#include "asn1.h"

Include dependency graph for x509v3.h:

This graph shows which files directly or indirectly include this file:

Classes
struct	x509_algorithm_identifier
struct	x509_certificate
struct	x509_name
Defines
#define	X509_EXT_BASIC_CONSTRAINTS (1 << 0)
#define	X509_EXT_ISSUER_ALT_NAME (1 << 4)
#define	X509_EXT_KEY_USAGE (1 << 2)
#define	X509_EXT_PATH_LEN_CONSTRAINT (1 << 1)
#define	X509_EXT_SUBJECT_ALT_NAME (1 << 3)
#define	X509_KEY_USAGE_CRL_SIGN (1 << 6)
#define	X509_KEY_USAGE_DATA_ENCIPHERMENT (1 << 3)
#define	X509_KEY_USAGE_DECIPHER_ONLY (1 << 8)
#define	X509_KEY_USAGE_DIGITAL_SIGNATURE (1 << 0)
#define	X509_KEY_USAGE_ENCIPHER_ONLY (1 << 7)
#define	X509_KEY_USAGE_KEY_AGREEMENT (1 << 4)
#define	X509_KEY_USAGE_KEY_CERT_SIGN (1 << 5)
#define	X509_KEY_USAGE_KEY_ENCIPHERMENT (1 << 2)
#define	X509_KEY_USAGE_NON_REPUDIATION (1 << 1)
Enumerations
enum	{ X509_VALIDATE_OK, X509_VALIDATE_BAD_CERTIFICATE, X509_VALIDATE_UNSUPPORTED_CERTIFICATE, X509_VALIDATE_CERTIFICATE_REVOKED, X509_VALIDATE_CERTIFICATE_EXPIRED, X509_VALIDATE_CERTIFICATE_UNKNOWN, X509_VALIDATE_UNKNOWN_CA }
Functions
void	x509_certificate_chain_free (struct x509_certificate *cert)
int	x509_certificate_chain_validate (struct x509_certificate trusted, struct x509_certificate chain, int *reason)
int	x509_certificate_check_signature (struct x509_certificate issuer, struct x509_certificate cert)
void	x509_certificate_free (struct x509_certificate *cert)
struct x509_certificate *	x509_certificate_get_subject (struct x509_certificate chain, struct x509_name name)
struct x509_certificate *	x509_certificate_parse (const u8 *buf, size_t len)
int	x509_certificate_self_signed (struct x509_certificate *cert)
int	x509_name_compare (struct x509_name a, struct x509_name b)
void	x509_name_string (struct x509_name name, char buf, size_t len)

Define Documentation

#define X509_EXT_BASIC_CONSTRAINTS (1 << 0)

Definition at line 60 of file x509v3.h.

#define X509_EXT_ISSUER_ALT_NAME (1 << 4)

Definition at line 64 of file x509v3.h.

#define X509_EXT_KEY_USAGE (1 << 2)

Definition at line 62 of file x509v3.h.

#define X509_EXT_PATH_LEN_CONSTRAINT (1 << 1)

Definition at line 61 of file x509v3.h.

#define X509_EXT_SUBJECT_ALT_NAME (1 << 3)

Definition at line 63 of file x509v3.h.

#define X509_KEY_USAGE_CRL_SIGN (1 << 6)

Definition at line 78 of file x509v3.h.

#define X509_KEY_USAGE_DATA_ENCIPHERMENT (1 << 3)

Definition at line 75 of file x509v3.h.

#define X509_KEY_USAGE_DECIPHER_ONLY (1 << 8)

Definition at line 80 of file x509v3.h.

#define X509_KEY_USAGE_DIGITAL_SIGNATURE (1 << 0)

Definition at line 72 of file x509v3.h.

#define X509_KEY_USAGE_ENCIPHER_ONLY (1 << 7)

Definition at line 79 of file x509v3.h.

#define X509_KEY_USAGE_KEY_AGREEMENT (1 << 4)

Definition at line 76 of file x509v3.h.

#define X509_KEY_USAGE_KEY_CERT_SIGN (1 << 5)

Definition at line 77 of file x509v3.h.

#define X509_KEY_USAGE_KEY_ENCIPHERMENT (1 << 2)

Definition at line 74 of file x509v3.h.

#define X509_KEY_USAGE_NON_REPUDIATION (1 << 1)

Definition at line 73 of file x509v3.h.

Enumeration Type Documentation

anonymous enum

Enumerator:

X509_VALIDATE_OK
X509_VALIDATE_BAD_CERTIFICATE
X509_VALIDATE_UNSUPPORTED_CERTIFICATE
X509_VALIDATE_CERTIFICATE_REVOKED
X509_VALIDATE_CERTIFICATE_EXPIRED
X509_VALIDATE_CERTIFICATE_UNKNOWN
X509_VALIDATE_UNKNOWN_CA

Definition at line 92 of file x509v3.h.

Function Documentation

void x509_certificate_chain_free ( struct x509_certificate * cert )

x509_certificate_free - Free an X.509 certificate chain : Pointer to the first certificate in the chain

Definition at line 71 of file x509v3.c.

int x509_certificate_chain_validate	(	struct x509_certificate *	trusted,
		struct x509_certificate *	chain,
		int *	reason
	)

x509_certificate_chain_validate - Validate X.509 certificate chain : List of trusted certificates : Certificate chain to be validated (first chain must be issued by signed by the second certificate in the chain and so on) : Buffer for returning failure reason (X509_VALIDATE_*) Returns: 0 if chain is valid, -1 if not

Definition at line 1813 of file x509v3.c.

int x509_certificate_check_signature	(	struct x509_certificate *	issuer,
		struct x509_certificate *	cert
	)

x509_certificate_check_signature - Verify certificate signature : Issuer certificate : Certificate to be verified Returns: 0 if cert has a valid signature that was signed by the issuer, -1 if not

Definition at line 1565 of file x509v3.c.

void x509_certificate_free ( struct x509_certificate * cert )

x509_certificate_free - Free an X.509 certificate : Certificate to be freed

Definition at line 50 of file x509v3.c.

struct x509_certificate* x509_certificate_get_subject	(	struct x509_certificate *	chain,
		struct x509_name *	name
	)		`[read]`

Definition at line 1942 of file x509v3.c.

struct x509_certificate* x509_certificate_parse	(	const u8 *	buf,
		size_t	len
	)		`[read]`

x509_certificate_parse - Parse a X.509 certificate in DER format : Pointer to the X.509 certificate in DER format : Buffer length Returns: Pointer to the parsed certificate or NULL on failure

Caller is responsible for freeing the returned certificate by calling x509_certificate_free().

Definition at line 1459 of file x509v3.c.

int x509_certificate_self_signed ( struct x509_certificate * cert )

x509_certificate_self_signed - Is the certificate self-signed? : Certificate Returns: 1 if certificate is self-signed, 0 if not

Definition at line 1960 of file x509v3.c.

int x509_name_compare	(	struct x509_name *	a,
		struct x509_name *	b
	)

x509_name_compare - Compare X.509 certificate names : Certificate name : Certificate name Returns: <0, 0, or >0 based on whether a is less than, equal to, or greater than b

Definition at line 152 of file x509v3.c.

void x509_name_string	(	struct x509_name *	name,
		char *	buf,
		size_t	len
	)

Definition at line 459 of file x509v3.c.

Classes

Defines

Enumerations

Functions

Define Documentation

Enumeration Type Documentation

Function Documentation