Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of
mbedtls
by 
Christopher Haster
mbedtls_x509_crt Struct Reference
[X509_module]
Container for an X.509 certificate. More...
#include <x509_crt.h>
Data Fields | |
| mbedtls_x509_buf | raw |
| The raw certificate data (DER). | |
| mbedtls_x509_buf | tbs |
| The raw certificate body (DER). | |
| int | version |
| The X.509 version. | |
| mbedtls_x509_buf | serial |
| Unique id for certificate issued by a specific CA. | |
| mbedtls_x509_buf | sig_oid |
| Signature algorithm, e.g. | |
| mbedtls_x509_buf | issuer_raw |
| The raw issuer data (DER). | |
| mbedtls_x509_buf | subject_raw |
| The raw subject data (DER). | |
| mbedtls_x509_name | issuer |
| The parsed issuer data (named information object). | |
| mbedtls_x509_name | subject |
| The parsed subject data (named information object). | |
| mbedtls_x509_time | valid_from |
| Start time of certificate validity. | |
| mbedtls_x509_time | valid_to |
| End time of certificate validity. | |
| mbedtls_pk_context | pk |
| Container for the public key context. | |
| mbedtls_x509_buf | issuer_id |
| Optional X.509 v2/v3 issuer unique identifier. | |
| mbedtls_x509_buf | subject_id |
| Optional X.509 v2/v3 subject unique identifier. | |
| mbedtls_x509_buf | v3_ext |
| Optional X.509 v3 extensions. | |
| mbedtls_x509_sequence | subject_alt_names |
| Optional list of Subject Alternative Names (Only dNSName supported). | |
| int | ext_types |
| Bit string containing detected and parsed extensions. | |
| int | ca_istrue |
| Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. | |
| int | max_pathlen |
| Optional Basic Constraint extension value: The maximum path length to the root certificate. | |
| unsigned int | key_usage |
| Optional key usage extension value: See the values in x509.h. | |
| mbedtls_x509_sequence | ext_key_usage |
| Optional list of extended key usage OIDs. | |
| unsigned char | ns_cert_type |
| Optional Netscape certificate type extension value: See the values in x509.h. | |
| mbedtls_x509_buf | sig |
| Signature: hash of the tbs part signed with the private key. | |
| mbedtls_md_type_t | sig_md |
| Internal representation of the MD algorithm of the signature algorithm, e.g. | |
| mbedtls_pk_type_t | sig_pk |
| Internal representation of the Public Key algorithm of the signature algorithm, e.g. | |
| void * | sig_opts |
| Signature options to be passed to mbedtls_pk_verify_ext(), e.g. | |
| struct mbedtls_x509_crt * | next |
| Next certificate in the CA-chain. | |
Detailed Description
Container for an X.509 certificate.
The certificate may be chained.
Definition at line 52 of file x509_crt.h.
Field Documentation
| int ca_istrue |
Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.
Definition at line 78 of file x509_crt.h.
Optional list of extended key usage OIDs.
Definition at line 83 of file x509_crt.h.
| int ext_types |
Bit string containing detected and parsed extensions.
Definition at line 77 of file x509_crt.h.
The parsed issuer data (named information object).
Definition at line 64 of file x509_crt.h.
Optional X.509 v2/v3 issuer unique identifier.
Definition at line 72 of file x509_crt.h.
| unsigned int key_usage |
Optional key usage extension value: See the values in x509.h.
Definition at line 81 of file x509_crt.h.
| int max_pathlen |
Optional Basic Constraint extension value: The maximum path length to the root certificate.
Path length is 1 higher than RFC 5280 'meaning', so 1+
Definition at line 79 of file x509_crt.h.
| struct mbedtls_x509_crt* next |
Next certificate in the CA-chain.
Definition at line 92 of file x509_crt.h.
| unsigned char ns_cert_type |
Optional Netscape certificate type extension value: See the values in x509.h.
Definition at line 85 of file x509_crt.h.
Container for the public key context.
Definition at line 70 of file x509_crt.h.
The raw certificate data (DER).
Definition at line 54 of file x509_crt.h.
Unique id for certificate issued by a specific CA.
Definition at line 58 of file x509_crt.h.
Signature: hash of the tbs part signed with the private key.
Definition at line 87 of file x509_crt.h.
| mbedtls_md_type_t sig_md |
Internal representation of the MD algorithm of the signature algorithm, e.g.
MBEDTLS_MD_SHA256
Definition at line 88 of file x509_crt.h.
| void* sig_opts |
Signature options to be passed to mbedtls_pk_verify_ext(), e.g.
for RSASSA-PSS
Definition at line 90 of file x509_crt.h.
Internal representation of the Public Key algorithm of the signature algorithm, e.g.
MBEDTLS_PK_RSA
Definition at line 89 of file x509_crt.h.
The parsed subject data (named information object).
Definition at line 65 of file x509_crt.h.
Optional list of Subject Alternative Names (Only dNSName supported).
Definition at line 75 of file x509_crt.h.
Optional X.509 v2/v3 subject unique identifier.
Definition at line 73 of file x509_crt.h.
The raw certificate body (DER).
The part that is To Be Signed.
Definition at line 55 of file x509_crt.h.
Optional X.509 v3 extensions.
Definition at line 74 of file x509_crt.h.
Start time of certificate validity.
Definition at line 67 of file x509_crt.h.
End time of certificate validity.
Definition at line 68 of file x509_crt.h.
| int version |
Generated on Tue Jul 12 2022 12:52:57 by
1.7.2