Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
mbedtls_x509_crt Struct Reference
[X509_module]
  Container for an X.509 certificate. More...
#include <x509_crt.h>
| Data Fields | |
| mbedtls_x509_buf | raw | 
| The raw certificate data (DER). | |
| mbedtls_x509_buf | tbs | 
| The raw certificate body (DER). | |
| int | version | 
| The X.509 version. | |
| mbedtls_x509_buf | serial | 
| Unique id for certificate issued by a specific CA. | |
| mbedtls_x509_buf | sig_oid | 
| Signature algorithm, e.g. | |
| mbedtls_x509_buf | issuer_raw | 
| The raw issuer data (DER). | |
| mbedtls_x509_buf | subject_raw | 
| The raw subject data (DER). | |
| mbedtls_x509_name | issuer | 
| The parsed issuer data (named information object). | |
| mbedtls_x509_name | subject | 
| The parsed subject data (named information object). | |
| mbedtls_x509_time | valid_from | 
| Start time of certificate validity. | |
| mbedtls_x509_time | valid_to | 
| End time of certificate validity. | |
| mbedtls_pk_context | pk | 
| Container for the public key context. | |
| mbedtls_x509_buf | issuer_id | 
| Optional X.509 v2/v3 issuer unique identifier. | |
| mbedtls_x509_buf | subject_id | 
| Optional X.509 v2/v3 subject unique identifier. | |
| mbedtls_x509_buf | v3_ext | 
| Optional X.509 v3 extensions. | |
| mbedtls_x509_sequence | subject_alt_names | 
| Optional list of Subject Alternative Names (Only dNSName supported). | |
| int | ext_types | 
| Bit string containing detected and parsed extensions. | |
| int | ca_istrue | 
| Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. | |
| int | max_pathlen | 
| Optional Basic Constraint extension value: The maximum path length to the root certificate. | |
| unsigned int | key_usage | 
| Optional key usage extension value: See the values in x509.h. | |
| mbedtls_x509_sequence | ext_key_usage | 
| Optional list of extended key usage OIDs. | |
| unsigned char | ns_cert_type | 
| Optional Netscape certificate type extension value: See the values in x509.h. | |
| mbedtls_x509_buf | sig | 
| Signature: hash of the tbs part signed with the private key. | |
| mbedtls_md_type_t | sig_md | 
| Internal representation of the MD algorithm of the signature algorithm, e.g. | |
| mbedtls_pk_type_t | sig_pk | 
| Internal representation of the Public Key algorithm of the signature algorithm, e.g. | |
| void * | sig_opts | 
| Signature options to be passed to mbedtls_pk_verify_ext(), e.g. | |
| struct mbedtls_x509_crt * | next | 
| Next certificate in the CA-chain. | |
Detailed Description
Container for an X.509 certificate.
The certificate may be chained.
Definition at line 53 of file x509_crt.h.
Field Documentation
| int ca_istrue | 
Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.
Definition at line 79 of file x509_crt.h.
Optional list of extended key usage OIDs.
Definition at line 84 of file x509_crt.h.
| int ext_types | 
Bit string containing detected and parsed extensions.
Definition at line 78 of file x509_crt.h.
The parsed issuer data (named information object).
Definition at line 65 of file x509_crt.h.
Optional X.509 v2/v3 issuer unique identifier.
Definition at line 73 of file x509_crt.h.
| unsigned int key_usage | 
Optional key usage extension value: See the values in x509.h.
Definition at line 82 of file x509_crt.h.
| int max_pathlen | 
Optional Basic Constraint extension value: The maximum path length to the root certificate.
Path length is 1 higher than RFC 5280 'meaning', so 1+
Definition at line 80 of file x509_crt.h.
| struct mbedtls_x509_crt* next | 
Next certificate in the CA-chain.
Definition at line 93 of file x509_crt.h.
| unsigned char ns_cert_type | 
Optional Netscape certificate type extension value: See the values in x509.h.
Definition at line 86 of file x509_crt.h.
Container for the public key context.
Definition at line 71 of file x509_crt.h.
The raw certificate data (DER).
Definition at line 55 of file x509_crt.h.
Unique id for certificate issued by a specific CA.
Definition at line 59 of file x509_crt.h.
Signature: hash of the tbs part signed with the private key.
Definition at line 88 of file x509_crt.h.
Internal representation of the MD algorithm of the signature algorithm, e.g.
MBEDTLS_MD_SHA256
Definition at line 89 of file x509_crt.h.
| void* sig_opts | 
Signature options to be passed to mbedtls_pk_verify_ext(), e.g.
for RSASSA-PSS
Definition at line 91 of file x509_crt.h.
Internal representation of the Public Key algorithm of the signature algorithm, e.g.
MBEDTLS_PK_RSA
Definition at line 90 of file x509_crt.h.
The parsed subject data (named information object).
Definition at line 66 of file x509_crt.h.
Optional list of Subject Alternative Names (Only dNSName supported).
Definition at line 76 of file x509_crt.h.
Optional X.509 v2/v3 subject unique identifier.
Definition at line 74 of file x509_crt.h.
The raw certificate body (DER).
The part that is To Be Signed.
Definition at line 56 of file x509_crt.h.
Optional X.509 v3 extensions.
Definition at line 75 of file x509_crt.h.
Start time of certificate validity.
Definition at line 68 of file x509_crt.h.
End time of certificate validity.
Definition at line 69 of file x509_crt.h.
| int version | 
Generated on Tue Jul 12 2022 20:53:12 by
 1.7.2
 1.7.2