File x509_crt.h
X.509 certificate parsing and writing.
Structures and functions for parsing and writing X.509 certificates
-
MBEDTLS_X509_ID_FLAG(id)
Build flag from an algorithm/curve identifier (pk, md, ecp) Since 0 is always XXX_NONE, ignore it.
-
MBEDTLS_X509_CRT_VERSION_1
-
MBEDTLS_X509_CRT_VERSION_2
-
MBEDTLS_X509_CRT_VERSION_3
-
MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN
-
MBEDTLS_X509_RFC5280_UTC_TIME_LEN
-
MBEDTLS_X509_MAX_FILE_PATH_LEN
-
MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE
Max size of verification chain: end-entity + intermediates + trusted root
-
typedef struct mbedtls_x509_crt mbedtls_x509_crt
Container for an X.509 certificate. The certificate may be chained.
-
typedef struct mbedtls_x509_san_other_name mbedtls_x509_san_other_name
From RFC 5280 section 4.2.1.6: OtherName ::= SEQUENCE { type-id OBJECT IDENTIFIER, value [0] EXPLICIT ANY DEFINED BY type-id }
-
typedef struct mbedtls_x509_subject_alternative_name mbedtls_x509_subject_alternative_name
A structure for holding the parsed Subject Alternative Name, according to type
-
typedef struct mbedtls_x509_crt_profile mbedtls_x509_crt_profile
Security profile for certificate verification.
All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().
-
typedef struct mbedtls_x509write_cert mbedtls_x509write_cert
Container for writing a certificate (CRT)
-
typedef int (*mbedtls_x509_crt_ext_cb_t)(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid, int critical, const unsigned char *p, const unsigned char *end)
The type of certificate extension callbacks.
Callbacks of this type are passed to and used by the mbedtls_x509_crt_parse_der_with_ext_cb() routine when it encounters either an unsupported extension or a "certificate policies" extension containing any unsupported certificate policies. Future versions of the library may invoke the callback in other cases, if and when the need arises.
Note
The callback must fail and return a negative error code if it can not parse or does not support the extension. When the callback fails to parse a critical extension mbedtls_x509_crt_parse_der_with_ext_cb() also fails. When the callback fails to parse a non critical extension mbedtls_x509_crt_parse_der_with_ext_cb() simply skips the extension and continues parsing.
- Param p_ctx
An opaque context passed to the callback.
- Param crt
The certificate being parsed.
- Param oid
The OID of the extension.
- Param critical
Whether the extension is critical.
- Param p
Pointer to the start of the extension value (the content of the OCTET STRING).
- Param end
End of extension value.
- Return
0
on success.- Return
A negative error code on failure.
-
typedef int (*mbedtls_x509_crt_ca_cb_t)(void *p_ctx, mbedtls_x509_crt const *child, mbedtls_x509_crt **candidate_cas)
The type of trusted certificate callbacks.
Callbacks of this type are passed to and used by the CRT verification routine mbedtls_x509_crt_verify_with_ca_cb() when looking for trusted signers of a given certificate. On success, the callback returns a list of trusted certificates to be considered as potential signers for the input certificate.
Note
The callback must only return a non-zero value on a fatal error. If, in contrast, the search for a potential signer completes without a single candidate, the callback must return
0
and set*candidate_cas
toNULL
.- Param p_ctx
An opaque context passed to the callback.
- Param child
The certificate for which to search a potential signer. This will point to a readable certificate.
- Param candidate_cas
The address at which to store the address of the first entry in the generated linked list of candidate signers. This will not be
NULL
.- Return
0
on success. In this case,*candidate_cas
points to a heap-allocated linked list of instances of mbedtls_x509_crt, and ownership of this list is passed to the caller.- Return
A negative error code on failure.
-
const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default
Default security profile. Should provide a good balance between security and compatibility with current deployments.
This profile permits:
SHA2 hashes.
All supported elliptic curves.
RSA with 2048 bits and above.
New minor versions of Mbed TLS may extend this profile, for example if new curves are added to the library. New minor versions of Mbed TLS will not reduce this profile unless serious security concerns require it.
-
const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next
Expected next default profile. Recommended for new deployments. Currently targets a 128-bit security level, except for allowing RSA-2048.
-
const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb
NSA Suite B profile.
