Go to the source code of this file.
Classes |
struct | x509_algorithm_identifier |
struct | x509_certificate |
struct | x509_name |
Defines |
#define | X509_EXT_BASIC_CONSTRAINTS (1 << 0) |
#define | X509_EXT_ISSUER_ALT_NAME (1 << 4) |
#define | X509_EXT_KEY_USAGE (1 << 2) |
#define | X509_EXT_PATH_LEN_CONSTRAINT (1 << 1) |
#define | X509_EXT_SUBJECT_ALT_NAME (1 << 3) |
#define | X509_KEY_USAGE_CRL_SIGN (1 << 6) |
#define | X509_KEY_USAGE_DATA_ENCIPHERMENT (1 << 3) |
#define | X509_KEY_USAGE_DECIPHER_ONLY (1 << 8) |
#define | X509_KEY_USAGE_DIGITAL_SIGNATURE (1 << 0) |
#define | X509_KEY_USAGE_ENCIPHER_ONLY (1 << 7) |
#define | X509_KEY_USAGE_KEY_AGREEMENT (1 << 4) |
#define | X509_KEY_USAGE_KEY_CERT_SIGN (1 << 5) |
#define | X509_KEY_USAGE_KEY_ENCIPHERMENT (1 << 2) |
#define | X509_KEY_USAGE_NON_REPUDIATION (1 << 1) |
Enumerations |
enum | {
X509_VALIDATE_OK,
X509_VALIDATE_BAD_CERTIFICATE,
X509_VALIDATE_UNSUPPORTED_CERTIFICATE,
X509_VALIDATE_CERTIFICATE_REVOKED,
X509_VALIDATE_CERTIFICATE_EXPIRED,
X509_VALIDATE_CERTIFICATE_UNKNOWN,
X509_VALIDATE_UNKNOWN_CA
} |
Functions |
void | x509_certificate_chain_free (struct x509_certificate *cert) |
int | x509_certificate_chain_validate (struct x509_certificate *trusted, struct x509_certificate *chain, int *reason) |
int | x509_certificate_check_signature (struct x509_certificate *issuer, struct x509_certificate *cert) |
void | x509_certificate_free (struct x509_certificate *cert) |
struct x509_certificate * | x509_certificate_get_subject (struct x509_certificate *chain, struct x509_name *name) |
struct x509_certificate * | x509_certificate_parse (const u8 *buf, size_t len) |
int | x509_certificate_self_signed (struct x509_certificate *cert) |
int | x509_name_compare (struct x509_name *a, struct x509_name *b) |
void | x509_name_string (struct x509_name *name, char *buf, size_t len) |
Define Documentation
Enumeration Type Documentation
- Enumerator:
X509_VALIDATE_OK |
|
X509_VALIDATE_BAD_CERTIFICATE |
|
X509_VALIDATE_UNSUPPORTED_CERTIFICATE |
|
X509_VALIDATE_CERTIFICATE_REVOKED |
|
X509_VALIDATE_CERTIFICATE_EXPIRED |
|
X509_VALIDATE_CERTIFICATE_UNKNOWN |
|
X509_VALIDATE_UNKNOWN_CA |
|
Definition at line 92 of file x509v3.h.
Function Documentation
x509_certificate_free - Free an X.509 certificate chain : Pointer to the first certificate in the chain
Definition at line 71 of file x509v3.c.
x509_certificate_chain_validate - Validate X.509 certificate chain : List of trusted certificates : Certificate chain to be validated (first chain must be issued by signed by the second certificate in the chain and so on) : Buffer for returning failure reason (X509_VALIDATE_*) Returns: 0 if chain is valid, -1 if not
Definition at line 1813 of file x509v3.c.
x509_certificate_check_signature - Verify certificate signature : Issuer certificate : Certificate to be verified Returns: 0 if cert has a valid signature that was signed by the issuer, -1 if not
Definition at line 1565 of file x509v3.c.
x509_certificate_free - Free an X.509 certificate : Certificate to be freed
Definition at line 50 of file x509v3.c.
x509_certificate_parse - Parse a X.509 certificate in DER format : Pointer to the X.509 certificate in DER format : Buffer length Returns: Pointer to the parsed certificate or NULL on failure
Caller is responsible for freeing the returned certificate by calling x509_certificate_free().
Definition at line 1459 of file x509v3.c.
x509_certificate_self_signed - Is the certificate self-signed? : Certificate Returns: 1 if certificate is self-signed, 0 if not
Definition at line 1960 of file x509v3.c.
x509_name_compare - Compare X.509 certificate names : Certificate name : Certificate name Returns: <0, 0, or >0 based on whether a is less than, equal to, or greater than b
Definition at line 152 of file x509v3.c.