<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/> <meta http-equiv="X-UA-Compatible" content="IE=9"/> <meta name="generator" content="Doxygen 1.8.13"/> <meta name="viewport" content="width=device-width, initial-scale=1"/> <title>mbed TLS v2.6.0: X.509 module</title> <link href="tabs.css" rel="stylesheet" type="text/css"/> <script type="text/javascript" src="jquery.js"></script> <script type="text/javascript" src="dynsections.js"></script> <link href="doxygen.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="top"><!-- do not remove this div, it is closed by doxygen! --> <div id="titlearea"> <table cellspacing="0" cellpadding="0"> <tbody> <tr style="height: 56px;"> <td id="projectalign" style="padding-left: 0.5em;"> <div id="projectname">mbed TLS v2.6.0 </div> </td> </tr> </tbody> </table> </div> <!-- end header part --> <!-- Generated by Doxygen 1.8.13 --> <script type="text/javascript" src="menudata.js"></script> <script type="text/javascript" src="menu.js"></script> <script type="text/javascript"> $(function() { initMenu('',false,false,'search.php','Search'); }); </script> <div id="main-nav"></div> </div><!-- top --> <div class="header"> <div class="summary"> <a href="#nested-classes">Data Structures</a> | <a href="#define-members">Macros</a> | <a href="#func-members">Functions</a> </div> <div class="headertitle"> <div class="title">X.509 module</div> </div> </div><!--header--> <div class="contents"> <p>The X.509 module provides X.509 support for reading, writing and verification of certificates. <a href="#details">More...</a></p> <table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="nested-classes"></a> Data Structures</h2></td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="structmbedtls__x509__time.html">mbedtls_x509_time</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Container for date and time (precision in seconds). <a href="structmbedtls__x509__time.html#details">More...</a><br /></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="structmbedtls__x509__crl__entry.html">mbedtls_x509_crl_entry</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Certificate revocation list entry. <a href="structmbedtls__x509__crl__entry.html#details">More...</a><br /></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Certificate revocation list structure. <a href="structmbedtls__x509__crl.html#details">More...</a><br /></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Container for an X.509 certificate. <a href="structmbedtls__x509__crt.html#details">More...</a><br /></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="structmbedtls__x509__crt__profile.html">mbedtls_x509_crt_profile</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Security profile for certificate verification. <a href="structmbedtls__x509__crt__profile.html#details">More...</a><br /></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="structmbedtls__x509write__cert.html">mbedtls_x509write_cert</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Container for writing a certificate (CRT) <a href="structmbedtls__x509write__cert.html#details">More...</a><br /></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Certificate Signing Request (CSR) structure. <a href="structmbedtls__x509__csr.html#details">More...</a><br /></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct  </td><td class="memItemRight" valign="bottom"><a class="el" href="structmbedtls__x509write__csr.html">mbedtls_x509write_csr</a></td></tr> <tr class="memdesc:"><td class="mdescLeft"> </td><td class="mdescRight">Container for writing a CSR. <a href="structmbedtls__x509write__csr.html#details">More...</a><br /></td></tr> <tr class="separator:"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="define-members"></a> Macros</h2></td></tr> <tr class="memitem:gab98caf7dfede54b5c576b5a27a5c6a6a"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gab98caf7dfede54b5c576b5a27a5c6a6a">MBEDTLS_X509_MAX_INTERMEDIATE_CA</a>   8</td></tr> <tr class="memdesc:gab98caf7dfede54b5c576b5a27a5c6a6a"><td class="mdescLeft"> </td><td class="mdescRight">Maximum number of intermediate CAs in a verification chain. <a href="#gab98caf7dfede54b5c576b5a27a5c6a6a">More...</a><br /></td></tr> <tr class="separator:gab98caf7dfede54b5c576b5a27a5c6a6a"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a> Functions</h2></td></tr> <tr class="memitem:gae1bf556398cac1761aa2041908e9f619"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gae1bf556398cac1761aa2041908e9f619">mbedtls_dhm_parse_dhm</a> (<a class="el" href="structmbedtls__dhm__context.html">mbedtls_dhm_context</a> *dhm, const unsigned char *dhmin, size_t dhminlen)</td></tr> <tr class="memdesc:gae1bf556398cac1761aa2041908e9f619"><td class="mdescLeft"> </td><td class="mdescRight">Parse DHM parameters in PEM or DER format. <a href="#gae1bf556398cac1761aa2041908e9f619">More...</a><br /></td></tr> <tr class="separator:gae1bf556398cac1761aa2041908e9f619"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gae2f53ca5e795b7e8674f092777a5a828"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gae2f53ca5e795b7e8674f092777a5a828">mbedtls_dhm_parse_dhmfile</a> (<a class="el" href="structmbedtls__dhm__context.html">mbedtls_dhm_context</a> *dhm, const char *path)</td></tr> <tr class="memdesc:gae2f53ca5e795b7e8674f092777a5a828"><td class="mdescLeft"> </td><td class="mdescRight">Load and parse DHM parameters. <a href="#gae2f53ca5e795b7e8674f092777a5a828">More...</a><br /></td></tr> <tr class="separator:gae2f53ca5e795b7e8674f092777a5a828"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> X509 Error codes</h2></td></tr> <tr class="memitem:ga185bc7f27a2b1f7742537a2377c52ee3"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga185bc7f27a2b1f7742537a2377c52ee3">MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE</a>   -0x2080</td></tr> <tr class="memdesc:ga185bc7f27a2b1f7742537a2377c52ee3"><td class="mdescLeft"> </td><td class="mdescRight">Unavailable feature, e.g. <a href="#ga185bc7f27a2b1f7742537a2377c52ee3">More...</a><br /></td></tr> <tr class="separator:ga185bc7f27a2b1f7742537a2377c52ee3"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gab4e8e2e41bfe62e969343efaa2784103"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gab4e8e2e41bfe62e969343efaa2784103">MBEDTLS_ERR_X509_UNKNOWN_OID</a>   -0x2100</td></tr> <tr class="memdesc:gab4e8e2e41bfe62e969343efaa2784103"><td class="mdescLeft"> </td><td class="mdescRight">Requested OID is unknown. <a href="#gab4e8e2e41bfe62e969343efaa2784103">More...</a><br /></td></tr> <tr class="separator:gab4e8e2e41bfe62e969343efaa2784103"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga45b8366804b7e2cbf3e25011f054802c"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga45b8366804b7e2cbf3e25011f054802c">MBEDTLS_ERR_X509_INVALID_FORMAT</a>   -0x2180</td></tr> <tr class="memdesc:ga45b8366804b7e2cbf3e25011f054802c"><td class="mdescLeft"> </td><td class="mdescRight">The CRT/CRL/CSR format is invalid, e.g. <a href="#ga45b8366804b7e2cbf3e25011f054802c">More...</a><br /></td></tr> <tr class="separator:ga45b8366804b7e2cbf3e25011f054802c"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga527608dc04b2c831fe5b161ec26aab76"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga527608dc04b2c831fe5b161ec26aab76">MBEDTLS_ERR_X509_INVALID_VERSION</a>   -0x2200</td></tr> <tr class="memdesc:ga527608dc04b2c831fe5b161ec26aab76"><td class="mdescLeft"> </td><td class="mdescRight">The CRT/CRL/CSR version element is invalid. <a href="#ga527608dc04b2c831fe5b161ec26aab76">More...</a><br /></td></tr> <tr class="separator:ga527608dc04b2c831fe5b161ec26aab76"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga8124a68edabf35ed9323880584128f16"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga8124a68edabf35ed9323880584128f16">MBEDTLS_ERR_X509_INVALID_SERIAL</a>   -0x2280</td></tr> <tr class="memdesc:ga8124a68edabf35ed9323880584128f16"><td class="mdescLeft"> </td><td class="mdescRight">The serial tag or value is invalid. <a href="#ga8124a68edabf35ed9323880584128f16">More...</a><br /></td></tr> <tr class="separator:ga8124a68edabf35ed9323880584128f16"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gae16cddbd42e08f6dd093cf4326e59413"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gae16cddbd42e08f6dd093cf4326e59413">MBEDTLS_ERR_X509_INVALID_ALG</a>   -0x2300</td></tr> <tr class="memdesc:gae16cddbd42e08f6dd093cf4326e59413"><td class="mdescLeft"> </td><td class="mdescRight">The algorithm tag or value is invalid. <a href="#gae16cddbd42e08f6dd093cf4326e59413">More...</a><br /></td></tr> <tr class="separator:gae16cddbd42e08f6dd093cf4326e59413"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga8f61c2f303bf065af4f783e03f952ede"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga8f61c2f303bf065af4f783e03f952ede">MBEDTLS_ERR_X509_INVALID_NAME</a>   -0x2380</td></tr> <tr class="memdesc:ga8f61c2f303bf065af4f783e03f952ede"><td class="mdescLeft"> </td><td class="mdescRight">The name tag or value is invalid. <a href="#ga8f61c2f303bf065af4f783e03f952ede">More...</a><br /></td></tr> <tr class="separator:ga8f61c2f303bf065af4f783e03f952ede"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gac36bf085ce8f7f57f039bda8828bd824"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gac36bf085ce8f7f57f039bda8828bd824">MBEDTLS_ERR_X509_INVALID_DATE</a>   -0x2400</td></tr> <tr class="memdesc:gac36bf085ce8f7f57f039bda8828bd824"><td class="mdescLeft"> </td><td class="mdescRight">The date tag or value is invalid. <a href="#gac36bf085ce8f7f57f039bda8828bd824">More...</a><br /></td></tr> <tr class="separator:gac36bf085ce8f7f57f039bda8828bd824"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga022c175386f082b4e056e6268ee68cab"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga022c175386f082b4e056e6268ee68cab">MBEDTLS_ERR_X509_INVALID_SIGNATURE</a>   -0x2480</td></tr> <tr class="memdesc:ga022c175386f082b4e056e6268ee68cab"><td class="mdescLeft"> </td><td class="mdescRight">The signature tag or value invalid. <a href="#ga022c175386f082b4e056e6268ee68cab">More...</a><br /></td></tr> <tr class="separator:ga022c175386f082b4e056e6268ee68cab"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaa0788dbf0325aea4ab566717514b4422"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaa0788dbf0325aea4ab566717514b4422">MBEDTLS_ERR_X509_INVALID_EXTENSIONS</a>   -0x2500</td></tr> <tr class="memdesc:gaa0788dbf0325aea4ab566717514b4422"><td class="mdescLeft"> </td><td class="mdescRight">The extension tag or value is invalid. <a href="#gaa0788dbf0325aea4ab566717514b4422">More...</a><br /></td></tr> <tr class="separator:gaa0788dbf0325aea4ab566717514b4422"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gab80a4eb806328731def21ec2ebcbc365"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gab80a4eb806328731def21ec2ebcbc365">MBEDTLS_ERR_X509_UNKNOWN_VERSION</a>   -0x2580</td></tr> <tr class="memdesc:gab80a4eb806328731def21ec2ebcbc365"><td class="mdescLeft"> </td><td class="mdescRight">CRT/CRL/CSR has an unsupported version number. <a href="#gab80a4eb806328731def21ec2ebcbc365">More...</a><br /></td></tr> <tr class="separator:gab80a4eb806328731def21ec2ebcbc365"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga488f8616b42eae6fe3fb9815d43c976f"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga488f8616b42eae6fe3fb9815d43c976f">MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG</a>   -0x2600</td></tr> <tr class="memdesc:ga488f8616b42eae6fe3fb9815d43c976f"><td class="mdescLeft"> </td><td class="mdescRight">Signature algorithm (oid) is unsupported. <a href="#ga488f8616b42eae6fe3fb9815d43c976f">More...</a><br /></td></tr> <tr class="separator:ga488f8616b42eae6fe3fb9815d43c976f"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gac489ce5e8ba417bcd86012ebbb7f5044"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gac489ce5e8ba417bcd86012ebbb7f5044">MBEDTLS_ERR_X509_SIG_MISMATCH</a>   -0x2680</td></tr> <tr class="memdesc:gac489ce5e8ba417bcd86012ebbb7f5044"><td class="mdescLeft"> </td><td class="mdescRight">Signature algorithms do not match. <a href="#gac489ce5e8ba417bcd86012ebbb7f5044">More...</a><br /></td></tr> <tr class="separator:gac489ce5e8ba417bcd86012ebbb7f5044"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaba46df0041dcf48fa9d164d28cf3a154"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaba46df0041dcf48fa9d164d28cf3a154">MBEDTLS_ERR_X509_CERT_VERIFY_FAILED</a>   -0x2700</td></tr> <tr class="memdesc:gaba46df0041dcf48fa9d164d28cf3a154"><td class="mdescLeft"> </td><td class="mdescRight">Certificate verification failed, e.g. <a href="#gaba46df0041dcf48fa9d164d28cf3a154">More...</a><br /></td></tr> <tr class="separator:gaba46df0041dcf48fa9d164d28cf3a154"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaeb90af9ad906c5075b1ad625ebc26553"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaeb90af9ad906c5075b1ad625ebc26553">MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT</a>   -0x2780</td></tr> <tr class="memdesc:gaeb90af9ad906c5075b1ad625ebc26553"><td class="mdescLeft"> </td><td class="mdescRight">Format not recognized as DER or PEM. <a href="#gaeb90af9ad906c5075b1ad625ebc26553">More...</a><br /></td></tr> <tr class="separator:gaeb90af9ad906c5075b1ad625ebc26553"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaeeef11ebf0b31a54a665b1a3fd65c3f7"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaeeef11ebf0b31a54a665b1a3fd65c3f7">MBEDTLS_ERR_X509_BAD_INPUT_DATA</a>   -0x2800</td></tr> <tr class="memdesc:gaeeef11ebf0b31a54a665b1a3fd65c3f7"><td class="mdescLeft"> </td><td class="mdescRight">Input invalid. <a href="#gaeeef11ebf0b31a54a665b1a3fd65c3f7">More...</a><br /></td></tr> <tr class="separator:gaeeef11ebf0b31a54a665b1a3fd65c3f7"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gacf6d98c6cbb76728260d1dcb1fe3bc7d"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gacf6d98c6cbb76728260d1dcb1fe3bc7d">MBEDTLS_ERR_X509_ALLOC_FAILED</a>   -0x2880</td></tr> <tr class="memdesc:gacf6d98c6cbb76728260d1dcb1fe3bc7d"><td class="mdescLeft"> </td><td class="mdescRight">Allocation of memory failed. <a href="#gacf6d98c6cbb76728260d1dcb1fe3bc7d">More...