Data Structures | Macros | Typedefs | Enumerations | Functions
acme_client.h File Reference

ACME client (Automatic Certificate Management Environment) More...

#include "acme_config.h"
#include "core/net.h"
#include "http/http_client.h"
#include "tls.h"
#include "pkix/x509_common.h"

Go to the source code of this file.

Data Structures

struct  AcmeKeyPair
 Public/private key pair. More...
 
struct  AcmeAccountParams
 ACME account creation parameters. More...
 
struct  AcmeDomainParams
 Domain parameters. More...
 
struct  AcmeOrderParams
 Certificate order parameters. More...
 
struct  AcmeDirectory
 Directory object. More...
 
struct  AcmeAccount
 Account object. More...
 
struct  AcmeIdentifier
 Identifier object. More...
 
struct  AcmeOrder
 Order object. More...
 
struct  AcmeAuthorization
 Authorization object. More...
 
struct  AcmeChallenge
 Challenge object. More...
 
struct  _AcmeClientContext
 ACME client context. More...
 

Macros

#define CYCLONE_ACME_VERSION_STRING   "2.5.0"
 
#define CYCLONE_ACME_MAJOR_VERSION   2
 
#define CYCLONE_ACME_MINOR_VERSION   5
 
#define CYCLONE_ACME_REV_NUMBER   0
 
#define ACME_CLIENT_SUPPORT   ENABLED
 
#define ACME_CLIENT_HTTP_CHALLENGE_SUPPORT   ENABLED
 
#define ACME_CLIENT_DNS_CHALLENGE_SUPPORT   ENABLED
 
#define ACME_CLIENT_TLS_ALPN_CHALLENGE_SUPPORT   DISABLED
 
#define ACME_CLIENT_RSA_SUPPORT   ENABLED
 
#define ACME_CLIENT_ECDSA_SUPPORT   ENABLED
 
#define ACME_CLIENT_SM2_SUPPORT   DISABLED
 
#define ACME_CLIENT_ED25519_SUPPORT   DISABLED
 
#define ACME_CLIENT_ED448_SUPPORT   DISABLED
 
#define ACME_CLIENT_DEFAULT_TIMEOUT   20000
 
#define ACME_CLIENT_MAX_CONTACTS   4
 
#define ACME_CLIENT_MAX_DOMAINS   2
 
#define ACME_CLIENT_BUFFER_SIZE   6144
 
#define ACME_CLIENT_MAX_NAME_LEN   64
 
#define ACME_CLIENT_MAX_URI_LEN   32
 
#define ACME_CLIENT_MAX_URL_LEN   128
 
#define ACME_CLIENT_MAX_URN_LEN   64
 
#define ACME_CLIENT_MAX_NONCE_LEN   64
 
#define ACME_CLIENT_MAX_TOKEN_LEN   64
 
#define ACME_CLIENT_MAX_KEY_AUTH_LEN   128
 
#define ACME_CLIENT_MAX_TLS_ALPN_CERT_LEN   1536
 
#define ACME_CLIENT_MAX_CONTENT_TYPE_LEN   40
 
#define ACME_CLIENT_MAX_BAD_NONCE_ERRORS   5
 
#define ACME_CLIENT_PRIVATE_CONTEXT
 
#define AcmeClientContext   struct _AcmeClientContext
 

Typedefs

typedef error_t(* AcmeClientTlsInitCallback) (HttpClientContext *context, TlsContext *tlsContext)
 TLS initialization callback function. More...
 
typedef error_t(* AcmeClientCsrCallback) (AcmeClientContext *context, uint8_t *buffer, size_t size, size_t *length)
 CSR generation callback function. More...
 

