X509_module

Container for ASN1 bit strings.

Definition at line 218 of file x509.h.

Type-length-value structure that allows for ASN1 using DER.

Definition at line 213 of file x509.h.

Certificate revocation list structure.

Every CRL may have multiple entries.

Certificate revocation list entry.

Contains the CA-specific serial numbers and revocation dates.

Container for an X.509 certificate.

The certificate may be chained.

The type of trusted certificate callbacks.

Callbacks of this type are passed to and used by the CRT verification routine mbedtls_x509_crt_verify_with_ca_cb() when looking for trusted signers of a given certificate.

On success, the callback returns a list of trusted certificates to be considered as potential signers for the input certificate.

Parameters:

p_ctx	An opaque context passed to the callback.
child	The certificate for which to search a potential signer. This will point to a readable certificate.
candidate_cas	The address at which to store the address of the first entry in the generated linked list of candidate signers. This will not be NULL.

Note:

The callback must only return a non-zero value on a fatal error. If, in contrast, the search for a potential signer completes without a single candidate, the callback must return 0 and set *candidate_cas to NULL.

Returns:

0 on success. In this case, *candidate_cas points to a heap-allocated linked list of instances of mbedtls_x509_crt, and ownership of this list is passed to the caller.

A negative error code on failure.

Definition at line 637 of file x509_crt.h.

Security profile for certificate verification.

All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().

Certificate Signing Request (CSR) structure.

Container for ASN1 named information objects.

It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.).

Definition at line 224 of file x509.h.

From RFC 5280 section 4.2.1.6: OtherName ::= SEQUENCE { type-id OBJECT IDENTIFIER, value [0] EXPLICIT ANY DEFINED BY type-id }.

Container for a sequence of ASN.1 items.

Definition at line 229 of file x509.h.

A structure for holding the parsed Subject Alternative Name, according to type.

Container for date and time (precision in seconds).

Container for writing a certificate (CRT)

Container for writing a CSR.

Unallocate all CRL data.

Parameters:

crl	CRL chain to free

Definition at line 713 of file x509_crl.c.

Returns an informational string about the CRL.

Parameters:

buf	Buffer to write to
size	Maximum size of buffer
prefix	A line prefix
crl	The X509 CRL to represent

Returns:

The length of the string written (not including the terminated nul byte), or a negative error code.

Definition at line 630 of file x509_crl.c.

Initialize a CRL (chain)

Parameters:

crl	CRL chain to initialize

Definition at line 705 of file x509_crl.c.

Parse one or more CRLs and append them to the chained list.

Note:

Multiple CRLs are accepted only if using PEM format

Parameters:

chain	points to the start of the chain
buf	buffer holding the CRL data in PEM or DER format
buflen	size of the buffer (including the terminating null byte for PEM data)

Returns:

0 if successful, or a specific X509 or PEM error code

Definition at line 539 of file x509_crl.c.

Parse a DER-encoded CRL and append it to the chained list.

Parameters:

chain	points to the start of the chain
buf	buffer holding the CRL data in DER format
buflen	size of the buffer (including the terminating null byte for PEM data)

Returns:

0 if successful, or a specific X509 or PEM error code

Definition at line 300 of file x509_crl.c.

Load one or more CRLs and append them to the chained list.

Note:

Multiple CRLs are accepted only if using PEM format

Parameters:

chain	points to the start of the chain
path	filename to read the CRLs from (in PEM or DER encoding)

Returns:

0 if successful, or a specific X509 or PEM error code

Definition at line 604 of file x509_crl.c.

Check usage of certificate against extendedKeyUsage.

Parameters:

crt	Leaf certificate used.
usage_oid	Intended usage (eg MBEDTLS_OID_SERVER_AUTH or MBEDTLS_OID_CLIENT_AUTH).
usage_len	Length of usage_oid (eg given by MBEDTLS_OID_SIZE()).

Returns:

0 if this use of the certificate is allowed, MBEDTLS_ERR_X509_BAD_INPUT_DATA if not.

Note:

Usually only makes sense on leaf certificates.

Definition at line 2249 of file x509_crt.c.

Check usage of certificate against keyUsage extension.

Parameters:

crt	Leaf certificate used.
usage	Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT before using the certificate to perform an RSA key exchange).

Note:

Except for decipherOnly and encipherOnly, a bit set in the usage argument means this bit MUST be set in the certificate. For decipherOnly and encipherOnly, it means that bit MAY be set.