</a><br /></td></tr> <tr class="separator:gacf6d98c6cbb76728260d1dcb1fe3bc7d"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad85d9c7aa5c30b9730297bef3386407c"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad85d9c7aa5c30b9730297bef3386407c">MBEDTLS_ERR_X509_FILE_IO_ERROR</a>   -0x2900</td></tr> <tr class="memdesc:gad85d9c7aa5c30b9730297bef3386407c"><td class="mdescLeft"> </td><td class="mdescRight">Read/write of file failed. <a href="#gad85d9c7aa5c30b9730297bef3386407c">More...</a><br /></td></tr> <tr class="separator:gad85d9c7aa5c30b9730297bef3386407c"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gab9516fc53ff90c547fd77d35c71feec7"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gab9516fc53ff90c547fd77d35c71feec7">MBEDTLS_ERR_X509_BUFFER_TOO_SMALL</a>   -0x2980</td></tr> <tr class="memdesc:gab9516fc53ff90c547fd77d35c71feec7"><td class="mdescLeft"> </td><td class="mdescRight">Destination buffer is too small. <a href="#gab9516fc53ff90c547fd77d35c71feec7">More...</a><br /></td></tr> <tr class="separator:gab9516fc53ff90c547fd77d35c71feec7"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga50086f9edc8482b5e6b6e53c647d37ea"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga50086f9edc8482b5e6b6e53c647d37ea">MBEDTLS_ERR_X509_FATAL_ERROR</a>   -0x3000</td></tr> <tr class="memdesc:ga50086f9edc8482b5e6b6e53c647d37ea"><td class="mdescLeft"> </td><td class="mdescRight">A fatal error occured, eg the chain is too long or the vrfy callback failed. <a href="#ga50086f9edc8482b5e6b6e53c647d37ea">More...</a><br /></td></tr> <tr class="separator:ga50086f9edc8482b5e6b6e53c647d37ea"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> X509 Verify codes</h2></td></tr> <tr class="memitem:ga5f03158dcacc5914872e38c68231b642"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga5f03158dcacc5914872e38c68231b642">MBEDTLS_X509_BADCERT_EXPIRED</a>   0x01</td></tr> <tr class="memdesc:ga5f03158dcacc5914872e38c68231b642"><td class="mdescLeft"> </td><td class="mdescRight">The certificate validity has expired. <a href="#ga5f03158dcacc5914872e38c68231b642">More...</a><br /></td></tr> <tr class="separator:ga5f03158dcacc5914872e38c68231b642"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaddd96a9eb80fab17bce02d2a147ea504"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaddd96a9eb80fab17bce02d2a147ea504">MBEDTLS_X509_BADCERT_REVOKED</a>   0x02</td></tr> <tr class="memdesc:gaddd96a9eb80fab17bce02d2a147ea504"><td class="mdescLeft"> </td><td class="mdescRight">The certificate has been revoked (is on a CRL). <a href="#gaddd96a9eb80fab17bce02d2a147ea504">More...</a><br /></td></tr> <tr class="separator:gaddd96a9eb80fab17bce02d2a147ea504"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga6e71468985ebf243ca7cfce5c3dea881"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga6e71468985ebf243ca7cfce5c3dea881">MBEDTLS_X509_BADCERT_CN_MISMATCH</a>   0x04</td></tr> <tr class="memdesc:ga6e71468985ebf243ca7cfce5c3dea881"><td class="mdescLeft"> </td><td class="mdescRight">The certificate Common Name (CN) does not match with the expected CN. <a href="#ga6e71468985ebf243ca7cfce5c3dea881">More...</a><br /></td></tr> <tr class="separator:ga6e71468985ebf243ca7cfce5c3dea881"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga0e5b1d4c9c1a1a3227238c82042c1d1b"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga0e5b1d4c9c1a1a3227238c82042c1d1b">MBEDTLS_X509_BADCERT_NOT_TRUSTED</a>   0x08</td></tr> <tr class="memdesc:ga0e5b1d4c9c1a1a3227238c82042c1d1b"><td class="mdescLeft"> </td><td class="mdescRight">The certificate is not correctly signed by the trusted CA. <a href="#ga0e5b1d4c9c1a1a3227238c82042c1d1b">More...</a><br /></td></tr> <tr class="separator:ga0e5b1d4c9c1a1a3227238c82042c1d1b"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad1da8228ca957c2947fd329c32fc7ca4"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad1da8228ca957c2947fd329c32fc7ca4">MBEDTLS_X509_BADCRL_NOT_TRUSTED</a>   0x10</td></tr> <tr class="memdesc:gad1da8228ca957c2947fd329c32fc7ca4"><td class="mdescLeft"> </td><td class="mdescRight">The CRL is not correctly signed by the trusted CA. <a href="#gad1da8228ca957c2947fd329c32fc7ca4">More...</a><br /></td></tr> <tr class="separator:gad1da8228ca957c2947fd329c32fc7ca4"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaebccb1707af21f2d3d6610a7c6485f32"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaebccb1707af21f2d3d6610a7c6485f32">MBEDTLS_X509_BADCRL_EXPIRED</a>   0x20</td></tr> <tr class="memdesc:gaebccb1707af21f2d3d6610a7c6485f32"><td class="mdescLeft"> </td><td class="mdescRight">The CRL is expired. <a href="#gaebccb1707af21f2d3d6610a7c6485f32">More...</a><br /></td></tr> <tr class="separator:gaebccb1707af21f2d3d6610a7c6485f32"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga8bca03e3c2c89460bea17ab142b0b7ab"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga8bca03e3c2c89460bea17ab142b0b7ab">MBEDTLS_X509_BADCERT_MISSING</a>   0x40</td></tr> <tr class="memdesc:ga8bca03e3c2c89460bea17ab142b0b7ab"><td class="mdescLeft"> </td><td class="mdescRight">Certificate was missing. <a href="#ga8bca03e3c2c89460bea17ab142b0b7ab">More...</a><br /></td></tr> <tr class="separator:ga8bca03e3c2c89460bea17ab142b0b7ab"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga1b87b2e1d26077023adf2a5c65a76776"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga1b87b2e1d26077023adf2a5c65a76776">MBEDTLS_X509_BADCERT_SKIP_VERIFY</a>   0x80</td></tr> <tr class="memdesc:ga1b87b2e1d26077023adf2a5c65a76776"><td class="mdescLeft"> </td><td class="mdescRight">Certificate verification was skipped. <a href="#ga1b87b2e1d26077023adf2a5c65a76776">More...</a><br /></td></tr> <tr class="separator:ga1b87b2e1d26077023adf2a5c65a76776"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga76bdd50937a671ef62474b7e38e23e02"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga76bdd50937a671ef62474b7e38e23e02">MBEDTLS_X509_BADCERT_OTHER</a>   0x0100</td></tr> <tr class="memdesc:ga76bdd50937a671ef62474b7e38e23e02"><td class="mdescLeft"> </td><td class="mdescRight">Other reason (can be used by verify callback) <a href="#ga76bdd50937a671ef62474b7e38e23e02">More...</a><br /></td></tr> <tr class="separator:ga76bdd50937a671ef62474b7e38e23e02"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gac769acbb18e53198ae2d2e63bd339cfa"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gac769acbb18e53198ae2d2e63bd339cfa">MBEDTLS_X509_BADCERT_FUTURE</a>   0x0200</td></tr> <tr class="memdesc:gac769acbb18e53198ae2d2e63bd339cfa"><td class="mdescLeft"> </td><td class="mdescRight">The certificate validity starts in the future. <a href="#gac769acbb18e53198ae2d2e63bd339cfa">More...</a><br /></td></tr> <tr class="separator:gac769acbb18e53198ae2d2e63bd339cfa"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad93c0f614969729f7d13fb0a3acac68e"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad93c0f614969729f7d13fb0a3acac68e">MBEDTLS_X509_BADCRL_FUTURE</a>   0x0400</td></tr> <tr class="memdesc:gad93c0f614969729f7d13fb0a3acac68e"><td class="mdescLeft"> </td><td class="mdescRight">The CRL is from the future. <a href="#gad93c0f614969729f7d13fb0a3acac68e">More...</a><br /></td></tr> <tr class="separator:gad93c0f614969729f7d13fb0a3acac68e"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga28705c8c3091a013487df25842249c0f"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga28705c8c3091a013487df25842249c0f">MBEDTLS_X509_BADCERT_KEY_USAGE</a>   0x0800</td></tr> <tr class="memdesc:ga28705c8c3091a013487df25842249c0f"><td class="mdescLeft"> </td><td class="mdescRight">Usage does not match the keyUsage extension. <a href="#ga28705c8c3091a013487df25842249c0f">More...</a><br /></td></tr> <tr class="separator:ga28705c8c3091a013487df25842249c0f"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gac3dab3183efdbca7e988916e7fc1a02a"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gac3dab3183efdbca7e988916e7fc1a02a">MBEDTLS_X509_BADCERT_EXT_KEY_USAGE</a>   0x1000</td></tr> <tr class="memdesc:gac3dab3183efdbca7e988916e7fc1a02a"><td class="mdescLeft"> </td><td class="mdescRight">Usage does not match the extendedKeyUsage extension. <a href="#gac3dab3183efdbca7e988916e7fc1a02a">More...</a><br /></td></tr> <tr class="separator:gac3dab3183efdbca7e988916e7fc1a02a"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaa383ae441177fa7a16fb2313bb48bb10"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaa383ae441177fa7a16fb2313bb48bb10">MBEDTLS_X509_BADCERT_NS_CERT_TYPE</a>   0x2000</td></tr> <tr class="memdesc:gaa383ae441177fa7a16fb2313bb48bb10"><td class="mdescLeft"> </td><td class="mdescRight">Usage does not match the nsCertType extension. <a href="#gaa383ae441177fa7a16fb2313bb48bb10">More...</a><br /></td></tr> <tr class="separator:gaa383ae441177fa7a16fb2313bb48bb10"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga41b54b526c11bf51cc431ef1a151816d"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga41b54b526c11bf51cc431ef1a151816d">MBEDTLS_X509_BADCERT_BAD_MD</a>   0x4000</td></tr> <tr class="memdesc:ga41b54b526c11bf51cc431ef1a151816d"><td class="mdescLeft"> </td><td class="mdescRight">The certificate is signed with an unacceptable hash. <a href="#ga41b54b526c11bf51cc431ef1a151816d">More...</a><br /></td></tr> <tr class="separator:ga41b54b526c11bf51cc431ef1a151816d"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga9332fa1e09a373cc56234525b14546c4"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga9332fa1e09a373cc56234525b14546c4">MBEDTLS_X509_BADCERT_BAD_PK</a>   0x8000</td></tr> <tr class="memdesc:ga9332fa1e09a373cc56234525b14546c4"><td class="mdescLeft"> </td><td class="mdescRight">The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). <a href="#ga9332fa1e09a373cc56234525b14546c4">More...</a><br /></td></tr> <tr class="separator:ga9332fa1e09a373cc56234525b14546c4"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaef5f9a34b327eb79750ebc3779e98282"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaef5f9a34b327eb79750ebc3779e98282">MBEDTLS_X509_BADCERT_BAD_KEY</a>   0x010000</td></tr> <tr class="memdesc:gaef5f9a34b327eb79750ebc3779e98282"><td class="mdescLeft"> </td><td class="mdescRight">The certificate is signed with an unacceptable key (eg bad curve, RSA too short). <a href="#gaef5f9a34b327eb79750ebc3779e98282">More...</a><br /></td></tr> <tr class="separator:gaef5f9a34b327eb79750ebc3779e98282"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad3f810fb74f94164185b88b90fffa329"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad3f810fb74f94164185b88b90fffa329">MBEDTLS_X509_BADCRL_BAD_MD</a>   0x020000</td></tr> <tr class="memdesc:gad3f810fb74f94164185b88b90fffa329"><td class="mdescLeft"> </td><td class="mdescRight">The CRL is signed with an unacceptable hash. <a href="#gad3f810fb74f94164185b88b90fffa329">More...</a><br /></td></tr> <tr class="separator:gad3f810fb74f94164185b88b90fffa329"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga182a6f1f465e566de7586e6ee8fa7c4e"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga182a6f1f465e566de7586e6ee8fa7c4e">MBEDTLS_X509_BADCRL_BAD_PK</a>   0x040000</td></tr> <tr class="memdesc:ga182a6f1f465e566de7586e6ee8fa7c4e"><td class="mdescLeft"> </td><td class="mdescRight">The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). <a href="#ga182a6f1f465e566de7586e6ee8fa7c4e">More...</a><br /></td></tr> <tr class="separator:ga182a6f1f465e566de7586e6ee8fa7c4e"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gac2947ead6fd1035296826110ca74a364"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gac2947ead6fd1035296826110ca74a364">MBEDTLS_X509_BADCRL_BAD_KEY</a>   0x080000</td></tr> <tr class="memdesc:gac2947ead6fd1035296826110ca74a364"><td class="mdescLeft"> </td><td class="mdescRight">The CRL is signed with an unacceptable key (eg bad curve, RSA too short). <a href="#gac2947ead6fd1035296826110ca74a364">More...</a><br /></td></tr> <tr class="separator:gac2947ead6fd1035296826110ca74a364"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Structures for parsing X.509 certificates, CRLs and CSRs</h2></td></tr> <tr class="memitem:ga4d02c9e8e4e2934555e0d132cd2976dc"><td class="memItemLeft" align="right" valign="top">typedef <a class="el" href="structmbedtls__asn1__buf.html">mbedtls_asn1_buf</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga4d02c9e8e4e2934555e0d132cd2976dc">mbedtls_x509_buf</a></td></tr> <tr class="memdesc:ga4d02c9e8e4e2934555e0d132cd2976dc"><td class="mdescLeft"> </td><td class="mdescRight">Type-length-value structure that allows for ASN1 using DER. <a href="#ga4d02c9e8e4e2934555e0d132cd2976dc">More...</a><br /></td></tr> <tr class="separator:ga4d02c9e8e4e2934555e0d132cd2976dc"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaf25a97602f25027e160f22f6d5590636"><td class="memItemLeft" align="right" valign="top">typedef <a class="el" href="structmbedtls__asn1__bitstring.html">mbedtls_asn1_bitstring</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaf25a97602f25027e160f22f6d5590636">mbedtls_x509_bitstring</a></td></tr> <tr class="memdesc:gaf25a97602f25027e160f22f6d5590636"><td class="mdescLeft"> </td><td class="mdescRight">Container for ASN1 bit strings. <a href="#gaf25a97602f25027e160f22f6d5590636">More...</a><br /></td></tr> <tr class="separator:gaf25a97602f25027e160f22f6d5590636"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga2272228c7776102328df31623af3168c"><td class="memItemLeft" align="right" valign="top">typedef <a class="el" href="structmbedtls__asn1__named__data.html">mbedtls_asn1_named_data</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga2272228c7776102328df31623af3168c">mbedtls_x509_name</a></td></tr> <tr class="memdesc:ga2272228c7776102328df31623af3168c"><td class="mdescLeft"> </td><td class="mdescRight">Container for ASN1 named information objects. <a href="#ga2272228c7776102328df31623af3168c">More...</a><br /></td></tr> <tr class="separator:ga2272228c7776102328df31623af3168c"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gabd52d60a09315854d9ef849d02154f35"><td class="memItemLeft" align="right" valign="top">typedef <a class="el" href="structmbedtls__asn1__sequence.html">mbedtls_asn1_sequence</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gabd52d60a09315854d9ef849d02154f35">mbedtls_x509_sequence</a></td></tr> <tr class="memdesc:gabd52d60a09315854d9ef849d02154f35"><td class="mdescLeft"> </td><td class="mdescRight">Container for a sequence of ASN.1 items. <a href="#gabd52d60a09315854d9ef849d02154f35">More...