Enumerations

enum  AcmeClientState {
  ACME_CLIENT_STATE_DISCONNECTED = 0, ACME_CLIENT_STATE_CONNECTING = 1, ACME_CLIENT_STATE_CONNECTED = 2, ACME_CLIENT_STATE_DIRECTORY = 3,
  ACME_CLIENT_STATE_NEW_NONCE = 4, ACME_CLIENT_STATE_NEW_ACCOUNT = 5, ACME_CLIENT_STATE_UPDATE_ACCOUNT = 6, ACME_CLIENT_STATE_CHANGE_KEY = 7,
  ACME_CLIENT_STATE_DEACTIVATE_ACCOUNT = 8, ACME_CLIENT_STATE_NEW_ORDER = 9, ACME_CLIENT_STATE_AUTHORIZATION = 10, ACME_CLIENT_STATE_CHALLENGE_READY = 11,
  ACME_CLIENT_STATE_POLL_STATUS_1 = 12, ACME_CLIENT_STATE_FINALIZE = 13, ACME_CLIENT_STATE_POLL_STATUS_2 = 14, ACME_CLIENT_STATE_DOWNLOAD_CERT = 15,
  ACME_CLIENT_STATE_REVOKE_CERT = 16, ACME_CLIENT_STATE_DISCONNECTING = 17
}
 ACME client states. More...
 
enum  AcmeRequestState {
  ACME_REQ_STATE_INIT = 0, ACME_REQ_STATE_FORMAT_HEADER = 1, ACME_REQ_STATE_SEND_HEADER = 2, ACME_REQ_STATE_FORMAT_BODY = 3,
  ACME_REQ_STATE_SEND_BODY = 4, ACME_REQ_STATE_RECEIVE_HEADER = 5, ACME_REQ_STATE_PARSE_HEADER = 6, ACME_REQ_STATE_RECEIVE_BODY = 7,
  ACME_REQ_STATE_PARSE_BODY = 8, ACME_REQ_STATE_CLOSE_BODY = 9
}
 HTTP request states. More...
 
enum  AcmeAccountStatus { ACME_ACCOUNT_STATUS_NONE = 0, ACME_ACCOUNT_STATUS_VALID = 1, ACME_ACCOUNT_STATUS_DEACTIVATED = 2, ACME_ACCOUNT_STATUS_REVOKED = 3 }
 Account status. More...
 
enum  AcmeOrderStatus {
  ACME_ORDER_STATUS_NONE = 0, ACME_ORDER_STATUS_PENDING = 1, ACME_ORDER_STATUS_READY = 2, ACME_ORDER_STATUS_PROCESSING = 3,
  ACME_ORDER_STATUS_VALID = 4, ACME_ORDER_STATUS_INVALID = 5
}
 Order status. More...
 
enum  AcmeAuthStatus {
  ACME_AUTH_STATUS_NONE = 0, ACME_AUTH_STATUS_PENDING = 1, ACME_AUTH_STATUS_VALID = 2, ACME_AUTH_STATUS_INVALID = 3,
  ACME_AUTH_STATUS_EXPIRED = 4, ACME_AUTH_STATUS_DEACTIVATED = 5, ACME_AUTH_STATUS_REVOKED = 6
}
 Authorization status. More...
 
enum  AcmeChallengeStatus {
  ACME_CHALLENGE_STATUS_NONE = 0, ACME_CHALLENGE_STATUS_PENDING = 1, ACME_CHALLENGE_STATUS_PROCESSING = 2, ACME_CHALLENGE_STATUS_VALID = 3,
  ACME_CHALLENGE_STATUS_INVALID = 4
}
 Challenge status. More...
 
enum  AcmeChallengeType { ACME_CHALLENGE_TYPE_NONE = 0, ACME_CHALLENGE_TYPE_HTTP_01 = 1, ACME_CHALLENGE_TYPE_DNS_01 = 2, ACME_CHALLENGE_TYPE_TLS_ALPN_01 = 3 }
 Challenge types. More...
 
enum  AcmeReasonCode {
  ACME_REASON_UNSPECIFIED = 0, ACME_REASON_KEY_COMPROMISE = 1, ACME_REASON_CA_COMPROMISE = 2, ACME_REASON_AFFILIATION_CHANGED = 3,
  ACME_REASON_SUPERSEDED = 4, ACME_REASON_CESSATION_OF_OPERATION = 5, ACME_REASON_CERTIFICATE_HOLD = 6, ACME_REMOVE_FROM_CRL = 8,
  ACME_REASON_PRIVILEGE_WITHDRAWN = 9, ACME_REASON_AA_COMPROMISE = 10
}
 Revocation reason codes. More...
 

