Rtos API example
x509_csr.h File Reference
X.509 certificate signing request parsing and writing. More...
Go to the source code of this file.
Data Structures | |
struct | mbedtls_x509_csr |
Certificate Signing Request (CSR) structure. More... | |
struct | mbedtls_x509write_csr |
Container for writing a CSR. More... | |
Functions | |
void | mbedtls_x509write_csr_init (mbedtls_x509write_csr *ctx) |
Initialize a CSR context. | |
int | mbedtls_x509write_csr_set_subject_name (mbedtls_x509write_csr *ctx, const char *subject_name) |
Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g. | |
void | mbedtls_x509write_csr_set_key (mbedtls_x509write_csr *ctx, mbedtls_pk_context *key) |
Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it) | |
void | mbedtls_x509write_csr_set_md_alg (mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg) |
Set the MD algorithm to use for the signature (e.g. | |
int | mbedtls_x509write_csr_set_key_usage (mbedtls_x509write_csr *ctx, unsigned char key_usage) |
Set the Key Usage Extension flags (e.g. | |
int | mbedtls_x509write_csr_set_ns_cert_type (mbedtls_x509write_csr *ctx, unsigned char ns_cert_type) |
Set the Netscape Cert Type flags (e.g. | |
int | mbedtls_x509write_csr_set_extension (mbedtls_x509write_csr *ctx, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len) |
Generic function to add to or replace an extension in the CSR. | |
void | mbedtls_x509write_csr_free (mbedtls_x509write_csr *ctx) |
Free the contents of a CSR context. | |
int | mbedtls_x509write_csr_der (mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer. | |
int | mbedtls_x509write_csr_pem (mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Write a CSR (Certificate Signing Request) to a PEM string. | |
Structures and functions for X.509 Certificate Signing Requests (CSR) | |
typedef struct mbedtls_x509_csr | mbedtls_x509_csr |
Certificate Signing Request (CSR) structure. | |
typedef struct mbedtls_x509write_csr | mbedtls_x509write_csr |
Container for writing a CSR. | |
int | mbedtls_x509_csr_parse_der (mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen) |
Load a Certificate Signing Request (CSR) in DER format. | |
int | mbedtls_x509_csr_parse (mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen) |
Load a Certificate Signing Request (CSR), DER or PEM format. | |
int | mbedtls_x509_csr_parse_file (mbedtls_x509_csr *csr, const char *path) |
Load a Certificate Signing Request (CSR) | |
int | mbedtls_x509_csr_info (char *buf, size_t size, const char *prefix, const mbedtls_x509_csr *csr) |
Returns an informational string about the CSR. | |
void | mbedtls_x509_csr_init (mbedtls_x509_csr *csr) |
Initialize a CSR. | |
void | mbedtls_x509_csr_free (mbedtls_x509_csr *csr) |
Unallocate all CSR data. |
Detailed Description
X.509 certificate signing request parsing and writing.
Copyright (C) 2006-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: Apache-2.0
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
This file is part of mbed TLS (https://tls.mbed.org)
Definition in file x509_csr.h.
Function Documentation
int mbedtls_x509write_csr_der | ( | mbedtls_x509write_csr * | ctx, |
unsigned char * | buf, | ||
size_t | size, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.
- Parameters:
-
ctx CSR to write away buf buffer to write to size size of the buffer f_rng RNG function (for signature, see note) p_rng RNG parameter
- Returns:
- length of data written if successful, or a specific error code
- Note:
- f_rng may be NULL if RSA is used for signature and the signature is made offline (otherwise f_rng is desirable for countermeasures against timing attacks). ECDSA signatures always require a non-NULL f_rng.
Definition at line 129 of file x509write_csr.c.
void mbedtls_x509write_csr_free | ( | mbedtls_x509write_csr * | ctx ) |
Free the contents of a CSR context.
- Parameters:
-
ctx CSR context to free
Definition at line 56 of file x509write_csr.c.
void mbedtls_x509write_csr_init | ( | mbedtls_x509write_csr * | ctx ) |
Initialize a CSR context.
- Parameters:
-
ctx CSR context to initialize
Definition at line 51 of file x509write_csr.c.
int mbedtls_x509write_csr_pem | ( | mbedtls_x509write_csr * | ctx, |
unsigned char * | buf, | ||
size_t | size, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
Write a CSR (Certificate Signing Request) to a PEM string.
- Parameters:
-
ctx CSR to write away buf buffer to write to size size of the buffer f_rng RNG function (for signature, see note) p_rng RNG parameter
- Returns:
- 0 if successful, or a specific error code
- Note:
- f_rng may be NULL if RSA is used for signature and the signature is made offline (otherwise f_rng is desirable for countermeasures against timing attacks). ECDSA signatures always require a non-NULL f_rng.
Definition at line 234 of file x509write_csr.c.
int mbedtls_x509write_csr_set_extension | ( | mbedtls_x509write_csr * | ctx, |
const char * | oid, | ||
size_t | oid_len, | ||
const unsigned char * | val, | ||
size_t | val_len | ||
) |
Generic function to add to or replace an extension in the CSR.
- Parameters:
-
ctx CSR context to use oid OID of the extension oid_len length of the OID val value of the extension OCTET STRING val_len length of the value data
- Returns:
- 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
Definition at line 80 of file x509write_csr.c.
void mbedtls_x509write_csr_set_key | ( | mbedtls_x509write_csr * | ctx, |
mbedtls_pk_context * | key | ||
) |
Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it)
- Parameters:
-
ctx CSR context to use key Asymetric key to include
Definition at line 69 of file x509write_csr.c.
int mbedtls_x509write_csr_set_key_usage | ( | mbedtls_x509write_csr * | ctx, |
unsigned char | key_usage | ||
) |
Set the Key Usage Extension flags (e.g.
MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)
- Parameters:
-
ctx CSR context to use key_usage key usage flags to set
- Returns:
- 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
Definition at line 88 of file x509write_csr.c.
void mbedtls_x509write_csr_set_md_alg | ( | mbedtls_x509write_csr * | ctx, |
mbedtls_md_type_t | md_alg | ||
) |
Set the MD algorithm to use for the signature (e.g.
MBEDTLS_MD_SHA1)
- Parameters:
-
ctx CSR context to use md_alg MD algorithm to use
Definition at line 64 of file x509write_csr.c.
int mbedtls_x509write_csr_set_ns_cert_type | ( | mbedtls_x509write_csr * | ctx, |
unsigned char | ns_cert_type | ||
) |
Set the Netscape Cert Type flags (e.g.
MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)
- Parameters:
-
ctx CSR context to use ns_cert_type Netscape Cert Type flags to set
- Returns:
- 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
Definition at line 108 of file x509write_csr.c.
int mbedtls_x509write_csr_set_subject_name | ( | mbedtls_x509write_csr * | ctx, |
const char * | subject_name | ||
) |
Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g.
"C=UK,O=ARM,CN=mbed TLS Server 1"
- Parameters:
-
ctx CSR context to use subject_name subject name to set
- Returns:
- 0 if subject name was parsed successfully, or a specific error code
Definition at line 74 of file x509write_csr.c.
Generated on Sun Jul 17 2022 08:25:36 by 1.7.2