<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/> <meta http-equiv="X-UA-Compatible" content="IE=9"/> <meta name="generator" content="Doxygen 1.8.5"/> <title>PolarSSL v1.3.8: X.509 module</title> <link href="tabs.css" rel="stylesheet" type="text/css"/> <script type="text/javascript" src="jquery.js"></script> <script type="text/javascript" src="dynsections.js"></script> <link href="doxygen.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="top"><!-- do not remove this div, it is closed by doxygen! --> <div id="titlearea"> <table cellspacing="0" cellpadding="0"> <tbody> <tr style="height: 56px;"> <td style="padding-left: 0.5em;"> <div id="projectname">PolarSSL v1.3.8 </div> </td> </tr> </tbody> </table> </div> <!-- end header part --> <!-- Generated by Doxygen 1.8.5 --> <div id="navrow1" class="tabs"> <ul class="tablist"> <li><a href="index.html"><span>Main Page</span></a></li> <li><a href="modules.html"><span>Modules</span></a></li> <li><a href="annotated.html"><span>Data Structures</span></a></li> <li><a href="files.html"><span>Files</span></a></li> </ul> </div> </div><!-- top --> <div class="header"> <div class="summary"> <a href="#nested-classes">Data Structures</a> | <a href="#func-members">Functions</a> </div> <div class="headertitle"> <div class="title">X.509 module</div> </div> </div><!--header--> <div class="contents"> <p>The X.509 module provides X.509 support which includes: <a href="#details">More...</a></p> <table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="nested-classes"></a> Data Structures</h2></td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="struct__x509__time.html">_x509_time</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Container for date and time (precision in seconds). <a href="struct__x509__time.html#details">More...</a><br/></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="struct__x509__crl__entry.html">_x509_crl_entry</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Certificate revocation list entry. <a href="struct__x509__crl__entry.html#details">More...</a><br/></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="struct__x509__crl.html">_x509_crl</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Certificate revocation list structure. <a href="struct__x509__crl.html#details">More...</a><br/></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="struct__x509__crt.html">_x509_crt</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Container for an X.509 certificate. <a href="struct__x509__crt.html#details">More...</a><br/></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="struct__x509write__cert.html">_x509write_cert</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Container for writing a certificate (CRT) <a href="struct__x509write__cert.html#details">More...</a><br/></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="struct__x509__csr.html">_x509_csr</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Certificate Signing Request (CSR) structure. <a href="struct__x509__csr.html#details">More...</a><br/></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="struct__x509write__csr.html">_x509write_csr</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Container for writing a CSR. <a href="struct__x509write__csr.html#details">More...</a><br/></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a> Functions</h2></td></tr> <tr class="memitem:ga99888623ed4f805c0e58b705a534c8e5"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga99888623ed4f805c0e58b705a534c8e5">dhm_parse_dhm</a> (<a class="el" href="structdhm__context.html">dhm_context</a> *dhm, const unsigned char *dhmin, size_t dhminlen)</td></tr> <tr class="memdesc:ga99888623ed4f805c0e58b705a534c8e5"><td class="mdescLeft"> </td><td class="mdescRight">Parse DHM parameters. <a href="#ga99888623ed4f805c0e58b705a534c8e5">More...</a><br/></td></tr> <tr class="separator:ga99888623ed4f805c0e58b705a534c8e5"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gab51d126333172f165a67ac6f5dd2a910"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gab51d126333172f165a67ac6f5dd2a910">dhm_parse_dhmfile</a> (<a class="el" href="structdhm__context.html">dhm_context</a> *dhm, const char *path)</td></tr> <tr class="memdesc:gab51d126333172f165a67ac6f5dd2a910"><td class="mdescLeft"> </td><td class="mdescRight">Load and parse DHM parameters. <a href="#gab51d126333172f165a67ac6f5dd2a910">More...</a><br/></td></tr> <tr class="separator:gab51d126333172f165a67ac6f5dd2a910"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> X509 Error codes</h2></td></tr> <tr class="memitem:gaa1ff85472d1f06bac7aadef70dbc404f"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaa1ff85472d1f06bac7aadef70dbc404f">POLARSSL_ERR_X509_FEATURE_UNAVAILABLE</a>   -0x2080</td></tr> <tr class="memdesc:gaa1ff85472d1f06bac7aadef70dbc404f"><td class="mdescLeft"> </td><td class="mdescRight">Unavailable feature, e.g. <a href="#gaa1ff85472d1f06bac7aadef70dbc404f">More...</a><br/></td></tr> <tr class="separator:gaa1ff85472d1f06bac7aadef70dbc404f"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga55c4c1d62914da0514be0e48c02a91f6"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga55c4c1d62914da0514be0e48c02a91f6">POLARSSL_ERR_X509_UNKNOWN_OID</a>   -0x2100</td></tr> <tr class="memdesc:ga55c4c1d62914da0514be0e48c02a91f6"><td class="mdescLeft"> </td><td class="mdescRight">Requested OID is unknown. <a href="#ga55c4c1d62914da0514be0e48c02a91f6">More...</a><br/></td></tr> <tr class="separator:ga55c4c1d62914da0514be0e48c02a91f6"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gabbb0baf5d3e9281b059e3177138f4eaf"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gabbb0baf5d3e9281b059e3177138f4eaf">POLARSSL_ERR_X509_INVALID_FORMAT</a>   -0x2180</td></tr> <tr class="memdesc:gabbb0baf5d3e9281b059e3177138f4eaf"><td class="mdescLeft"> </td><td class="mdescRight">The CRT/CRL/CSR format is invalid, e.g. <a href="#gabbb0baf5d3e9281b059e3177138f4eaf">More...</a><br/></td></tr> <tr class="separator:gabbb0baf5d3e9281b059e3177138f4eaf"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga7fb5d1b9bb950f41cf57a6e156a318ff"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga7fb5d1b9bb950f41cf57a6e156a318ff">POLARSSL_ERR_X509_INVALID_VERSION</a>   -0x2200</td></tr> <tr class="memdesc:ga7fb5d1b9bb950f41cf57a6e156a318ff"><td class="mdescLeft"> </td><td class="mdescRight">The CRT/CRL/CSR version element is invalid. <a href="#ga7fb5d1b9bb950f41cf57a6e156a318ff">More...</a><br/></td></tr> <tr class="separator:ga7fb5d1b9bb950f41cf57a6e156a318ff"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga5dfc778ab9a1d46f8c31296050fb0e84"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga5dfc778ab9a1d46f8c31296050fb0e84">POLARSSL_ERR_X509_INVALID_SERIAL</a>   -0x2280</td></tr> <tr class="memdesc:ga5dfc778ab9a1d46f8c31296050fb0e84"><td class="mdescLeft"> </td><td class="mdescRight">The serial tag or value is invalid. <a href="#ga5dfc778ab9a1d46f8c31296050fb0e84">More...</a><br/></td></tr> <tr class="separator:ga5dfc778ab9a1d46f8c31296050fb0e84"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gac2a509391d78d52ac972979a8c149aaa"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gac2a509391d78d52ac972979a8c149aaa">POLARSSL_ERR_X509_INVALID_ALG</a>   -0x2300</td></tr> <tr class="memdesc:gac2a509391d78d52ac972979a8c149aaa"><td class="mdescLeft"> </td><td class="mdescRight">The algorithm tag or value is invalid. <a href="#gac2a509391d78d52ac972979a8c149aaa">More...</a><br/></td></tr> <tr class="separator:gac2a509391d78d52ac972979a8c149aaa"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga3cf47af101f614432b19192a7a239fe3"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga3cf47af101f614432b19192a7a239fe3">POLARSSL_ERR_X509_INVALID_NAME</a>   -0x2380</td></tr> <tr class="memdesc:ga3cf47af101f614432b19192a7a239fe3"><td class="mdescLeft"> </td><td class="mdescRight">The name tag or value is invalid. <a href="#ga3cf47af101f614432b19192a7a239fe3">More...</a><br/></td></tr> <tr class="separator:ga3cf47af101f614432b19192a7a239fe3"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga4c0033b4b5ea413f79b133b9172d967b"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga4c0033b4b5ea413f79b133b9172d967b">POLARSSL_ERR_X509_INVALID_DATE</a>   -0x2400</td></tr> <tr class="memdesc:ga4c0033b4b5ea413f79b133b9172d967b"><td class="mdescLeft"> </td><td class="mdescRight">The date tag or value is invalid. <a href="#ga4c0033b4b5ea413f79b133b9172d967b">More...</a><br/></td></tr> <tr class="separator:ga4c0033b4b5ea413f79b133b9172d967b"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga56da6070740e4f0e102fd473dbe54b8c"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga56da6070740e4f0e102fd473dbe54b8c">POLARSSL_ERR_X509_INVALID_SIGNATURE</a>   -0x2480</td></tr> <tr class="memdesc:ga56da6070740e4f0e102fd473dbe54b8c"><td class="mdescLeft"> </td><td class="mdescRight">The signature tag or value invalid. <a href="#ga56da6070740e4f0e102fd473dbe54b8c">More...</a><br/></td></tr> <tr class="separator:ga56da6070740e4f0e102fd473dbe54b8c"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaefb797397f3fc132f0d825b77b10ff47"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a>   -0x2500</td></tr> <tr class="memdesc:gaefb797397f3fc132f0d825b77b10ff47"><td class="mdescLeft"> </td><td class="mdescRight">The extension tag or value is invalid. <a href="#gaefb797397f3fc132f0d825b77b10ff47">More...