Functions

error_t acmeClientInit (AcmeClientContext *context)
 Initialize ACME client context. More...
 
error_t acmeClientRegisterTlsInitCallback (AcmeClientContext *context, AcmeClientTlsInitCallback callback)
 Register TLS initialization callback function. More...
 
error_t acmeClientRegisterCsrCallback (AcmeClientContext *context, AcmeClientCsrCallback callback)
 Register CSR generation callback function. More...
 
error_t acmeClientSetPrng (AcmeClientContext *context, const PrngAlgo *prngAlgo, void *prngContext)
 Set the pseudo-random number generator to be used. More...
 
error_t acmeClientSetTimeout (AcmeClientContext *context, systime_t timeout)
 Set communication timeout. More...
 
error_t acmeClientSetHost (AcmeClientContext *context, const char_t *host)
 Set the domain name of the ACME server. More...
 
error_t acmeClientSetDirectoryUri (AcmeClientContext *context, const char_t *directoryUri)
 Set the URI of the directory object. More...
 
error_t acmeClientBindToInterface (AcmeClientContext *context, NetInterface *interface)
 Bind the ACME client to a particular network interface. More...
 
error_t acmeClientConnect (AcmeClientContext *context, const IpAddr *serverIpAddr, uint16_t serverPort)
 Establish a connection with the specified ACME server. More...
 
error_t acmeClientSetAccountKey (AcmeClientContext *context, const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
 Load account key pair. More...
 
error_t acmeClientCreateAccount (AcmeClientContext *context, const AcmeAccountParams *params)
 Account creation. More...
 
error_t acmeClientUpdateAccount (AcmeClientContext *context, const AcmeAccountParams *params)
 Account information update. More...
 
error_t acmeClientChangeAccountKey (AcmeClientContext *context, const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
 Account key rollover. More...
 
error_t acmeClientDeactivateAccount (AcmeClientContext *context)
 ACME account deactivation. More...
 
error_t acmeClientCreateOrder (AcmeClientContext *context, const AcmeOrderParams *params)
 Begin the certificate issuance process. More...
 
const char_tacmeClientGetHttpKeyAuthorization (AcmeClientContext *context, const char_t *token)
 Get the key authorization that matches a given token (HTTP challenge) More...
 
const char_tacmeClientGetDnsKeyAuthorization (AcmeClientContext *context, const char_t *identifier)
 Get the key authorization digest that matches a given identifier (DNS challenge) More...
 
const char_tacmeClientGetTlsAlpnCertificate (AcmeClientContext *context, const char_t *identifier)
 Get the self-certificate that matches a given identifier (TLS-ALPN challenge) More...
 
error_t acmeClientPollOrderStatus (AcmeClientContext *context, AcmeOrderStatus *orderStatus)
 Poll for order status. More...
 
error_t acmeClientDownloadCertificate (AcmeClientContext *context, char_t *buffer, size_t size, size_t *length)
 Download the certificate. More...
 
error_t acmeClientRevokeCertificate (AcmeClientContext *context, const char_t *cert, size_t certLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password, AcmeReasonCode reason)
 Certificate revocation. More...
 
error_t acmeClientDisconnect (AcmeClientContext *context)
 Gracefully disconnect from the ACME server. More...
 
error_t acmeClientClose (AcmeClientContext *context)
 Close the connection with the ACME server. More...
 
void acmeClientDeinit (AcmeClientContext *context)
 Release ACME client context. More...
 

Detailed Description

ACME client (Automatic Certificate Management Environment)

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2019-2025 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneACME Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.5.0

Definition in file acme_client.h.

Macro Definition Documentation

◆ ACME_CLIENT_BUFFER_SIZE

#define ACME_CLIENT_BUFFER_SIZE   6144

Definition at line 166 of file acme_client.h.

