Set the Netscape Cert Type flags (e.g. More...
|
|
void | mbedtls_x509write_crt_free (mbedtls_x509write_cert *ctx) |
| Free the contents of a CRT write context. More...
|
|
int | mbedtls_x509write_crt_der (mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
| Write a built up certificate to a X509 DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer. More...
|
|
int | mbedtls_x509write_crt_pem (mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
| Write a built up certificate to a X509 PEM string. More...
|
|
|
#define | MBEDTLS_X509_ID_FLAG(id) ( 1 << ( id - 1 ) ) |
| Build flag from an algorithm/curve identifier (pk, md, ecp) Since 0 is always XXX_NONE, ignore it. More...
|
|
#define | MBEDTLS_X509_CRT_VERSION_1 0 |
|
#define | MBEDTLS_X509_CRT_VERSION_2 1 |
|
#define | MBEDTLS_X509_CRT_VERSION_3 2 |
|
#define | MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 |
|
#define | MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 |
|
typedef struct mbedtls_x509_crt | mbedtls_x509_crt |
| Container for an X.509 certificate. More...
|
|
typedef struct mbedtls_x509write_cert | mbedtls_x509write_cert |
| Container for writing a certificate (CRT) More...
|
|
const mbedtls_x509_crt_profile | mbedtls_x509_crt_profile_default |
| Default security profile. More...
|
|
const mbedtls_x509_crt_profile | mbedtls_x509_crt_profile_next |
| Expected next default profile. More...
|
|
const mbedtls_x509_crt_profile | mbedtls_x509_crt_profile_suiteb |
| NSA Suite B profile. More...
|
|
int | mbedtls_x509_crt_parse_der (mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen) |
| Parse a single DER formatted certificate and add it to the chained list. More...
|
|
int | mbedtls_x509_crt_parse (mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen) |
| Parse one or more certificates and add them to the chained list. More...
|
|
int | mbedtls_x509_crt_parse_file (mbedtls_x509_crt *chain, const char *path) |
| Load one or more certificates and add them to the chained list. More...
|
|
int | mbedtls_x509_crt_parse_path (mbedtls_x509_crt *chain, const char *path) |
| Load one or more certificate files from a path and add them to the chained list. More...
|
|
int | mbedtls_x509_crt_info (char *buf, size_t size, const char *prefix, const mbedtls_x509_crt *crt) |
| Returns an informational string about the certificate. More...
|
|
int | mbedtls_x509_crt_verify_info (char *buf, size_t size, const char *prefix, uint32_t flags) |
| Returns an informational string about the verification status of a certificate. More...
|
|
int | mbedtls_x509_crt_verify (mbedtls_x509_crt *crt, mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl, const char *cn, uint32_t *flags, int(*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy) |
| Verify the certificate signature. More...
|
|
int | mbedtls_x509_crt_verify_with_profile (mbedtls_x509_crt *crt, mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl, const mbedtls_x509_crt_profile *profile, const char *cn, uint32_t *flags, int(*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy) |
| Verify the certificate signature according to profile. More...
|
|
int | mbedtls_x509_crt_check_key_usage (const mbedtls_x509_crt *crt, unsigned int usage) |
| Check usage of certificate against keyUsage extension. More...
|
|
int | mbedtls_x509_crt_check_extended_key_usage (const mbedtls_x509_crt *crt, const char *usage_oid, size_t usage_len) |
| Check usage of certificate against extentedJeyUsage. More...
|
|
int | mbedtls_x509_crt_is_revoked (const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl) |
| Verify the certificate revocation status. More...
|
|
void | mbedtls_x509_crt_init (mbedtls_x509_crt *crt) |
| Initialize a certificate (chain) More...
|
|
void | mbedtls_x509_crt_free (mbedtls_x509_crt *crt) |
| Unallocate all certificate data. More...
|
|
X.509 certificate parsing and writing.
Copyright (C) 2006-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: Apache-2.0
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
This file is part of mbed TLS (https://tls.mbed.org)
Definition in file x509_crt.h.