</a><br/></td></tr> <tr class="separator:gaefb797397f3fc132f0d825b77b10ff47"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga04dc192b55781ef24910bd1dfa53e6f3"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga04dc192b55781ef24910bd1dfa53e6f3">POLARSSL_ERR_X509_UNKNOWN_VERSION</a>   -0x2580</td></tr> <tr class="memdesc:ga04dc192b55781ef24910bd1dfa53e6f3"><td class="mdescLeft"> </td><td class="mdescRight">CRT/CRL/CSR has an unsupported version number. <a href="#ga04dc192b55781ef24910bd1dfa53e6f3">More...</a><br/></td></tr> <tr class="separator:ga04dc192b55781ef24910bd1dfa53e6f3"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga87606217fba12ea921df66f51ad8c2e9"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga87606217fba12ea921df66f51ad8c2e9">POLARSSL_ERR_X509_UNKNOWN_SIG_ALG</a>   -0x2600</td></tr> <tr class="memdesc:ga87606217fba12ea921df66f51ad8c2e9"><td class="mdescLeft"> </td><td class="mdescRight">Signature algorithm (oid) is unsupported. <a href="#ga87606217fba12ea921df66f51ad8c2e9">More...</a><br/></td></tr> <tr class="separator:ga87606217fba12ea921df66f51ad8c2e9"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gac00b6c62043eca7ddf8809888961454b"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gac00b6c62043eca7ddf8809888961454b">POLARSSL_ERR_X509_SIG_MISMATCH</a>   -0x2680</td></tr> <tr class="memdesc:gac00b6c62043eca7ddf8809888961454b"><td class="mdescLeft"> </td><td class="mdescRight">Signature algorithms do not match. <a href="#gac00b6c62043eca7ddf8809888961454b">More...</a><br/></td></tr> <tr class="separator:gac00b6c62043eca7ddf8809888961454b"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga2712a2708993f706e6c3f3716ec1f275"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga2712a2708993f706e6c3f3716ec1f275">POLARSSL_ERR_X509_CERT_VERIFY_FAILED</a>   -0x2700</td></tr> <tr class="memdesc:ga2712a2708993f706e6c3f3716ec1f275"><td class="mdescLeft"> </td><td class="mdescRight">Certificate verification failed, e.g. <a href="#ga2712a2708993f706e6c3f3716ec1f275">More...</a><br/></td></tr> <tr class="separator:ga2712a2708993f706e6c3f3716ec1f275"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga2a86f0efb25d083307eadf96585d4222"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga2a86f0efb25d083307eadf96585d4222">POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT</a>   -0x2780</td></tr> <tr class="memdesc:ga2a86f0efb25d083307eadf96585d4222"><td class="mdescLeft"> </td><td class="mdescRight">Format not recognized as DER or PEM. <a href="#ga2a86f0efb25d083307eadf96585d4222">More...</a><br/></td></tr> <tr class="separator:ga2a86f0efb25d083307eadf96585d4222"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga59ea8fbabf8eae3f006824230bc27d6c"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga59ea8fbabf8eae3f006824230bc27d6c">POLARSSL_ERR_X509_BAD_INPUT_DATA</a>   -0x2800</td></tr> <tr class="memdesc:ga59ea8fbabf8eae3f006824230bc27d6c"><td class="mdescLeft"> </td><td class="mdescRight">Input invalid. <a href="#ga59ea8fbabf8eae3f006824230bc27d6c">More...</a><br/></td></tr> <tr class="separator:ga59ea8fbabf8eae3f006824230bc27d6c"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga60a90a6a7f6ee7a23c186d6870d8e4c8"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga60a90a6a7f6ee7a23c186d6870d8e4c8">POLARSSL_ERR_X509_MALLOC_FAILED</a>   -0x2880</td></tr> <tr class="memdesc:ga60a90a6a7f6ee7a23c186d6870d8e4c8"><td class="mdescLeft"> </td><td class="mdescRight">Allocation of memory failed. <a href="#ga60a90a6a7f6ee7a23c186d6870d8e4c8">More...</a><br/></td></tr> <tr class="separator:ga60a90a6a7f6ee7a23c186d6870d8e4c8"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga87e65fdadeba914a5555ef09ab35c48b"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga87e65fdadeba914a5555ef09ab35c48b">POLARSSL_ERR_X509_FILE_IO_ERROR</a>   -0x2900</td></tr> <tr class="memdesc:ga87e65fdadeba914a5555ef09ab35c48b"><td class="mdescLeft"> </td><td class="mdescRight">Read/write of file failed. <a href="#ga87e65fdadeba914a5555ef09ab35c48b">More...</a><br/></td></tr> <tr class="separator:ga87e65fdadeba914a5555ef09ab35c48b"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> X509 Verify codes</h2></td></tr> <tr class="memitem:ga64e936014215ef18f026ff101b6f8369"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga64e936014215ef18f026ff101b6f8369">BADCERT_EXPIRED</a>   0x01</td></tr> <tr class="memdesc:ga64e936014215ef18f026ff101b6f8369"><td class="mdescLeft"> </td><td class="mdescRight">The certificate validity has expired. <a href="#ga64e936014215ef18f026ff101b6f8369">More...</a><br/></td></tr> <tr class="separator:ga64e936014215ef18f026ff101b6f8369"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga4ecb1ad0da0f9d6bb0017e091ea4ee2a"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga4ecb1ad0da0f9d6bb0017e091ea4ee2a">BADCERT_REVOKED</a>   0x02</td></tr> <tr class="memdesc:ga4ecb1ad0da0f9d6bb0017e091ea4ee2a"><td class="mdescLeft"> </td><td class="mdescRight">The certificate has been revoked (is on a CRL). <a href="#ga4ecb1ad0da0f9d6bb0017e091ea4ee2a">More...</a><br/></td></tr> <tr class="separator:ga4ecb1ad0da0f9d6bb0017e091ea4ee2a"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gacfafc04b8cd60bd1819cf41bc78a24de"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gacfafc04b8cd60bd1819cf41bc78a24de">BADCERT_CN_MISMATCH</a>   0x04</td></tr> <tr class="memdesc:gacfafc04b8cd60bd1819cf41bc78a24de"><td class="mdescLeft"> </td><td class="mdescRight">The certificate Common Name (CN) does not match with the expected CN. <a href="#gacfafc04b8cd60bd1819cf41bc78a24de">More...</a><br/></td></tr> <tr class="separator:gacfafc04b8cd60bd1819cf41bc78a24de"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga71c9686585580f77964a3653e147ad0a"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga71c9686585580f77964a3653e147ad0a">BADCERT_NOT_TRUSTED</a>   0x08</td></tr> <tr class="memdesc:ga71c9686585580f77964a3653e147ad0a"><td class="mdescLeft"> </td><td class="mdescRight">The certificate is not correctly signed by the trusted CA. <a href="#ga71c9686585580f77964a3653e147ad0a">More...</a><br/></td></tr> <tr class="separator:ga71c9686585580f77964a3653e147ad0a"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad3e80bd3df035edaa81dcd44da586153"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad3e80bd3df035edaa81dcd44da586153">BADCRL_NOT_TRUSTED</a>   0x10</td></tr> <tr class="memdesc:gad3e80bd3df035edaa81dcd44da586153"><td class="mdescLeft"> </td><td class="mdescRight">CRL is not correctly signed by the trusted CA. <a href="#gad3e80bd3df035edaa81dcd44da586153">More...</a><br/></td></tr> <tr class="separator:gad3e80bd3df035edaa81dcd44da586153"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad5d4bfa3090cb468e734596094f39a1f"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad5d4bfa3090cb468e734596094f39a1f">BADCRL_EXPIRED</a>   0x20</td></tr> <tr class="memdesc:gad5d4bfa3090cb468e734596094f39a1f"><td class="mdescLeft"> </td><td class="mdescRight">CRL is expired. <a href="#gad5d4bfa3090cb468e734596094f39a1f">More...</a><br/></td></tr> <tr class="separator:gad5d4bfa3090cb468e734596094f39a1f"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga99f857088210c1d15a11039026830a0d"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga99f857088210c1d15a11039026830a0d">BADCERT_MISSING</a>   0x40</td></tr> <tr class="memdesc:ga99f857088210c1d15a11039026830a0d"><td class="mdescLeft"> </td><td class="mdescRight">Certificate was missing. <a href="#ga99f857088210c1d15a11039026830a0d">More...</a><br/></td></tr> <tr class="separator:ga99f857088210c1d15a11039026830a0d"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga70f5b5dce099c759ac5a49489587c385"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga70f5b5dce099c759ac5a49489587c385">BADCERT_SKIP_VERIFY</a>   0x80</td></tr> <tr class="memdesc:ga70f5b5dce099c759ac5a49489587c385"><td class="mdescLeft"> </td><td class="mdescRight">Certificate verification was skipped. <a href="#ga70f5b5dce099c759ac5a49489587c385">More...</a><br/></td></tr> <tr class="separator:ga70f5b5dce099c759ac5a49489587c385"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gabeaea946ef3512d85af10fd3f16b2b5f"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gabeaea946ef3512d85af10fd3f16b2b5f">BADCERT_OTHER</a>   0x0100</td></tr> <tr class="memdesc:gabeaea946ef3512d85af10fd3f16b2b5f"><td class="mdescLeft"> </td><td class="mdescRight">Other reason (can be used by verify callback) <a href="#gabeaea946ef3512d85af10fd3f16b2b5f">More...</a><br/></td></tr> <tr class="separator:gabeaea946ef3512d85af10fd3f16b2b5f"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga277aa22d31ad26e5256ec96e589bd5b9"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga277aa22d31ad26e5256ec96e589bd5b9">BADCERT_FUTURE</a>   0x0200</td></tr> <tr class="memdesc:ga277aa22d31ad26e5256ec96e589bd5b9"><td class="mdescLeft"> </td><td class="mdescRight">The certificate validity starts in the future. <a href="#ga277aa22d31ad26e5256ec96e589bd5b9">More...</a><br/></td></tr> <tr class="separator:ga277aa22d31ad26e5256ec96e589bd5b9"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga8dbe1ef936bb47a2f13759e7e4380be0"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga8dbe1ef936bb47a2f13759e7e4380be0">BADCRL_FUTURE</a>   0x0400</td></tr> <tr class="memdesc:ga8dbe1ef936bb47a2f13759e7e4380be0"><td class="mdescLeft"> </td><td class="mdescRight">The CRL is from the future. <a href="#ga8dbe1ef936bb47a2f13759e7e4380be0">More...