X.509 certificate signing request parsing and writing. More...
#include "config.h"
#include "x509.h"
Go to the source code of this file.
Data Structures | |
struct | mbedtls_x509_csr |
struct | mbedtls_x509write_csr |
Functions | |
void | mbedtls_x509write_csr_init (mbedtls_x509write_csr *ctx) |
Initialize a CSR context. | |
int | mbedtls_x509write_csr_set_subject_name (mbedtls_x509write_csr *ctx, const char *subject_name) |
Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g. "C=UK,O=ARM,CN=mbed TLS Server 1". | |
void | mbedtls_x509write_csr_set_key (mbedtls_x509write_csr *ctx, mbedtls_pk_context *key) |
Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it). | |
void | mbedtls_x509write_csr_set_md_alg (mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg) |
Set the MD algorithm to use for the signature (e.g. MBEDTLS_MD_SHA1). | |
int | mbedtls_x509write_csr_set_key_usage (mbedtls_x509write_csr *ctx, unsigned char key_usage) |
Set the Key Usage Extension flags (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN). | |
int | mbedtls_x509write_csr_set_ns_cert_type (mbedtls_x509write_csr *ctx, unsigned char ns_cert_type) |
Set the Netscape Cert Type flags (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL). | |
int | mbedtls_x509write_csr_set_extension (mbedtls_x509write_csr *ctx, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len) |
Generic function to add to or replace an extension in the CSR. | |
void | mbedtls_x509write_csr_free (mbedtls_x509write_csr *ctx) |
Free the contents of a CSR context. | |
int | mbedtls_x509write_csr_der (mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer. | |
int | mbedtls_x509write_csr_pem (mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Write a CSR (Certificate Signing Request) to a PEM string. | |
Structures and functions for X.509 Certificate Signing Requests (CSR) | |
int | mbedtls_x509_csr_parse_der (mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen) |
Load a Certificate Signing Request (CSR) in DER format. | |
int | mbedtls_x509_csr_parse (mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen) |
Load a Certificate Signing Request (CSR), DER or PEM format. | |
int | mbedtls_x509_csr_parse_file (mbedtls_x509_csr *csr, const char *path) |
Load a Certificate Signing Request (CSR). | |
int | mbedtls_x509_csr_info (char *buf, size_t size, const char *prefix, const mbedtls_x509_csr *csr) |
Returns an informational string about the CSR. | |
void | mbedtls_x509_csr_init (mbedtls_x509_csr *csr) |
Initialize a CSR. | |
void | mbedtls_x509_csr_free (mbedtls_x509_csr *csr) |
Unallocate all CSR data. |
X.509 certificate signing request parsing and writing.
Definition in file x509_csr.h.
int mbedtls_x509write_csr_der | ( | mbedtls_x509write_csr * | ctx, | |
unsigned char * | buf, | |||
size_t | size, | |||
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng | |||
) |
Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.
ctx | CSR to write away | |
buf | buffer to write to | |
size | size of the buffer | |
f_rng | RNG function (for signature, see note) | |
p_rng | RNG parameter |
void mbedtls_x509write_csr_free | ( | mbedtls_x509write_csr * | ctx | ) |
Free the contents of a CSR context.
ctx | CSR context to free |
void mbedtls_x509write_csr_init | ( | mbedtls_x509write_csr * | ctx | ) |
Initialize a CSR context.
ctx | CSR context to initialize |
int mbedtls_x509write_csr_pem | ( | mbedtls_x509write_csr * | ctx, | |
unsigned char * | buf, | |||
size_t | size, | |||
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng | |||
) |
Write a CSR (Certificate Signing Request) to a PEM string.
ctx | CSR to write away | |
buf | buffer to write to | |
size | size of the buffer | |
f_rng | RNG function (for signature, see note) | |
p_rng | RNG parameter |
int mbedtls_x509write_csr_set_extension | ( | mbedtls_x509write_csr * | ctx, | |
const char * | oid, | |||
size_t | oid_len, | |||
const unsigned char * | val, | |||
size_t | val_len | |||
) |
Generic function to add to or replace an extension in the CSR.
ctx | CSR context to use | |
oid | OID of the extension | |
oid_len | length of the OID | |
val | value of the extension OCTET STRING | |
val_len | length of the value data |
void mbedtls_x509write_csr_set_key | ( | mbedtls_x509write_csr * | ctx, | |
mbedtls_pk_context * | key | |||
) |
Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it).
ctx | CSR context to use | |
key | Asymetric key to include |
int mbedtls_x509write_csr_set_key_usage | ( | mbedtls_x509write_csr * | ctx, | |
unsigned char | key_usage | |||
) |
Set the Key Usage Extension flags (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN).
ctx | CSR context to use | |
key_usage | key usage flags to set |
decipherOnly
flag from the Key Usage extension is represented by bit 8 (i.e. 0x8000
), which cannot typically be represented in an unsigned char. Therefore, the flag decipherOnly
(i.e. MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this function. void mbedtls_x509write_csr_set_md_alg | ( | mbedtls_x509write_csr * | ctx, | |
mbedtls_md_type_t | md_alg | |||
) |
Set the MD algorithm to use for the signature (e.g. MBEDTLS_MD_SHA1).
ctx | CSR context to use | |
md_alg | MD algorithm to use |
int mbedtls_x509write_csr_set_ns_cert_type | ( | mbedtls_x509write_csr * | ctx, | |
unsigned char | ns_cert_type | |||
) |
Set the Netscape Cert Type flags (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL).
ctx | CSR context to use | |
ns_cert_type | Netscape Cert Type flags to set |
int mbedtls_x509write_csr_set_subject_name | ( | mbedtls_x509write_csr * | ctx, | |
const char * | subject_name | |||
) |
Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g. "C=UK,O=ARM,CN=mbed TLS Server 1".
ctx | CSR context to use | |
subject_name | subject name to set |