-
int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse a single DER formatted certificate and add it to the end of the provided chained list.
Note
If MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto subsystem must have been initialized by calling psa_crypto_init() before calling this function.
Note
This function makes an internal copy of the CRT buffer
buf
. In particular,buf
may be destroyed or reused after this call returns. To avoid duplicating the CRT buffer (at the cost of stricter lifetime constraints), use mbedtls_x509_crt_parse_der_nocopy() instead.- Parameters
chain – The pointer to the start of the CRT chain to attach to. When parsing the first CRT in a chain, this should point to an instance of mbedtls_x509_crt initialized through mbedtls_x509_crt_init().
buf – The buffer holding the DER encoded certificate.
buflen – The size in Bytes of
buf
.
- Returns
0
if successful.- Returns
A negative error code on failure.
-
int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen, int make_copy, mbedtls_x509_crt_ext_cb_t cb, void *p_ctx)
Parse a single DER formatted certificate and add it to the end of the provided chained list.
Note
If MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto subsystem must have been initialized by calling psa_crypto_init() before calling this function.
Note
This call is functionally equivalent to mbedtls_x509_crt_parse_der(), and/or mbedtls_x509_crt_parse_der_nocopy() but it calls the callback with every unsupported certificate extension and additionally the “certificate policies” extension if it contains any unsupported certificate policies. The callback must return a negative error code if it does not know how to handle such an extension. When the callback fails to parse a critical extension mbedtls_x509_crt_parse_der_with_ext_cb() also fails. When the callback fails to parse a non critical extension mbedtls_x509_crt_parse_der_with_ext_cb() simply skips the extension and continues parsing. Future versions of the library may invoke the callback in other cases, if and when the need arises.
- Parameters
chain – The pointer to the start of the CRT chain to attach to. When parsing the first CRT in a chain, this should point to an instance of mbedtls_x509_crt initialized through mbedtls_x509_crt_init().
buf – The buffer holding the DER encoded certificate.
buflen – The size in Bytes of
buf
.make_copy – When not zero this function makes an internal copy of the CRT buffer
buf
. In particular,buf
may be destroyed or reused after this call returns. When zero this function avoids duplicating the CRT buffer by taking temporary ownership thereof until the CRT is destroyed (like mbedtls_x509_crt_parse_der_nocopy())cb – A callback invoked for every unsupported certificate extension.
p_ctx – An opaque context passed to the callback.
- Returns
0
if successful.- Returns
A negative error code on failure.
-
int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse a single DER formatted certificate and add it to the end of the provided chained list. This is a variant of mbedtls_x509_crt_parse_der() which takes temporary ownership of the CRT buffer until the CRT is destroyed.
Note
If MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto subsystem must have been initialized by calling psa_crypto_init() before calling this function.
Note
This call is functionally equivalent to mbedtls_x509_crt_parse_der(), but it avoids creating a copy of the input buffer at the cost of stronger lifetime constraints. This is useful in constrained environments where duplication of the CRT cannot be tolerated.
- Parameters
chain – The pointer to the start of the CRT chain to attach to. When parsing the first CRT in a chain, this should point to an instance of mbedtls_x509_crt initialized through mbedtls_x509_crt_init().
buf – The address of the readable buffer holding the DER encoded certificate to use. On success, this buffer must be retained and not be changed for the liftetime of the CRT chain
chain
, that is, untilchain
is destroyed through a call to mbedtls_x509_crt_free().buflen – The size in Bytes of
buf
.
- Returns
0
if successful.- Returns
A negative error code on failure.
-
int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse one DER-encoded or one or more concatenated PEM-encoded certificates and add them to the chained list.
For CRTs in PEM encoding, the function parses permissively: if at least one certificate can be parsed, the function returns the number of certificates for which parsing failed (hence
0
if all certificates were parsed successfully). If no certificate could be parsed, the function returns the first (negative) error encountered during parsing.PEM encoded certificates may be interleaved by other data such as human readable descriptions of their content, as long as the certificates are enclosed in the PEM specific ‘–—{BEGIN/END} CERTIFICATE–—’ delimiters.
Note
If MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto subsystem must have been initialized by calling psa_crypto_init() before calling this function.