</a><br /></td></tr> <tr class="separator:gabd52d60a09315854d9ef849d02154f35"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga38827540a02fb2ddca08ec0917a8a41b"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="structmbedtls__x509__time.html">mbedtls_x509_time</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga38827540a02fb2ddca08ec0917a8a41b">mbedtls_x509_time</a></td></tr> <tr class="memdesc:ga38827540a02fb2ddca08ec0917a8a41b"><td class="mdescLeft"> </td><td class="mdescRight">Container for date and time (precision in seconds). <a href="#ga38827540a02fb2ddca08ec0917a8a41b">More...</a><br /></td></tr> <tr class="separator:ga38827540a02fb2ddca08ec0917a8a41b"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Structures and functions for parsing CRLs</h2></td></tr> <tr class="memitem:ga1e0c6230061fd501f9d00bd1b09ade33"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="structmbedtls__x509__crl__entry.html">mbedtls_x509_crl_entry</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga1e0c6230061fd501f9d00bd1b09ade33">mbedtls_x509_crl_entry</a></td></tr> <tr class="memdesc:ga1e0c6230061fd501f9d00bd1b09ade33"><td class="mdescLeft"> </td><td class="mdescRight">Certificate revocation list entry. <a href="#ga1e0c6230061fd501f9d00bd1b09ade33">More...</a><br /></td></tr> <tr class="separator:ga1e0c6230061fd501f9d00bd1b09ade33"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga7957605a0ced963e12880ec9e19874fc"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga7957605a0ced963e12880ec9e19874fc">mbedtls_x509_crl</a></td></tr> <tr class="memdesc:ga7957605a0ced963e12880ec9e19874fc"><td class="mdescLeft"> </td><td class="mdescRight">Certificate revocation list structure. <a href="#ga7957605a0ced963e12880ec9e19874fc">More...</a><br /></td></tr> <tr class="separator:ga7957605a0ced963e12880ec9e19874fc"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga29ab5f1216a727b334ee26cce9f5d4b5"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga29ab5f1216a727b334ee26cce9f5d4b5">mbedtls_x509_crl_parse_der</a> (<a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> *chain, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:ga29ab5f1216a727b334ee26cce9f5d4b5"><td class="mdescLeft"> </td><td class="mdescRight">Parse a DER-encoded CRL and append it to the chained list. <a href="#ga29ab5f1216a727b334ee26cce9f5d4b5">More...</a><br /></td></tr> <tr class="separator:ga29ab5f1216a727b334ee26cce9f5d4b5"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gadfce4fc5f5af62e371695e74c5b67d70"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gadfce4fc5f5af62e371695e74c5b67d70">mbedtls_x509_crl_parse</a> (<a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> *chain, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:gadfce4fc5f5af62e371695e74c5b67d70"><td class="mdescLeft"> </td><td class="mdescRight">Parse one or more CRLs and append them to the chained list. <a href="#gadfce4fc5f5af62e371695e74c5b67d70">More...</a><br /></td></tr> <tr class="separator:gadfce4fc5f5af62e371695e74c5b67d70"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga8e096827f1240b8f8bc15d6a83593f22"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga8e096827f1240b8f8bc15d6a83593f22">mbedtls_x509_crl_parse_file</a> (<a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> *chain, const char *path)</td></tr> <tr class="memdesc:ga8e096827f1240b8f8bc15d6a83593f22"><td class="mdescLeft"> </td><td class="mdescRight">Load one or more CRLs and append them to the chained list. <a href="#ga8e096827f1240b8f8bc15d6a83593f22">More...</a><br /></td></tr> <tr class="separator:ga8e096827f1240b8f8bc15d6a83593f22"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga35898e101f5039c6db6b930da9892366"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga35898e101f5039c6db6b930da9892366">mbedtls_x509_crl_info</a> (char *buf, size_t size, const char *prefix, const <a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> *crl)</td></tr> <tr class="memdesc:ga35898e101f5039c6db6b930da9892366"><td class="mdescLeft"> </td><td class="mdescRight">Returns an informational string about the CRL. <a href="#ga35898e101f5039c6db6b930da9892366">More...</a><br /></td></tr> <tr class="separator:ga35898e101f5039c6db6b930da9892366"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga8513a192e281217802837571da98e218"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga8513a192e281217802837571da98e218">mbedtls_x509_crl_init</a> (<a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> *crl)</td></tr> <tr class="memdesc:ga8513a192e281217802837571da98e218"><td class="mdescLeft"> </td><td class="mdescRight">Initialize a CRL (chain) <a href="#ga8513a192e281217802837571da98e218">More...</a><br /></td></tr> <tr class="separator:ga8513a192e281217802837571da98e218"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaeb19c3326889f9e493fbd605c1113b96"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaeb19c3326889f9e493fbd605c1113b96">mbedtls_x509_crl_free</a> (<a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> *crl)</td></tr> <tr class="memdesc:gaeb19c3326889f9e493fbd605c1113b96"><td class="mdescLeft"> </td><td class="mdescRight">Unallocate all CRL data. <a href="#gaeb19c3326889f9e493fbd605c1113b96">More...</a><br /></td></tr> <tr class="separator:gaeb19c3326889f9e493fbd605c1113b96"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Structures and functions for parsing and writing X.509 certificates</h2></td></tr> <tr class="memitem:ga836544fec94d5bc02bc97aa87885b9d9"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga836544fec94d5bc02bc97aa87885b9d9">mbedtls_x509_crt</a></td></tr> <tr class="memdesc:ga836544fec94d5bc02bc97aa87885b9d9"><td class="mdescLeft"> </td><td class="mdescRight">Container for an X.509 certificate. <a href="#ga836544fec94d5bc02bc97aa87885b9d9">More...</a><br /></td></tr> <tr class="separator:ga836544fec94d5bc02bc97aa87885b9d9"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gacc3115587f8d882a7a137c38d6939e07"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="structmbedtls__x509write__cert.html">mbedtls_x509write_cert</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gacc3115587f8d882a7a137c38d6939e07">mbedtls_x509write_cert</a></td></tr> <tr class="memdesc:gacc3115587f8d882a7a137c38d6939e07"><td class="mdescLeft"> </td><td class="mdescRight">Container for writing a certificate (CRT) <a href="#gacc3115587f8d882a7a137c38d6939e07">More...</a><br /></td></tr> <tr class="separator:gacc3115587f8d882a7a137c38d6939e07"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga9cd2de10ffeff0f339abcc1ba7e26fdf"><td class="memItemLeft" align="right" valign="top">const <a class="el" href="structmbedtls__x509__crt__profile.html">mbedtls_x509_crt_profile</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga9cd2de10ffeff0f339abcc1ba7e26fdf">mbedtls_x509_crt_profile_default</a></td></tr> <tr class="memdesc:ga9cd2de10ffeff0f339abcc1ba7e26fdf"><td class="mdescLeft"> </td><td class="mdescRight">Default security profile. <a href="#ga9cd2de10ffeff0f339abcc1ba7e26fdf">More...</a><br /></td></tr> <tr class="separator:ga9cd2de10ffeff0f339abcc1ba7e26fdf"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga8ab1f8a044fd25f76ecb4ba15c6d5bcd"><td class="memItemLeft" align="right" valign="top">const <a class="el" href="structmbedtls__x509__crt__profile.html">mbedtls_x509_crt_profile</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga8ab1f8a044fd25f76ecb4ba15c6d5bcd">mbedtls_x509_crt_profile_next</a></td></tr> <tr class="memdesc:ga8ab1f8a044fd25f76ecb4ba15c6d5bcd"><td class="mdescLeft"> </td><td class="mdescRight">Expected next default profile. <a href="#ga8ab1f8a044fd25f76ecb4ba15c6d5bcd">More...</a><br /></td></tr> <tr class="separator:ga8ab1f8a044fd25f76ecb4ba15c6d5bcd"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaf09067a39129236125e353a68ceb45d6"><td class="memItemLeft" align="right" valign="top">const <a class="el" href="structmbedtls__x509__crt__profile.html">mbedtls_x509_crt_profile</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaf09067a39129236125e353a68ceb45d6">mbedtls_x509_crt_profile_suiteb</a></td></tr> <tr class="memdesc:gaf09067a39129236125e353a68ceb45d6"><td class="mdescLeft"> </td><td class="mdescRight">NSA Suite B profile. <a href="#gaf09067a39129236125e353a68ceb45d6">More...</a><br /></td></tr> <tr class="separator:gaf09067a39129236125e353a68ceb45d6"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga003c2483a2691e025641fa9d68d4a96a"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga003c2483a2691e025641fa9d68d4a96a">mbedtls_x509_crt_parse_der</a> (<a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *chain, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:ga003c2483a2691e025641fa9d68d4a96a"><td class="mdescLeft"> </td><td class="mdescRight">Parse a single DER formatted certificate and add it to the chained list. <a href="#ga003c2483a2691e025641fa9d68d4a96a">More...</a><br /></td></tr> <tr class="separator:ga003c2483a2691e025641fa9d68d4a96a"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga033567483649030f7f859db4f4cb7e14"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga033567483649030f7f859db4f4cb7e14">mbedtls_x509_crt_parse</a> (<a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *chain, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:ga033567483649030f7f859db4f4cb7e14"><td class="mdescLeft"> </td><td class="mdescRight">Parse one or more certificates and add them to the chained list. <a href="#ga033567483649030f7f859db4f4cb7e14">More...</a><br /></td></tr> <tr class="separator:ga033567483649030f7f859db4f4cb7e14"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad4da63133d3590aa311488497d4c38ec"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad4da63133d3590aa311488497d4c38ec">mbedtls_x509_crt_parse_file</a> (<a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *chain, const char *path)</td></tr> <tr class="memdesc:gad4da63133d3590aa311488497d4c38ec"><td class="mdescLeft"> </td><td class="mdescRight">Load one or more certificates and add them to the chained list. <a href="#gad4da63133d3590aa311488497d4c38ec">More...</a><br /></td></tr> <tr class="separator:gad4da63133d3590aa311488497d4c38ec"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga571fc89b9f3217ab3dd67bd7af905066"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga571fc89b9f3217ab3dd67bd7af905066">mbedtls_x509_crt_parse_path</a> (<a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *chain, const char *path)</td></tr> <tr class="memdesc:ga571fc89b9f3217ab3dd67bd7af905066"><td class="mdescLeft"> </td><td class="mdescRight">Load one or more certificate files from a path and add them to the chained list. <a href="#ga571fc89b9f3217ab3dd67bd7af905066">More...</a><br /></td></tr> <tr class="separator:ga571fc89b9f3217ab3dd67bd7af905066"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gabaf30f2269fc3b6608b25871f9d09da6"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gabaf30f2269fc3b6608b25871f9d09da6">mbedtls_x509_crt_info</a> (char *buf, size_t size, const char *prefix, const <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *crt)</td></tr> <tr class="memdesc:gabaf30f2269fc3b6608b25871f9d09da6"><td class="mdescLeft"> </td><td class="mdescRight">Returns an informational string about the certificate. <a href="#gabaf30f2269fc3b6608b25871f9d09da6">More...</a><br /></td></tr> <tr class="separator:gabaf30f2269fc3b6608b25871f9d09da6"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gae88f1d8e6696eb2beeffe0a708219e6b"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gae88f1d8e6696eb2beeffe0a708219e6b">mbedtls_x509_crt_verify_info</a> (char *buf, size_t size, const char *prefix, uint32_t flags)</td></tr> <tr class="memdesc:gae88f1d8e6696eb2beeffe0a708219e6b"><td class="mdescLeft"> </td><td class="mdescRight">Returns an informational string about the verification status of a certificate. <a href="#gae88f1d8e6696eb2beeffe0a708219e6b">More...</a><br /></td></tr> <tr class="separator:gae88f1d8e6696eb2beeffe0a708219e6b"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga98ed4504e4f832b735a230acf54fcde3"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga98ed4504e4f832b735a230acf54fcde3">mbedtls_x509_crt_verify</a> (<a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *crt, <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *trust_ca, <a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> *ca_crl, const char *cn, uint32_t *flags, int(*f_vrfy)(void *, <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *, int, uint32_t *), void *p_vrfy)</td></tr> <tr class="memdesc:ga98ed4504e4f832b735a230acf54fcde3"><td class="mdescLeft"> </td><td class="mdescRight">Verify the certificate signature. <a href="#ga98ed4504e4f832b735a230acf54fcde3">More...</a><br /></td></tr> <tr class="separator:ga98ed4504e4f832b735a230acf54fcde3"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaf044a51e5b5bc854bf12aeeccb440e55"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaf044a51e5b5bc854bf12aeeccb440e55">mbedtls_x509_crt_verify_with_profile</a> (<a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *crt, <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *trust_ca, <a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> *ca_crl, const <a class="el" href="structmbedtls__x509__crt__profile.html">mbedtls_x509_crt_profile</a> *profile, const char *cn, uint32_t *flags, int(*f_vrfy)(void *, <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *, int, uint32_t *), void *p_vrfy)</td></tr> <tr class="memdesc:gaf044a51e5b5bc854bf12aeeccb440e55"><td class="mdescLeft"> </td><td class="mdescRight">Verify the certificate signature according to profile. <a href="#gaf044a51e5b5bc854bf12aeeccb440e55">More...</a><br /></td></tr> <tr class="separator:gaf044a51e5b5bc854bf12aeeccb440e55"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga0ab7857ffd82467207e718bb9f0131a2"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga0ab7857ffd82467207e718bb9f0131a2">mbedtls_x509_crt_check_key_usage</a> (const <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *crt, unsigned int usage)</td></tr> <tr class="memdesc:ga0ab7857ffd82467207e718bb9f0131a2"><td class="mdescLeft"> </td><td class="mdescRight">Check usage of certificate against keyUsage extension. <a href="#ga0ab7857ffd82467207e718bb9f0131a2">More...