</a><br/></td></tr> <tr class="separator:ga8dbe1ef936bb47a2f13759e7e4380be0"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Structures for parsing X.509 certificates, CRLs and CSRs</h2></td></tr> <tr class="memitem:ga4c222d5841d84a018a77b3f8419141fd"><td class="memItemLeft" align="right" valign="top">typedef <a class="el" href="asn1_8h.html#a494fbc8ee39d97c8118aa420070db04f">asn1_buf</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga4c222d5841d84a018a77b3f8419141fd">x509_buf</a></td></tr> <tr class="memdesc:ga4c222d5841d84a018a77b3f8419141fd"><td class="mdescLeft"> </td><td class="mdescRight">Type-length-value structure that allows for ASN1 using DER. <a href="#ga4c222d5841d84a018a77b3f8419141fd">More...</a><br/></td></tr> <tr class="separator:ga4c222d5841d84a018a77b3f8419141fd"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga937771cfbc29ed68fa7a1f000bdaada7"><td class="memItemLeft" align="right" valign="top">typedef <a class="el" href="asn1_8h.html#a087073ffe1db16e6e3fce23266513e6a">asn1_bitstring</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga937771cfbc29ed68fa7a1f000bdaada7">x509_bitstring</a></td></tr> <tr class="memdesc:ga937771cfbc29ed68fa7a1f000bdaada7"><td class="mdescLeft"> </td><td class="mdescRight">Container for ASN1 bit strings. <a href="#ga937771cfbc29ed68fa7a1f000bdaada7">More...</a><br/></td></tr> <tr class="separator:ga937771cfbc29ed68fa7a1f000bdaada7"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gae9790f007179523cf0a054090484e5bb"><td class="memItemLeft" align="right" valign="top">typedef <a class="el" href="asn1_8h.html#a4f35635976d2b59cc08444099ebcbd6a">asn1_named_data</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gae9790f007179523cf0a054090484e5bb">x509_name</a></td></tr> <tr class="memdesc:gae9790f007179523cf0a054090484e5bb"><td class="mdescLeft"> </td><td class="mdescRight">Container for ASN1 named information objects. <a href="#gae9790f007179523cf0a054090484e5bb">More...</a><br/></td></tr> <tr class="separator:gae9790f007179523cf0a054090484e5bb"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga5e8f63c6d3abf6955eb6190a19360fca"><td class="memItemLeft" align="right" valign="top">typedef <a class="el" href="asn1_8h.html#a6e1b233f294affd535a3102d7eb893e9">asn1_sequence</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga5e8f63c6d3abf6955eb6190a19360fca">x509_sequence</a></td></tr> <tr class="memdesc:ga5e8f63c6d3abf6955eb6190a19360fca"><td class="mdescLeft"> </td><td class="mdescRight">Container for a sequence of ASN.1 items. <a href="#ga5e8f63c6d3abf6955eb6190a19360fca">More...</a><br/></td></tr> <tr class="separator:ga5e8f63c6d3abf6955eb6190a19360fca"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga51a234c4cead82f9678485379c5de825"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="struct__x509__time.html">_x509_time</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga51a234c4cead82f9678485379c5de825">x509_time</a></td></tr> <tr class="memdesc:ga51a234c4cead82f9678485379c5de825"><td class="mdescLeft"> </td><td class="mdescRight">Container for date and time (precision in seconds). <a href="#ga51a234c4cead82f9678485379c5de825">More...</a><br/></td></tr> <tr class="separator:ga51a234c4cead82f9678485379c5de825"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Structures and functions for parsing CRLs</h2></td></tr> <tr class="memitem:gac14b30af3597cbaae63d9106f14d04e8"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="struct__x509__crl__entry.html">_x509_crl_entry</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gac14b30af3597cbaae63d9106f14d04e8">x509_crl_entry</a></td></tr> <tr class="memdesc:gac14b30af3597cbaae63d9106f14d04e8"><td class="mdescLeft"> </td><td class="mdescRight">Certificate revocation list entry. <a href="#gac14b30af3597cbaae63d9106f14d04e8">More...</a><br/></td></tr> <tr class="separator:gac14b30af3597cbaae63d9106f14d04e8"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga6d6714f926c6cc578e0f983aa6ddaf2a"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="struct__x509__crl.html">_x509_crl</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a></td></tr> <tr class="memdesc:ga6d6714f926c6cc578e0f983aa6ddaf2a"><td class="mdescLeft"> </td><td class="mdescRight">Certificate revocation list structure. <a href="#ga6d6714f926c6cc578e0f983aa6ddaf2a">More...</a><br/></td></tr> <tr class="separator:ga6d6714f926c6cc578e0f983aa6ddaf2a"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad4de6119c3dd9463f5a450bbe035e672"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad4de6119c3dd9463f5a450bbe035e672">x509_crl_parse</a> (<a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> *chain, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:gad4de6119c3dd9463f5a450bbe035e672"><td class="mdescLeft"> </td><td class="mdescRight">Parse one or more CRLs and add them to the chained list. <a href="#gad4de6119c3dd9463f5a450bbe035e672">More...</a><br/></td></tr> <tr class="separator:gad4de6119c3dd9463f5a450bbe035e672"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gabf60a1d6fba4c52835c3a7810974f969"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gabf60a1d6fba4c52835c3a7810974f969">x509_crl_parse_file</a> (<a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> *chain, const char *path)</td></tr> <tr class="memdesc:gabf60a1d6fba4c52835c3a7810974f969"><td class="mdescLeft"> </td><td class="mdescRight">Load one or more CRLs and add them to the chained list. <a href="#gabf60a1d6fba4c52835c3a7810974f969">More...</a><br/></td></tr> <tr class="separator:gabf60a1d6fba4c52835c3a7810974f969"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga1c0ed6b97aa4790f7be5c7da7abd30a1"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga1c0ed6b97aa4790f7be5c7da7abd30a1">x509_crl_info</a> (char *buf, size_t size, const char *prefix, const <a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> *crl)</td></tr> <tr class="memdesc:ga1c0ed6b97aa4790f7be5c7da7abd30a1"><td class="mdescLeft"> </td><td class="mdescRight">Returns an informational string about the CRL. <a href="#ga1c0ed6b97aa4790f7be5c7da7abd30a1">More...</a><br/></td></tr> <tr class="separator:ga1c0ed6b97aa4790f7be5c7da7abd30a1"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad9523a2a96d43fa61e12254f915368b9"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad9523a2a96d43fa61e12254f915368b9">x509_crl_init</a> (<a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> *crl)</td></tr> <tr class="memdesc:gad9523a2a96d43fa61e12254f915368b9"><td class="mdescLeft"> </td><td class="mdescRight">Initialize a CRL (chain) <a href="#gad9523a2a96d43fa61e12254f915368b9">More...</a><br/></td></tr> <tr class="separator:gad9523a2a96d43fa61e12254f915368b9"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga99ed152b33d41e55cd14a78c7dcf7bef"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga99ed152b33d41e55cd14a78c7dcf7bef">x509_crl_free</a> (<a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> *crl)</td></tr> <tr class="memdesc:ga99ed152b33d41e55cd14a78c7dcf7bef"><td class="mdescLeft"> </td><td class="mdescRight">Unallocate all CRL data. <a href="#ga99ed152b33d41e55cd14a78c7dcf7bef">More...</a><br/></td></tr> <tr class="separator:ga99ed152b33d41e55cd14a78c7dcf7bef"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Structures and functions for parsing and writing X.509 certificates</h2></td></tr> <tr class="memitem:gabc08a73588a59be2dd8943ebfc29ec9a"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="struct__x509__crt.html">_x509_crt</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a></td></tr> <tr class="memdesc:gabc08a73588a59be2dd8943ebfc29ec9a"><td class="mdescLeft"> </td><td class="mdescRight">Container for an X.509 certificate. <a href="#gabc08a73588a59be2dd8943ebfc29ec9a">More...</a><br/></td></tr> <tr class="separator:gabc08a73588a59be2dd8943ebfc29ec9a"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga5d89c77a8179fb09753045b8ce8f4076"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="struct__x509write__cert.html">_x509write_cert</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga5d89c77a8179fb09753045b8ce8f4076">x509write_cert</a></td></tr> <tr class="memdesc:ga5d89c77a8179fb09753045b8ce8f4076"><td class="mdescLeft"> </td><td class="mdescRight">Container for writing a certificate (CRT) <a href="#ga5d89c77a8179fb09753045b8ce8f4076">More...</a><br/></td></tr> <tr class="separator:ga5d89c77a8179fb09753045b8ce8f4076"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga2d8d1c87fa24f176a160041f11ad3c72"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga2d8d1c87fa24f176a160041f11ad3c72">x509_crt_parse_der</a> (<a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *chain, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:ga2d8d1c87fa24f176a160041f11ad3c72"><td class="mdescLeft"> </td><td class="mdescRight">Parse a single DER formatted certificate and add it to the chained list. <a href="#ga2d8d1c87fa24f176a160041f11ad3c72">More...</a><br/></td></tr> <tr class="separator:ga2d8d1c87fa24f176a160041f11ad3c72"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gafc724dee6827c47fed1eec64bb13727b"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gafc724dee6827c47fed1eec64bb13727b">x509_crt_parse</a> (<a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *chain, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:gafc724dee6827c47fed1eec64bb13727b"><td class="mdescLeft"> </td><td class="mdescRight">Parse one or more certificates and add them to the chained list. <a href="#gafc724dee6827c47fed1eec64bb13727b">More...</a><br/></td></tr> <tr class="separator:gafc724dee6827c47fed1eec64bb13727b"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga2f937df6c64b400210dbeb5ad26cc8c2"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga2f937df6c64b400210dbeb5ad26cc8c2">x509_crt_parse_file</a> (<a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *chain, const char *path)</td></tr> <tr class="memdesc:ga2f937df6c64b400210dbeb5ad26cc8c2"><td class="mdescLeft"> </td><td class="mdescRight">Load one or more certificates and add them to the chained list. <a href="#ga2f937df6c64b400210dbeb5ad26cc8c2">More...