Certificates
Certificate APIs. More...
Functions |
|
| gos_result_t | gos_atca_write_cert (const atcacert_def_t *cert_def, const void *buffer, uint32_t length) |
| gos_result_t | gos_atca_read_cert (const atcacert_def_t *cert_def, const uint8_t *public_key, gos_buffer_t *buffer) |
| gos_result_t | gos_atca_verify_cert (const atcacert_def_t *cert_def, const uint8_t *public_key, const void *buffer, uint32_t length) |
| gos_result_t | gos_atca_get_cert_public_key (const atcacert_def_t *cert_def, const void *buffer, uint32_t length, uint8_t *public_key) |
| gos_result_t | gos_atca_generate_csr (const atcacert_def_t *cert_def, gos_buffer_t *buffer) |
Detailed Description
Certificate APIs.
Function Documentation
◆ gos_atca_generate_csr()
| gos_result_t gos_atca_generate_csr | ( | const atcacert_def_t * |
cert_def,
|
| gos_buffer_t * |
buffer
|
||
| ) |
Creates a CSR specified by the CSR definition from the SE. This process involves reading the dynamic CSR data from the SE and combining it with the template found in the CSR definition, then signing it. Return the CSR int der format
- Parameters
-
[in] cert_defCSR definition describing where to find the dynamic CSR information on the SE and how to incorporate it into the template [in,out] buffergos_buffer_t to receive the certificate. The datafield should contain a buffer to hold the cert and thesizefield should contain the size of the buffer. Upon returning, thedatafield will contain the generated cert and thesizewill contain the size of the generated cert.
- Returns
- gos_result_t result of API
- Examples:
- demo/secure_element/commands.c .
◆ gos_atca_get_cert_public_key()
| gos_result_t gos_atca_get_cert_public_key | ( | const atcacert_def_t * |
cert_def,
|
| const void * |
buffer,
|
||
| uint32_t |
length,
|
||
| uint8_t * |
public_key
|
||
| ) |
Gets the subject public key from a certificate
- Parameters
-
[in] cert_defCertificate definition for the certificate [in] bufferCertificate to get element from [in] lengthSize of the certificate (cert) in bytes [out] public_keySubject public key is returned in this buffer. Formatted at X and Y integers concatenated together. 64 bytes
- Returns
- gos_result_t result of API
- Examples:
- demo/secure_element/commands.c .
◆ gos_atca_read_cert()
| gos_result_t gos_atca_read_cert | ( | const atcacert_def_t * |
cert_def,
|
| const uint8_t * |
public_key,
|
||
| gos_buffer_t * |
buffer
|
||
| ) |
Reads the certificate specified by the certificate definition from the SE
This process involves reading the dynamic cert data from the SE and combining it with the template found in the certificate definition.
- Parameters
-
[in] cert_defCertificate definition describing where to find the dynamic certificate information on the SE and how to incorporate it into the template [in] public_keyThe ECC P256 public key of the certificate authority that signed this certificate. Formatted as the 32 byte X and Y integers concatenated together (64 bytes total). Set to NULL if the authority key id is not needed, set properly in the cert_def template, or stored on the SE as specified in the cert_def cert_elements [in,out] buffergos_buffer_t to receive the certificate. The datafield should contain a buffer to hold the cert and thesizefield should contain the size of the buffer. Upon returning, thedatafield will contain the read cert and thesizewill contain the size of the cert.
- Returns
- gos_result_t result of API
- Examples:
- demo/secure_element/commands.c .
◆ gos_atca_verify_cert()
| gos_result_t gos_atca_verify_cert | ( | const atcacert_def_t * |
cert_def,
|
| const uint8_t * |
public_key,
|
||
| const void * |
buffer,
|
||
| uint32_t |
length
|
||
| ) |
Verify a certificate against its certificate authority's public key using the host's ATECC SE for crypto functions.
- Parameters
-
[in] cert_defCertificate definition describing how to extract the TBS and signature components from the certificate specified. [in] public_keyThe ECC P256 public key of the certificate authority that signed this certificate. Formatted as the 32 byte X and Y integers concatenated together (64 bytes total) [in] bufferCertificate to verify [in] lengthSize of the certificate (cert) in bytes
- Returns
- gos_result_t result of API
- Examples:
- demo/secure_element/commands.c .
◆ gos_atca_write_cert()
| gos_result_t gos_atca_write_cert | ( | const atcacert_def_t * |
cert_def,
|
| const void * |
buffer,
|
||
| uint32_t |
length
|
||
| ) |
Take a full certificate and write it to the SE according to the certificate definition.
- Parameters
-
[in] cert_defCertificate definition describing where the dynamic certificate information is and how to store it on the SE [in] bufferFull certificate to be stored [in] lengthSize of the full certificate in bytes
- Returns
- gos_result_t result of API
- Examples:
- demo/secure_element/commands.c .