X.509 certificate signing request parsing and writing. More...
#include "config.h"
#include "x509.h"
Go to the source code of this file.
Data Structures | |
struct | _x509_csr |
Certificate Signing Request (CSR) structure. More... | |
struct | _x509write_csr |
Container for writing a CSR. More... | |
Functions | |
void | x509write_csr_init (x509write_csr *ctx) |
Initialize a CSR context. | |
int | x509write_csr_set_subject_name (x509write_csr *ctx, const char *subject_name) |
Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g. | |
void | x509write_csr_set_key (x509write_csr *ctx, pk_context *key) |
Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it). | |
void | x509write_csr_set_md_alg (x509write_csr *ctx, md_type_t md_alg) |
Set the MD algorithm to use for the signature (e.g. | |
int | x509write_csr_set_key_usage (x509write_csr *ctx, unsigned char key_usage) |
Set the Key Usage Extension flags (e.g. | |
int | x509write_csr_set_ns_cert_type (x509write_csr *ctx, unsigned char ns_cert_type) |
Set the Netscape Cert Type flags (e.g. | |
int | x509write_csr_set_extension (x509write_csr *ctx, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len) |
Generic function to add to or replace an extension in the CSR. | |
void | x509write_csr_free (x509write_csr *ctx) |
Free the contents of a CSR context. | |
int | x509write_csr_der (x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer. | |
int | x509write_csr_pem (x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
Write a CSR (Certificate Signing Request) to a PEM string. | |
Structures and functions for X.509 Certificate Signing Requests (CSR) | |
| |
typedef struct _x509_csr | x509_csr |
Certificate Signing Request (CSR) structure. | |
typedef struct _x509write_csr | x509write_csr |
Container for writing a CSR. | |
int | x509_csr_parse (x509_csr *csr, const unsigned char *buf, size_t buflen) |
Load a Certificate Signing Request (CSR). | |
int | x509_csr_parse_file (x509_csr *csr, const char *path) |
Load a Certificate Signing Request (CSR). | |
int | x509_csr_info (char *buf, size_t size, const char *prefix, const x509_csr *csr) |
Returns an informational string about the CSR. | |
void | x509_csr_init (x509_csr *csr) |
Initialize a CSR. | |
void | x509_csr_free (x509_csr *csr) |
Unallocate all CSR data. |
X.509 certificate signing request parsing and writing.
Copyright (C) 2006-2013, Brainspark B.V.
This file is part of PolarSSL (http://www.polarssl.org) Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
All rights reserved.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Definition in file x509_csr.h.
int x509write_csr_der | ( | x509write_csr * | ctx, | |
unsigned char * | buf, | |||
size_t | size, | |||
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng | |||
) |
Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.
ctx | CSR to write away | |
buf | buffer to write to | |
size | size of the buffer | |
f_rng | RNG function (for signature, see note) | |
p_rng | RNG parameter |
Definition at line 124 of file x509write_csr.c.
References ASN1_CHK_ADD, ASN1_CONSTRUCTED, ASN1_CONTEXT_SPECIFIC, ASN1_SEQUENCE, ASN1_SET, asn1_write_int(), asn1_write_len(), asn1_write_oid(), asn1_write_tag(), _x509write_csr::extensions, _x509write_csr::key, md(), _x509write_csr::md_alg, md_info_from_type(), oid_get_oid_by_sig_alg(), OID_PKCS9_CSR_EXT_REQ, OID_SIZE, pk_get_type(), pk_sign(), pk_write_pubkey_der(), POLARSSL_MPI_MAX_SIZE, POLARSSL_PK_ECDSA, POLARSSL_PK_ECKEY, _x509write_csr::subject, x509_write_extensions(), x509_write_names(), and x509_write_sig().
Referenced by x509write_csr_pem().
void x509write_csr_free | ( | x509write_csr * | ctx | ) |
Free the contents of a CSR context.
ctx | CSR context to free |
Definition at line 51 of file x509write_csr.c.
References asn1_free_named_data_list(), _x509write_csr::extensions, and _x509write_csr::subject.
Referenced by test_suite_x509_csr_check().
void x509write_csr_init | ( | x509write_csr * | ctx | ) |
Initialize a CSR context.
ctx | CSR context to initialize |
Definition at line 46 of file x509write_csr.c.
Referenced by test_suite_x509_csr_check().
int x509write_csr_pem | ( | x509write_csr * | ctx, | |
unsigned char * | buf, | |||
size_t | size, | |||
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng | |||
) |
Write a CSR (Certificate Signing Request) to a PEM string.
ctx | CSR to write away | |
buf | buffer to write to | |
size | size of the buffer | |
f_rng | RNG function (for signature, see note) | |
p_rng | RNG parameter |
Definition at line 220 of file x509write_csr.c.
References PEM_BEGIN_CSR, PEM_END_CSR, pem_write_buffer(), and x509write_csr_der().
Referenced by test_suite_x509_csr_check().
int x509write_csr_set_extension | ( | x509write_csr * | ctx, | |
const char * | oid, | |||
size_t | oid_len, | |||
const unsigned char * | val, | |||
size_t | val_len | |||
) |
Generic function to add to or replace an extension in the CSR.
ctx | CSR context to use | |
oid | OID of the extension | |
oid_len | length of the OID | |
val | value of the extension OCTET STRING | |
val_len | length of the value data |
Definition at line 75 of file x509write_csr.c.
References _x509write_csr::extensions, and x509_set_extension().
Referenced by x509write_csr_set_key_usage(), and x509write_csr_set_ns_cert_type().
void x509write_csr_set_key | ( | x509write_csr * | ctx, | |
pk_context * | key | |||
) |
Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it).
ctx | CSR context to use | |
key | Asymetric key to include |
Definition at line 64 of file x509write_csr.c.
References _x509write_csr::key.
Referenced by test_suite_x509_csr_check().
int x509write_csr_set_key_usage | ( | x509write_csr * | ctx, | |
unsigned char | key_usage | |||
) |
Set the Key Usage Extension flags (e.g.
KU_DIGITAL_SIGNATURE | KU_KEY_CERT_SIGN)
ctx | CSR context to use | |
key_usage | key usage flags to set |
Definition at line 83 of file x509write_csr.c.
References asn1_write_bitstring(), OID_KEY_USAGE, OID_SIZE, and x509write_csr_set_extension().
void x509write_csr_set_md_alg | ( | x509write_csr * | ctx, | |
md_type_t | md_alg | |||
) |
Set the MD algorithm to use for the signature (e.g.
POLARSSL_MD_SHA1)
ctx | CSR context to use | |
md_alg | MD algorithm to use |
Definition at line 59 of file x509write_csr.c.
References _x509write_csr::md_alg.
Referenced by test_suite_x509_csr_check().
int x509write_csr_set_ns_cert_type | ( | x509write_csr * | ctx, | |
unsigned char | ns_cert_type | |||
) |
Set the Netscape Cert Type flags (e.g.
NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_EMAIL)
ctx | CSR context to use | |
ns_cert_type | Netscape Cert Type flags to set |
Definition at line 103 of file x509write_csr.c.
References asn1_write_bitstring(), OID_NS_CERT_TYPE, OID_SIZE, and x509write_csr_set_extension().
int x509write_csr_set_subject_name | ( | x509write_csr * | ctx, | |
const char * | subject_name | |||
) |
Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g.
"C=NL,O=Offspark,CN=PolarSSL Server 1"
ctx | CSR context to use | |
subject_name | subject name to set |
Definition at line 69 of file x509write_csr.c.
References _x509write_csr::subject, and x509_string_to_names().
Referenced by test_suite_x509_csr_check().