</a><br/></td></tr> <tr class="separator:ga2f937df6c64b400210dbeb5ad26cc8c2"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga34939a983156816784e3d1a64fe0bac9"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga34939a983156816784e3d1a64fe0bac9">x509_crt_parse_path</a> (<a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *chain, const char *path)</td></tr> <tr class="memdesc:ga34939a983156816784e3d1a64fe0bac9"><td class="mdescLeft"> </td><td class="mdescRight">Load one or more certificate files from a path and add them to the chained list. <a href="#ga34939a983156816784e3d1a64fe0bac9">More...</a><br/></td></tr> <tr class="separator:ga34939a983156816784e3d1a64fe0bac9"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga81299c99c393f6f58eff0471efb65ef7"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga81299c99c393f6f58eff0471efb65ef7">x509_crt_info</a> (char *buf, size_t size, const char *prefix, const <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *crt)</td></tr> <tr class="memdesc:ga81299c99c393f6f58eff0471efb65ef7"><td class="mdescLeft"> </td><td class="mdescRight">Returns an informational string about the certificate. <a href="#ga81299c99c393f6f58eff0471efb65ef7">More...</a><br/></td></tr> <tr class="separator:ga81299c99c393f6f58eff0471efb65ef7"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaceaeaa6cd00a5c20e71a9a11122d58df"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaceaeaa6cd00a5c20e71a9a11122d58df">x509_crt_verify</a> (<a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *crt, <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *trust_ca, <a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> *ca_crl, const char *cn, int *flags, int(*f_vrfy)(void *, <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *, int, int *), void *p_vrfy)</td></tr> <tr class="memdesc:gaceaeaa6cd00a5c20e71a9a11122d58df"><td class="mdescLeft"> </td><td class="mdescRight">Verify the certificate signature. <a href="#gaceaeaa6cd00a5c20e71a9a11122d58df">More...</a><br/></td></tr> <tr class="separator:gaceaeaa6cd00a5c20e71a9a11122d58df"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga166632ed129cf4900d1d911adaa8ae74"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga166632ed129cf4900d1d911adaa8ae74">x509_crt_check_key_usage</a> (const <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *crt, int usage)</td></tr> <tr class="memdesc:ga166632ed129cf4900d1d911adaa8ae74"><td class="mdescLeft"> </td><td class="mdescRight">Check usage of certificate against keyUsage extension. <a href="#ga166632ed129cf4900d1d911adaa8ae74">More...</a><br/></td></tr> <tr class="separator:ga166632ed129cf4900d1d911adaa8ae74"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad0a4670e68ac4ce67dd163907880b513"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad0a4670e68ac4ce67dd163907880b513">x509_crt_check_extended_key_usage</a> (const <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *crt, const char *usage_oid, size_t usage_len)</td></tr> <tr class="memdesc:gad0a4670e68ac4ce67dd163907880b513"><td class="mdescLeft"> </td><td class="mdescRight">Check usage of certificate against extentedJeyUsage. <a href="#gad0a4670e68ac4ce67dd163907880b513">More...</a><br/></td></tr> <tr class="separator:gad0a4670e68ac4ce67dd163907880b513"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga4479c58d8c7274c50d940d2ea2dfd765"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga4479c58d8c7274c50d940d2ea2dfd765">x509_crt_revoked</a> (const <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *crt, const <a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> *crl)</td></tr> <tr class="memdesc:ga4479c58d8c7274c50d940d2ea2dfd765"><td class="mdescLeft"> </td><td class="mdescRight">Verify the certificate revocation status. <a href="#ga4479c58d8c7274c50d940d2ea2dfd765">More...</a><br/></td></tr> <tr class="separator:ga4479c58d8c7274c50d940d2ea2dfd765"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga27ba872627e98561bd04b0fd3aca1297"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga27ba872627e98561bd04b0fd3aca1297">x509_crt_init</a> (<a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *crt)</td></tr> <tr class="memdesc:ga27ba872627e98561bd04b0fd3aca1297"><td class="mdescLeft"> </td><td class="mdescRight">Initialize a certificate (chain) <a href="#ga27ba872627e98561bd04b0fd3aca1297">More...</a><br/></td></tr> <tr class="separator:ga27ba872627e98561bd04b0fd3aca1297"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga63b4c873caf7b95bd4b081e476a60f1a"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a> (<a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *crt)</td></tr> <tr class="memdesc:ga63b4c873caf7b95bd4b081e476a60f1a"><td class="mdescLeft"> </td><td class="mdescRight">Unallocate all certificate data. <a href="#ga63b4c873caf7b95bd4b081e476a60f1a">More...</a><br/></td></tr> <tr class="separator:ga63b4c873caf7b95bd4b081e476a60f1a"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga803eb771dce23b32e873b94fa42ae3eb"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga803eb771dce23b32e873b94fa42ae3eb">X509_CRT_VERSION_1</a>   0</td></tr> <tr class="separator:ga803eb771dce23b32e873b94fa42ae3eb"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaff0395a0a007c3515967f958879926cf"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaff0395a0a007c3515967f958879926cf">X509_CRT_VERSION_2</a>   1</td></tr> <tr class="separator:gaff0395a0a007c3515967f958879926cf"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga5aa7c22740f9d1271b76fe9dffe5ce18"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga5aa7c22740f9d1271b76fe9dffe5ce18">X509_CRT_VERSION_3</a>   2</td></tr> <tr class="separator:ga5aa7c22740f9d1271b76fe9dffe5ce18"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga8099883128d3a26dc00e33814def210b"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga8099883128d3a26dc00e33814def210b">X509_RFC5280_MAX_SERIAL_LEN</a>   32</td></tr> <tr class="separator:ga8099883128d3a26dc00e33814def210b"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gabc0cae2aafa220212a00ae64dffa49b4"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gabc0cae2aafa220212a00ae64dffa49b4">X509_RFC5280_UTC_TIME_LEN</a>   15</td></tr> <tr class="separator:gabc0cae2aafa220212a00ae64dffa49b4"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Structures and functions for X.509 Certificate Signing Requests (CSR)</h2></td></tr> <tr class="memitem:ga26cdab1edd0bf60704e0b0b0817a0291"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="struct__x509__csr.html">_x509_csr</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a></td></tr> <tr class="memdesc:ga26cdab1edd0bf60704e0b0b0817a0291"><td class="mdescLeft"> </td><td class="mdescRight">Certificate Signing Request (CSR) structure. <a href="#ga26cdab1edd0bf60704e0b0b0817a0291">More...</a><br/></td></tr> <tr class="separator:ga26cdab1edd0bf60704e0b0b0817a0291"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga48c2716d9aacdd1b0b9e7b17c1e33aa2"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="struct__x509write__csr.html">_x509write_csr</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga48c2716d9aacdd1b0b9e7b17c1e33aa2">x509write_csr</a></td></tr> <tr class="memdesc:ga48c2716d9aacdd1b0b9e7b17c1e33aa2"><td class="mdescLeft"> </td><td class="mdescRight">Container for writing a CSR. <a href="#ga48c2716d9aacdd1b0b9e7b17c1e33aa2">More...</a><br/></td></tr> <tr class="separator:ga48c2716d9aacdd1b0b9e7b17c1e33aa2"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gac2678f50a8d832b3d71c071fb31c42b8"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gac2678f50a8d832b3d71c071fb31c42b8">x509_csr_parse_der</a> (<a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> *csr, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:gac2678f50a8d832b3d71c071fb31c42b8"><td class="mdescLeft"> </td><td class="mdescRight">Load a Certificate Signing Request (CSR) in DER format. <a href="#gac2678f50a8d832b3d71c071fb31c42b8">More...</a><br/></td></tr> <tr class="separator:gac2678f50a8d832b3d71c071fb31c42b8"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaf3f78c6f15ba595438f41ad06c7eb913"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaf3f78c6f15ba595438f41ad06c7eb913">x509_csr_parse</a> (<a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> *csr, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:gaf3f78c6f15ba595438f41ad06c7eb913"><td class="mdescLeft"> </td><td class="mdescRight">Load a Certificate Signing Request (CSR), DER or PEM format. <a href="#gaf3f78c6f15ba595438f41ad06c7eb913">More...</a><br/></td></tr> <tr class="separator:gaf3f78c6f15ba595438f41ad06c7eb913"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga9018bb8c7bf444c0b037d5f3ac120f37"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga9018bb8c7bf444c0b037d5f3ac120f37">x509_csr_parse_file</a> (<a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> *csr, const char *path)</td></tr> <tr class="memdesc:ga9018bb8c7bf444c0b037d5f3ac120f37"><td class="mdescLeft"> </td><td class="mdescRight">Load a Certificate Signing Request (CSR) <a href="#ga9018bb8c7bf444c0b037d5f3ac120f37">More...</a><br/></td></tr> <tr class="separator:ga9018bb8c7bf444c0b037d5f3ac120f37"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga1f152bf56415a2e28382e3b425844838"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga1f152bf56415a2e28382e3b425844838">x509_csr_info</a> (char *buf, size_t size, const char *prefix, const <a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> *csr)</td></tr> <tr class="memdesc:ga1f152bf56415a2e28382e3b425844838"><td class="mdescLeft"> </td><td class="mdescRight">Returns an informational string about the CSR. <a href="#ga1f152bf56415a2e28382e3b425844838">More...