</a><br /></td></tr> <tr class="separator:ga0ab7857ffd82467207e718bb9f0131a2"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gad21c0e75a3fdbeb1f65e4d339e479df3"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gad21c0e75a3fdbeb1f65e4d339e479df3">mbedtls_x509_crt_check_extended_key_usage</a> (const <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *crt, const char *usage_oid, size_t usage_len)</td></tr> <tr class="memdesc:gad21c0e75a3fdbeb1f65e4d339e479df3"><td class="mdescLeft"> </td><td class="mdescRight">Check usage of certificate against extentedJeyUsage. <a href="#gad21c0e75a3fdbeb1f65e4d339e479df3">More...</a><br /></td></tr> <tr class="separator:gad21c0e75a3fdbeb1f65e4d339e479df3"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga0dc256a70f90cb68002d53bafffab232"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga0dc256a70f90cb68002d53bafffab232">mbedtls_x509_crt_is_revoked</a> (const <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *crt, const <a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> *crl)</td></tr> <tr class="memdesc:ga0dc256a70f90cb68002d53bafffab232"><td class="mdescLeft"> </td><td class="mdescRight">Verify the certificate revocation status. <a href="#ga0dc256a70f90cb68002d53bafffab232">More...</a><br /></td></tr> <tr class="separator:ga0dc256a70f90cb68002d53bafffab232"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga016dd06bc770e77b84005f305df20ed1"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga016dd06bc770e77b84005f305df20ed1">mbedtls_x509_crt_init</a> (<a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *crt)</td></tr> <tr class="memdesc:ga016dd06bc770e77b84005f305df20ed1"><td class="mdescLeft"> </td><td class="mdescRight">Initialize a certificate (chain) <a href="#ga016dd06bc770e77b84005f305df20ed1">More...</a><br /></td></tr> <tr class="separator:ga016dd06bc770e77b84005f305df20ed1"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gab33c1e4e20bea7ce536119f54a113c6b"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gab33c1e4e20bea7ce536119f54a113c6b">mbedtls_x509_crt_free</a> (<a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *crt)</td></tr> <tr class="memdesc:gab33c1e4e20bea7ce536119f54a113c6b"><td class="mdescLeft"> </td><td class="mdescRight">Unallocate all certificate data. <a href="#gab33c1e4e20bea7ce536119f54a113c6b">More...</a><br /></td></tr> <tr class="separator:gab33c1e4e20bea7ce536119f54a113c6b"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaedcb73f1c615c266a348a0c62763c5de"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaedcb73f1c615c266a348a0c62763c5de">MBEDTLS_X509_ID_FLAG</a>(id)   ( 1 << ( id - 1 ) )</td></tr> <tr class="memdesc:gaedcb73f1c615c266a348a0c62763c5de"><td class="mdescLeft"> </td><td class="mdescRight">Build flag from an algorithm/curve identifier (pk, md, ecp) Since 0 is always XXX_NONE, ignore it. <a href="#gaedcb73f1c615c266a348a0c62763c5de">More...</a><br /></td></tr> <tr class="separator:gaedcb73f1c615c266a348a0c62763c5de"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga8d124765addc200627de55f2018b1ed3"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga8d124765addc200627de55f2018b1ed3">MBEDTLS_X509_CRT_VERSION_1</a>   0</td></tr> <tr class="separator:ga8d124765addc200627de55f2018b1ed3"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga46a0b7f3a4c1f279f609fd8ea304c192"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga46a0b7f3a4c1f279f609fd8ea304c192">MBEDTLS_X509_CRT_VERSION_2</a>   1</td></tr> <tr class="separator:ga46a0b7f3a4c1f279f609fd8ea304c192"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga7c22a610222ea94e1faf96223bc5d9a4"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga7c22a610222ea94e1faf96223bc5d9a4">MBEDTLS_X509_CRT_VERSION_3</a>   2</td></tr> <tr class="separator:ga7c22a610222ea94e1faf96223bc5d9a4"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga189113155d9c64d4b4255b16761377c7"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga189113155d9c64d4b4255b16761377c7">MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN</a>   32</td></tr> <tr class="separator:ga189113155d9c64d4b4255b16761377c7"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga533580091501768fa25d4d682febbb08"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga533580091501768fa25d4d682febbb08">MBEDTLS_X509_RFC5280_UTC_TIME_LEN</a>   15</td></tr> <tr class="separator:ga533580091501768fa25d4d682febbb08"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga4ebc833300be4f784ac13ff0a38085ce"><td class="memItemLeft" align="right" valign="top">#define </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga4ebc833300be4f784ac13ff0a38085ce">MBEDTLS_X509_MAX_FILE_PATH_LEN</a>   512</td></tr> <tr class="separator:ga4ebc833300be4f784ac13ff0a38085ce"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="member-group"></a> Structures and functions for X.509 Certificate Signing Requests (CSR)</h2></td></tr> <tr class="memitem:gae481b23df67001bdac96ef9c2ab3ef7c"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gae481b23df67001bdac96ef9c2ab3ef7c">mbedtls_x509_csr</a></td></tr> <tr class="memdesc:gae481b23df67001bdac96ef9c2ab3ef7c"><td class="mdescLeft"> </td><td class="mdescRight">Certificate Signing Request (CSR) structure. <a href="#gae481b23df67001bdac96ef9c2ab3ef7c">More...</a><br /></td></tr> <tr class="separator:gae481b23df67001bdac96ef9c2ab3ef7c"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga7b0b4f8c5cfd541ee20c53907edb636d"><td class="memItemLeft" align="right" valign="top">typedef struct <a class="el" href="structmbedtls__x509write__csr.html">mbedtls_x509write_csr</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga7b0b4f8c5cfd541ee20c53907edb636d">mbedtls_x509write_csr</a></td></tr> <tr class="memdesc:ga7b0b4f8c5cfd541ee20c53907edb636d"><td class="mdescLeft"> </td><td class="mdescRight">Container for writing a CSR. <a href="#ga7b0b4f8c5cfd541ee20c53907edb636d">More...</a><br /></td></tr> <tr class="separator:ga7b0b4f8c5cfd541ee20c53907edb636d"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga4c58fa3804ea9feb1acf745221f17208"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga4c58fa3804ea9feb1acf745221f17208">mbedtls_x509_csr_parse_der</a> (<a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> *csr, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:ga4c58fa3804ea9feb1acf745221f17208"><td class="mdescLeft"> </td><td class="mdescRight">Load a Certificate Signing Request (CSR) in DER format. <a href="#ga4c58fa3804ea9feb1acf745221f17208">More...</a><br /></td></tr> <tr class="separator:ga4c58fa3804ea9feb1acf745221f17208"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga53012fb8859f4835ccfb0a5e359b3176"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga53012fb8859f4835ccfb0a5e359b3176">mbedtls_x509_csr_parse</a> (<a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> *csr, const unsigned char *buf, size_t buflen)</td></tr> <tr class="memdesc:ga53012fb8859f4835ccfb0a5e359b3176"><td class="mdescLeft"> </td><td class="mdescRight">Load a Certificate Signing Request (CSR), DER or PEM format. <a href="#ga53012fb8859f4835ccfb0a5e359b3176">More...</a><br /></td></tr> <tr class="separator:ga53012fb8859f4835ccfb0a5e359b3176"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaf49db7323eee45d9649600de18d715f8"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaf49db7323eee45d9649600de18d715f8">mbedtls_x509_csr_parse_file</a> (<a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> *csr, const char *path)</td></tr> <tr class="memdesc:gaf49db7323eee45d9649600de18d715f8"><td class="mdescLeft"> </td><td class="mdescRight">Load a Certificate Signing Request (CSR) <a href="#gaf49db7323eee45d9649600de18d715f8">More...</a><br /></td></tr> <tr class="separator:gaf49db7323eee45d9649600de18d715f8"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gaeec330c8cb351adc2870f4f088f36fdc"><td class="memItemLeft" align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gaeec330c8cb351adc2870f4f088f36fdc">mbedtls_x509_csr_info</a> (char *buf, size_t size, const char *prefix, const <a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> *csr)</td></tr> <tr class="memdesc:gaeec330c8cb351adc2870f4f088f36fdc"><td class="mdescLeft"> </td><td class="mdescRight">Returns an informational string about the CSR. <a href="#gaeec330c8cb351adc2870f4f088f36fdc">More...</a><br /></td></tr> <tr class="separator:gaeec330c8cb351adc2870f4f088f36fdc"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:ga984db025f6953ea61be7dfca2d928f37"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#ga984db025f6953ea61be7dfca2d928f37">mbedtls_x509_csr_init</a> (<a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> *csr)</td></tr> <tr class="memdesc:ga984db025f6953ea61be7dfca2d928f37"><td class="mdescLeft"> </td><td class="mdescRight">Initialize a CSR. <a href="#ga984db025f6953ea61be7dfca2d928f37">More...</a><br /></td></tr> <tr class="separator:ga984db025f6953ea61be7dfca2d928f37"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:gac2139becff64aa7294ecad4f40767a84"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__x509__module.html#gac2139becff64aa7294ecad4f40767a84">mbedtls_x509_csr_free</a> (<a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> *csr)</td></tr> <tr class="memdesc:gac2139becff64aa7294ecad4f40767a84"><td class="mdescLeft"> </td><td class="mdescRight">Unallocate all CSR data. <a href="#gac2139becff64aa7294ecad4f40767a84">More...</a><br /></td></tr> <tr class="separator:gac2139becff64aa7294ecad4f40767a84"><td class="memSeparator" colspan="2"> </td></tr> </table> <a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2> <p>The X.509 module provides X.509 support for reading, writing and verification of certificates. </p> <p>In summary:</p><ul> <li>X.509 certificate (CRT) reading (see <code><a class="el" href="group__x509__module.html#ga033567483649030f7f859db4f4cb7e14" title="Parse one or more certificates and add them to the chained list. ">mbedtls_x509_crt_parse()</a></code>, <code><a class="el" href="group__x509__module.html#ga003c2483a2691e025641fa9d68d4a96a" title="Parse a single DER formatted certificate and add it to the chained list. ">mbedtls_x509_crt_parse_der()</a></code>, <code><a class="el" href="group__x509__module.html#gad4da63133d3590aa311488497d4c38ec" title="Load one or more certificates and add them to the chained list. ">mbedtls_x509_crt_parse_file()</a></code>).</li> <li>X.509 certificate revocation list (CRL) reading (see <code><a class="el" href="group__x509__module.html#gadfce4fc5f5af62e371695e74c5b67d70" title="Parse one or more CRLs and append them to the chained list. ">mbedtls_x509_crl_parse()</a></code>, <code><a class="el" href="group__x509__module.html#ga29ab5f1216a727b334ee26cce9f5d4b5" title="Parse a DER-encoded CRL and append it to the chained list. ">mbedtls_x509_crl_parse_der()</a></code>, and <code><a class="el" href="group__x509__module.html#ga8e096827f1240b8f8bc15d6a83593f22" title="Load one or more CRLs and append them to the chained list. ">mbedtls_x509_crl_parse_file()</a></code>).</li> <li>X.509 certificate signature verification (see <code><a class="el" href="group__x509__module.html#ga98ed4504e4f832b735a230acf54fcde3" title="Verify the certificate signature. ">mbedtls_x509_crt_verify()</a></code> and <code><a class="el" href="group__x509__module.html#gaf044a51e5b5bc854bf12aeeccb440e55" title="Verify the certificate signature according to profile. ">mbedtls_x509_crt_verify_with_profile()</a></code>.</li> <li>X.509 certificate writing and certificate request writing (see <code><a class="el" href="x509__crt_8h.html#ada0550c8f7ce3e8b360f69c7475fa32f" title="Write a built up certificate to a X509 DER structure Note: data is written at the end of the buffer! ...">mbedtls_x509write_crt_der()</a></code> and <code><a class="el" href="x509__csr_8h.html#ade066bfe50987c491ff51ce4f347fcb4" title="Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the ...">mbedtls_x509write_csr_der()</a></code>).</li> </ul> <p>This module can be used to build a certificate authority (CA) chain and verify its signature. It is also used to generate Certificate Signing Requests and X.509 certificates just as a CA would do. </p> <h2 class="groupheader">Macro Definition Documentation</h2> <a id="gacf6d98c6cbb76728260d1dcb1fe3bc7d"></a> <h2 class="memtitle"><span class="permalink"><a href="#gacf6d98c6cbb76728260d1dcb1fe3bc7d">◆ </a></span>MBEDTLS_ERR_X509_ALLOC_FAILED</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_ALLOC_FAILED   -0x2880</td> </tr> </table> </div><div class="memdoc"> <p>Allocation of memory failed. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00076">76</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gaeeef11ebf0b31a54a665b1a3fd65c3f7"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaeeef11ebf0b31a54a665b1a3fd65c3f7">◆ </a></span>MBEDTLS_ERR_X509_BAD_INPUT_DATA</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_BAD_INPUT_DATA   -0x2800</td> </tr> </table> </div><div class="memdoc"> <p>Input invalid. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00075">75</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gab9516fc53ff90c547fd77d35c71feec7"></a> <h2 class="memtitle"><span class="permalink"><a href="#gab9516fc53ff90c547fd77d35c71feec7">◆ </a></span>MBEDTLS_ERR_X509_BUFFER_TOO_SMALL</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL   -0x2980</td> </tr> </table> </div><div class="memdoc"> <p>Destination buffer is too small. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00078">78</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gaeb90af9ad906c5075b1ad625ebc26553"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaeb90af9ad906c5075b1ad625ebc26553">◆ </a></span>MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT   -0x2780</td> </tr> </table> </div><div class="memdoc"> <p>Format not recognized as DER or PEM. