Ashley Mills / axTLS

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Embed: (wiki syntax)

« Back to documentation index

x509.c File Reference
Functions | Variables

x509.c File Reference

Certificate processing. More...

Go to the source code of this file.

Functions

static const uint8_t * get_signature (const uint8_t *asn1_sig, int *len)
 Retrieve the signature from a certificate.
int x509_new (const uint8_t *cert, int *len, X509_CTX **ctx)
 Construct a new x509 object.
void x509_free (X509_CTX *x509_ctx)
 Free an X.509 object's resources.
static bigintsig_verify (BI_CTX *ctx, const uint8_t *sig, int sig_len, bigint *modulus, bigint *pub_exp)
 Take a signature and decrypt it.
int x509_verify (const CA_CERT_CTX *ca_cert_ctx, const X509_CTX *cert)
 Do some basic checks on the certificate chain.

Variables

static const char * not_part_of_cert = "<Not Part Of Certificate>"
 Used for diagnostics.

Detailed Description

Certificate processing.

Definition in file x509.c.

Function Documentation

static const uint8_t* get_signature ( const uint8_t *  asn1_sig,
int *  len 
) [static]

Retrieve the signature from a certificate.

Definition at line 49 of file x509.c.

static bigint* sig_verify ( BI_CTX ctx,
const uint8_t *  sig,
int  sig_len,
bigint modulus,
bigint pub_exp 
) [static]

Take a signature and decrypt it.

Definition at line 268 of file x509.c.

void x509_free ( X509_CTX *  x509_ctx )

Free an X.509 object's resources.

Definition at line 227 of file x509.c.

int x509_new ( const uint8_t *  cert,
int *  len,
X509_CTX **  ctx 
)

Construct a new x509 object.

Returns:
0 if ok. < 0 if there was a problem.

Definition at line 73 of file x509.c.

int x509_verify ( const CA_CERT_CTX *  ca_cert_ctx,
const X509_CTX *  cert 
)

Do some basic checks on the certificate chain.

Certificate verification consists of a number of checks:

  • The date of the certificate is after the start date.
  • The date of the certificate is before the finish date.
  • A root certificate exists in the certificate store.
  • That the certificate(s) are not self-signed.
  • The certificate chain is valid.
  • The signature of the certificate is valid.

Definition at line 318 of file x509.c.

Variable Documentation

const char* not_part_of_cert = "<Not Part Of Certificate>" [static]

Used for diagnostics.

Definition at line 450 of file x509.c.

Generated on Tue Jul 12 2022 18:48:01 by  doxygen 1.7.2