Container for an X.509 certificate. More...
#include <x509_crt.h>
Data Fields | |
x509_buf | raw |
The raw certificate data (DER). | |
x509_buf | tbs |
The raw certificate body (DER). | |
int | version |
The X.509 version. | |
x509_buf | serial |
Unique id for certificate issued by a specific CA. | |
x509_buf | sig_oid1 |
Signature algorithm, e.g. | |
x509_buf | issuer_raw |
The raw issuer data (DER). | |
x509_buf | subject_raw |
The raw subject data (DER). | |
x509_name | issuer |
The parsed issuer data (named information object). | |
x509_name | subject |
The parsed subject data (named information object). | |
x509_time | valid_from |
Start time of certificate validity. | |
x509_time | valid_to |
End time of certificate validity. | |
pk_context | pk |
Container for the public key context. | |
x509_buf | issuer_id |
Optional X.509 v2/v3 issuer unique identifier. | |
x509_buf | subject_id |
Optional X.509 v2/v3 subject unique identifier. | |
x509_buf | v3_ext |
Optional X.509 v3 extensions. | |
x509_sequence | subject_alt_names |
Optional list of Subject Alternative Names (Only dNSName supported). | |
int | ext_types |
Bit string containing detected and parsed extensions. | |
int | ca_istrue |
Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. | |
int | max_pathlen |
Optional Basic Constraint extension value: The maximum path length to the root certificate. | |
unsigned char | key_usage |
Optional key usage extension value: See the values below. | |
x509_sequence | ext_key_usage |
Optional list of extended key usage OIDs. | |
unsigned char | ns_cert_type |
Optional Netscape certificate type extension value: See the values below. | |
x509_buf | sig_oid2 |
Signature algorithm. | |
x509_buf | sig |
Signature: hash of the tbs part signed with the private key. | |
md_type_t | sig_md |
Internal representation of the MD algorithm of the signature algorithm, e.g. | |
pk_type_t | sig_pk |
< Internal representation of the Public Key algorithm of the signature algorithm, e.g. | |
struct _x509_crt * | next |
Next certificate in the CA-chain. |
Container for an X.509 certificate.
The certificate may be chained.
Definition at line 53 of file x509_crt.h.
Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.
Definition at line 79 of file x509_crt.h.
Referenced by x509_crt_verify(), x509_crt_verify_child(), and x509_get_crt_ext().
Optional list of extended key usage OIDs.
Definition at line 84 of file x509_crt.h.
Referenced by x509_crt_free(), and x509_get_crt_ext().
Bit string containing detected and parsed extensions.
Definition at line 78 of file x509_crt.h.
Referenced by x509_crt_verify(), and x509_get_crt_ext().
The parsed issuer data (named information object).
Definition at line 65 of file x509_crt.h.
Referenced by test_suite_x509_dn_gets(), x509_crt_free(), x509_crt_info(), and x509_crt_parse_der_core().
Optional X.509 v2/v3 issuer unique identifier.
Definition at line 73 of file x509_crt.h.
Referenced by x509_crt_parse_der_core().
The raw issuer data (DER).
Used for quick comparison.
Definition at line 62 of file x509_crt.h.
Referenced by x509_crt_parse_der_core(), x509_crt_verify(), x509_crt_verify_child(), and x509_crt_verify_top().
unsigned char _x509_crt::key_usage |
Optional key usage extension value: See the values below.
Definition at line 82 of file x509_crt.h.
Referenced by x509_get_crt_ext().
Optional Basic Constraint extension value: The maximum path length to the root certificate.
Path length is 1 higher than RFC 5280 'meaning', so 1+
Definition at line 80 of file x509_crt.h.
Referenced by x509_crt_verify_top(), and x509_get_crt_ext().
struct _x509_crt* _x509_crt::next [read] |
Next certificate in the CA-chain.
Definition at line 93 of file x509_crt.h.
Referenced by debug_print_crt(), ssl_write_certificate(), ssl_write_certificate_request(), x509_crt_free(), x509_crt_parse_der(), x509_crt_verify(), x509_crt_verify_child(), and x509_crt_verify_top().
unsigned char _x509_crt::ns_cert_type |
Optional Netscape certificate type extension value: See the values below.