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00074">74</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gaba46df0041dcf48fa9d164d28cf3a154"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaba46df0041dcf48fa9d164d28cf3a154">◆ </a></span>MBEDTLS_ERR_X509_CERT_VERIFY_FAILED</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED   -0x2700</td> </tr> </table> </div><div class="memdoc"> <p>Certificate verification failed, e.g. </p> <p>CRL, CA or signature check failed. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00073">73</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga50086f9edc8482b5e6b6e53c647d37ea"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga50086f9edc8482b5e6b6e53c647d37ea">◆ </a></span>MBEDTLS_ERR_X509_FATAL_ERROR</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_FATAL_ERROR   -0x3000</td> </tr> </table> </div><div class="memdoc"> <p>A fatal error occured, eg the chain is too long or the vrfy callback failed. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00079">79</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga185bc7f27a2b1f7742537a2377c52ee3"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga185bc7f27a2b1f7742537a2377c52ee3">◆ </a></span>MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE   -0x2080</td> </tr> </table> </div><div class="memdoc"> <p>Unavailable feature, e.g. </p> <p>RSA hashing/encryption combination. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00060">60</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gad85d9c7aa5c30b9730297bef3386407c"></a> <h2 class="memtitle"><span class="permalink"><a href="#gad85d9c7aa5c30b9730297bef3386407c">◆ </a></span>MBEDTLS_ERR_X509_FILE_IO_ERROR</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_FILE_IO_ERROR   -0x2900</td> </tr> </table> </div><div class="memdoc"> <p>Read/write of file failed. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00077">77</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gae16cddbd42e08f6dd093cf4326e59413"></a> <h2 class="memtitle"><span class="permalink"><a href="#gae16cddbd42e08f6dd093cf4326e59413">◆ </a></span>MBEDTLS_ERR_X509_INVALID_ALG</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_INVALID_ALG   -0x2300</td> </tr> </table> </div><div class="memdoc"> <p>The algorithm tag or value is invalid. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00065">65</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gac36bf085ce8f7f57f039bda8828bd824"></a> <h2 class="memtitle"><span class="permalink"><a href="#gac36bf085ce8f7f57f039bda8828bd824">◆ </a></span>MBEDTLS_ERR_X509_INVALID_DATE</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_INVALID_DATE   -0x2400</td> </tr> </table> </div><div class="memdoc"> <p>The date tag or value is invalid. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00067">67</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gaa0788dbf0325aea4ab566717514b4422"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaa0788dbf0325aea4ab566717514b4422">◆ </a></span>MBEDTLS_ERR_X509_INVALID_EXTENSIONS</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS   -0x2500</td> </tr> </table> </div><div class="memdoc"> <p>The extension tag or value is invalid. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00069">69</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga45b8366804b7e2cbf3e25011f054802c"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga45b8366804b7e2cbf3e25011f054802c">◆ </a></span>MBEDTLS_ERR_X509_INVALID_FORMAT</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_INVALID_FORMAT   -0x2180</td> </tr> </table> </div><div class="memdoc"> <p>The CRT/CRL/CSR format is invalid, e.g. </p> <p>different type expected. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00062">62</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga8f61c2f303bf065af4f783e03f952ede"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga8f61c2f303bf065af4f783e03f952ede">◆ </a></span>MBEDTLS_ERR_X509_INVALID_NAME</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_INVALID_NAME   -0x2380</td> </tr> </table> </div><div class="memdoc"> <p>The name tag or value is invalid. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00066">66</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga8124a68edabf35ed9323880584128f16"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga8124a68edabf35ed9323880584128f16">◆ </a></span>MBEDTLS_ERR_X509_INVALID_SERIAL</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_INVALID_SERIAL   -0x2280</td> </tr> </table> </div><div class="memdoc"> <p>The serial tag or value is invalid. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00064">64</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga022c175386f082b4e056e6268ee68cab"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga022c175386f082b4e056e6268ee68cab">◆ </a></span>MBEDTLS_ERR_X509_INVALID_SIGNATURE</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_INVALID_SIGNATURE   -0x2480</td> </tr> </table> </div><div class="memdoc"> <p>The signature tag or value invalid. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00068">68</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga527608dc04b2c831fe5b161ec26aab76"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga527608dc04b2c831fe5b161ec26aab76">◆ </a></span>MBEDTLS_ERR_X509_INVALID_VERSION</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_INVALID_VERSION   -0x2200</td> </tr> </table> </div><div class="memdoc"> <p>The CRT/CRL/CSR version element is invalid. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00063">63</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gac489ce5e8ba417bcd86012ebbb7f5044"></a> <h2 class="memtitle"><span class="permalink"><a href="#gac489ce5e8ba417bcd86012ebbb7f5044">◆ </a></span>MBEDTLS_ERR_X509_SIG_MISMATCH</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_SIG_MISMATCH   -0x2680</td> </tr> </table> </div><div class="memdoc"> <p>Signature algorithms do not match. </p> <p>(see <code><a class="el" href="structmbedtls__x509__crt.html" title="Container for an X.509 certificate. ">mbedtls_x509_crt</a></code> sig_oid) </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00072">72</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gab4e8e2e41bfe62e969343efaa2784103"></a> <h2 class="memtitle"><span class="permalink"><a href="#gab4e8e2e41bfe62e969343efaa2784103">◆ </a></span>MBEDTLS_ERR_X509_UNKNOWN_OID</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_UNKNOWN_OID   -0x2100</td> </tr> </table> </div><div class="memdoc"> <p>Requested OID is unknown. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00061">61</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga488f8616b42eae6fe3fb9815d43c976f"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga488f8616b42eae6fe3fb9815d43c976f">◆ </a></span>MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG   -0x2600</td> </tr> </table> </div><div class="memdoc"> <p>Signature algorithm (oid) is unsupported. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00071">71</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gab80a4eb806328731def21ec2ebcbc365"></a> <h2 class="memtitle"><span class="permalink"><a href="#gab80a4eb806328731def21ec2ebcbc365">◆ </a></span>MBEDTLS_ERR_X509_UNKNOWN_VERSION</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_ERR_X509_UNKNOWN_VERSION   -0x2580</td> </tr> </table> </div><div class="memdoc"> <p>CRT/CRL/CSR has an unsupported version number. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00070">70</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gaef5f9a34b327eb79750ebc3779e98282"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaef5f9a34b327eb79750ebc3779e98282">◆ </a></span>MBEDTLS_X509_BADCERT_BAD_KEY</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_BAD_KEY   0x010000</td> </tr> </table> </div><div class="memdoc"> <p>The certificate is signed with an unacceptable key (eg bad curve, RSA too short). </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00103">103</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga41b54b526c11bf51cc431ef1a151816d"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga41b54b526c11bf51cc431ef1a151816d">◆ </a></span>MBEDTLS_X509_BADCERT_BAD_MD</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_BAD_MD   0x4000</td> </tr> </table> </div><div class="memdoc"> <p>The certificate is signed with an unacceptable hash. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00101">101</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga9332fa1e09a373cc56234525b14546c4"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga9332fa1e09a373cc56234525b14546c4">◆ </a></span>MBEDTLS_X509_BADCERT_BAD_PK</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_BAD_PK   0x8000</td> </tr> </table> </div><div class="memdoc"> <p>The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00102">102</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga6e71468985ebf243ca7cfce5c3dea881"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga6e71468985ebf243ca7cfce5c3dea881">◆ </a></span>MBEDTLS_X509_BADCERT_CN_MISMATCH</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_CN_MISMATCH   0x04</td> </tr> </table> </div><div class="memdoc"> <p>The certificate Common Name (CN) does not match with the expected CN. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00089">89</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga5f03158dcacc5914872e38c68231b642"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga5f03158dcacc5914872e38c68231b642">◆ </a></span>MBEDTLS_X509_BADCERT_EXPIRED</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_EXPIRED   0x01</td> </tr> </table> </div><div class="memdoc"> <p>The certificate validity has expired. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00087">87</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gac3dab3183efdbca7e988916e7fc1a02a"></a> <h2 class="memtitle"><span class="permalink"><a href="#gac3dab3183efdbca7e988916e7fc1a02a">◆ </a></span>MBEDTLS_X509_BADCERT_EXT_KEY_USAGE</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE   0x1000</td> </tr> </table> </div><div class="memdoc"> <p>Usage does not match the extendedKeyUsage extension. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00099">99</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gac769acbb18e53198ae2d2e63bd339cfa"></a> <h2 class="memtitle"><span class="permalink"><a href="#gac769acbb18e53198ae2d2e63bd339cfa">◆ </a></span>MBEDTLS_X509_BADCERT_FUTURE</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_FUTURE   0x0200</td> </tr> </table> </div><div class="memdoc"> <p>The certificate validity starts in the future. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00096">96</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga28705c8c3091a013487df25842249c0f"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga28705c8c3091a013487df25842249c0f">◆ </a></span>MBEDTLS_X509_BADCERT_KEY_USAGE</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_KEY_USAGE   0x0800</td> </tr> </table> </div><div class="memdoc"> <p>Usage does not match the keyUsage extension. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00098">98</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga8bca03e3c2c89460bea17ab142b0b7ab"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga8bca03e3c2c89460bea17ab142b0b7ab">◆ </a></span>MBEDTLS_X509_BADCERT_MISSING</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_MISSING   0x40</td> </tr> </table> </div><div class="memdoc"> <p>Certificate was missing. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00093">93</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga0e5b1d4c9c1a1a3227238c82042c1d1b"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga0e5b1d4c9c1a1a3227238c82042c1d1b">◆ </a></span>MBEDTLS_X509_BADCERT_NOT_TRUSTED</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_NOT_TRUSTED   0x08</td> </tr> </table> </div><div class="memdoc"> <p>The certificate is not correctly signed by the trusted CA. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00090">90</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gaa383ae441177fa7a16fb2313bb48bb10"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaa383ae441177fa7a16fb2313bb48bb10">◆ </a></span>MBEDTLS_X509_BADCERT_NS_CERT_TYPE</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE   0x2000</td> </tr> </table> </div><div class="memdoc"> <p>Usage does not match the nsCertType extension. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00100">100</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga76bdd50937a671ef62474b7e38e23e02"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga76bdd50937a671ef62474b7e38e23e02">◆ </a></span>MBEDTLS_X509_BADCERT_OTHER</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_OTHER   0x0100</td> </tr> </table> </div><div class="memdoc"> <p>Other reason (can be used by verify callback) </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00095">95</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gaddd96a9eb80fab17bce02d2a147ea504"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaddd96a9eb80fab17bce02d2a147ea504">◆ </a></span>MBEDTLS_X509_BADCERT_REVOKED</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_REVOKED   0x02</td> </tr> </table> </div><div class="memdoc"> <p>The certificate has been revoked (is on a CRL). </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00088">88</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga1b87b2e1d26077023adf2a5c65a76776"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga1b87b2e1d26077023adf2a5c65a76776">◆ </a></span>MBEDTLS_X509_BADCERT_SKIP_VERIFY</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCERT_SKIP_VERIFY   0x80</td> </tr> </table> </div><div class="memdoc"> <p>Certificate verification was skipped. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00094">94</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gac2947ead6fd1035296826110ca74a364"></a> <h2 class="memtitle"><span class="permalink"><a href="#gac2947ead6fd1035296826110ca74a364">◆ </a></span>MBEDTLS_X509_BADCRL_BAD_KEY</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCRL_BAD_KEY   0x080000</td> </tr> </table> </div><div class="memdoc"> <p>The CRL is signed with an unacceptable key (eg bad curve, RSA too short). </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00106">106</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gad3f810fb74f94164185b88b90fffa329"></a> <h2 class="memtitle"><span class="permalink"><a href="#gad3f810fb74f94164185b88b90fffa329">◆ </a></span>MBEDTLS_X509_BADCRL_BAD_MD</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCRL_BAD_MD   0x020000</td> </tr> </table> </div><div class="memdoc"> <p>The CRL is signed with an unacceptable hash. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00104">104</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga182a6f1f465e566de7586e6ee8fa7c4e"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga182a6f1f465e566de7586e6ee8fa7c4e">◆ </a></span>MBEDTLS_X509_BADCRL_BAD_PK</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCRL_BAD_PK   0x040000</td> </tr> </table> </div><div class="memdoc"> <p>The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00105">105</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gaebccb1707af21f2d3d6610a7c6485f32"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaebccb1707af21f2d3d6610a7c6485f32">◆ </a></span>MBEDTLS_X509_BADCRL_EXPIRED</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCRL_EXPIRED   0x20</td> </tr> </table> </div><div class="memdoc"> <p>The CRL is expired. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00092">92</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gad93c0f614969729f7d13fb0a3acac68e"></a> <h2 class="memtitle"><span class="permalink"><a href="#gad93c0f614969729f7d13fb0a3acac68e">◆ </a></span>MBEDTLS_X509_BADCRL_FUTURE</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCRL_FUTURE   0x0400</td> </tr> </table> </div><div class="memdoc"> <p>The CRL is from the future. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00097">97</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gad1da8228ca957c2947fd329c32fc7ca4"></a> <h2 class="memtitle"><span class="permalink"><a href="#gad1da8228ca957c2947fd329c32fc7ca4">◆ </a></span>MBEDTLS_X509_BADCRL_NOT_TRUSTED</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_BADCRL_NOT_TRUSTED   0x10</td> </tr> </table> </div><div class="memdoc"> <p>The CRL is not correctly signed by the trusted CA. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00091">91</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga8d124765addc200627de55f2018b1ed3"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga8d124765addc200627de55f2018b1ed3">◆ </a></span>MBEDTLS_X509_CRT_VERSION_1</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_CRT_VERSION_1   0</td> </tr> </table> </div><div class="memdoc"> <p class="definition">Definition at line <a class="el" href="x509__crt_8h_source.html#l00116">116</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <a id="ga46a0b7f3a4c1f279f609fd8ea304c192"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga46a0b7f3a4c1f279f609fd8ea304c192">◆ </a></span>MBEDTLS_X509_CRT_VERSION_2</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_CRT_VERSION_2   1</td> </tr> </table> </div><div class="memdoc"> <p class="definition">Definition at line <a class="el" href="x509__crt_8h_source.html#l00117">117</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <a id="ga7c22a610222ea94e1faf96223bc5d9a4"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga7c22a610222ea94e1faf96223bc5d9a4">◆ </a></span>MBEDTLS_X509_CRT_VERSION_3</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_CRT_VERSION_3   2</td> </tr> </table> </div><div class="memdoc"> <p class="definition">Definition at line <a class="el" href="x509__crt_8h_source.html#l00118">118</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <a id="gaedcb73f1c615c266a348a0c62763c5de"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaedcb73f1c615c266a348a0c62763c5de">◆ </a></span>MBEDTLS_X509_ID_FLAG</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_ID_FLAG</td> <td>(</td> <td class="paramtype"> </td> <td class="paramname">id</td><td>)</td> <td>   ( 1 << ( id - 1 ) )</td> </tr> </table> </div><div class="memdoc"> <p>Build flag from an algorithm/curve identifier (pk, md, ecp) Since 0 is always XXX_NONE, ignore it. </p> <p class="definition">Definition at line <a class="el" href="x509__crt_8h_source.html#l00100">100</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <a id="ga4ebc833300be4f784ac13ff0a38085ce"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga4ebc833300be4f784ac13ff0a38085ce">◆ </a></span>MBEDTLS_X509_MAX_FILE_PATH_LEN</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_MAX_FILE_PATH_LEN   512</td> </tr> </table> </div><div class="memdoc"> <p class="definition">Definition at line <a class="el" href="x509__crt_8h_source.html#l00124">124</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <a id="gab98caf7dfede54b5c576b5a27a5c6a6a"></a> <h2 class="memtitle"><span class="permalink"><a href="#gab98caf7dfede54b5c576b5a27a5c6a6a">◆ </a></span>MBEDTLS_X509_MAX_INTERMEDIATE_CA</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_MAX_INTERMEDIATE_CA   8</td> </tr> </table> </div><div class="memdoc"> <p>Maximum number of intermediate CAs in a verification chain. </p> <p>That is, maximum length of the chain, excluding the end-entity certificate and the trusted root certificate.</p> <p>Set this to a low value to prevent an adversary from making you waste resources verifying an overlong certificate chain. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00053">53</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga189113155d9c64d4b4255b16761377c7"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga189113155d9c64d4b4255b16761377c7">◆ </a></span>MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN   32</td> </tr> </table> </div><div class="memdoc"> <p class="definition">Definition at line <a class="el" href="x509__crt_8h_source.html#l00120">120</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <a id="ga533580091501768fa25d4d682febbb08"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga533580091501768fa25d4d682febbb08">◆ </a></span>MBEDTLS_X509_RFC5280_UTC_TIME_LEN</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">#define MBEDTLS_X509_RFC5280_UTC_TIME_LEN   15</td> </tr> </table> </div><div class="memdoc"> <p class="definition">Definition at line <a class="el" href="x509__crt_8h_source.html#l00121">121</a> of file <a class="el" href="x509__crt_8h_source.html">x509_crt.h</a>.</p> </div> </div> <h2 class="groupheader">Typedef Documentation</h2> <a id="gaf25a97602f25027e160f22f6d5590636"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaf25a97602f25027e160f22f6d5590636">◆ </a></span>mbedtls_x509_bitstring</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef <a class="el" href="structmbedtls__asn1__bitstring.html">mbedtls_asn1_bitstring</a> <a class="el" href="group__x509__module.html#gaf25a97602f25027e160f22f6d5590636">mbedtls_x509_bitstring</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for ASN1 bit strings. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00193">193</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga4d02c9e8e4e2934555e0d132cd2976dc"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga4d02c9e8e4e2934555e0d132cd2976dc">◆ </a></span>mbedtls_x509_buf</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef <a class="el" href="structmbedtls__asn1__buf.html">mbedtls_asn1_buf</a> <a class="el" href="group__x509__module.html#ga4d02c9e8e4e2934555e0d132cd2976dc">mbedtls_x509_buf</a></td> </tr> </table> </div><div class="memdoc"> <p>Type-length-value structure that allows for ASN1 using DER. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00188">188</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga7957605a0ced963e12880ec9e19874fc"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga7957605a0ced963e12880ec9e19874fc">◆ </a></span>mbedtls_x509_crl</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> <a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a></td> </tr> </table> </div><div class="memdoc"> <p>Certificate revocation list structure. </p> <p>Every CRL may have multiple entries. </p> </div> </div> <a id="ga1e0c6230061fd501f9d00bd1b09ade33"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga1e0c6230061fd501f9d00bd1b09ade33">◆ </a></span>mbedtls_x509_crl_entry</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="structmbedtls__x509__crl__entry.html">mbedtls_x509_crl_entry</a> <a class="el" href="structmbedtls__x509__crl__entry.html">mbedtls_x509_crl_entry</a></td> </tr> </table> </div><div class="memdoc"> <p>Certificate revocation list entry. </p> <p>Contains the CA-specific serial numbers and revocation dates. </p> </div> </div> <a id="ga836544fec94d5bc02bc97aa87885b9d9"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga836544fec94d5bc02bc97aa87885b9d9">◆ </a></span>mbedtls_x509_crt</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for an X.509 certificate. </p> <p>The certificate may be chained. </p> </div> </div> <a id="gae481b23df67001bdac96ef9c2ab3ef7c"></a> <h2 class="memtitle"><span class="permalink"><a href="#gae481b23df67001bdac96ef9c2ab3ef7c">◆ </a></span>mbedtls_x509_csr</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> <a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a></td> </tr> </table> </div><div class="memdoc"> <p>Certificate Signing Request (CSR) structure. </p> </div> </div> <a id="ga2272228c7776102328df31623af3168c"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga2272228c7776102328df31623af3168c">◆ </a></span>mbedtls_x509_name</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef <a class="el" href="structmbedtls__asn1__named__data.html">mbedtls_asn1_named_data</a> <a class="el" href="group__x509__module.html#ga2272228c7776102328df31623af3168c">mbedtls_x509_name</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for ASN1 named information objects. </p> <p>It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.). </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00199">199</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="gabd52d60a09315854d9ef849d02154f35"></a> <h2 class="memtitle"><span class="permalink"><a href="#gabd52d60a09315854d9ef849d02154f35">◆ </a></span>mbedtls_x509_sequence</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef <a class="el" href="structmbedtls__asn1__sequence.html">mbedtls_asn1_sequence</a> <a class="el" href="group__x509__module.html#gabd52d60a09315854d9ef849d02154f35">mbedtls_x509_sequence</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for a sequence of ASN.1 items. </p> <p class="definition">Definition at line <a class="el" href="x509_8h_source.html#l00204">204</a> of file <a class="el" href="x509_8h_source.html">x509.h</a>.</p> </div> </div> <a id="ga38827540a02fb2ddca08ec0917a8a41b"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga38827540a02fb2ddca08ec0917a8a41b">◆ </a></span>mbedtls_x509_time</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="structmbedtls__x509__time.html">mbedtls_x509_time</a> <a class="el" href="structmbedtls__x509__time.html">mbedtls_x509_time</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for date and time (precision in seconds). </p> </div> </div> <a id="gacc3115587f8d882a7a137c38d6939e07"></a> <h2 class="memtitle"><span class="permalink"><a href="#gacc3115587f8d882a7a137c38d6939e07">◆ </a></span>mbedtls_x509write_cert</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="structmbedtls__x509write__cert.html">mbedtls_x509write_cert</a> <a class="el" href="structmbedtls__x509write__cert.html">mbedtls_x509write_cert</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for writing a certificate (CRT) </p> </div> </div> <a id="ga7b0b4f8c5cfd541ee20c53907edb636d"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga7b0b4f8c5cfd541ee20c53907edb636d">◆ </a></span>mbedtls_x509write_csr</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">typedef struct <a class="el" href="structmbedtls__x509write__csr.html">mbedtls_x509write_csr</a> <a class="el" href="structmbedtls__x509write__csr.html">mbedtls_x509write_csr</a></td> </tr> </table> </div><div class="memdoc"> <p>Container for writing a CSR. </p> </div> </div> <h2 class="groupheader">Function Documentation</h2> <a id="gae1bf556398cac1761aa2041908e9f619"></a> <h2 class="memtitle"><span class="permalink"><a href="#gae1bf556398cac1761aa2041908e9f619">◆ </a></span>mbedtls_dhm_parse_dhm()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_dhm_parse_dhm </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__dhm__context.html">mbedtls_dhm_context</a> * </td> <td class="paramname"><em>dhm</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>dhmin</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>dhminlen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Parse DHM parameters in PEM or DER format. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">dhm</td><td>DHM context to be initialized </td></tr> <tr><td class="paramname">dhmin</td><td>input buffer </td></tr> <tr><td class="paramname">dhminlen</td><td>size of the buffer (including the terminating null byte for PEM data)</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific DHM or PEM error code </dd></dl> </div> </div> <a id="gae2f53ca5e795b7e8674f092777a5a828"></a> <h2 class="memtitle"><span class="permalink"><a href="#gae2f53ca5e795b7e8674f092777a5a828">◆ </a></span>mbedtls_dhm_parse_dhmfile()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_dhm_parse_dhmfile </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__dhm__context.html">mbedtls_dhm_context</a> * </td> <td class="paramname"><em>dhm</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>path</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load and parse DHM parameters. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">dhm</td><td>DHM context to be initialized </td></tr> <tr><td class="paramname">path</td><td>filename to read the DHM Parameters from</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific DHM or PEM error code </dd></dl> </div> </div> <a id="gaeb19c3326889f9e493fbd605c1113b96"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaeb19c3326889f9e493fbd605c1113b96">◆ </a></span>mbedtls_x509_crl_free()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void mbedtls_x509_crl_free </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> * </td> <td class="paramname"><em>crl</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Unallocate all CRL data. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crl</td><td>CRL chain to free </td></tr> </table> </dd> </dl> </div> </div> <a id="ga35898e101f5039c6db6b930da9892366"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga35898e101f5039c6db6b930da9892366">◆ </a></span>mbedtls_x509_crl_info()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crl_info </td> <td>(</td> <td class="paramtype">char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>size</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>prefix</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> * </td> <td class="paramname"><em>crl</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Returns an informational string about the CRL. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">buf</td><td>Buffer to write to </td></tr> <tr><td class="paramname">size</td><td>Maximum size of buffer </td></tr> <tr><td class="paramname">prefix</td><td>A line prefix </td></tr> <tr><td class="paramname">crl</td><td>The X509 CRL to represent</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>The length of the string written (not including the terminated nul byte), or a negative error code. </dd></dl> </div> </div> <a id="ga8513a192e281217802837571da98e218"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga8513a192e281217802837571da98e218">◆ </a></span>mbedtls_x509_crl_init()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void mbedtls_x509_crl_init </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> * </td> <td class="paramname"><em>crl</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Initialize a CRL (chain) </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crl</td><td>CRL chain to initialize </td></tr> </table> </dd> </dl> </div> </div> <a id="gadfce4fc5f5af62e371695e74c5b67d70"></a> <h2 class="memtitle"><span class="permalink"><a href="#gadfce4fc5f5af62e371695e74c5b67d70">◆ </a></span>mbedtls_x509_crl_parse()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crl_parse </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Parse one or more CRLs and append them to the chained list. </p> <dl class="section note"><dt>Note</dt><dd>Mutliple CRLs are accepted only if using PEM format</dd></dl> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the CRL data in PEM or DER format </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer (including the terminating null byte for PEM data)</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> </div> </div> <a id="ga29ab5f1216a727b334ee26cce9f5d4b5"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga29ab5f1216a727b334ee26cce9f5d4b5">◆ </a></span>mbedtls_x509_crl_parse_der()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crl_parse_der </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Parse a DER-encoded CRL and append it to the chained list. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the CRL data in DER format </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer (including the terminating null byte for PEM data)</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> </div> </div> <a id="ga8e096827f1240b8f8bc15d6a83593f22"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga8e096827f1240b8f8bc15d6a83593f22">◆ </a></span>mbedtls_x509_crl_parse_file()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crl_parse_file </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>path</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load one or more CRLs and append them to the chained list. </p> <dl class="section note"><dt>Note</dt><dd>Mutliple CRLs are accepted only if using PEM format</dd></dl> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">path</td><td>filename to read the CRLs from (in PEM or DER encoding)</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> </div> </div> <a id="gad21c0e75a3fdbeb1f65e4d339e479df3"></a> <h2 class="memtitle"><span class="permalink"><a href="#gad21c0e75a3fdbeb1f65e4d339e479df3">◆ </a></span>mbedtls_x509_crt_check_extended_key_usage()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_check_extended_key_usage </td> <td>(</td> <td class="paramtype">const <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>crt</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>usage_oid</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>usage_len</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Check usage of certificate against extentedJeyUsage. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>Leaf certificate used. </td></tr> <tr><td class="paramname">usage_oid</td><td>Intended usage (eg MBEDTLS_OID_SERVER_AUTH or MBEDTLS_OID_CLIENT_AUTH). </td></tr> <tr><td class="paramname">usage_len</td><td>Length of usage_oid (eg given by <a class="el" href="asn1_8h.html#ac2f2e00874ca486c912c33bb4f7bb16a" title="Returns the size of the binary string, without the trailing \0. ">MBEDTLS_OID_SIZE()</a>).</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if this use of the certificate is allowed, MBEDTLS_ERR_X509_BAD_INPUT_DATA if not.</dd></dl> <dl class="section note"><dt>Note</dt><dd>Usually only makes sense on leaf certificates. </dd></dl> </div> </div> <a id="ga0ab7857ffd82467207e718bb9f0131a2"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga0ab7857ffd82467207e718bb9f0131a2">◆ </a></span>mbedtls_x509_crt_check_key_usage()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_check_key_usage </td> <td>(</td> <td class="paramtype">const <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>crt</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">unsigned int </td> <td class="paramname"><em>usage</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Check usage of certificate against keyUsage extension. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>Leaf certificate used. </td></tr> <tr><td class="paramname">usage</td><td>Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT before using the certificate to perform an RSA key exchange).</td></tr> </table> </dd> </dl> <dl class="section note"><dt>Note</dt><dd>Except for decipherOnly and encipherOnly, a bit set in the usage argument means this bit MUST be set in the certificate. For decipherOnly and encipherOnly, it means that bit MAY be set.</dd></dl> <dl class="section return"><dt>Returns</dt><dd>0 is these uses of the certificate are allowed, MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension is present but does not match the usage argument.</dd></dl> <dl class="section note"><dt>Note</dt><dd>You should only call this function on leaf certificates, on (intermediate) CAs the keyUsage extension is automatically checked by <code><a class="el" href="group__x509__module.html#ga98ed4504e4f832b735a230acf54fcde3" title="Verify the certificate signature. ">mbedtls_x509_crt_verify()</a></code>. </dd></dl> </div> </div> <a id="gab33c1e4e20bea7ce536119f54a113c6b"></a> <h2 class="memtitle"><span class="permalink"><a href="#gab33c1e4e20bea7ce536119f54a113c6b">◆ </a></span>mbedtls_x509_crt_free()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void mbedtls_x509_crt_free </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>crt</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Unallocate all certificate data. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>Certificate chain to free </td></tr> </table> </dd> </dl> </div> </div> <a id="gabaf30f2269fc3b6608b25871f9d09da6"></a> <h2 class="memtitle"><span class="permalink"><a href="#gabaf30f2269fc3b6608b25871f9d09da6">◆ </a></span>mbedtls_x509_crt_info()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_info </td> <td>(</td> <td class="paramtype">char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>size</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>prefix</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>crt</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Returns an informational string about the certificate. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">buf</td><td>Buffer to write to </td></tr> <tr><td class="paramname">size</td><td>Maximum size of buffer </td></tr> <tr><td class="paramname">prefix</td><td>A line prefix </td></tr> <tr><td class="paramname">crt</td><td>The X509 certificate to represent</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>The length of the string written (not including the terminated nul byte), or a negative error code. </dd></dl> </div> </div> <a id="ga016dd06bc770e77b84005f305df20ed1"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga016dd06bc770e77b84005f305df20ed1">◆ </a></span>mbedtls_x509_crt_init()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void mbedtls_x509_crt_init </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>crt</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Initialize a certificate (chain) </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>Certificate chain to initialize </td></tr> </table> </dd> </dl> </div> </div> <a id="ga0dc256a70f90cb68002d53bafffab232"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga0dc256a70f90cb68002d53bafffab232">◆ </a></span>mbedtls_x509_crt_is_revoked()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_is_revoked </td> <td>(</td> <td class="paramtype">const <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>crt</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> * </td> <td class="paramname"><em>crl</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Verify the certificate revocation status. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>a certificate to be verified </td></tr> <tr><td class="paramname">crl</td><td>the CRL to verify against</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>1 if the certificate is revoked, 0 otherwise </dd></dl> </div> </div> <a id="ga033567483649030f7f859db4f4cb7e14"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga033567483649030f7f859db4f4cb7e14">◆ </a></span>mbedtls_x509_crt_parse()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_parse </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Parse one or more certificates and add them to the chained list. </p> <p>Parses permissively. If some certificates can be parsed, the result is the number of failed certificates it encountered. If none complete correctly, the first error is returned.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the certificate data in PEM or DER format </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer (including the terminating null byte for PEM data)</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if all certificates parsed successfully, a positive number if partly successful or a specific X509 or PEM error code </dd></dl> </div> </div> <a id="ga003c2483a2691e025641fa9d68d4a96a"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga003c2483a2691e025641fa9d68d4a96a">◆ </a></span>mbedtls_x509_crt_parse_der()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_parse_der </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Parse a single DER formatted certificate and add it to the chained list. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the certificate DER data </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> </div> </div> <a id="gad4da63133d3590aa311488497d4c38ec"></a> <h2 class="memtitle"><span class="permalink"><a href="#gad4da63133d3590aa311488497d4c38ec">◆ </a></span>mbedtls_x509_crt_parse_file()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_parse_file </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>path</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load one or more certificates and add them to the chained list. </p> <p>Parses permissively. If some certificates can be parsed, the result is the number of failed certificates it encountered. If none complete correctly, the first error is returned.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">path</td><td>filename to read the certificates from</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if all certificates parsed successfully, a positive number if partly successful or a specific X509 or PEM error code </dd></dl> </div> </div> <a id="ga571fc89b9f3217ab3dd67bd7af905066"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga571fc89b9f3217ab3dd67bd7af905066">◆ </a></span>mbedtls_x509_crt_parse_path()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_parse_path </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>chain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>path</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load one or more certificate files from a path and add them to the chained list. </p> <p>Parses permissively. If some certificates can be parsed, the result is the number of failed certificates it encountered. If none complete correctly, the first error is returned.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">chain</td><td>points to the start of the chain </td></tr> <tr><td class="paramname">path</td><td>directory / folder to read the certificate files from</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if all certificates parsed successfully, a positive number if partly successful or a specific X509 or PEM error code </dd></dl> </div> </div> <a id="ga98ed4504e4f832b735a230acf54fcde3"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga98ed4504e4f832b735a230acf54fcde3">◆ </a></span>mbedtls_x509_crt_verify()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_verify </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>crt</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>trust_ca</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> * </td> <td class="paramname"><em>ca_crl</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>cn</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">uint32_t * </td> <td class="paramname"><em>flags</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">int(*)(void *, <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *, int, uint32_t *) </td> <td class="paramname"><em>f_vrfy</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">void * </td> <td class="paramname"><em>p_vrfy</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Verify the certificate signature. </p> <p>The verify callback is a user-supplied callback that can clear / modify / add flags for a certificate. If set, the verification callback is called for each certificate in the chain (from the trust-ca down to the presented crt). The parameters for the callback are: (void *parameter, <a class="el" href="structmbedtls__x509__crt.html" title="Container for an X.509 certificate. ">mbedtls_x509_crt</a> *crt, int certificate_depth, int *flags). With the flags representing current flags for that specific certificate and the certificate depth from the bottom (Peer cert depth = 0).