- Parameters
chain – The chain to which to add the parsed certificates.
buf – The buffer holding the certificate data in PEM or DER format. For certificates in PEM encoding, this may be a concatenation of multiple certificates; for DER encoding, the buffer must comprise exactly one certificate.
buflen – The size of
buf
, including the terminatingNULL
byte in case of PEM encoded data.
- Returns
0
if all certificates were parsed successfully.- Returns
The (positive) number of certificates that couldn’t be parsed if parsing was partly successful (see above).
- Returns
A negative X509 or PEM error code otherwise.
-
int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path)
Load one or more certificates and add them to the chained list. Parses permissively. If some certificates can be parsed, the result is the number of failed certificates it encountered. If none complete correctly, the first error is returned.
Note
If MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto subsystem must have been initialized by calling psa_crypto_init() before calling this function.
- Parameters
chain – points to the start of the chain
path – filename to read the certificates from
- Returns
0 if all certificates parsed successfully, a positive number if partly successful or a specific X509 or PEM error code
-
int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path)
Load one or more certificate files from a path and add them to the chained list. Parses permissively. If some certificates can be parsed, the result is the number of failed certificates it encountered. If none complete correctly, the first error is returned.
- Parameters
chain – points to the start of the chain
path – directory / folder to read the certificate files from
- Returns
0 if all certificates parsed successfully, a positive number if partly successful or a specific X509 or PEM error code
-
int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, mbedtls_x509_subject_alternative_name *san)
This function parses an item in the SubjectAlternativeNames extension.
Note
Only “dnsName” and “otherName” of type hardware_module_name as defined in RFC 4180 is supported.
Note
This function should be called on a single raw data of subject alternative name. For example, after successful certificate parsing, one must iterate on every item in the
crt->subject_alt_names
sequence, and pass it to this function.Warning
The target structure contains pointers to the raw data of the parsed certificate, and its lifetime is restricted by the lifetime of the certificate.
- Parameters
san_buf – The buffer holding the raw data item of the subject alternative name.
san – The target structure to populate with the parsed presentation of the subject alternative name encoded in
san_buf
.
- Returns
0
on success- Returns
MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE for an unsupported SAN type.
- Returns
Another negative value for any other failure.
-
int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix, const mbedtls_x509_crt *crt)
Returns an informational string about the certificate.
- Parameters
buf – Buffer to write to
size – Maximum size of buffer
prefix – A line prefix
crt – The X509 certificate to represent
- Returns
The length of the string written (not including the terminated nul byte), or a negative error code.
-
int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix, uint32_t flags)
Returns an informational string about the verification status of a certificate.
- Parameters
buf – Buffer to write to
size – Maximum size of buffer
prefix – A line prefix
flags – Verification flags created by mbedtls_x509_crt_verify()
- Returns
The length of the string written (not including the terminated nul byte), or a negative error code.
-
int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt, mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl, const char *cn, uint32_t *flags, int (*f_vrfy)(void*, mbedtls_x509_crt*, int, uint32_t*), void *p_vrfy)
Verify a chain of certificates.
The verify callback is a user-supplied callback that can clear / modify / add flags for a certificate. If set, the verification callback is called for each certificate in the chain (from the trust-ca down to the presented crt). The parameters for the callback are: (void *parameter, mbedtls_x509_crt *crt, int certificate_depth, int *flags). With the flags representing current flags for that specific certificate and the certificate depth from the bottom (Peer cert depth = 0). All flags left after returning from the callback are also returned to the application. The function should return 0 for anything (including invalid certificates) other than fatal error, as a non-zero return code immediately aborts the verification process. For fatal errors, a specific error code should be used (different from MBEDTLS_ERR_X509_CERT_VERIFY_FAILED which should not be returned at this point), or MBEDTLS_ERR_X509_FATAL_ERROR can be used if no better code is available.
Note
In case verification failed, the results can be displayed using
mbedtls_x509_crt_verify_info()
Note
Same as
mbedtls_x509_crt_verify_with_profile()
with the default security profile.Note
It is your responsibility to provide up-to-date CRLs for all trusted CAs. If no CRL is provided for the CA that was used to sign the certificate, CRL verification is skipped silently, that is without setting any flag.
