Certificates
Certificate APIs. More...
Functions |
|
gos_result_t | gos_atca_write_cert (const atcacert_def_t *cert_def, const void *buffer, uint32_t length) |
gos_result_t | gos_atca_read_cert (const atcacert_def_t *cert_def, const uint8_t *public_key, gos_buffer_t *buffer) |
gos_result_t | gos_atca_verify_cert (const atcacert_def_t *cert_def, const uint8_t *public_key, const void *buffer, uint32_t length) |
gos_result_t | gos_atca_get_cert_public_key (const atcacert_def_t *cert_def, const void *buffer, uint32_t length, uint8_t *public_key) |
gos_result_t | gos_atca_generate_csr (const atcacert_def_t *cert_def, gos_buffer_t *buffer) |
Detailed Description
Certificate APIs.
Function Documentation
◆ gos_atca_generate_csr()
gos_result_t gos_atca_generate_csr | ( | const atcacert_def_t * |
cert_def,
|
gos_buffer_t * |
buffer
|
||
) |
Creates a CSR specified by the CSR definition from the SE. This process involves reading the dynamic CSR data from the SE and combining it with the template found in the CSR definition, then signing it. Return the CSR int der format
- Parameters
-
[in] cert_def
CSR definition describing where to find the dynamic CSR information on the SE and how to incorporate it into the template [in,out] buffer
gos_buffer_t to receive the certificate. The data
field should contain a buffer to hold the cert and thesize
field should contain the size of the buffer. Upon returning, thedata
field will contain the generated cert and thesize
will contain the size of the generated cert.
- Returns
- gos_result_t result of API
- Examples:
- demo/secure_element/commands.c .
◆ gos_atca_get_cert_public_key()
gos_result_t gos_atca_get_cert_public_key | ( | const atcacert_def_t * |
cert_def,
|
const void * |
buffer,
|
||
uint32_t |
length,
|
||
uint8_t * |
public_key
|
||
) |
Gets the subject public key from a certificate
- Parameters
-
[in] cert_def
Certificate definition for the certificate [in] buffer
Certificate to get element from [in] length
Size of the certificate (cert) in bytes [out] public_key
Subject public key is returned in this buffer. Formatted at X and Y integers concatenated together. 64 bytes
- Returns
- gos_result_t result of API
- Examples:
- demo/secure_element/commands.c .
◆ gos_atca_read_cert()
gos_result_t gos_atca_read_cert | ( | const atcacert_def_t * |
cert_def,
|
const uint8_t * |
public_key,
|
||
gos_buffer_t * |
buffer
|
||
) |
Reads the certificate specified by the certificate definition from the SE
This process involves reading the dynamic cert data from the SE and combining it with the template found in the certificate definition.
- Parameters
-
[in] cert_def
Certificate definition describing where to find the dynamic certificate information on the SE and how to incorporate it into the template [in] public_key
The ECC P256 public key of the certificate authority that signed this certificate. Formatted as the 32 byte X and Y integers concatenated together (64 bytes total). Set to NULL if the authority key id is not needed, set properly in the cert_def template, or stored on the SE as specified in the cert_def cert_elements [in,out] buffer
gos_buffer_t to receive the certificate. The data
field should contain a buffer to hold the cert and thesize
field should contain the size of the buffer. Upon returning, thedata
field will contain the read cert and thesize
will contain the size of the cert.
- Returns
- gos_result_t result of API
- Examples:
- demo/secure_element/commands.c .
◆ gos_atca_verify_cert()
gos_result_t gos_atca_verify_cert | ( | const atcacert_def_t * |
cert_def,
|
const uint8_t * |
public_key,
|
||
const void * |
buffer,
|
||
uint32_t |
length
|
||
) |
Verify a certificate against its certificate authority's public key using the host's ATECC SE for crypto functions.
- Parameters
-
[in] cert_def
Certificate definition describing how to extract the TBS and signature components from the certificate specified. [in] public_key
The ECC P256 public key of the certificate authority that signed this certificate. Formatted as the 32 byte X and Y integers concatenated together (64 bytes total) [in] buffer
Certificate to verify [in] length
Size of the certificate (cert) in bytes
- Returns
- gos_result_t result of API
- Examples:
- demo/secure_element/commands.c .
◆ gos_atca_write_cert()
gos_result_t gos_atca_write_cert | ( | const atcacert_def_t * |
cert_def,
|
const void * |
buffer,
|
||
uint32_t |
length
|
||
) |
Take a full certificate and write it to the SE according to the certificate definition.
- Parameters
-
[in] cert_def
Certificate definition describing where the dynamic certificate information is and how to store it on the SE [in] buffer
Full certificate to be stored [in] length
Size of the full certificate in bytes
- Returns
- gos_result_t result of API
- Examples:
- demo/secure_element/commands.c .