</p> <p>All flags left after returning from the callback are also returned to the application. The function should return 0 for anything (including invalid certificates) other than fatal error, as a non-zero return code immediately aborts the verification process. For fatal errors, a specific error code should be used (different from MBEDTLS_ERR_X509_CERT_VERIFY_FAILED which should not be returned at this point), or MBEDTLS_ERR_X509_FATAL_ERROR can be used if no better code is available.</p> <dl class="section note"><dt>Note</dt><dd>In case verification failed, the results can be displayed using <code><a class="el" href="group__x509__module.html#gae88f1d8e6696eb2beeffe0a708219e6b" title="Returns an informational string about the verification status of a certificate. ">mbedtls_x509_crt_verify_info()</a></code> </dd> <dd> Same as <code><a class="el" href="group__x509__module.html#gaf044a51e5b5bc854bf12aeeccb440e55" title="Verify the certificate signature according to profile. ">mbedtls_x509_crt_verify_with_profile()</a></code> with the default security profile.</dd> <dd> It is your responsibility to provide up-to-date CRLs for all trusted CAs. If no CRL is provided for the CA that was used to sign the certificate, CRL verification is skipped silently, that is <em>without</em> setting any flag.</dd></dl> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>a certificate (chain) to be verified </td></tr> <tr><td class="paramname">trust_ca</td><td>the list of trusted CAs </td></tr> <tr><td class="paramname">ca_crl</td><td>the list of CRLs for trusted CAs (see note above) </td></tr> <tr><td class="paramname">cn</td><td>expected Common Name (can be set to NULL if the CN must not be verified) </td></tr> <tr><td class="paramname">flags</td><td>result of the verification </td></tr> <tr><td class="paramname">f_vrfy</td><td>verification function </td></tr> <tr><td class="paramname">p_vrfy</td><td>verification parameter</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 (and flags set to 0) if the chain was verified and valid, MBEDTLS_ERR_X509_CERT_VERIFY_FAILED if the chain was verified but found to be invalid, in which case *flags will have one or more MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX flags set, or another error (and flags set to 0xffffffff) in case of a fatal error encountered during the verification process. </dd></dl> </div> </div> <a id="gae88f1d8e6696eb2beeffe0a708219e6b"></a> <h2 class="memtitle"><span class="permalink"><a href="#gae88f1d8e6696eb2beeffe0a708219e6b">◆ </a></span>mbedtls_x509_crt_verify_info()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_verify_info </td> <td>(</td> <td class="paramtype">char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>size</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>prefix</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">uint32_t </td> <td class="paramname"><em>flags</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Returns an informational string about the verification status of a certificate. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">buf</td><td>Buffer to write to </td></tr> <tr><td class="paramname">size</td><td>Maximum size of buffer </td></tr> <tr><td class="paramname">prefix</td><td>A line prefix </td></tr> <tr><td class="paramname">flags</td><td>Verification flags created by <a class="el" href="group__x509__module.html#ga98ed4504e4f832b735a230acf54fcde3" title="Verify the certificate signature. ">mbedtls_x509_crt_verify()</a></td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>The length of the string written (not including the terminated nul byte), or a negative error code. </dd></dl> </div> </div> <a id="gaf044a51e5b5bc854bf12aeeccb440e55"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaf044a51e5b5bc854bf12aeeccb440e55">◆ </a></span>mbedtls_x509_crt_verify_with_profile()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_crt_verify_with_profile </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>crt</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> * </td> <td class="paramname"><em>trust_ca</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype"><a class="el" href="structmbedtls__x509__crl.html">mbedtls_x509_crl</a> * </td> <td class="paramname"><em>ca_crl</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="structmbedtls__x509__crt__profile.html">mbedtls_x509_crt_profile</a> * </td> <td class="paramname"><em>profile</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>cn</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">uint32_t * </td> <td class="paramname"><em>flags</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">int(*)(void *, <a class="el" href="structmbedtls__x509__crt.html">mbedtls_x509_crt</a> *, int, uint32_t *) </td> <td class="paramname"><em>f_vrfy</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">void * </td> <td class="paramname"><em>p_vrfy</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Verify the certificate signature according to profile. </p> <dl class="section note"><dt>Note</dt><dd>Same as <code><a class="el" href="group__x509__module.html#ga98ed4504e4f832b735a230acf54fcde3" title="Verify the certificate signature. ">mbedtls_x509_crt_verify()</a></code>, but with explicit security profile.</dd> <dd> The restrictions on keys (RSA minimum size, allowed curves for ECDSA) apply to all certificates: trusted root, intermediate CAs if any, and end entity certificate.</dd></dl> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">crt</td><td>a certificate (chain) to be verified </td></tr> <tr><td class="paramname">trust_ca</td><td>the list of trusted CAs </td></tr> <tr><td class="paramname">ca_crl</td><td>the list of CRLs for trusted CAs </td></tr> <tr><td class="paramname">profile</td><td>security profile for verification </td></tr> <tr><td class="paramname">cn</td><td>expected Common Name (can be set to NULL if the CN must not be verified) </td></tr> <tr><td class="paramname">flags</td><td>result of the verification </td></tr> <tr><td class="paramname">f_vrfy</td><td>verification function </td></tr> <tr><td class="paramname">p_vrfy</td><td>verification parameter</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful or MBEDTLS_ERR_X509_CERT_VERIFY_FAILED in which case *flags will have one or more MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX flags set, or another error in case of a fatal error encountered during the verification process. </dd></dl> </div> </div> <a id="gac2139becff64aa7294ecad4f40767a84"></a> <h2 class="memtitle"><span class="permalink"><a href="#gac2139becff64aa7294ecad4f40767a84">◆ </a></span>mbedtls_x509_csr_free()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void mbedtls_x509_csr_free </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> * </td> <td class="paramname"><em>csr</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Unallocate all CSR data. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">csr</td><td>CSR to free </td></tr> </table> </dd> </dl> </div> </div> <a id="gaeec330c8cb351adc2870f4f088f36fdc"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaeec330c8cb351adc2870f4f088f36fdc">◆ </a></span>mbedtls_x509_csr_info()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_csr_info </td> <td>(</td> <td class="paramtype">char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>size</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>prefix</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> * </td> <td class="paramname"><em>csr</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Returns an informational string about the CSR. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">buf</td><td>Buffer to write to </td></tr> <tr><td class="paramname">size</td><td>Maximum size of buffer </td></tr> <tr><td class="paramname">prefix</td><td>A line prefix </td></tr> <tr><td class="paramname">csr</td><td>The X509 CSR to represent</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>The length of the string written (not including the terminated nul byte), or a negative error code. </dd></dl> </div> </div> <a id="ga984db025f6953ea61be7dfca2d928f37"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga984db025f6953ea61be7dfca2d928f37">◆ </a></span>mbedtls_x509_csr_init()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void mbedtls_x509_csr_init </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> * </td> <td class="paramname"><em>csr</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Initialize a CSR. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">csr</td><td>CSR to initialize </td></tr> </table> </dd> </dl> </div> </div> <a id="ga53012fb8859f4835ccfb0a5e359b3176"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga53012fb8859f4835ccfb0a5e359b3176">◆ </a></span>mbedtls_x509_csr_parse()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_csr_parse </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> * </td> <td class="paramname"><em>csr</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load a Certificate Signing Request (CSR), DER or PEM format. </p> <dl class="section note"><dt>Note</dt><dd>See notes for <code><a class="el" href="group__x509__module.html#ga4c58fa3804ea9feb1acf745221f17208" title="Load a Certificate Signing Request (CSR) in DER format. ">mbedtls_x509_csr_parse_der()</a></code> </dd></dl> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">csr</td><td>CSR context to fill </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the CRL data </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer (including the terminating null byte for PEM data)</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> </div> </div> <a id="ga4c58fa3804ea9feb1acf745221f17208"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga4c58fa3804ea9feb1acf745221f17208">◆ </a></span>mbedtls_x509_csr_parse_der()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_csr_parse_der </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> * </td> <td class="paramname"><em>csr</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const unsigned char * </td> <td class="paramname"><em>buf</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">size_t </td> <td class="paramname"><em>buflen</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load a Certificate Signing Request (CSR) in DER format. </p> <dl class="section note"><dt>Note</dt><dd>CSR attributes (if any) are currently silently ignored.</dd></dl> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">csr</td><td>CSR context to fill </td></tr> <tr><td class="paramname">buf</td><td>buffer holding the CRL data </td></tr> <tr><td class="paramname">buflen</td><td>size of the buffer</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 error code </dd></dl> </div> </div> <a id="gaf49db7323eee45d9649600de18d715f8"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaf49db7323eee45d9649600de18d715f8">◆ </a></span>mbedtls_x509_csr_parse_file()</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">int mbedtls_x509_csr_parse_file </td> <td>(</td> <td class="paramtype"><a class="el" href="structmbedtls__x509__csr.html">mbedtls_x509_csr</a> * </td> <td class="paramname"><em>csr</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>path</em> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td></td> </tr> </table> </div><div class="memdoc"> <p>Load a Certificate Signing Request (CSR) </p> <dl class="section note"><dt>Note</dt><dd>See notes for <code><a class="el" href="group__x509__module.html#ga53012fb8859f4835ccfb0a5e359b3176" title="Load a Certificate Signing Request (CSR), DER or PEM format. ">mbedtls_x509_csr_parse()</a></code> </dd></dl> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">csr</td><td>CSR context to fill </td></tr> <tr><td class="paramname">path</td><td>filename to read the CSR from</td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>0 if successful, or a specific X509 or PEM error code </dd></dl> </div> </div> <h2 class="groupheader">Variable Documentation</h2> <a id="ga9cd2de10ffeff0f339abcc1ba7e26fdf"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga9cd2de10ffeff0f339abcc1ba7e26fdf">◆ </a></span>mbedtls_x509_crt_profile_default</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">const <a class="el" href="structmbedtls__x509__crt__profile.html">mbedtls_x509_crt_profile</a> mbedtls_x509_crt_profile_default</td> </tr> </table> </div><div class="memdoc"> <p>Default security profile. </p> <p>Should provide a good balance between security and compatibility with current deployments. </p> </div> </div> <a id="ga8ab1f8a044fd25f76ecb4ba15c6d5bcd"></a> <h2 class="memtitle"><span class="permalink"><a href="#ga8ab1f8a044fd25f76ecb4ba15c6d5bcd">◆ </a></span>mbedtls_x509_crt_profile_next</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">const <a class="el" href="structmbedtls__x509__crt__profile.html">mbedtls_x509_crt_profile</a> mbedtls_x509_crt_profile_next</td> </tr> </table> </div><div class="memdoc"> <p>Expected next default profile. </p> <p>Recommended for new deployments. Currently targets a 128-bit security level, except for RSA-2048. </p> </div> </div> <a id="gaf09067a39129236125e353a68ceb45d6"></a> <h2 class="memtitle"><span class="permalink"><a href="#gaf09067a39129236125e353a68ceb45d6">◆ </a></span>mbedtls_x509_crt_profile_suiteb</h2> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">const <a class="el" href="structmbedtls__x509__crt__profile.html">mbedtls_x509_crt_profile</a> mbedtls_x509_crt_profile_suiteb</td> </tr> </table> </div><div class="memdoc"> <p>NSA Suite B profile. </p> </div> </div> </div><!-- contents --> <!-- start footer part --> <hr class="footer"/><address class="footer"><small> Generated on Thu Dec 28 2017 18:33:30 for mbed TLS v2.6.0 by  <a href="http://www.doxygen.org/index.html"> <img class="footer" src="doxygen.png" alt="doxygen"/> </a> 1.8.13 </small></address> </body> </html>