</a><br/></td></tr> <tr class="separator:ga1f152bf56415a2e28382e3b425844838"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaca04de43aa24a914d5c50112aec3dfe2"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaca04de43aa24a914d5c50112aec3dfe2">x509_csr_init</a> (<a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> *csr)</td></tr> <tr class="memdesc:gaca04de43aa24a914d5c50112aec3dfe2"><td class="mdescLeft"> </td><td class="mdescRight">Initialize a CSR. <a href="#gaca04de43aa24a914d5c50112aec3dfe2">More...</a><br/></td></tr> <tr class="separator:gaca04de43aa24a914d5c50112aec3dfe2"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga5ca4ec1c3051b481cb17c7fda14d6499"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga5ca4ec1c3051b481cb17c7fda14d6499">x509_csr_free</a> (<a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> *csr)</td></tr> <tr class="memdesc:ga5ca4ec1c3051b481cb17c7fda14d6499"><td class="mdescLeft"> </td><td class="mdescRight">Unallocate all CSR data. <a href="#ga5ca4ec1c3051b481cb17c7fda14d6499">More...</a><br/></td></tr> <tr class="separator:ga5ca4ec1c3051b481cb17c7fda14d6499"><td class="memSeparator" colspan="2"> </td></tr> </table> <a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2> <p>The X.509 module provides X.509 support which includes: </p> <ul> <li>X.509 certificate (CRT) reading (see <code><a class="el" href="compat-1_82_8h.html#a70b3229deb69f767e7ae0231075690b7">x509parse_crt()</a></code> and <code><a class="el" href="compat-1_82_8h.html#a48601801c56e34c247c52b3ca39e8bcb">x509parse_crtfile()</a></code>).</li> <li>X.509 certificate revocation list (CRL) reading (see <code><a class="el" href="compat-1_82_8h.html#a7da761c33c4c4f99afde1d0f62a6e6fb">x509parse_crl()</a></code> and<code><a class="el" href="compat-1_82_8h.html#ac4ba592ae83c5979c2f2628b6c4b1f47">x509parse_crlfile()</a></code>).</li> <li>X.509 (RSA and ECC) private key reading (see <code><a class="el" href="compat-1_82_8h.html#a4b24fc4d228c28e98ff8e2cd4ca97a77">x509parse_key()</a></code> and <code><a class="el" href="compat-1_82_8h.html#a5c8d14f73b6167dddb70076af7d511c3">x509parse_keyfile()</a></code>).</li> <li>X.509 certificate signature verification (see <code><a class="el" href="compat-1_82_8h.html#a09c96bf79195df763c48a3cfd0212f2b">x509parse_verify()</a></code>)</li> <li>X.509 certificate writing and certificate request writing (see <code><a class="el" href="x509__crt_8h.html#a7300897079a27c5fa424c9653081b286" title="Write a built up certificate to a X509 DER structure Note: data is written at the end of the buffer! ...">x509write_crt_der()</a></code> and <code><a class="el" href="x509__csr_8h.html#abd7a30a6b00b0b34ffa6792593eab737" title="Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the ...">x509write_csr_der()</a></code>).</li> </ul> <p>This module can be used to build a certificate authority (CA) chain and verify its signature. It is also used to generate Certificate Signing Requests and X509 certificates just as a CA would do. </p> <h2 class="groupheader">Macro Definition Documentation</h2> <a class="anchor" id="gacfafc04b8cd60bd1819cf41bc78a24de"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCERT_CN_MISMATCH   0x04</td> </tr> </table> </div><div class="memdoc"> <p>The certificate Common Name (CN) does not match with the expected CN. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00078">78</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga64e936014215ef18f026ff101b6f8369"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCERT_EXPIRED   0x01</td> </tr> </table> </div><div class="memdoc"> <p>The certificate validity has expired. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00076">76</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga277aa22d31ad26e5256ec96e589bd5b9"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCERT_FUTURE   0x0200</td> </tr> </table> </div><div class="memdoc"> <p>The certificate validity starts in the future. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00085">85</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga99f857088210c1d15a11039026830a0d"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCERT_MISSING   0x40</td> </tr> </table> </div><div class="memdoc"> <p>Certificate was missing. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00082">82</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga71c9686585580f77964a3653e147ad0a"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCERT_NOT_TRUSTED   0x08</td> </tr> </table> </div><div class="memdoc"> <p>The certificate is not correctly signed by the trusted CA. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00079">79</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="gabeaea946ef3512d85af10fd3f16b2b5f"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCERT_OTHER   0x0100</td> </tr> </table> </div><div class="memdoc"> <p>Other reason (can be used by verify callback) </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00084">84</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga4ecb1ad0da0f9d6bb0017e091ea4ee2a"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCERT_REVOKED   0x02</td> </tr> </table> </div><div class="memdoc"> <p>The certificate has been revoked (is on a CRL). </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00077">77</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga70f5b5dce099c759ac5a49489587c385"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCERT_SKIP_VERIFY   0x80</td> </tr> </table> </div><div class="memdoc"> <p>Certificate verification was skipped. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00083">83</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="gad5d4bfa3090cb468e734596094f39a1f"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCRL_EXPIRED   0x20</td> </tr> </table> </div><div class="memdoc"> <p>CRL is expired. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00081">81</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga8dbe1ef936bb47a2f13759e7e4380be0"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCRL_FUTURE   0x0400</td> </tr> </table> </div><div class="memdoc"> <p>The CRL is from the future. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00086">86</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="gad3e80bd3df035edaa81dcd44da586153"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define BADCRL_NOT_TRUSTED   0x10</td> </tr> </table> </div><div class="memdoc"> <p>CRL is not correctly signed by the trusted CA. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00080">80</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga59ea8fbabf8eae3f006824230bc27d6c"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_BAD_INPUT_DATA   -0x2800</td> </tr> </table> </div><div class="memdoc"> <p>Input invalid. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00067">67</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga2a86f0efb25d083307eadf96585d4222"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT   -0x2780</td> </tr> </table> </div><div class="memdoc"> <p>Format not recognized as DER or PEM. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00066">66</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga2712a2708993f706e6c3f3716ec1f275"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED   -0x2700</td> </tr> </table> </div><div class="memdoc"> <p>Certificate verification failed, e.g. </p> <p>CRL, CA or signature check failed. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00065">65</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="gaa1ff85472d1f06bac7aadef70dbc404f"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE   -0x2080</td> </tr> </table> </div><div class="memdoc"> <p>Unavailable feature, e.g. </p> <p>RSA hashing/encryption combination. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00052">52</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga87e65fdadeba914a5555ef09ab35c48b"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_FILE_IO_ERROR   -0x2900</td> </tr> </table> </div><div class="memdoc"> <p>Read/write of file failed. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00069">69</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="gac2a509391d78d52ac972979a8c149aaa"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_INVALID_ALG   -0x2300</td> </tr> </table> </div><div class="memdoc"> <p>The algorithm tag or value is invalid. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00057">57</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga4c0033b4b5ea413f79b133b9172d967b"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_INVALID_DATE   -0x2400</td> </tr> </table> </div><div class="memdoc"> <p>The date tag or value is invalid. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00059">59</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="gaefb797397f3fc132f0d825b77b10ff47"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_INVALID_EXTENSIONS   -0x2500</td> </tr> </table> </div><div class="memdoc"> <p>The extension tag or value is invalid. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00061">61</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="gabbb0baf5d3e9281b059e3177138f4eaf"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_INVALID_FORMAT   -0x2180</td> </tr> </table> </div><div class="memdoc"> <p>The CRT/CRL/CSR format is invalid, e.g. </p> <p>different type expected. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00054">54</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga3cf47af101f614432b19192a7a239fe3"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_INVALID_NAME   -0x2380</td> </tr> </table> </div><div class="memdoc"> <p>The name tag or value is invalid. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00058">58</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga5dfc778ab9a1d46f8c31296050fb0e84"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_INVALID_SERIAL   -0x2280</td> </tr> </table> </div><div class="memdoc"> <p>The serial tag or value is invalid. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00056">56</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga56da6070740e4f0e102fd473dbe54b8c"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_INVALID_SIGNATURE   -0x2480</td> </tr> </table> </div><div class="memdoc"> <p>The signature tag or value invalid. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00060">60</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga7fb5d1b9bb950f41cf57a6e156a318ff"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_INVALID_VERSION   -0x2200</td> </tr> </table> </div><div class="memdoc"> <p>The CRT/CRL/CSR version element is invalid. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00055">55</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga60a90a6a7f6ee7a23c186d6870d8e4c8"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_MALLOC_FAILED   -0x2880</td> </tr> </table> </div><div class="memdoc"> <p>Allocation of memory failed. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00068">68</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="gac00b6c62043eca7ddf8809888961454b"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_SIG_MISMATCH   -0x2680</td> </tr> </table> </div><div class="memdoc"> <p>Signature algorithms do not match. </p> <p>(see <code><a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a" title="Container for an X.509 certificate. ">x509_crt</a></code> sig_oid) </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00064">64</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga55c4c1d62914da0514be0e48c02a91f6"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_UNKNOWN_OID   -0x2100</td> </tr> </table> </div><div class="memdoc"> <p>Requested OID is unknown. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00053">53</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga87606217fba12ea921df66f51ad8c2e9"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG   -0x2600</td> </tr> </table> </div><div class="memdoc"> <p>Signature algorithm (oid) is unsupported. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00063">63</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga04dc192b55781ef24910bd1dfa53e6f3"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define POLARSSL_ERR_X509_UNKNOWN_VERSION   -0x2580</td> </tr> </table> </div><div class="memdoc"> <p>CRT/CRL/CSR has an unsupported version number. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00062">62</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga803eb771dce23b32e873b94fa42ae3eb"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define X509_CRT_VERSION_1   0</td> </tr> </table> </div><div class="memdoc"> <p>Definition at line <a class="el" href="x509__crt_8h_source.html#l00102">102</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <a class="anchor" id="gaff0395a0a007c3515967f958879926cf"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define X509_CRT_VERSION_2   1</td> </tr> </table> </div><div class="memdoc"> <p>Definition at line <a class="el" href="x509__crt_8h_source.html#l00103">103</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <a class="anchor" id="ga5aa7c22740f9d1271b76fe9dffe5ce18"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define X509_CRT_VERSION_3   2</td> </tr> </table> </div><div class="memdoc"> <p>Definition at line <a class="el" href="x509__crt_8h_source.html#l00104">104</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <a class="anchor" id="ga8099883128d3a26dc00e33814def210b"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define X509_RFC5280_MAX_SERIAL_LEN   32</td> </tr> </table> </div><div class="memdoc"> <p>Definition at line <a class="el" href="x509__crt_8h_source.html#l00106">106</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <a class="anchor" id="gabc0cae2aafa220212a00ae64dffa49b4"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define X509_RFC5280_UTC_TIME_LEN   15</td> </tr> </table> </div><div class="memdoc"> <p>Definition at line <a class="el" href="x509__crt_8h_source.html#l00107">107</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <h2 class="groupheader">Typedef Documentation</h2> <a class="anchor" id="ga937771cfbc29ed68fa7a1f000bdaada7"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef <a class="el" href="asn1_8h.html#a087073ffe1db16e6e3fce23266513e6a">asn1_bitstring</a> <a class="el" href="group__x509__module.html#ga937771cfbc29ed68fa7a1f000bdaada7">x509_bitstring</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for ASN1 bit strings. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00167">167</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga4c222d5841d84a018a77b3f8419141fd"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef <a class="el" href="asn1_8h.html#a494fbc8ee39d97c8118aa420070db04f">asn1_buf</a> <a class="el" href="group__x509__module.html#ga4c222d5841d84a018a77b3f8419141fd">x509_buf</a></td> </tr> </table> </div><div class="memdoc"> <p>Type-length-value structure that allows for ASN1 using DER. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00162">162</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga6d6714f926c6cc578e0f983aa6ddaf2a"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="struct__x509__crl.html">_x509_crl</a> <a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a></td> </tr> </table> </div><div class="memdoc"> <p>Certificate revocation list structure. </p> <p>Every CRL may have multiple entries. </p> </div> </div> <a class="anchor" id="gac14b30af3597cbaae63d9106f14d04e8"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="struct__x509__crl__entry.html">_x509_crl_entry</a> <a class="el" href="group__x509__module.html#gac14b30af3597cbaae63d9106f14d04e8">x509_crl_entry</a></td> </tr> </table> </div><div class="memdoc"> <p>Certificate revocation list entry. </p> <p>Contains the CA-specific serial numbers and revocation dates. </p> </div> </div> <a class="anchor" id="gabc08a73588a59be2dd8943ebfc29ec9a"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="struct__x509__crt.html">_x509_crt</a> <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for an X.509 certificate. </p> <p>The certificate may be chained. </p> </div> </div> <a class="anchor" id="ga26cdab1edd0bf60704e0b0b0817a0291"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="struct__x509__csr.html">_x509_csr</a> <a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a></td> </tr> </table> </div><div class="memdoc"> <p>Certificate Signing Request (CSR) structure. </p> </div> </div> <a class="anchor" id="gae9790f007179523cf0a054090484e5bb"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef <a class="el" href="asn1_8h.html#a4f35635976d2b59cc08444099ebcbd6a">asn1_named_data</a> <a class="el" href="group__x509__module.html#gae9790f007179523cf0a054090484e5bb">x509_name</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for ASN1 named information objects. </p> <p>It allows for Relative Distinguished Names (e.g. cn=polarssl,ou=code,etc.). </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00173">173</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga5e8f63c6d3abf6955eb6190a19360fca"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef <a class="el" href="asn1_8h.html#a6e1b233f294affd535a3102d7eb893e9">asn1_sequence</a> <a class="el" href="group__x509__module.html#ga5e8f63c6d3abf6955eb6190a19360fca">x509_sequence</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for a sequence of ASN.1 items. </p> <p>Definition at line <a class="el" href="x509_8h_source.html#l00178">178</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a class="anchor" id="ga51a234c4cead82f9678485379c5de825"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="struct__x509__time.html">_x509_time</a> <a class="el" href="group__x509__module.html#ga51a234c4cead82f9678485379c5de825">x509_time</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for date and time (precision in seconds). </p> </div> </div> <a class="anchor" id="ga5d89c77a8179fb09753045b8ce8f4076"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="struct__x509write__cert.html">_x509write_cert</a> <a class="el" href="group__x509__module.html#ga5d89c77a8179fb09753045b8ce8f4076">x509write_cert</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for writing a certificate (CRT) </p> </div> </div> <a class="anchor" id="ga48c2716d9aacdd1b0b9e7b17c1e33aa2"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="struct__x509write__csr.html">_x509write_csr</a> <a class="el" href="group__x509__module.html#ga48c2716d9aacdd1b0b9e7b17c1e33aa2">x509write_csr</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for writing a CSR. </p> </div> </div> <h2 class="groupheader">Function Documentation</h2> <a class="anchor" id="ga99888623ed4f805c0e58b705a534c8e5"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int dhm_parse_dhm </td> <td>(</td> <td class="paramtype"><a class="el" href="structdhm__context.html">dhm_context</a> * </td> <td class="paramname"><em>dhm</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>dhmin</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>dhminlen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Parse DHM parameters. