#include "mbedtls/config.h"
#include "mbedtls/x509_csr.h"
#include "mbedtls/oid.h"
#include "mbedtls/asn1write.h"
#include <string.h>
#include <stdlib.h>
#include "mbedtls/pem.h"
#include "arc4_alt.h"

Include dependency graph for x509write_csr.c:

Macros
#define	PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"

#define	PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"

Functions
void	mbedtls_x509write_csr_init (mbedtls_x509write_csr *ctx)
	Initialize a CSR context. More...

void	mbedtls_x509write_csr_free (mbedtls_x509write_csr *ctx)
	Free the contents of a CSR context. More...

void	mbedtls_x509write_csr_set_md_alg (mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg)
	Set the MD algorithm to use for the signature (e.g. MBEDTLS_MD_SHA1) More...

void	mbedtls_x509write_csr_set_key (mbedtls_x509write_csr ctx, mbedtls_pk_context key)
	Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it) More...

int	mbedtls_x509write_csr_set_subject_name (mbedtls_x509write_csr ctx, const char subject_name)
	Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g. "C=UK,O=ARM,CN=mbed TLS Server 1". More...

int	mbedtls_x509write_csr_set_extension (mbedtls_x509write_csr ctx, const char oid, size_t oid_len, const unsigned char *val, size_t val_len)
	Generic function to add to or replace an extension in the CSR. More...

int	mbedtls_x509write_csr_set_key_usage (mbedtls_x509write_csr *ctx, unsigned char key_usage)
	Set the Key Usage Extension flags (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE \| MBEDTLS_X509_KU_KEY_CERT_SIGN) More...

int	mbedtls_x509write_csr_set_ns_cert_type (mbedtls_x509write_csr *ctx, unsigned char ns_cert_type)
	Set the Netscape Cert Type flags (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT \| MBEDTLS_X509_NS_CERT_TYPE_EMAIL) More...

int	mbedtls_x509write_csr_der (mbedtls_x509write_csr ctx, unsigned char buf, size_t size, int(f_rng)(void , unsigned char , size_t), void p_rng)
	Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer. More...

int	mbedtls_x509write_csr_pem (mbedtls_x509write_csr ctx, unsigned char buf, size_t size, int(f_rng)(void , unsigned char , size_t), void p_rng)
	Write a CSR (Certificate Signing Request) to a PEM string. More...

Macro Definition Documentation

◆ PEM_BEGIN_CSR

#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"

◆ PEM_END_CSR

#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"

Function Documentation

◆ mbedtls_x509write_csr_der()

int mbedtls_x509write_csr_der	(	mbedtls_x509write_csr *	ctx,
		unsigned char *	buf,
		size_t	size,
		int()(void , unsigned char *, size_t)	f_rng,
		void *	p_rng
	)

Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.

Parameters

ctx	CSR to write away
buf	buffer to write to
size	size of the buffer
f_rng	RNG function (for signature, see note)
p_rng	RNG parameter

Returns: length of data written if successful, or a specific error code

Note: f_rng may be NULL if RSA is used for signature and the signature is made offline (otherwise f_rng is desirable for countermeasures against timing attacks). ECDSA signatures always require a non-NULL f_rng.

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_x509write_csr_free()

void mbedtls_x509write_csr_free ( mbedtls_x509write_csr * ctx )

Free the contents of a CSR context.

Parameters

ctx	CSR context to free

Here is the call graph for this function:

◆ mbedtls_x509write_csr_init()

void mbedtls_x509write_csr_init ( mbedtls_x509write_csr * ctx )

Initialize a CSR context.

Parameters

ctx	CSR context to initialize

Here is the call graph for this function:

◆ mbedtls_x509write_csr_pem()

int mbedtls_x509write_csr_pem	(	mbedtls_x509write_csr *	ctx,
		unsigned char *	buf,
		size_t	size,
		int()(void , unsigned char *, size_t)	f_rng,
		void *	p_rng
	)

Write a CSR (Certificate Signing Request) to a PEM string.

Parameters

ctx	CSR to write away
buf	buffer to write to
size	size of the buffer
f_rng	RNG function (for signature, see note)
p_rng	RNG parameter

Returns: 0 if successful, or a specific error code

Note: f_rng may be NULL if RSA is used for signature and the signature is made offline (otherwise f_rng is desirable for countermeasures against timing attacks). ECDSA signatures always require a non-NULL f_rng.

Here is the call graph for this function:

◆ mbedtls_x509write_csr_set_extension()

int mbedtls_x509write_csr_set_extension	(	mbedtls_x509write_csr *	ctx,
		const char *	oid,
		size_t	oid_len,
		const unsigned char *	val,
		size_t	val_len
	)

Generic function to add to or replace an extension in the CSR.

Parameters

ctx	CSR context to use
oid	OID of the extension
oid_len	length of the OID
val	value of the extension OCTET STRING
val_len	length of the value data

Returns: 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_x509write_csr_set_key()

void mbedtls_x509write_csr_set_key	(	mbedtls_x509write_csr *	ctx,
		mbedtls_pk_context *	key
	)

Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it)

Parameters

ctx	CSR context to use
key	Asymetric key to include

◆ mbedtls_x509write_csr_set_key_usage()

int mbedtls_x509write_csr_set_key_usage	(	mbedtls_x509write_csr *	ctx,
		unsigned char	key_usage
	)

Set the Key Usage Extension flags (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)

Parameters

ctx	CSR context to use
key_usage	key usage flags to set

Returns: 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED

Here is the call graph for this function:

◆ mbedtls_x509write_csr_set_md_alg()

void mbedtls_x509write_csr_set_md_alg	(	mbedtls_x509write_csr *	ctx,
		mbedtls_md_type_t	md_alg
	)

Set the MD algorithm to use for the signature (e.g. MBEDTLS_MD_SHA1)

Parameters

ctx	CSR context to use
md_alg	MD algorithm to use

◆ mbedtls_x509write_csr_set_ns_cert_type()

int mbedtls_x509write_csr_set_ns_cert_type	(	mbedtls_x509write_csr *	ctx,
		unsigned char	ns_cert_type
	)

Set the Netscape Cert Type flags (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)

Parameters

ctx	CSR context to use
ns_cert_type	Netscape Cert Type flags to set

Returns: 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED

Here is the call graph for this function:

◆ mbedtls_x509write_csr_set_subject_name()

int mbedtls_x509write_csr_set_subject_name	(	mbedtls_x509write_csr *	ctx,
		const char *	subject_name
	)

Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g. "C=UK,O=ARM,CN=mbed TLS Server 1".

Parameters

ctx	CSR context to use
subject_name	subject name to set

Returns: 0 if subject name was parsed successfully, or a specific error code

Here is the call graph for this function:

Macros

Functions

Macro Definition Documentation

◆ PEM_BEGIN_CSR

◆ PEM_END_CSR

Function Documentation

◆ mbedtls_x509write_csr_der()

◆ mbedtls_x509write_csr_free()

◆ mbedtls_x509write_csr_init()

◆ mbedtls_x509write_csr_pem()

◆ mbedtls_x509write_csr_set_extension()

◆ mbedtls_x509write_csr_set_key()

◆ mbedtls_x509write_csr_set_key_usage()

◆ mbedtls_x509write_csr_set_md_alg()

◆ mbedtls_x509write_csr_set_ns_cert_type()

◆ mbedtls_x509write_csr_set_subject_name()