Note
The
trust_ca
list can contain two types of certificates: (1) those of trusted root CAs, so that certificates chaining up to those CAs will be trusted, and (2) self-signed end-entity certificates to be trusted (for specific peers you know) - in that case, the self-signed certificate doesn’t need to have the CA bit set.- Parameters
crt – The certificate chain to be verified.
trust_ca – The list of trusted CAs.
ca_crl – The list of CRLs for trusted CAs.
cn – The expected Common Name. This will be checked to be present in the certificate’s subjectAltNames extension or, if this extension is absent, as a CN component in its Subject name. Currently only DNS names are supported. This may be
NULL
if the CN need not be verified.flags – The address at which to store the result of the verification. If the verification couldn’t be completed, the flag value is set to (uint32_t) -1.
f_vrfy – The verification callback to use. See the documentation of mbedtls_x509_crt_verify() for more information.
p_vrfy – The context to be passed to
f_vrfy
.
- Returns
0
if the chain is valid with respect to the passed CN, CAs, CRLs and security profile.- Returns
MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the certificate chain verification failed. In this case,
*flags
will have one or moreMBEDTLS_X509_BADCERT_XXX
orMBEDTLS_X509_BADCRL_XXX
flags set.- Returns
Another negative error code in case of a fatal error encountered during the verification process.
-
int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt, mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl, const mbedtls_x509_crt_profile *profile, const char *cn, uint32_t *flags, int (*f_vrfy)(void*, mbedtls_x509_crt*, int, uint32_t*), void *p_vrfy)
Verify a chain of certificates with respect to a configurable security profile.
Note
Same as
mbedtls_x509_crt_verify()
, but with explicit security profile.Note
The restrictions on keys (RSA minimum size, allowed curves for ECDSA) apply to all certificates: trusted root, intermediate CAs if any, and end entity certificate.
- Parameters
crt – The certificate chain to be verified.
trust_ca – The list of trusted CAs.
ca_crl – The list of CRLs for trusted CAs.
profile – The security profile to use for the verification.
cn – The expected Common Name. This may be
NULL
if the CN need not be verified.flags – The address at which to store the result of the verification. If the verification couldn’t be completed, the flag value is set to (uint32_t) -1.
f_vrfy – The verification callback to use. See the documentation of mbedtls_x509_crt_verify() for more information.
p_vrfy – The context to be passed to
f_vrfy
.
- Returns
0
if the chain is valid with respect to the passed CN, CAs, CRLs and security profile.- Returns
MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in case the certificate chain verification failed. In this case,
*flags
will have one or moreMBEDTLS_X509_BADCERT_XXX
orMBEDTLS_X509_BADCRL_XXX
flags set.- Returns
Another negative error code in case of a fatal error encountered during the verification process.
-
int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt, mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl, const mbedtls_x509_crt_profile *profile, const char *cn, uint32_t *flags, int (*f_vrfy)(void*, mbedtls_x509_crt*, int, uint32_t*), void *p_vrfy, mbedtls_x509_crt_restart_ctx *rs_ctx)
Restartable version of
mbedtls_crt_verify_with_profile()
Note
Performs the same job as
mbedtls_crt_verify_with_profile()
but can return early and restart according to the limit set withmbedtls_ecp_set_max_ops()
to reduce blocking.- Parameters
crt – The certificate chain to be verified.
trust_ca – The list of trusted CAs.
ca_crl – The list of CRLs for trusted CAs.
profile – The security profile to use for the verification.
cn – The expected Common Name. This may be
NULL
if the CN need not be verified.flags – The address at which to store the result of the verification. If the verification couldn’t be completed, the flag value is set to (uint32_t) -1.
f_vrfy – The verification callback to use. See the documentation of mbedtls_x509_crt_verify() for more information.
p_vrfy – The context to be passed to
f_vrfy
.rs_ctx – The restart context to use. This may be set to
NULL
to disable restartable ECC.
- Returns
See
mbedtls_crt_verify_with_profile()
, or- Returns
MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of operations was reached: see
mbedtls_ecp_set_max_ops()
.
-
int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt, mbedtls_x509_crt_ca_cb_t f_ca_cb, void *p_ca_cb, const mbedtls_x509_crt_profile *profile, const char *cn, uint32_t *flags, int (*f_vrfy)(void*, mbedtls_x509_crt*, int, uint32_t*), void *p_vrfy)
Version of
mbedtls_x509_crt_verify_with_profile()
which uses a callback to acquire the list of trusted CA certificates.- Parameters
crt – The certificate chain to be verified.
f_ca_cb – The callback to be used to query for potential signers of a given child certificate. See the documentation of mbedtls_x509_crt_ca_cb_t for more information.
p_ca_cb – The opaque context to be passed to
f_ca_cb
.profile – The security profile for the verification.
cn – The expected Common Name. This may be
NULL
if the CN need not be verified.flags – The address at which to store the result of the verification. If the verification couldn’t be completed, the flag value is set to (uint32_t) -1.
f_vrfy – The verification callback to use. See the documentation of mbedtls_x509_crt_verify() for more information.
p_vrfy – The context to be passed to
f_vrfy
.
- Returns
See
mbedtls_crt_verify_with_profile()
.
-
int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt, unsigned int usage)
Check usage of certificate against keyUsage extension.
Note
Except for decipherOnly and encipherOnly, a bit set in the usage argument means this bit MUST be set in the certificate. For decipherOnly and encipherOnly, it means that bit MAY be set.
Note
You should only call this function on leaf certificates, on (intermediate) CAs the keyUsage extension is automatically checked by
mbedtls_x509_crt_verify()
.- Parameters
crt – Leaf certificate used.
usage – Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT before using the certificate to perform an RSA key exchange).
- Returns
0 is these uses of the certificate are allowed, MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension is present but does not match the usage argument.
-
int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt, const char *usage_oid, size_t usage_len)
Check usage of certificate against extendedKeyUsage.
Note
Usually only makes sense on leaf certificates.
- Parameters
crt – Leaf certificate used.
usage_oid – Intended usage (eg MBEDTLS_OID_SERVER_AUTH or MBEDTLS_OID_CLIENT_AUTH).
usage_len – Length of usage_oid (eg given by MBEDTLS_OID_SIZE()).
- Returns
0 if this use of the certificate is allowed, MBEDTLS_ERR_X509_BAD_INPUT_DATA if not.
-
int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl)
Verify the certificate revocation status.
- Parameters
crt – a certificate to be verified
crl – the CRL to verify against
- Returns
1 if the certificate is revoked, 0 otherwise
-
void mbedtls_x509_crt_init(mbedtls_x509_crt *crt)
Initialize a certificate (chain)
- Parameters
crt – Certificate chain to initialize
-
void mbedtls_x509_crt_free(mbedtls_x509_crt *crt)
Unallocate all certificate data.
- Parameters
crt – Certificate chain to free
-
void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx)
Initialize a restart context.
-
void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx)
Free the components of a restart context.
Functions
-
void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx)
Initialize a CRT writing context.
- Parameters
ctx – CRT context to initialize
-
void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, int version)
Set the version for a Certificate Default: MBEDTLS_X509_CRT_VERSION_3.
- Parameters
ctx – CRT context to use
version – version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or MBEDTLS_X509_CRT_VERSION_3)
-
int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial)
Set the serial number for a Certificate.
- Parameters
ctx – CRT context to use
serial – serial number to set
- Returns
0 if successful
-
int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char *not_before, const char *not_after)
Set the validity period for a Certificate Timestamps should be in string format for UTC timezone i.e. “YYYYMMDDhhmmss” e.g. “20131231235959” for December 31st 2013 at 23:59:59.
- Parameters
ctx – CRT context to use
not_before – not_before timestamp
not_after – not_after timestamp
- Returns
0 if timestamp was parsed successfully, or a specific error code
-
int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx, const char *issuer_name)
Set the issuer name for a Certificate Issuer names should contain a comma-separated list of OID types and values: e.g. “C=UK,O=ARM,CN=Mbed TLS CA”.
- Parameters
ctx – CRT context to use
issuer_name – issuer name to set
- Returns
0 if issuer name was parsed successfully, or a specific error code
-
int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx, const char *subject_name)
Set the subject name for a Certificate Subject names should contain a comma-separated list of OID types and values: e.g. “C=UK,O=ARM,CN=Mbed TLS Server 1”.
- Parameters
ctx – CRT context to use
subject_name – subject name to set
- Returns
0 if subject name was parsed successfully, or a specific error code
-
void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key)
Set the subject public key for the certificate.
