 |
Mbed OS Reference
|
|
Mbed OS Reference
|
X.509 generic defines and structures. More...
Go to the source code of this file.
Data Structures | |
| struct | mbedtls_x509_time |
| Container for date and time (precision in seconds). More... | |
Macros | |
| #define | MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 |
| Maximum number of intermediate CAs in a verification chain. | |
| #define | MBEDTLS_X509_MAX_DN_NAME_SIZE 256 |
| Maximum value size of a DN entry. | |
X509 Error codes | |
| #define | MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080 |
| Unavailable feature, e.g. | |
| #define | MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100 |
| Requested OID is unknown. | |
| #define | MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180 |
| The CRT/CRL/CSR format is invalid, e.g. | |
| #define | MBEDTLS_ERR_X509_INVALID_VERSION -0x2200 |
| The CRT/CRL/CSR version element is invalid. | |
| #define | MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280 |
| The serial tag or value is invalid. | |
| #define | MBEDTLS_ERR_X509_INVALID_ALG -0x2300 |
| The algorithm tag or value is invalid. | |
| #define | MBEDTLS_ERR_X509_INVALID_NAME -0x2380 |
| The name tag or value is invalid. | |
| #define | MBEDTLS_ERR_X509_INVALID_DATE -0x2400 |
| The date tag or value is invalid. | |
| #define | MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480 |
| The signature tag or value invalid. | |
| #define | MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500 |
| The extension tag or value is invalid. | |
| #define | MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580 |
| CRT/CRL/CSR has an unsupported version number. | |
| #define | MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600 |
| Signature algorithm (oid) is unsupported. | |
| #define | MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680 |
| Signature algorithms do not match. | |
| #define | MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700 |
| Certificate verification failed, e.g. | |
| #define | MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 |
| Format not recognized as DER or PEM. | |
| #define | MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 |
| Input invalid. | |
| #define | MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 |
| Allocation of memory failed. | |
| #define | MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 |
| Read/write of file failed. | |
| #define | MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 |
| Destination buffer is too small. | |
| #define | MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 |
| A fatal error occurred, eg the chain is too long or the vrfy callback failed. | |
X509 Verify codes | |
| #define | MBEDTLS_X509_BADCERT_EXPIRED 0x01 |
| The certificate validity has expired. | |
| #define | MBEDTLS_X509_BADCERT_REVOKED 0x02 |
| The certificate has been revoked (is on a CRL). | |
| #define | MBEDTLS_X509_BADCERT_CN_MISMATCH 0x04 |
| The certificate Common Name (CN) does not match with the expected CN. | |
| #define | MBEDTLS_X509_BADCERT_NOT_TRUSTED 0x08 |
| The certificate is not correctly signed by the trusted CA. | |
| #define | MBEDTLS_X509_BADCRL_NOT_TRUSTED 0x10 |
| The CRL is not correctly signed by the trusted CA. | |
| #define | MBEDTLS_X509_BADCRL_EXPIRED 0x20 |
| The CRL is expired. | |
| #define | MBEDTLS_X509_BADCERT_MISSING 0x40 |
| Certificate was missing. | |
| #define | MBEDTLS_X509_BADCERT_SKIP_VERIFY 0x80 |
| Certificate verification was skipped. | |
| #define | MBEDTLS_X509_BADCERT_OTHER 0x0100 |
| Other reason (can be used by verify callback) | |
| #define | MBEDTLS_X509_BADCERT_FUTURE 0x0200 |
| The certificate validity starts in the future. | |
| #define | MBEDTLS_X509_BADCRL_FUTURE 0x0400 |
| The CRL is from the future. | |
| #define | MBEDTLS_X509_BADCERT_KEY_USAGE 0x0800 |
| Usage does not match the keyUsage extension. | |
| #define | MBEDTLS_X509_BADCERT_EXT_KEY_USAGE 0x1000 |
| Usage does not match the extendedKeyUsage extension. | |
| #define | MBEDTLS_X509_BADCERT_NS_CERT_TYPE 0x2000 |
| Usage does not match the nsCertType extension. | |
| #define | MBEDTLS_X509_BADCERT_BAD_MD 0x4000 |
| The certificate is signed with an unacceptable hash. | |
| #define | MBEDTLS_X509_BADCERT_BAD_PK 0x8000 |
| The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). | |
| #define | MBEDTLS_X509_BADCERT_BAD_KEY 0x010000 |
| The certificate is signed with an unacceptable key (eg bad curve, RSA too short). | |
| #define | MBEDTLS_X509_BADCRL_BAD_MD 0x020000 |
| The CRL is signed with an unacceptable hash. | |
| #define | MBEDTLS_X509_BADCRL_BAD_PK 0x040000 |
| The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). | |
| #define | MBEDTLS_X509_BADCRL_BAD_KEY 0x080000 |
| The CRL is signed with an unacceptable key (eg bad curve, RSA too short). | |
Typedefs | |
Structures for parsing X.509 certificates, CRLs and CSRs | |
| typedef mbedtls_asn1_buf | mbedtls_x509_buf |
| Type-length-value structure that allows for ASN1 using DER. | |
| typedef mbedtls_asn1_bitstring | mbedtls_x509_bitstring |
| Container for ASN1 bit strings. | |
| typedef mbedtls_asn1_named_data | mbedtls_x509_name |
| Container for ASN1 named information objects. | |
| typedef mbedtls_asn1_sequence | mbedtls_x509_sequence |
| Container for a sequence of ASN.1 items. | |
| typedef struct mbedtls_x509_time | mbedtls_x509_time |
| Container for date and time (precision in seconds). | |
Functions | |
| int | mbedtls_x509_dn_gets (char *buf, size_t size, const mbedtls_x509_name *dn) |
| Store the certificate DN in printable form into buf; no more than size characters will be written. | |
| int | mbedtls_x509_serial_gets (char *buf, size_t size, const mbedtls_x509_buf *serial) |
| Store the certificate serial in printable form into buf; no more than size characters will be written. | |
| int | mbedtls_x509_time_is_past (const mbedtls_x509_time *to) |
| Check a given mbedtls_x509_time against the system time and tell if it's in the past. | |
| int | mbedtls_x509_time_is_future (const mbedtls_x509_time *from) |
| Check a given mbedtls_x509_time against the system time and tell if it's in the future. | |
X.509 generic defines and structures.
Definition in file x509.h.
1.9.8