mbedtls_x509_crt Struct Reference
Container for an X.509 certificate.
#include <x509_crt.h>
Public Member Functions |
|
| int | MBEDTLS_PRIVATE (own_buffer) |
Indicates if
raw
is owned by the structure or not.
|
|
| int | MBEDTLS_PRIVATE (ext_types) |
|
Bit string containing detected and parsed extensions.
|
|
| int | MBEDTLS_PRIVATE (ca_istrue) |
|
Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.
|
|
| int | MBEDTLS_PRIVATE (max_pathlen) |
|
Optional Basic Constraint extension value: The maximum path length to the root certificate.
|
|
| unsigned int | MBEDTLS_PRIVATE (key_usage) |
|
Optional key usage extension value: See the values in x509.h.
|
|
| unsigned char | MBEDTLS_PRIVATE (ns_cert_type) |
|
Optional Netscape certificate type extension value: See the values in x509.h.
|
|
| mbedtls_x509_buf | MBEDTLS_PRIVATE (sig) |
|
Signature: hash of the tbs part signed with the private key.
|
|
| mbedtls_md_type_t | MBEDTLS_PRIVATE (sig_md) |
|
Internal representation of the MD algorithm of the signature algorithm, e.g.
|
|
| mbedtls_pk_type_t | MBEDTLS_PRIVATE (sig_pk) |
|
Internal representation of the Public Key algorithm of the signature algorithm, e.g.
|
|
| void * | MBEDTLS_PRIVATE (sig_opts) |
|
Signature options to be passed to mbedtls_pk_verify_ext(), e.g.
|
|
Data Fields |
|
| mbedtls_x509_buf | raw |
|
The raw certificate data (DER).
|
|
| mbedtls_x509_buf | tbs |
|
The raw certificate body (DER).
|
|
| int | version |
|
The X.509 version.
|
|
| mbedtls_x509_buf | serial |
|
Unique id for certificate issued by a specific CA.
|
|
| mbedtls_x509_buf | sig_oid |
|
Signature algorithm, e.g.
|
|
| mbedtls_x509_buf | issuer_raw |
|
The raw issuer data (DER).
|
|
| mbedtls_x509_buf | subject_raw |
|
The raw subject data (DER).
|
|
| mbedtls_x509_name | issuer |
|
The parsed issuer data (named information object).
|
|
| mbedtls_x509_name | subject |
|
The parsed subject data (named information object).
|
|
| mbedtls_x509_time | valid_from |
|
Start time of certificate validity.
|
|
| mbedtls_x509_time | valid_to |
|
End time of certificate validity.
|
|
| mbedtls_x509_buf | pk_raw |
| mbedtls_pk_context | pk |
|
Container for the public key context.
|
|
| mbedtls_x509_buf | issuer_id |
|
Optional X.509 v2/v3 issuer unique identifier.
|
|
| mbedtls_x509_buf | subject_id |
|
Optional X.509 v2/v3 subject unique identifier.
|
|
| mbedtls_x509_buf | v3_ext |
|
Optional X.509 v3 extensions.
|
|
| mbedtls_x509_sequence | subject_alt_names |
|
Optional list of raw entries of Subject Alternative Names extension (currently only dNSName and OtherName are listed).
|
|
| mbedtls_x509_sequence | certificate_policies |
|
Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed).
|
|
| mbedtls_x509_sequence | ext_key_usage |
|
Optional list of extended key usage OIDs.
|
|
| struct mbedtls_x509_crt * | next |
|
Next certificate in the linked list that constitutes the CA chain.
|
|
Container for an X.509 certificate.
The certificate may be chained.
Some fields of this structure are publicly readable. Do not modify them except via Mbed TLS library functions: the effect of modifying those fields or the data that those fields points to is unspecified.
Member Function Documentation
◆ MBEDTLS_PRIVATE() [1/10]
| int mbedtls_x509_crt::MBEDTLS_PRIVATE | ( | own_buffer |
|
) |
Indicates if
raw
is owned by the structure or not.
◆ MBEDTLS_PRIVATE() [2/10]
| int mbedtls_x509_crt::MBEDTLS_PRIVATE | ( | ext_types |
|
) |
Bit string containing detected and parsed extensions.
◆ MBEDTLS_PRIVATE() [3/10]
| int mbedtls_x509_crt::MBEDTLS_PRIVATE | ( | ca_istrue |
|
) |
Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.
◆ MBEDTLS_PRIVATE() [4/10]
| int mbedtls_x509_crt::MBEDTLS_PRIVATE | ( | max_pathlen |
|
) |
Optional Basic Constraint extension value: The maximum path length to the root certificate.