◆ ACME_CLIENT_DEFAULT_TIMEOUT

#define ACME_CLIENT_DEFAULT_TIMEOUT   20000

Definition at line 145 of file acme_client.h.

◆ ACME_CLIENT_DNS_CHALLENGE_SUPPORT

#define ACME_CLIENT_DNS_CHALLENGE_SUPPORT   ENABLED

Definition at line 94 of file acme_client.h.

◆ ACME_CLIENT_ECDSA_SUPPORT

#define ACME_CLIENT_ECDSA_SUPPORT   ENABLED

Definition at line 117 of file acme_client.h.

◆ ACME_CLIENT_ED25519_SUPPORT

#define ACME_CLIENT_ED25519_SUPPORT   DISABLED

Definition at line 131 of file acme_client.h.

◆ ACME_CLIENT_ED448_SUPPORT

#define ACME_CLIENT_ED448_SUPPORT   DISABLED

Definition at line 138 of file acme_client.h.

◆ ACME_CLIENT_HTTP_CHALLENGE_SUPPORT

#define ACME_CLIENT_HTTP_CHALLENGE_SUPPORT   ENABLED

Definition at line 86 of file acme_client.h.

◆ ACME_CLIENT_MAX_BAD_NONCE_ERRORS

#define ACME_CLIENT_MAX_BAD_NONCE_ERRORS   5

Definition at line 236 of file acme_client.h.

◆ ACME_CLIENT_MAX_CONTACTS

#define ACME_CLIENT_MAX_CONTACTS   4

Definition at line 152 of file acme_client.h.

◆ ACME_CLIENT_MAX_CONTENT_TYPE_LEN

#define ACME_CLIENT_MAX_CONTENT_TYPE_LEN   40

Definition at line 229 of file acme_client.h.

◆ ACME_CLIENT_MAX_DOMAINS

#define ACME_CLIENT_MAX_DOMAINS   2

Definition at line 159 of file acme_client.h.

◆ ACME_CLIENT_MAX_KEY_AUTH_LEN

#define ACME_CLIENT_MAX_KEY_AUTH_LEN   128

Definition at line 215 of file acme_client.h.

◆ ACME_CLIENT_MAX_NAME_LEN

#define ACME_CLIENT_MAX_NAME_LEN   64

Definition at line 173 of file acme_client.h.

◆ ACME_CLIENT_MAX_NONCE_LEN

#define ACME_CLIENT_MAX_NONCE_LEN   64

Definition at line 201 of file acme_client.h.

◆ ACME_CLIENT_MAX_TLS_ALPN_CERT_LEN

#define ACME_CLIENT_MAX_TLS_ALPN_CERT_LEN   1536

Definition at line 222 of file acme_client.h.

◆ ACME_CLIENT_MAX_TOKEN_LEN

#define ACME_CLIENT_MAX_TOKEN_LEN   64

Definition at line 208 of file acme_client.h.

◆ ACME_CLIENT_MAX_URI_LEN

#define ACME_CLIENT_MAX_URI_LEN   32

Definition at line 180 of file acme_client.h.

◆ ACME_CLIENT_MAX_URL_LEN

#define ACME_CLIENT_MAX_URL_LEN   128

Definition at line 187 of file acme_client.h.

◆ ACME_CLIENT_MAX_URN_LEN

#define ACME_CLIENT_MAX_URN_LEN   64

Definition at line 194 of file acme_client.h.

◆ ACME_CLIENT_PRIVATE_CONTEXT

#define ACME_CLIENT_PRIVATE_CONTEXT

Definition at line 243 of file acme_client.h.

◆ ACME_CLIENT_RSA_SUPPORT

#define ACME_CLIENT_RSA_SUPPORT   ENABLED

Definition at line 110 of file acme_client.h.

◆ ACME_CLIENT_SM2_SUPPORT

#define ACME_CLIENT_SM2_SUPPORT   DISABLED

Definition at line 124 of file acme_client.h.

◆ ACME_CLIENT_SUPPORT

#define ACME_CLIENT_SUPPORT   ENABLED

Definition at line 79 of file acme_client.h.