Returns:

0 is these uses of the certificate are allowed, MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension is present but does not match the usage argument.

Note:

You should only call this function on leaf certificates, on (intermediate) CAs the keyUsage extension is automatically checked by mbedtls_x509_crt_verify().

Definition at line 2224 of file x509_crt.c.

Unallocate all certificate data.

Parameters:

crt	Certificate chain to free

Definition at line 3226 of file x509_crt.c.

Returns an informational string about the certificate.

Parameters:

buf	Buffer to write to
size	Maximum size of buffer
prefix	A line prefix
crt	The X509 certificate to represent

Returns:

The length of the string written (not including the terminated nul byte), or a negative error code.

Definition at line 2023 of file x509_crt.c.

Initialize a certificate (chain)

Parameters:

crt	Certificate chain to initialize

Definition at line 3218 of file x509_crt.c.

Verify the certificate revocation status.

Parameters:

crt	a certificate to be verified
crl	the CRL to verify against

Returns:

1 if the certificate is revoked, 0 otherwise

Definition at line 2284 of file x509_crt.c.

Parse one DER-encoded or one or more concatenated PEM-encoded certificates and add them to the chained list.

For CRTs in PEM encoding, the function parses permissively: if at least one certificate can be parsed, the function returns the number of certificates for which parsing failed (hence 0 if all certificates were parsed successfully). If no certificate could be parsed, the function returns the first (negative) error encountered during parsing.

PEM encoded certificates may be interleaved by other data such as human readable descriptions of their content, as long as the certificates are enclosed in the PEM specific '-----{BEGIN/END} CERTIFICATE-----' delimiters.

Parameters:

chain	The chain to which to add the parsed certificates.
buf	The buffer holding the certificate data in PEM or DER format. For certificates in PEM encoding, this may be a concatenation of multiple certificates; for DER encoding, the buffer must comprise exactly one certificate.
buflen	The size of buf, including the terminating NULL byte in case of PEM encoded data.

Returns:

0 if all certificates were parsed successfully.

The (positive) number of certificates that couldn't be parsed if parsing was partly successful (see above).

A negative X509 or PEM error code otherwise.

Definition at line 1383 of file x509_crt.c.

Parse a single DER formatted certificate and add it to the end of the provided chained list.

Parameters:

chain	The pointer to the start of the CRT chain to attach to. When parsing the first CRT in a chain, this should point to an instance of mbedtls_x509_crt initialized through mbedtls_x509_crt_init().
buf	The buffer holding the DER encoded certificate.
buflen	The size in Bytes of buf.

Note:

This function makes an internal copy of the CRT buffer buf. In particular, buf may be destroyed or reused after this call returns. To avoid duplicating the CRT buffer (at the cost of stricter lifetime constraints), use mbedtls_x509_crt_parse_der_nocopy() instead.

Returns:

0 if successful.

A negative error code on failure.

Definition at line 1372 of file x509_crt.c.

Parse a single DER formatted certificate and add it to the end of the provided chained list.

This is a variant of mbedtls_x509_crt_parse_der() which takes temporary ownership of the CRT buffer until the CRT is destroyed.

Parameters:

chain	The pointer to the start of the CRT chain to attach to. When parsing the first CRT in a chain, this should point to an instance of mbedtls_x509_crt initialized through mbedtls_x509_crt_init().
buf	The address of the readable buffer holding the DER encoded certificate to use. On success, this buffer must be retained and not be changed for the liftetime of the CRT chain chain, that is, until chain is destroyed through a call to mbedtls_x509_crt_free().
buflen	The size in Bytes of buf.

Note:

This call is functionally equivalent to mbedtls_x509_crt_parse_der(), but it avoids creating a copy of the input buffer at the cost of stronger lifetime constraints. This is useful in constrained environments where duplication of the CRT cannot be tolerated.

Returns:

0 if successful.

A negative error code on failure.

Definition at line 1365 of file x509_crt.c.

Load one or more certificates and add them to the chained list.

Parses permissively. If some certificates can be parsed, the result is the number of failed certificates it encountered. If none complete correctly, the first error is returned.

Parameters:

chain	points to the start of the chain
path	filename to read the certificates from

Returns:

0 if all certificates parsed successfully, a positive number if partly successful or a specific X509 or PEM error code

Definition at line 1500 of file x509_crt.c.