Path length is 1 higher than RFC 5280 'meaning', so 1+
◆ MBEDTLS_PRIVATE() [5/10]
| unsigned int mbedtls_x509_crt::MBEDTLS_PRIVATE | ( | key_usage |
|
) |
Optional key usage extension value: See the values in x509.h.
◆ MBEDTLS_PRIVATE() [6/10]
| unsigned char mbedtls_x509_crt::MBEDTLS_PRIVATE | ( | ns_cert_type |
|
) |
Optional Netscape certificate type extension value: See the values in x509.h.
◆ MBEDTLS_PRIVATE() [7/10]
| mbedtls_x509_buf mbedtls_x509_crt::MBEDTLS_PRIVATE | ( | sig |
|
) |
Signature: hash of the tbs part signed with the private key.
◆ MBEDTLS_PRIVATE() [8/10]
| mbedtls_md_type_t mbedtls_x509_crt::MBEDTLS_PRIVATE | ( | sig_md |
|
) |
Internal representation of the MD algorithm of the signature algorithm, e.g.
MBEDTLS_MD_SHA256
◆ MBEDTLS_PRIVATE() [9/10]
| mbedtls_pk_type_t mbedtls_x509_crt::MBEDTLS_PRIVATE | ( | sig_pk |
|
) |
Internal representation of the Public Key algorithm of the signature algorithm, e.g.
MBEDTLS_PK_RSA
◆ MBEDTLS_PRIVATE() [10/10]
| void* mbedtls_x509_crt::MBEDTLS_PRIVATE | ( | sig_opts |
|
) |
Signature options to be passed to mbedtls_pk_verify_ext(), e.g.
for RSASSA-PSS
Field Documentation
◆ raw
| mbedtls_x509_buf mbedtls_x509_crt::raw |
The raw certificate data (DER).
◆ tbs
| mbedtls_x509_buf mbedtls_x509_crt::tbs |
The raw certificate body (DER).
The part that is To Be Signed.
◆ version
| int mbedtls_x509_crt::version |
The X.509 version.
(1=v1, 2=v2, 3=v3)
◆ serial
| mbedtls_x509_buf mbedtls_x509_crt::serial |
Unique id for certificate issued by a specific CA.
◆ sig_oid
| mbedtls_x509_buf mbedtls_x509_crt::sig_oid |
Signature algorithm, e.g.
sha1RSA
◆ issuer_raw
| mbedtls_x509_buf mbedtls_x509_crt::issuer_raw |
The raw issuer data (DER).
Used for quick comparison.
◆ subject_raw
| mbedtls_x509_buf mbedtls_x509_crt::subject_raw |
The raw subject data (DER).
Used for quick comparison.
◆ issuer
| mbedtls_x509_name mbedtls_x509_crt::issuer |
The parsed issuer data (named information object).
◆ subject
| mbedtls_x509_name mbedtls_x509_crt::subject |
The parsed subject data (named information object).
◆ valid_from
| mbedtls_x509_time mbedtls_x509_crt::valid_from |
Start time of certificate validity.
◆ valid_to
| mbedtls_x509_time mbedtls_x509_crt::valid_to |
End time of certificate validity.
◆ pk
| mbedtls_pk_context mbedtls_x509_crt::pk |
Container for the public key context.
◆ issuer_id
| mbedtls_x509_buf mbedtls_x509_crt::issuer_id |
Optional X.509 v2/v3 issuer unique identifier.
◆ subject_id
| mbedtls_x509_buf mbedtls_x509_crt::subject_id |
Optional X.509 v2/v3 subject unique identifier.
◆ v3_ext
| mbedtls_x509_buf mbedtls_x509_crt::v3_ext |
Optional X.509 v3 extensions.
◆ subject_alt_names
| mbedtls_x509_sequence mbedtls_x509_crt::subject_alt_names |
Optional list of raw entries of Subject Alternative Names extension (currently only dNSName and OtherName are listed).
◆ certificate_policies
| mbedtls_x509_sequence mbedtls_x509_crt::certificate_policies |
Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed).
◆ ext_key_usage
| mbedtls_x509_sequence mbedtls_x509_crt::ext_key_usage |
Optional list of extended key usage OIDs.
◆ next
| struct mbedtls_x509_crt * mbedtls_x509_crt::next |
Next certificate in the linked list that constitutes the CA chain.
NULL
indicates the end of the list. Do not modify this field directly.