◆ ACME_CLIENT_TLS_ALPN_CHALLENGE_SUPPORT

#define ACME_CLIENT_TLS_ALPN_CHALLENGE_SUPPORT   DISABLED

Definition at line 102 of file acme_client.h.

◆ AcmeClientContext

#define AcmeClientContext   struct _AcmeClientContext

Definition at line 248 of file acme_client.h.

◆ CYCLONE_ACME_MAJOR_VERSION

#define CYCLONE_ACME_MAJOR_VERSION   2

Definition at line 71 of file acme_client.h.

◆ CYCLONE_ACME_MINOR_VERSION

#define CYCLONE_ACME_MINOR_VERSION   5

Definition at line 73 of file acme_client.h.

◆ CYCLONE_ACME_REV_NUMBER

#define CYCLONE_ACME_REV_NUMBER   0

Definition at line 75 of file acme_client.h.

◆ CYCLONE_ACME_VERSION_STRING

#define CYCLONE_ACME_VERSION_STRING   "2.5.0"

Definition at line 69 of file acme_client.h.

Typedef Documentation

◆ AcmeClientCsrCallback

typedef error_t(* AcmeClientCsrCallback) (AcmeClientContext *context, uint8_t *buffer, size_t size, size_t *length)

CSR generation callback function.

Definition at line 404 of file acme_client.h.

◆ AcmeClientTlsInitCallback

typedef error_t(* AcmeClientTlsInitCallback) (HttpClientContext *context, TlsContext *tlsContext)

TLS initialization callback function.

Definition at line 396 of file acme_client.h.

Enumeration Type Documentation

◆ AcmeAccountStatus

enum AcmeAccountStatus

Account status.

Enumerator
ACME_ACCOUNT_STATUS_NONE 
ACME_ACCOUNT_STATUS_VALID 
ACME_ACCOUNT_STATUS_DEACTIVATED 
ACME_ACCOUNT_STATUS_REVOKED 

Definition at line 306 of file acme_client.h.

◆ AcmeAuthStatus

enum AcmeAuthStatus

Authorization status.

Enumerator
ACME_AUTH_STATUS_NONE 
ACME_AUTH_STATUS_PENDING 
ACME_AUTH_STATUS_VALID 
ACME_AUTH_STATUS_INVALID 
ACME_AUTH_STATUS_EXPIRED 
ACME_AUTH_STATUS_DEACTIVATED 
ACME_AUTH_STATUS_REVOKED 

Definition at line 334 of file acme_client.h.

◆ AcmeChallengeStatus

enum AcmeChallengeStatus

Challenge status.

Enumerator
ACME_CHALLENGE_STATUS_NONE 
ACME_CHALLENGE_STATUS_PENDING 
ACME_CHALLENGE_STATUS_PROCESSING 
ACME_CHALLENGE_STATUS_VALID 
ACME_CHALLENGE_STATUS_INVALID 

Definition at line 350 of file acme_client.h.

◆ AcmeChallengeType

enum AcmeChallengeType

Challenge types.

Enumerator
ACME_CHALLENGE_TYPE_NONE 
ACME_CHALLENGE_TYPE_HTTP_01 
ACME_CHALLENGE_TYPE_DNS_01 
ACME_CHALLENGE_TYPE_TLS_ALPN_01 

Definition at line 364 of file acme_client.h.

◆ AcmeClientState

enum AcmeClientState

ACME client states.

Enumerator
ACME_CLIENT_STATE_DISCONNECTED 
ACME_CLIENT_STATE_CONNECTING 
ACME_CLIENT_STATE_CONNECTED 
ACME_CLIENT_STATE_DIRECTORY 
ACME_CLIENT_STATE_NEW_NONCE 
ACME_CLIENT_STATE_NEW_ACCOUNT 
ACME_CLIENT_STATE_UPDATE_ACCOUNT 
ACME_CLIENT_STATE_CHANGE_KEY 
ACME_CLIENT_STATE_DEACTIVATE_ACCOUNT 
ACME_CLIENT_STATE_NEW_ORDER 
ACME_CLIENT_STATE_AUTHORIZATION 
ACME_CLIENT_STATE_CHALLENGE_READY 
ACME_CLIENT_STATE_POLL_STATUS_1 
ACME_CLIENT_STATE_FINALIZE 
ACME_CLIENT_STATE_POLL_STATUS_2 
ACME_CLIENT_STATE_DOWNLOAD_CERT 
ACME_CLIENT_STATE_REVOKE_CERT 
ACME_CLIENT_STATE_DISCONNECTING 

Definition at line 260 of file acme_client.h.