Load one or more certificate files from a path and add them to the chained list.

Parses permissively. If some certificates can be parsed, the result is the number of failed certificates it encountered. If none complete correctly, the first error is returned.

Parameters:

chain	points to the start of the chain
path	directory / folder to read the certificate files from

Returns:

0 if all certificates parsed successfully, a positive number if partly successful or a specific X509 or PEM error code

Definition at line 1517 of file x509_crt.c.

Free the components of a restart context.

Definition at line 3339 of file x509_crt.c.

Initialize a restart context.

Definition at line 3321 of file x509_crt.c.

Verify a chain of certificates.

The verify callback is a user-supplied callback that can clear / modify / add flags for a certificate. If set, the verification callback is called for each certificate in the chain (from the trust-ca down to the presented crt). The parameters for the callback are: (void *parameter, mbedtls_x509_crt *crt, int certificate_depth, int *flags). With the flags representing current flags for that specific certificate and the certificate depth from the bottom (Peer cert depth = 0).

All flags left after returning from the callback are also returned to the application. The function should return 0 for anything (including invalid certificates) other than fatal error, as a non-zero return code immediately aborts the verification process. For fatal errors, a specific error code should be used (different from MBEDTLS_ERR_X509_CERT_VERIFY_FAILED which should not be returned at this point), or MBEDTLS_ERR_X509_FATAL_ERROR can be used if no better code is available.

Note:

In case verification failed, the results can be displayed using mbedtls_x509_crt_verify_info()

Same as mbedtls_x509_crt_verify_with_profile() with the default security profile.

It is your responsibility to provide up-to-date CRLs for all trusted CAs. If no CRL is provided for the CA that was used to sign the certificate, CRL verification is skipped silently, that is *without* setting any flag.

The trust_ca list can contain two types of certificates: (1) those of trusted root CAs, so that certificates chaining up to those CAs will be trusted, and (2) self-signed end-entity certificates to be trusted (for specific peers you know) - in that case, the self-signed certificate doesn't need to have the CA bit set.

Parameters:

crt	The certificate chain to be verified.
trust_ca	The list of trusted CAs.
ca_crl	The list of CRLs for trusted CAs.
cn	The expected Common Name. This may be NULL if the CN need not be verified.
flags	The address at which to store the result of the verification. If the verification couldn't be completed, the flag value is set to (uint32_t) -1.
f_vrfy	The verification callback to use. See the documentation of mbedtls_x509_crt_verify() for more information.
p_vrfy	The context to be passed to f_vrfy.

Returns:

0 if the chain is valid with respect to the passed CN, CAs, CRLs and security profile.

MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the certificate chain verification failed. In this case, *flags will have one or more MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX flags set.

Another negative error code in case of a fatal error encountered during the verification process.

Definition at line 3148 of file x509_crt.c.

Returns an informational string about the verification status of a certificate.

Parameters:

buf	Buffer to write to
size	Maximum size of buffer
prefix	A line prefix
flags	Verification flags created by mbedtls_x509_crt_verify()

Returns:

The length of the string written (not including the terminated nul byte), or a negative error code.

Definition at line 2195 of file x509_crt.c.

Restartable version of mbedtls_crt_verify_with_profile()

Note:

Performs the same job as mbedtls_crt_verify_with_profile() but can return early and restart according to the limit set with mbedtls_ecp_set_max_ops() to reduce blocking.

Parameters:

crt	The certificate chain to be verified.
trust_ca	The list of trusted CAs.
ca_crl	The list of CRLs for trusted CAs.
profile	The security profile to use for the verification.
cn	The expected Common Name. This may be NULL if the CN need not be verified.
flags	The address at which to store the result of the verification. If the verification couldn't be completed, the flag value is set to (uint32_t) -1.
f_vrfy	The verification callback to use. See the documentation of mbedtls_x509_crt_verify() for more information.
p_vrfy	The context to be passed to f_vrfy.
rs_ctx	The restart context to use. This may be set to NULL to disable restartable ECC.

Returns:

See mbedtls_crt_verify_with_profile(), or

MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of operations was reached: see mbedtls_ecp_set_max_ops().

Definition at line 3199 of file x509_crt.c.

Version of mbedtls_x509_crt_verify_with_profile() which uses a callback to acquire the list of trusted CA certificates.