Definition at line 86 of file x509_crt.h.
Referenced by x509_get_crt_ext().
Container for the public key context.
Definition at line 71 of file x509_crt.h.
Referenced by debug_print_crt(), ssl_parse_certificate_verify(), ssl_parse_server_key_exchange(), ssl_write_encrypted_pms(), x509_crt_free(), x509_crt_info(), x509_crt_parse_der_core(), x509_crt_verify_child(), x509_crt_verify_top(), and x509_crt_verifycrl().
The raw certificate data (DER).
Definition at line 55 of file x509_crt.h.
Referenced by ssl_cache_set(), ssl_save_session(), ssl_session_copy(), ssl_write_certificate(), x509_crt_free(), and x509_crt_parse_der_core().
Unique id for certificate issued by a specific CA.
Definition at line 59 of file x509_crt.h.
Referenced by x509_crt_info(), x509_crt_parse_der_core(), and x509_crt_revoked().
Signature: hash of the tbs part signed with the private key.
Definition at line 89 of file x509_crt.h.
Referenced by x509_crt_parse_der_core(), x509_crt_verify_child(), and x509_crt_verify_top().
Internal representation of the MD algorithm of the signature algorithm, e.g.
POLARSSL_MD_SHA256
Definition at line 90 of file x509_crt.h.
Referenced by x509_crt_parse_der_core(), x509_crt_verify_child(), and x509_crt_verify_top().
Signature algorithm, e.g.
sha1RSA
Definition at line 60 of file x509_crt.h.
Referenced by x509_crt_info(), and x509_crt_parse_der_core().
Signature algorithm.
Must match sig_oid1.
Definition at line 88 of file x509_crt.h.
Referenced by x509_crt_parse_der_core().
< Internal representation of the Public Key algorithm of the signature algorithm, e.g.
POLARSSL_PK_RSA
Definition at line 91 of file x509_crt.h.
Referenced by x509_crt_parse_der_core(), x509_crt_verify_child(), and x509_crt_verify_top().
The parsed subject data (named information object).
Definition at line 66 of file x509_crt.h.
Referenced by test_suite_x509_dn_gets(), x509_crt_free(), x509_crt_info(), x509_crt_parse_der_core(), and x509_crt_verify().
Optional list of Subject Alternative Names (Only dNSName supported).
Definition at line 76 of file x509_crt.h.
Referenced by x509_crt_free(), x509_crt_verify(), and x509_get_crt_ext().
Optional X.509 v2/v3 subject unique identifier.
Definition at line 74 of file x509_crt.h.
Referenced by x509_crt_parse_der_core().
The raw subject data (DER).
Used for quick comparison.
Definition at line 63 of file x509_crt.h.
Referenced by ssl_write_certificate_request(), x509_crt_parse_der_core(), x509_crt_verify(), x509_crt_verify_child(), x509_crt_verify_top(), and x509_crt_verifycrl().
The raw certificate body (DER).
The part that is To Be Signed.
Definition at line 56 of file x509_crt.h.
Referenced by x509_crt_parse_der_core(), x509_crt_verify_child(), and x509_crt_verify_top().
Optional X.509 v3 extensions.
Only Basic Contraints are supported at this time.
Definition at line 75 of file x509_crt.h.
Referenced by x509_get_crt_ext().
Start time of certificate validity.
Definition at line 68 of file x509_crt.h.
Referenced by test_suite_x509_time_expired(), x509_crt_info(), and x509_crt_parse_der_core().
End time of certificate validity.
Definition at line 69 of file x509_crt.h.
Referenced by test_suite_x509_time_expired(), x509_crt_info(), x509_crt_parse_der_core(), x509_crt_verify_child(), and x509_crt_verify_top().
The X.509 version.
(0=v1, 1=v2, 2=v3)
Definition at line 58 of file x509_crt.h.
Referenced by x509_crt_info(), x509_crt_parse_der(), x509_crt_parse_der_core(), x509_crt_verify(), x509_crt_verify_child(), and x509_crt_verify_top().