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">dhm</td><td>DHM context to be initialized </td></tr> <tr><td class="paramname">dhmin</td><td>input buffer </td></tr> <tr><td class="paramname">dhminlen</td><td>size of the buffer</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific DHM or PEM error code </dd></dl> </div> </div> <a class="anchor" id="gab51d126333172f165a67ac6f5dd2a910"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int dhm_parse_dhmfile </td> <td>(</td> <td class="paramtype"><a class="el" href="structdhm__context.html">dhm_context</a> * </td> <td class="paramname"><em>dhm</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>path</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load and parse DHM parameters. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">dhm</td><td>DHM context to be initialized </td></tr> <tr><td class="paramname">path</td><td>filename to read the DHM Parameters from</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific DHM or PEM error code </dd></dl> </div> </div> <a class="anchor" id="ga99ed152b33d41e55cd14a78c7dcf7bef"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void x509_crl_free </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> * </td> <td class="paramname"><em>crl</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Unallocate all CRL data. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crl</td><td>CRL chain to free </td></tr> </table> </dd> </dl> </div> </div> <a class="anchor" id="ga1c0ed6b97aa4790f7be5c7da7abd30a1"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crl_info </td> <td>(</td> <td class="paramtype">char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>size</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>prefix</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> * </td> <td class="paramname"><em>crl</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Returns an informational string about the CRL. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">buf</td><td>Buffer to write to </td></tr> <tr><td class="paramname">size</td><td>Maximum size of buffer </td></tr> <tr><td class="paramname">prefix</td><td>A line prefix </td></tr> <tr><td class="paramname">crl</td><td>The X509 CRL to represent</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>The amount of data written to the buffer, or -1 in case of an error. </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00265">x509parse_crl_info()</a>.</p> </div> </div> <a class="anchor" id="gad9523a2a96d43fa61e12254f915368b9"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void x509_crl_init </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> * </td> <td class="paramname"><em>crl</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Initialize a CRL (chain) </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crl</td><td>CRL chain to initialize </td></tr> </table> </dd> </dl> </div> </div> <a class="anchor" id="gad4de6119c3dd9463f5a450bbe035e672"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crl_parse </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Parse one or more CRLs and add them to the chained list. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the CRL data </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00259">x509parse_crl()</a>.</p> </div> </div> <a class="anchor" id="gabf60a1d6fba4c52835c3a7810974f969"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crl_parse_file </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>path</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load one or more CRLs and add them to the chained list. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">path</td><td>filename to read the CRLs from</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00262">x509parse_crlfile()</a>.</p> </div> </div> <a class="anchor" id="gad0a4670e68ac4ce67dd163907880b513"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crt_check_extended_key_usage </td> <td>(</td> <td class="paramtype">const <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>crt</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>usage_oid</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>usage_len</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Check usage of certificate against extentedJeyUsage. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>Leaf certificate used. </td></tr> <tr><td class="paramname">usage_oid</td><td>Intended usage (eg OID_SERVER_AUTH or OID_CLIENT_AUTH). </td></tr> <tr><td class="paramname">usage_len</td><td>Length of usage_oid (eg given by <a class="el" href="asn1_8h.html#a79358b9b589d5cf11497945672ea7fd7" title="Returns the size of the binary string, without the trailing \0. ">OID_SIZE()</a>).</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 is this use of the certificate is allowed, POLARSSL_ERR_X509_BAD_INPUT_DATA if not.</dd></dl> <dl class="section note"><dt>Note</dt><dd>Usually only makes sense on leaf certificates. </dd></dl> </div> </div> <a class="anchor" id="ga166632ed129cf4900d1d911adaa8ae74"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crt_check_key_usage </td> <td>(</td> <td class="paramtype">const <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>crt</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">int </td> <td class="paramname"><em>usage</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Check usage of certificate against keyUsage extension. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>Leaf certificate used. </td></tr> <tr><td class="paramname">usage</td><td>Intended usage(s) (eg KU_KEY_ENCIPHERMENT before using the certificate to perform an RSA key exchange).</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 is these uses of the certificate are allowed, POLARSSL_ERR_X509_BAD_INPUT_DATA if the keyUsage extension is present but does not contain all the bits set in the usage argument.</dd></dl> <dl class="section note"><dt>Note</dt><dd>You should only call this function on leaf certificates, on (intermediate) CAs the keyUsage extension is automatically checked by <code><a class="el" href="group__x509__module.html#gaceaeaa6cd00a5c20e71a9a11122d58df" title="Verify the certificate signature. ">x509_crt_verify()</a></code>. </dd></dl> </div> </div> <a class="anchor" id="ga63b4c873caf7b95bd4b081e476a60f1a"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void x509_crt_free </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>crt</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Unallocate all certificate data. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>Certificate chain to free </td></tr> </table> </dd> </dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00251">x509_free()</a>.</p> </div> </div> <a class="anchor" id="ga81299c99c393f6f58eff0471efb65ef7"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crt_info </td> <td>(</td> <td class="paramtype">char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>size</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>prefix</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>crt</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Returns an informational string about the certificate. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">buf</td><td>Buffer to write to </td></tr> <tr><td class="paramname">size</td><td>Maximum size of buffer </td></tr> <tr><td class="paramname">prefix</td><td>A line prefix </td></tr> <tr><td class="paramname">crt</td><td>The X509 certificate to represent</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>The amount of data written to the buffer, or -1 in case of an error. </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00238">x509parse_cert_info()</a>.</p> </div> </div> <a class="anchor" id="ga27ba872627e98561bd04b0fd3aca1297"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void x509_crt_init </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>crt</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Initialize a certificate (chain) </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>Certificate chain to initialize </td></tr> </table> </dd> </dl> </div> </div> <a class="anchor" id="gafc724dee6827c47fed1eec64bb13727b"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crt_parse </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Parse one or more certificates and add them to the chained list. </p> <p>Parses permissively. If some certificates can be parsed, the result is the number of failed certificates it encountered. If none complete correctly, the first error is returned.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the certificate data </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if all certificates parsed successfully, a positive number if partly successful or a specific X509 or PEM error code </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00229">x509parse_crt()</a>.</p> </div> </div> <a class="anchor" id="ga2d8d1c87fa24f176a160041f11ad3c72"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crt_parse_der </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Parse a single DER formatted certificate and add it to the chained list. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the certificate DER data </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00225">x509parse_crt_der()</a>.