_x509_crt Struct Reference
[X.509 module]

Container for an X.509 certificate. More...

#include <x509_crt.h>

Collaboration diagram for _x509_crt:
Collaboration graph
[legend]

Data Fields

x509_buf raw
 The raw certificate data (DER).
x509_buf tbs
 The raw certificate body (DER).
int version
 The X.509 version.
x509_buf serial
 Unique id for certificate issued by a specific CA.
x509_buf sig_oid1
 Signature algorithm, e.g.
x509_buf issuer_raw
 The raw issuer data (DER).
x509_buf subject_raw
 The raw subject data (DER).
x509_name issuer
 The parsed issuer data (named information object).
x509_name subject
 The parsed subject data (named information object).
x509_time valid_from
 Start time of certificate validity.
x509_time valid_to
 End time of certificate validity.
pk_context pk
 Container for the public key context.
x509_buf issuer_id
 Optional X.509 v2/v3 issuer unique identifier.
x509_buf subject_id
 Optional X.509 v2/v3 subject unique identifier.
x509_buf v3_ext
 Optional X.509 v3 extensions.
x509_sequence subject_alt_names
 Optional list of Subject Alternative Names (Only dNSName supported).
int ext_types
 Bit string containing detected and parsed extensions.
int ca_istrue
 Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.
int max_pathlen
 Optional Basic Constraint extension value: The maximum path length to the root certificate.
unsigned char key_usage
 Optional key usage extension value: See the values below.
x509_sequence ext_key_usage
 Optional list of extended key usage OIDs.
unsigned char ns_cert_type
 Optional Netscape certificate type extension value: See the values below.
x509_buf sig_oid2
 Signature algorithm.
x509_buf sig
 Signature: hash of the tbs part signed with the private key.
md_type_t sig_md
 Internal representation of the MD algorithm of the signature algorithm, e.g.
pk_type_t sig_pk
 < Internal representation of the Public Key algorithm of the signature algorithm, e.g.
struct _x509_crtnext
 Next certificate in the CA-chain.

Detailed Description

Container for an X.509 certificate.

The certificate may be chained.

Definition at line 53 of file x509_crt.h.


Field Documentation

Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.

Definition at line 79 of file x509_crt.h.

Referenced by x509_crt_verify(), x509_crt_verify_child(), and x509_get_crt_ext().

Optional list of extended key usage OIDs.

Definition at line 84 of file x509_crt.h.

Referenced by x509_crt_free(), and x509_get_crt_ext().

Bit string containing detected and parsed extensions.

Definition at line 78 of file x509_crt.h.

Referenced by x509_crt_verify(), and x509_get_crt_ext().

The parsed issuer data (named information object).

Definition at line 65 of file x509_crt.h.

Referenced by test_suite_x509_dn_gets(), x509_crt_free(), x509_crt_info(), and x509_crt_parse_der_core().

Optional X.509 v2/v3 issuer unique identifier.

Definition at line 73 of file x509_crt.h.

Referenced by x509_crt_parse_der_core().

The raw issuer data (DER).

Used for quick comparison.

Definition at line 62 of file x509_crt.h.

Referenced by x509_crt_parse_der_core(), x509_crt_verify(), x509_crt_verify_child(), and x509_crt_verify_top().

unsigned char _x509_crt::key_usage

Optional key usage extension value: See the values below.

Definition at line 82 of file x509_crt.h.

Referenced by x509_get_crt_ext().

Optional Basic Constraint extension value: The maximum path length to the root certificate.

Path length is 1 higher than RFC 5280 'meaning', so 1+

Definition at line 80 of file x509_crt.h.

Referenced by x509_crt_verify_top(), and x509_get_crt_ext().

struct _x509_crt* _x509_crt::next [read]
unsigned char _x509_crt::ns_cert_type

Optional Netscape certificate type extension value: See the values below.

Definition at line 86 of file x509_crt.h.

Referenced by x509_get_crt_ext().

The raw certificate data (DER).

Definition at line 55 of file x509_crt.h.

Referenced by ssl_cache_set(), ssl_save_session(), ssl_session_copy(), ssl_write_certificate(), x509_crt_free(), and x509_crt_parse_der_core().

Unique id for certificate issued by a specific CA.

Definition at line 59 of file x509_crt.h.

Referenced by x509_crt_info(), x509_crt_parse_der_core(), and x509_crt_revoked().

Signature: hash of the tbs part signed with the private key.

Definition at line 89 of file x509_crt.h.

Referenced by x509_crt_parse_der_core(), x509_crt_verify_child(), and x509_crt_verify_top().

Internal representation of the MD algorithm of the signature algorithm, e.g.

POLARSSL_MD_SHA256

Definition at line 90 of file x509_crt.h.

Referenced by x509_crt_parse_der_core(), x509_crt_verify_child(), and x509_crt_verify_top().

Signature algorithm, e.g.

sha1RSA

Definition at line 60 of file x509_crt.h.

Referenced by x509_crt_info(), and x509_crt_parse_der_core().

Signature algorithm.

Must match sig_oid1.

Definition at line 88 of file x509_crt.h.

Referenced by x509_crt_parse_der_core().

< Internal representation of the Public Key algorithm of the signature algorithm, e.g.

POLARSSL_PK_RSA

Definition at line 91 of file x509_crt.h.

Referenced by x509_crt_parse_der_core(), x509_crt_verify_child(), and x509_crt_verify_top().

The parsed subject data (named information object).

Definition at line 66 of file x509_crt.h.

Referenced by test_suite_x509_dn_gets(), x509_crt_free(), x509_crt_info(), x509_crt_parse_der_core(), and x509_crt_verify().

Optional list of Subject Alternative Names (Only dNSName supported).

Definition at line 76 of file x509_crt.h.

Referenced by x509_crt_free(), x509_crt_verify(), and x509_get_crt_ext().

Optional X.509 v2/v3 subject unique identifier.

Definition at line 74 of file x509_crt.h.

Referenced by x509_crt_parse_der_core().

The raw subject data (DER).

Used for quick comparison.

Definition at line 63 of file x509_crt.h.

Referenced by ssl_write_certificate_request(), x509_crt_parse_der_core(), x509_crt_verify(), x509_crt_verify_child(), x509_crt_verify_top(), and x509_crt_verifycrl().

The raw certificate body (DER).

The part that is To Be Signed.

Definition at line 56 of file x509_crt.h.

Referenced by x509_crt_parse_der_core(), x509_crt_verify_child(), and x509_crt_verify_top().

Optional X.509 v3 extensions.

Only Basic Contraints are supported at this time.

Definition at line 75 of file x509_crt.h.

Referenced by x509_get_crt_ext().

Start time of certificate validity.

Definition at line 68 of file x509_crt.h.

Referenced by test_suite_x509_time_expired(), x509_crt_info(), and x509_crt_parse_der_core().

End time of certificate validity.

Definition at line 69 of file x509_crt.h.

Referenced by test_suite_x509_time_expired(), x509_crt_info(), x509_crt_parse_der_core(), x509_crt_verify_child(), and x509_crt_verify_top().

The X.509 version.

(0=v1, 1=v2, 2=v3)

Definition at line 58 of file x509_crt.h.

Referenced by x509_crt_info(), x509_crt_parse_der(), x509_crt_parse_der_core(), x509_crt_verify(), x509_crt_verify_child(), and x509_crt_verify_top().


The documentation for this struct was generated from the following file:

Generated on 9 Apr 2014 for PolarSSL v1.3.2 by  doxygen 1.6.1