◆ AcmeOrderStatus

enum AcmeOrderStatus

Order status.

Enumerator
ACME_ORDER_STATUS_NONE 
ACME_ORDER_STATUS_PENDING 
ACME_ORDER_STATUS_READY 
ACME_ORDER_STATUS_PROCESSING 
ACME_ORDER_STATUS_VALID 
ACME_ORDER_STATUS_INVALID 

Definition at line 319 of file acme_client.h.

◆ AcmeReasonCode

enum AcmeReasonCode

Revocation reason codes.

Enumerator
ACME_REASON_UNSPECIFIED 
ACME_REASON_KEY_COMPROMISE 
ACME_REASON_CA_COMPROMISE 
ACME_REASON_AFFILIATION_CHANGED 
ACME_REASON_SUPERSEDED 
ACME_REASON_CESSATION_OF_OPERATION 
ACME_REASON_CERTIFICATE_HOLD 
ACME_REMOVE_FROM_CRL 
ACME_REASON_PRIVILEGE_WITHDRAWN 
ACME_REASON_AA_COMPROMISE 

Definition at line 377 of file acme_client.h.

◆ AcmeRequestState

enum AcmeRequestState

HTTP request states.

Enumerator
ACME_REQ_STATE_INIT 
ACME_REQ_STATE_FORMAT_HEADER 
ACME_REQ_STATE_SEND_HEADER 
ACME_REQ_STATE_FORMAT_BODY 
ACME_REQ_STATE_SEND_BODY 
ACME_REQ_STATE_RECEIVE_HEADER 
ACME_REQ_STATE_PARSE_HEADER 
ACME_REQ_STATE_RECEIVE_BODY 
ACME_REQ_STATE_PARSE_BODY 
ACME_REQ_STATE_CLOSE_BODY 

Definition at line 287 of file acme_client.h.

Function Documentation

◆ acmeClientBindToInterface()

error_t acmeClientBindToInterface ( AcmeClientContext context,
NetInterface interface 
)

Bind the ACME client to a particular network interface.

Parameters
[in]contextPointer to the ACME client context
[in]interfaceNetwork interface to be used
Returns
Error code

Definition at line 249 of file acme_client.c.

◆ acmeClientChangeAccountKey()

error_t acmeClientChangeAccountKey ( AcmeClientContext context,
const char_t publicKey,
size_t  publicKeyLen,
const char_t privateKey,
size_t  privateKeyLen,
const char_t password 
)

Account key rollover.

Parameters
[in]contextPointer to the ACME client context
[in]publicKeyNew public key (PEM format)
[in]publicKeyLenLength of the new public key
[in]privateKeyNew private key (PEM format)
[in]privateKeyLenLength of the new private key
[in]passwordNULL-terminated string containing the password. This parameter is required if the private key is encrypted
Returns
Error code

Definition at line 656 of file acme_client.c.

◆ acmeClientClose()

error_t acmeClientClose ( AcmeClientContext context)

Close the connection with the ACME server.

Parameters
[in]contextPointer to the ACME client context
Returns
Error code

Definition at line 1771 of file acme_client.c.

◆ acmeClientConnect()

error_t acmeClientConnect ( AcmeClientContext context,
const IpAddr serverIpAddr,
uint16_t  serverPort 
)

Establish a connection with the specified ACME server.

Parameters
[in]contextPointer to the ACME client context
[in]serverIpAddrIP address of the ACME server to connect to
[in]serverPortPort number
Returns
Error code

Definition at line 272 of file acme_client.c.