</p> </div> </div> <a class="anchor" id="ga2f937df6c64b400210dbeb5ad26cc8c2"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crt_parse_file </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>path</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load one or more certificates and add them to the chained list. </p> <p>Parses permissively. If some certificates can be parsed, the result is the number of failed certificates it encountered. If none complete correctly, the first error is returned.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">path</td><td>filename to read the certificates from</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if all certificates parsed successfully, a positive number if partly successful or a specific X509 or PEM error code </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00232">x509parse_crtfile()</a>.</p> </div> </div> <a class="anchor" id="ga34939a983156816784e3d1a64fe0bac9"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crt_parse_path </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>path</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load one or more certificate files from a path and add them to the chained list. </p> <p>Parses permissively. If some certificates can be parsed, the result is the number of failed certificates it encountered. If none complete correctly, the first error is returned.</p> <dl class="section warning"><dt>Warning</dt><dd>This function is NOT thread-safe unless POLARSSL_THREADING_PTHREADS is defined. If you're using an alternative threading implementation, you should either use this function only in the main thread, or mutex it.</dd></dl> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">path</td><td>directory / folder to read the certificate files from</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if all certificates parsed successfully, a positive number if partly successful or a specific X509 or PEM error code </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00235">x509parse_crtpath()</a>.</p> </div> </div> <a class="anchor" id="ga4479c58d8c7274c50d940d2ea2dfd765"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crt_revoked </td> <td>(</td> <td class="paramtype">const <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>crt</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> * </td> <td class="paramname"><em>crl</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Verify the certificate revocation status. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>a certificate to be verified </td></tr> <tr><td class="paramname">crl</td><td>the CRL to verify against</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>1 if the certificate is revoked, 0 otherwise </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00248">x509parse_revoked()</a>.</p> </div> </div> <a class="anchor" id="gaceaeaa6cd00a5c20e71a9a11122d58df"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_crt_verify </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>crt</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype"><a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> * </td> <td class="paramname"><em>trust_ca</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype"><a class="el" href="group__x509__module.html#ga6d6714f926c6cc578e0f983aa6ddaf2a">x509_crl</a> * </td> <td class="paramname"><em>ca_crl</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>cn</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">int * </td> <td class="paramname"><em>flags</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">int(*)(void *, <a class="el" href="group__x509__module.html#gabc08a73588a59be2dd8943ebfc29ec9a">x509_crt</a> *, int, int *) </td> <td class="paramname"><em>f_vrfy</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">void * </td> <td class="paramname"><em>p_vrfy</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Verify the certificate signature. </p> <pre class="fragment"> The verify callback is a user-supplied callback that can clear / modify / add flags for a certificate. If set, the verification callback is called for each certificate in the chain (from the trust-ca down to the presented crt). The parameters for the callback are: (void *parameter, x509_crt *crt, int certificate_depth, int *flags). With the flags representing current flags for that specific certificate and the certificate depth from the bottom (Peer cert depth = 0). All flags left after returning from the callback are also returned to the application. The function should return 0 for anything but a fatal error. </pre><dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>a certificate to be verified </td></tr> <tr><td class="paramname">trust_ca</td><td>the trusted CA chain </td></tr> <tr><td class="paramname">ca_crl</td><td>the CRL chain for trusted CA's </td></tr> <tr><td class="paramname">cn</td><td>expected Common Name (can be set to NULL if the CN must not be verified) </td></tr> <tr><td class="paramname">flags</td><td>result of the verification </td></tr> <tr><td class="paramname">f_vrfy</td><td>verification function </td></tr> <tr><td class="paramname">p_vrfy</td><td>verification parameter</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful or POLARSSL_ERR_X509_SIG_VERIFY_FAILED, in which case *flags will have one or more of the following values set: BADCERT_EXPIRED – BADCERT_REVOKED – BADCERT_CN_MISMATCH – BADCERT_NOT_TRUSTED or another error in case of a fatal error encountered during the verification process. </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00242">x509parse_verify()</a>.</p> </div> </div> <a class="anchor" id="ga5ca4ec1c3051b481cb17c7fda14d6499"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void x509_csr_free </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> * </td> <td class="paramname"><em>csr</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Unallocate all CSR data. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">csr</td><td>CSR to free </td></tr> </table> </dd> </dl> </div> </div> <a class="anchor" id="ga1f152bf56415a2e28382e3b425844838"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_csr_info </td> <td>(</td> <td class="paramtype">char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>size</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>prefix</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> * </td> <td class="paramname"><em>csr</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Returns an informational string about the CSR. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">buf</td><td>Buffer to write to </td></tr> <tr><td class="paramname">size</td><td>Maximum size of buffer </td></tr> <tr><td class="paramname">prefix</td><td>A line prefix </td></tr> <tr><td class="paramname">csr</td><td>The X509 CSR to represent</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>The length of the string written (exluding the terminating null byte), or a negative value in case of an error. </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00280">x509parse_csr_info()</a>.</p> </div> </div> <a class="anchor" id="gaca04de43aa24a914d5c50112aec3dfe2"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void x509_csr_init </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> * </td> <td class="paramname"><em>csr</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Initialize a CSR. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">csr</td><td>CSR to initialize </td></tr> </table> </dd> </dl> </div> </div> <a class="anchor" id="gaf3f78c6f15ba595438f41ad06c7eb913"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_csr_parse </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> * </td> <td class="paramname"><em>csr</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load a Certificate Signing Request (CSR), DER or PEM format. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">csr</td><td>CSR context to fill </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the CRL data </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00274">x509parse_csr()</a>.</p> </div> </div> <a class="anchor" id="gac2678f50a8d832b3d71c071fb31c42b8"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_csr_parse_der </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> * </td> <td class="paramname"><em>csr</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load a Certificate Signing Request (CSR) in DER format. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">csr</td><td>CSR context to fill </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the CRL data </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 error code </dd></dl> </div> </div> <a class="anchor" id="ga9018bb8c7bf444c0b037d5f3ac120f37"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int x509_csr_parse_file </td> <td>(</td> <td class="paramtype"><a class="el" href="group__x509__module.html#ga26cdab1edd0bf60704e0b0b0817a0291">x509_csr</a> * </td> <td class="paramname"><em>csr</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>path</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load a Certificate Signing Request (CSR) </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">csr</td><td>CSR context to fill </td></tr> <tr><td class="paramname">path</td><td>filename to read the CSR from</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> <p>Referenced by <a class="el" href="compat-1_82_8h_source.html#l00277">x509parse_csrfile()</a>.</p> </div> </div> </div><!-- contents --> <!-- start footer part --> <hr class="footer"/><address class="footer"><small> Generated on Thu Jul 31 2014 11:35:56 for PolarSSL v1.3.8 by  <a href="http://www.doxygen.org/index.html"> <img class="footer" src="doxygen.png" alt="doxygen"/> </a> 1.8.5 </small></address> </body> </html>