API Documentation - v4.4.0 - Gecko Platform Silicon Labs

Container for an X.509 certificate.

The certificate may be chained.

Some fields of this structure are publicly readable. Do not modify them except via Mbed TLS library functions: the effect of modifying those fields or the data that those fields points to is unspecified.

Public Attributes#

mbedtls_x509_buf

raw

The raw certificate data (DER).

mbedtls_x509_buf

tbs

The raw certificate body (DER).

int

version

The X.509 version.

mbedtls_x509_buf

serial

Unique id for certificate issued by a specific CA.

mbedtls_x509_buf

sig_oid

Signature algorithm, e.g.

mbedtls_x509_buf

issuer_raw

The raw issuer data (DER).

mbedtls_x509_buf

subject_raw

The raw subject data (DER).

mbedtls_x509_name

issuer

The parsed issuer data (named information object).

mbedtls_x509_name

subject

The parsed subject data (named information object).

mbedtls_x509_time

valid_from

Start time of certificate validity.

mbedtls_x509_time

valid_to

End time of certificate validity.

mbedtls_x509_buf

pk_raw

mbedtls_pk_context

Container for the public key context.

mbedtls_x509_buf

issuer_id

Optional X.509 v2/v3 issuer unique identifier.

mbedtls_x509_buf

subject_id

Optional X.509 v2/v3 subject unique identifier.

mbedtls_x509_buf

v3_ext

Optional X.509 v3 extensions.

mbedtls_x509_sequence

subject_alt_names

Optional list of raw entries of Subject Alternative Names extension.

mbedtls_x509_buf

subject_key_id

Optional X.509 v3 extension subject key identifier.

mbedtls_x509_authority

authority_key_id

Optional X.509 v3 extension authority key identifier.

mbedtls_x509_sequence

certificate_policies

Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed).

mbedtls_x509_sequence

ext_key_usage

Optional list of extended key usage OIDs.

struct mbedtls_x509_crt *

Next certificate in the linked list that constitutes the CA chain.

Public Functions#

int

MBEDTLS_PRIVATE(own_buffer)

Indicates if raw is owned by the structure or not.

int

MBEDTLS_PRIVATE(ext_types)

Bit string containing detected and parsed extensions.

int

MBEDTLS_PRIVATE(ca_istrue)

Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.

int

MBEDTLS_PRIVATE(max_pathlen)

Optional Basic Constraint extension value: The maximum path length to the root certificate.

unsigned int

MBEDTLS_PRIVATE(key_usage)

Optional key usage extension value: See the values in x509.h.

unsigned char

MBEDTLS_PRIVATE(ns_cert_type)

Optional Netscape certificate type extension value: See the values in x509.h.

mbedtls_x509_buf

MBEDTLS_PRIVATE(sig)

Signature: hash of the tbs part signed with the private key.

mbedtls_md_type_t

MBEDTLS_PRIVATE(sig_md)

Internal representation of the MD algorithm of the signature algorithm, e.g.

mbedtls_pk_type_t

MBEDTLS_PRIVATE(sig_pk)

Internal representation of the Public Key algorithm of the signature algorithm, e.g.

void *

MBEDTLS_PRIVATE(sig_opts)

Signature options to be passed to mbedtls_pk_verify_ext(), e.g.

Public Attribute Documentation#

raw#

mbedtls_x509_buf mbedtls_x509_crt::raw

The raw certificate data (DER).

Definition at line 56 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

tbs#

mbedtls_x509_buf mbedtls_x509_crt::tbs

The raw certificate body (DER).

The part that is To Be Signed.

Definition at line 57 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

version#

int mbedtls_x509_crt::version

The X.509 version.

(1=v1, 2=v2, 3=v3)

Definition at line 59 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

serial#

mbedtls_x509_buf mbedtls_x509_crt::serial

Unique id for certificate issued by a specific CA.

Definition at line 60 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

sig_oid#

mbedtls_x509_buf mbedtls_x509_crt::sig_oid

Signature algorithm, e.g.

sha1RSA

Definition at line 61 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

issuer_raw#

mbedtls_x509_buf mbedtls_x509_crt::issuer_raw

The raw issuer data (DER).

Used for quick comparison.

Definition at line 63 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

subject_raw#

mbedtls_x509_buf mbedtls_x509_crt::subject_raw

The raw subject data (DER).

Used for quick comparison.

Definition at line 64 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

issuer#

mbedtls_x509_name mbedtls_x509_crt::issuer

The parsed issuer data (named information object).

Definition at line 66 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

subject#

mbedtls_x509_name mbedtls_x509_crt::subject

The parsed subject data (named information object).

Definition at line 67 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

valid_from#

mbedtls_x509_time mbedtls_x509_crt::valid_from

Start time of certificate validity.