◆ acmeClientCreateAccount()

error_t acmeClientCreateAccount ( AcmeClientContext context,
const AcmeAccountParams params 
)

Account creation.

Parameters
[in]contextPointer to the ACME client context
[in]paramsAccount information
Returns
Error code

Definition at line 426 of file acme_client.c.

◆ acmeClientCreateOrder()

error_t acmeClientCreateOrder ( AcmeClientContext context,
const AcmeOrderParams params 
)

Begin the certificate issuance process.

Parameters
[in]contextPointer to the ACME client context
[in]paramsCertificate order information
Returns
Error code

Definition at line 885 of file acme_client.c.

◆ acmeClientDeactivateAccount()

error_t acmeClientDeactivateAccount ( AcmeClientContext context)

ACME account deactivation.

Parameters
[in]contextPointer to the ACME client context
Returns
Error code

Definition at line 773 of file acme_client.c.

◆ acmeClientDeinit()

void acmeClientDeinit ( AcmeClientContext context)

Release ACME client context.

Parameters
[in]contextPointer to the ACME client context

Definition at line 1792 of file acme_client.c.

◆ acmeClientDisconnect()

error_t acmeClientDisconnect ( AcmeClientContext context)

Gracefully disconnect from the ACME server.

Parameters
[in]contextPointer to the ACME client context
Returns
Error code

Definition at line 1705 of file acme_client.c.

◆ acmeClientDownloadCertificate()

error_t acmeClientDownloadCertificate ( AcmeClientContext context,
char_t buffer,
size_t  size,
size_t *  length 
)

Download the certificate.

Parameters
[in]contextPointer to the ACME client context
[out]bufferPointer to the buffer where to store the certificate chain
[in]sizeSize of the buffer, in bytes
[out]lengthActual length of the certificate chain, in bytes
Returns
Error code

Definition at line 1458 of file acme_client.c.

◆ acmeClientGetDnsKeyAuthorization()

const char_t* acmeClientGetDnsKeyAuthorization ( AcmeClientContext context,
const char_t identifier 
)

Get the key authorization digest that matches a given identifier (DNS challenge)

Parameters
[in]contextPointer to the ACME client context
[in]identifierNULL-terminated string that contains the domain name
Returns
The function returns a NULL-terminated string that contains the Base64url-encoded digest of the key authorization if the identifier is valid. Else, the NULL pointer is returned

Definition at line 1088 of file acme_client.c.

◆ acmeClientGetHttpKeyAuthorization()

const char_t* acmeClientGetHttpKeyAuthorization ( AcmeClientContext context,
const char_t token 
)

Get the key authorization that matches a given token (HTTP challenge)

Parameters
[in]contextPointer to the ACME client context
[in]tokenNULL-terminated string that contains the token
Returns
The function returns a NULL-terminated string that contains the key authorization if the token is valid. Else, the NULL pointer is returned

Definition at line 1037 of file acme_client.c.

◆ acmeClientGetTlsAlpnCertificate()

const char_t* acmeClientGetTlsAlpnCertificate ( AcmeClientContext context,
const char_t identifier 
)

Get the self-certificate that matches a given identifier (TLS-ALPN challenge)

Parameters
[in]contextPointer to the ACME client context
[in]identifierNULL-terminated string that contains the domain name
Returns
The function returns a NULL-terminated string that contains the TLS-ALPN certificate if the identifier is valid. Else, the NULL pointer is returned

Definition at line 1157 of file acme_client.c.

◆ acmeClientInit()

error_t acmeClientInit ( AcmeClientContext context)

Initialize ACME client context.

Parameters
[in]contextPointer to the ACME client context
Returns
Error code

Definition at line 69 of file acme_client.c.

◆ acmeClientPollOrderStatus()

error_t acmeClientPollOrderStatus ( AcmeClientContext context,
AcmeOrderStatus orderStatus 
)

Poll for order status.

Parameters
[in]contextPointer to the ACME client context
[out]orderStatusOrder status
Returns
Error code

Definition at line 1206 of file acme_client.c.