- Parameters
ctx – CRT context to use
key – public key to include
-
void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key)
Set the issuer key used for signing the certificate.
- Parameters
ctx – CRT context to use
key – private key to sign with
-
void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg)
Set the MD algorithm to use for the signature (e.g. MBEDTLS_MD_SHA1)
- Parameters
ctx – CRT context to use
md_alg – MD algorithm to use
-
int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len)
Generic function to add to or replace an extension in the CRT.
- Parameters
ctx – CRT context to use
oid – OID of the extension
oid_len – length of the OID
critical – if the extension is critical (per the RFC’s definition)
val – value of the extension OCTET STRING
val_len – length of the value data
- Returns
0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
-
int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx, int is_ca, int max_pathlen)
Set the basicConstraints extension for a CRT.
- Parameters
ctx – CRT context to use
is_ca – is this a CA certificate
max_pathlen – maximum length of certificate chains below this certificate (only for CA certificates, -1 is unlimited)
- Returns
0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
-
int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx)
Set the subjectKeyIdentifier extension for a CRT Requires that mbedtls_x509write_crt_set_subject_key() has been called before.
- Parameters
ctx – CRT context to use
- Returns
0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
-
int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx)
Set the authorityKeyIdentifier extension for a CRT Requires that mbedtls_x509write_crt_set_issuer_key() has been called before.
- Parameters
ctx – CRT context to use
- Returns
0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
-
int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx, unsigned int key_usage)
Set the Key Usage Extension flags (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)
- Parameters
ctx – CRT context to use
key_usage – key usage flags to set
- Returns
0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
-
int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx, unsigned char ns_cert_type)
Set the Netscape Cert Type flags (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)
- Parameters
ctx – CRT context to use
ns_cert_type – Netscape Cert Type flags to set
- Returns
0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
-
void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx)
Free the contents of a CRT write context.
- Parameters
ctx – CRT context to free
-
int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int (*f_rng)(void*, unsigned char*, size_t), void *p_rng)
Write a built up certificate to a X509 DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.
Note
f_rng may be NULL if RSA is used for signature and the signature is made offline (otherwise f_rng is desirable for countermeasures against timing attacks). ECDSA signatures always require a non-NULL f_rng.
- Parameters
ctx – certificate to write away
buf – buffer to write to
size – size of the buffer
f_rng – RNG function (for signature, see note)
p_rng – RNG parameter
- Returns
length of data written if successful, or a specific error code
-
int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int (*f_rng)(void*, unsigned char*, size_t), void *p_rng)
Write a built up certificate to a X509 PEM string.
Note
f_rng may be NULL if RSA is used for signature and the signature is made offline (otherwise f_rng is desirable for countermeasures against timing attacks). ECDSA signatures always require a non-NULL f_rng.
- Parameters
ctx – certificate to write away
buf – buffer to write to
size – size of the buffer
f_rng – RNG function (for signature, see note)
p_rng – RNG parameter
- Returns
0 if successful, or a specific error code
-
struct mbedtls_x509_crt
- #include <x509_crt.h>
Container for an X.509 certificate. The certificate may be chained.
Public Members
-
int own_buffer
Indicates if
raw
is owned by the structure or not.
-
mbedtls_x509_buf raw
The raw certificate data (DER).
-
mbedtls_x509_buf tbs
The raw certificate body (DER). The part that is To Be Signed.
-
int version
The X.509 version. (1=v1, 2=v2, 3=v3)
-
mbedtls_x509_buf serial
Unique id for certificate issued by a specific CA.
-
mbedtls_x509_buf sig_oid
Signature algorithm, e.g. sha1RSA
-
mbedtls_x509_buf issuer_raw
The raw issuer data (DER). Used for quick comparison.
-
mbedtls_x509_buf subject_raw
The raw subject data (DER). Used for quick comparison.
-
mbedtls_x509_name issuer
The parsed issuer data (named information object).
-
mbedtls_x509_name subject
The parsed subject data (named information object).
-
mbedtls_x509_time valid_from
Start time of certificate validity.
-
mbedtls_x509_time valid_to
End time of certificate validity.
-
mbedtls_x509_buf pk_raw
-
mbedtls_pk_context pk
Container for the public key context.
-
mbedtls_x509_buf issuer_id
Optional X.509 v2/v3 issuer unique identifier.