Parameters:

crt	The certificate chain to be verified.
f_ca_cb	The callback to be used to query for potential signers of a given child certificate. See the documentation of mbedtls_x509_crt_ca_cb_t for more information.
p_ca_cb	The opaque context to be passed to f_ca_cb.
profile	The security profile for the verification.
cn	The expected Common Name. This may be NULL if the CN need not be verified.
flags	The address at which to store the result of the verification. If the verification couldn't be completed, the flag value is set to (uint32_t) -1.
f_vrfy	The verification callback to use. See the documentation of mbedtls_x509_crt_verify() for more information.
p_vrfy	The context to be passed to f_vrfy.

Returns:

See mbedtls_crt_verify_with_profile().

Definition at line 3184 of file x509_crt.c.

Verify a chain of certificates with respect to a configurable security profile.

Note:

Same as mbedtls_x509_crt_verify(), but with explicit security profile.

The restrictions on keys (RSA minimum size, allowed curves for ECDSA) apply to all certificates: trusted root, intermediate CAs if any, and end entity certificate.

Parameters:

crt	The certificate chain to be verified.
trust_ca	The list of trusted CAs.
ca_crl	The list of CRLs for trusted CAs.
profile	The security profile to use for the verification.
cn	The expected Common Name. This may be NULL if the CN need not be verified.
flags	The address at which to store the result of the verification. If the verification couldn't be completed, the flag value is set to (uint32_t) -1.
f_vrfy	The verification callback to use. See the documentation of mbedtls_x509_crt_verify() for more information.
p_vrfy	The context to be passed to f_vrfy.

Returns:

0 if the chain is valid with respect to the passed CN, CAs, CRLs and security profile.

MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the certificate chain verification failed. In this case, *flags will have one or more MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX flags set.

Another negative error code in case of a fatal error encountered during the verification process.

Definition at line 3165 of file x509_crt.c.

Unallocate all CSR data.

Parameters:

csr	CSR to free

Definition at line 387 of file x509_csr.c.

Returns an informational string about the CSR.

Parameters:

buf	Buffer to write to
size	Maximum size of buffer
prefix	A line prefix
csr	The X509 CSR to represent

Returns:

The length of the string written (not including the terminated nul byte), or a negative error code.

Definition at line 336 of file x509_csr.c.

Initialize a CSR.

Parameters:

csr	CSR to initialize

Definition at line 379 of file x509_csr.c.

Load a Certificate Signing Request (CSR), DER or PEM format.

Note:

See notes for mbedtls_x509_csr_parse_der()

Parameters:

csr	CSR context to fill
buf	buffer holding the CRL data
buflen	size of the buffer (including the terminating null byte for PEM data)

Returns:

0 if successful, or a specific X509 or PEM error code

Definition at line 262 of file x509_csr.c.

Load a Certificate Signing Request (CSR) in DER format.

Note:

CSR attributes (if any) are currently silently ignored.

Parameters:

csr	CSR context to fill
buf	buffer holding the CRL data
buflen	size of the buffer

Returns:

0 if successful, or a specific X509 error code

Definition at line 90 of file x509_csr.c.

Load a Certificate Signing Request (CSR)

Note:

See notes for mbedtls_x509_csr_parse()

Parameters:

csr	CSR context to fill
path	filename to read the CSR from

Returns:

0 if successful, or a specific X509 or PEM error code

Definition at line 313 of file x509_csr.c.

This function parses an item in the SubjectAlternativeNames extension.

Parameters:

san_buf	The buffer holding the raw data item of the subject alternative name.
san	The target structure to populate with the parsed presentation of the subject alternative name encoded in san_raw.

Note:

Only "dnsName" and "otherName" of type hardware_module_name as defined in RFC 4180 is supported.

This function should be called on a single raw data of subject alternative name. For example, after successful certificate parsing, one must iterate on every item in the crt->subject_alt_names sequence, and pass it to this function.

Warning:

The target structure contains pointers to the raw data of the parsed certificate, and its lifetime is restricted by the lifetime of the certificate.

Returns:

0 on success

MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE for an unsupported SAN type.

Another negative value for any other failure.

Definition at line 1848 of file x509_crt.c.

Default security profile.

Should provide a good balance between security and compatibility with current deployments.

Definition at line 102 of file x509_crt.c.

Expected next default profile.

Recommended for new deployments. Currently targets a 128-bit security level, except for RSA-2048.

Definition at line 121 of file x509_crt.c.

NSA Suite B profile.

Definition at line 146 of file x509_crt.c.