◆ acmeClientRegisterCsrCallback()

error_t acmeClientRegisterCsrCallback ( AcmeClientContext context,
AcmeClientCsrCallback  callback 
)

Register CSR generation callback function.

Parameters
[in]contextPointer to the ACME client context
[in]callbackTLS initialization callback function
Returns
Error code

Definition at line 130 of file acme_client.c.

◆ acmeClientRegisterTlsInitCallback()

error_t acmeClientRegisterTlsInitCallback ( AcmeClientContext context,
AcmeClientTlsInitCallback  callback 
)

Register TLS initialization callback function.

Parameters
[in]contextPointer to the ACME client context
[in]callbackTLS initialization callback function
Returns
Error code

Definition at line 108 of file acme_client.c.

◆ acmeClientRevokeCertificate()

error_t acmeClientRevokeCertificate ( AcmeClientContext context,
const char_t cert,
size_t  certLen,
const char_t privateKey,
size_t  privateKeyLen,
const char_t password,
AcmeReasonCode  reason 
)

Certificate revocation.

Parameters
[in]contextPointer to the ACME client context
[in]certCertificate to be revoked (PEM format)
[in]certLenLength of the certificate, in bytes
[in]privateKeyPrivate key associated with the certificate (PEM format). This parameter is required if the certificate key, rather than the account key, is to be used to sign the revocation request
[in]privateKeyLenLength of the private key
[in]passwordNULL-terminated string containing the password. This parameter is required if the private key is encrypted
[in]reasonRevocation reason code
Returns
Error code

Definition at line 1582 of file acme_client.c.

◆ acmeClientSetAccountKey()

error_t acmeClientSetAccountKey ( AcmeClientContext context,
const char_t publicKey,
size_t  publicKeyLen,
const char_t privateKey,
size_t  privateKeyLen,
const char_t password 
)

Load account key pair.

Parameters
[in]contextPointer to the ACME client context
[in]publicKeyPublic key (PEM format)
[in]publicKeyLenLength of the public key
[in]privateKeyPrivate key (PEM format)
[in]privateKeyLenLength of the private key
[in]passwordNULL-terminated string containing the password. This parameter is required if the private key is encrypted
Returns
Error code

Definition at line 399 of file acme_client.c.

◆ acmeClientSetDirectoryUri()

error_t acmeClientSetDirectoryUri ( AcmeClientContext context,
const char_t directoryUri 
)

Set the URI of the directory object.

Parameters
[in]contextPointer to the ACME client context
[in]directoryUriNULL-terminated string containing the directory URI
Returns
Error code

Definition at line 223 of file acme_client.c.

◆ acmeClientSetHost()

error_t acmeClientSetHost ( AcmeClientContext context,
const char_t host 
)

Set the domain name of the ACME server.

Parameters
[in]contextPointer to the ACME client context
[in]hostNULL-terminated string containing the host name
Returns
Error code

Definition at line 198 of file acme_client.c.

◆ acmeClientSetPrng()

error_t acmeClientSetPrng ( AcmeClientContext context,
const PrngAlgo prngAlgo,
void *  prngContext 
)

Set the pseudo-random number generator to be used.

Parameters
[in]contextPointer to the ACME client context
[in]prngAlgoPRNG algorithm
[in]prngContextPointer to the PRNG context
Returns
Error code

Definition at line 153 of file acme_client.c.

◆ acmeClientSetTimeout()

error_t acmeClientSetTimeout ( AcmeClientContext context,
systime_t  timeout 
)

Set communication timeout.

Parameters
[in]contextPointer to the ACME client context
[in]timeoutTimeout value, in milliseconds
Returns
Error code

Definition at line 177 of file acme_client.c.

◆ acmeClientUpdateAccount()

error_t acmeClientUpdateAccount ( AcmeClientContext context,
const AcmeAccountParams params 
)

Account information update.

Parameters
[in]contextPointer to the ACME client context
[in]paramsUpdated account information
Returns
Error code

Definition at line 538 of file acme_client.c.