Definition at line 69 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

valid_to#

mbedtls_x509_time mbedtls_x509_crt::valid_to

End time of certificate validity.

Definition at line 70 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

pk_raw#

mbedtls_x509_buf mbedtls_x509_crt::pk_raw

Definition at line 72 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

pk#

mbedtls_pk_context mbedtls_x509_crt::pk

Container for the public key context.

Definition at line 73 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

issuer_id#

mbedtls_x509_buf mbedtls_x509_crt::issuer_id

Optional X.509 v2/v3 issuer unique identifier.

Definition at line 75 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

subject_id#

mbedtls_x509_buf mbedtls_x509_crt::subject_id

Optional X.509 v2/v3 subject unique identifier.

Definition at line 76 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

v3_ext#

mbedtls_x509_buf mbedtls_x509_crt::v3_ext

Optional X.509 v3 extensions.

Definition at line 77 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

subject_alt_names#

mbedtls_x509_sequence mbedtls_x509_crt::subject_alt_names

Optional list of raw entries of Subject Alternative Names extension.

These can be later parsed by mbedtls_x509_parse_subject_alt_name.

Definition at line 78 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

subject_key_id#

mbedtls_x509_buf mbedtls_x509_crt::subject_key_id

Optional X.509 v3 extension subject key identifier.

Definition at line 79 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

authority_key_id#

mbedtls_x509_authority mbedtls_x509_crt::authority_key_id

Optional X.509 v3 extension authority key identifier.

Definition at line 80 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

certificate_policies#

mbedtls_x509_sequence mbedtls_x509_crt::certificate_policies

Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed).

Definition at line 82 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

ext_key_usage#

mbedtls_x509_sequence mbedtls_x509_crt::ext_key_usage

Optional list of extended key usage OIDs.

Definition at line 90 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

next#

struct mbedtls_x509_crt* mbedtls_x509_crt::next

Next certificate in the linked list that constitutes the CA chain.

NULL indicates the end of the list. Do not modify this field directly.

Definition at line 102 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

Public Function Documentation#

MBEDTLS_PRIVATE#

int mbedtls_x509_crt::MBEDTLS_PRIVATE (own_buffer )

Indicates if raw is owned by the structure or not.

Parameters

N/A

Definition at line 54 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

MBEDTLS_PRIVATE#

int mbedtls_x509_crt::MBEDTLS_PRIVATE (ext_types )

Bit string containing detected and parsed extensions.

Parameters

N/A

Definition at line 84 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

MBEDTLS_PRIVATE#

int mbedtls_x509_crt::MBEDTLS_PRIVATE (ca_istrue )

Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.

Parameters

N/A

Definition at line 85 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

MBEDTLS_PRIVATE#

int mbedtls_x509_crt::MBEDTLS_PRIVATE (max_pathlen )

Optional Basic Constraint extension value: The maximum path length to the root certificate.

Parameters

N/A

Path length is 1 higher than RFC 5280 'meaning', so 1+

Definition at line 86 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

MBEDTLS_PRIVATE#

unsigned int mbedtls_x509_crt::MBEDTLS_PRIVATE (key_usage )

Optional key usage extension value: See the values in x509.h.

Parameters

N/A

Definition at line 88 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

MBEDTLS_PRIVATE#

unsigned char mbedtls_x509_crt::MBEDTLS_PRIVATE (ns_cert_type )

Optional Netscape certificate type extension value: See the values in x509.h.

Parameters

N/A

Definition at line 92 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

MBEDTLS_PRIVATE#

mbedtls_x509_buf mbedtls_x509_crt::MBEDTLS_PRIVATE (sig )

Signature: hash of the tbs part signed with the private key.

Parameters

N/A

Definition at line 94 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

MBEDTLS_PRIVATE#

mbedtls_md_type_t mbedtls_x509_crt::MBEDTLS_PRIVATE (sig_md )

Internal representation of the MD algorithm of the signature algorithm, e.g.

Parameters

N/A

MBEDTLS_MD_SHA256

Definition at line 95 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

MBEDTLS_PRIVATE#

mbedtls_pk_type_t mbedtls_x509_crt::MBEDTLS_PRIVATE (sig_pk )

Internal representation of the Public Key algorithm of the signature algorithm, e.g.

Parameters

N/A

MBEDTLS_PK_RSA

Definition at line 96 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h

MBEDTLS_PRIVATE#

void * mbedtls_x509_crt::MBEDTLS_PRIVATE (sig_opts )

Signature options to be passed to mbedtls_pk_verify_ext(), e.g.

Parameters

N/A

for RSASSA-PSS

Definition at line 97 of file util/third_party/mbedtls/include/mbedtls/x509_crt.h