-
mbedtls_x509_buf subject_id
Optional X.509 v2/v3 subject unique identifier.
-
mbedtls_x509_buf v3_ext
Optional X.509 v3 extensions.
-
mbedtls_x509_sequence subject_alt_names
Optional list of raw entries of Subject Alternative Names extension (currently only dNSName and OtherName are listed).
-
mbedtls_x509_sequence certificate_policies
Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed).
-
int ext_types
Bit string containing detected and parsed extensions
-
int ca_istrue
Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.
-
int max_pathlen
Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 ‘meaning’, so 1+
-
unsigned int key_usage
Optional key usage extension value: See the values in x509.h
-
mbedtls_x509_sequence ext_key_usage
Optional list of extended key usage OIDs.
-
unsigned char ns_cert_type
Optional Netscape certificate type extension value: See the values in x509.h
-
mbedtls_x509_buf sig
Signature: hash of the tbs part signed with the private key.
-
mbedtls_md_type_t sig_md
Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256
-
mbedtls_pk_type_t sig_pk
Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA
-
void *sig_opts
Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS
-
struct mbedtls_x509_crt *next
Next certificate in the CA-chain.
-
int own_buffer
-
struct mbedtls_x509_san_other_name
- #include <x509_crt.h>
From RFC 5280 section 4.2.1.6: OtherName ::= SEQUENCE { type-id OBJECT IDENTIFIER, value [0] EXPLICIT ANY DEFINED BY type-id }
Public Members
-
mbedtls_x509_buf type_id
The type_id is an OID as defined in RFC 5280. To check the value of the type id, you should use
MBEDTLS_OID_CMP
with a known OID mbedtls_x509_buf. The type id.
-
mbedtls_x509_buf oid
The object identifier.
-
mbedtls_x509_buf val
The named value.
-
struct mbedtls_x509_san_other_name::[anonymous]::[anonymous] hardware_module_name
From RFC 4108 section 5: HardwareModuleName ::= SEQUENCE { hwType OBJECT IDENTIFIER, hwSerialNum OCTET STRING }
-
union mbedtls_x509_san_other_name::[anonymous] value
-
mbedtls_x509_buf type_id
-
struct mbedtls_x509_subject_alternative_name
- #include <x509_crt.h>
A structure for holding the parsed Subject Alternative Name, according to type
Public Members
-
int type
The SAN type, value of MBEDTLS_X509_SAN_XXX.
-
mbedtls_x509_san_other_name other_name
The otherName supported type.
-
mbedtls_x509_buf unstructured_name
The buffer for the un constructed types. Only dnsName currently supported
-
union mbedtls_x509_subject_alternative_name::[anonymous] san
A union of the supported SAN types
-
int type
-
struct mbedtls_x509_crt_profile
- #include <x509_crt.h>
Security profile for certificate verification.
All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().
-
struct mbedtls_x509write_cert
- #include <x509_crt.h>
Container for writing a certificate (CRT)
Public Members
-
int version
-
mbedtls_mpi serial
-
mbedtls_pk_context *subject_key
-
mbedtls_pk_context *issuer_key
-
mbedtls_asn1_named_data *subject
-
mbedtls_asn1_named_data *issuer
-
mbedtls_md_type_t md_alg
-
char not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]
-
char not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]
-
mbedtls_asn1_named_data *extensions
-
int version
-
struct mbedtls_x509_crt_verify_chain_item
- #include <x509_crt.h>
Item in a verification chain: cert and flags for it
-
struct mbedtls_x509_crt_verify_chain
- #include <x509_crt.h>
Verification chain as built by
mbedtls_crt_verify_chain()
Public Members
-
mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]
-
unsigned len
-
mbedtls_x509_crt *trust_ca_cb_result
-
mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]
-
struct mbedtls_x509_crt_restart_ctx
- #include <x509_crt.h>
Context for resuming X.509 verify operations.
Public Types
Public Members
-
mbedtls_x509_crt *parent
-
mbedtls_x509_crt *fallback_parent
-
int fallback_signature_is_good
-
int parent_is_trusted
-
enum mbedtls_x509_crt_restart_ctx::[anonymous] in_progress
-
int self_cnt
-
mbedtls_x509_crt_verify_chain ver_chain
-
mbedtls_x509_crt *parent