RetroArch
Classes | Functions
x509_csr.h File Reference

X.509 certificate signing request parsing and writing. More...

#include "config.h"
#include "x509.h"
Include dependency graph for x509_csr.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  mbedtls_x509_csr
 
struct  mbedtls_x509write_csr
 

Functions

void mbedtls_x509write_csr_init (mbedtls_x509write_csr *ctx)
 Initialize a CSR context. More...
 
int mbedtls_x509write_csr_set_subject_name (mbedtls_x509write_csr *ctx, const char *subject_name)
 Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g. "C=UK,O=ARM,CN=mbed TLS Server 1". More...
 
void mbedtls_x509write_csr_set_key (mbedtls_x509write_csr *ctx, mbedtls_pk_context *key)
 Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it) More...
 
void mbedtls_x509write_csr_set_md_alg (mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg)
 Set the MD algorithm to use for the signature (e.g. MBEDTLS_MD_SHA1) More...
 
int mbedtls_x509write_csr_set_key_usage (mbedtls_x509write_csr *ctx, unsigned char key_usage)
 Set the Key Usage Extension flags (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN) More...
 
int mbedtls_x509write_csr_set_ns_cert_type (mbedtls_x509write_csr *ctx, unsigned char ns_cert_type)
 Set the Netscape Cert Type flags (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL) More...
 
int mbedtls_x509write_csr_set_extension (mbedtls_x509write_csr *ctx, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len)
 Generic function to add to or replace an extension in the CSR. More...
 
void mbedtls_x509write_csr_free (mbedtls_x509write_csr *ctx)
 Free the contents of a CSR context. More...
 
int mbedtls_x509write_csr_der (mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer. More...
 
int mbedtls_x509write_csr_pem (mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Write a CSR (Certificate Signing Request) to a PEM string. More...
 

Structures and functions for X.509 Certificate Signing Requests (CSR)

typedef struct mbedtls_x509_csr mbedtls_x509_csr
 
typedef struct mbedtls_x509write_csr mbedtls_x509write_csr
 
int mbedtls_x509_csr_parse_der (mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen)
 Load a Certificate Signing Request (CSR) in DER format. More...
 
int mbedtls_x509_csr_parse (mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen)
 Load a Certificate Signing Request (CSR), DER or PEM format. More...
 
int mbedtls_x509_csr_parse_file (mbedtls_x509_csr *csr, const char *path)
 Load a Certificate Signing Request (CSR) More...
 
int mbedtls_x509_csr_info (char *buf, size_t size, const char *prefix, const mbedtls_x509_csr *csr)
 Returns an informational string about the CSR. More...
 
void mbedtls_x509_csr_init (mbedtls_x509_csr *csr)
 Initialize a CSR. More...
 
void mbedtls_x509_csr_free (mbedtls_x509_csr *csr)
 Unallocate all CSR data. More...
 

Detailed Description

X.509 certificate signing request parsing and writing.

Copyright (C) 2006-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: Apache-2.0

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This file is part of mbed TLS (https://tls.mbed.org)

Function Documentation

◆ mbedtls_x509write_csr_der()

int mbedtls_x509write_csr_der ( mbedtls_x509write_csr ctx,
unsigned char *  buf,
size_t  size,
int(*)(void *, unsigned char *, size_t)  f_rng,
void p_rng 
)

Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.

Parameters
ctxCSR to write away
bufbuffer to write to
sizesize of the buffer
f_rngRNG function (for signature, see note)
p_rngRNG parameter
Returns
length of data written if successful, or a specific error code
Note
f_rng may be NULL if RSA is used for signature and the signature is made offline (otherwise f_rng is desirable for countermeasures against timing attacks). ECDSA signatures always require a non-NULL f_rng.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_x509write_csr_free()

void mbedtls_x509write_csr_free ( mbedtls_x509write_csr ctx)

Free the contents of a CSR context.

Parameters
ctxCSR context to free
Here is the call graph for this function:

◆ mbedtls_x509write_csr_init()

void mbedtls_x509write_csr_init ( mbedtls_x509write_csr ctx)

Initialize a CSR context.

Parameters
ctxCSR context to initialize
Here is the call graph for this function:

◆ mbedtls_x509write_csr_pem()

int mbedtls_x509write_csr_pem ( mbedtls_x509write_csr ctx,
unsigned char *  buf,
size_t  size,
int(*)(void *, unsigned char *, size_t)  f_rng,
void p_rng 
)

Write a CSR (Certificate Signing Request) to a PEM string.

Parameters
ctxCSR to write away
bufbuffer to write to
sizesize of the buffer
f_rngRNG function (for signature, see note)
p_rngRNG parameter
Returns
0 if successful, or a specific error code
Note
f_rng may be NULL if RSA is used for signature and the signature is made offline (otherwise f_rng is desirable for countermeasures against timing attacks). ECDSA signatures always require a non-NULL f_rng.
Here is the call graph for this function:

◆ mbedtls_x509write_csr_set_extension()

int mbedtls_x509write_csr_set_extension ( mbedtls_x509write_csr ctx,
const char *  oid,
size_t  oid_len,
const unsigned char *  val,
size_t  val_len 
)

Generic function to add to or replace an extension in the CSR.

Parameters
ctxCSR context to use
oidOID of the extension
oid_lenlength of the OID
valvalue of the extension OCTET STRING
val_lenlength of the value data
Returns
0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mbedtls_x509write_csr_set_key()

void mbedtls_x509write_csr_set_key ( mbedtls_x509write_csr ctx,
mbedtls_pk_context key 
)

Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it)

Parameters
ctxCSR context to use
keyAsymetric key to include

◆ mbedtls_x509write_csr_set_key_usage()

int mbedtls_x509write_csr_set_key_usage ( mbedtls_x509write_csr ctx,
unsigned char  key_usage 
)

Set the Key Usage Extension flags (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)

Parameters
ctxCSR context to use
key_usagekey usage flags to set
Returns
0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
Here is the call graph for this function:

◆ mbedtls_x509write_csr_set_md_alg()

void mbedtls_x509write_csr_set_md_alg ( mbedtls_x509write_csr ctx,
mbedtls_md_type_t  md_alg 
)

Set the MD algorithm to use for the signature (e.g. MBEDTLS_MD_SHA1)

Parameters
ctxCSR context to use
md_algMD algorithm to use

◆ mbedtls_x509write_csr_set_ns_cert_type()

int mbedtls_x509write_csr_set_ns_cert_type ( mbedtls_x509write_csr ctx,
unsigned char  ns_cert_type 
)

Set the Netscape Cert Type flags (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)

Parameters
ctxCSR context to use
ns_cert_typeNetscape Cert Type flags to set
Returns
0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
Here is the call graph for this function:

◆ mbedtls_x509write_csr_set_subject_name()

int mbedtls_x509write_csr_set_subject_name ( mbedtls_x509write_csr ctx,
const char *  subject_name 
)

Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g. "C=UK,O=ARM,CN=mbed TLS Server 1".

Parameters
ctxCSR context to use
subject_namesubject name to set
Returns
0 if subject name was parsed successfully, or a specific error code
Here is the call graph for this function: