X.509 certificate generation. More...
#include "core/crypto.h"#include "pkix/x509_cert_create.h"#include "pkix/x509_key_format.h"#include "encoding/asn1.h"#include "encoding/oid.h"#include "pkc/rsa.h"#include "pkc/dsa.h"#include "ecc/ecdsa.h"#include "ecc/eddsa.h"#include "ecc/ed25519.h"#include "ecc/ed448.h"#include "hash/sha1.h"#include "debug.h"Go to the source code of this file.
Macros | |
| #define | TRACE_LEVEL CRYPTO_TRACE_LEVEL |
Functions | |
| error_t | x509CreateCertificate (const PrngAlgo *prngAlgo, void *prngContext, const X509CertRequestInfo *certReqInfo, const void *subjectPublicKey, const X509CertificateInfo *issuerCertInfo, const X509SerialNumber *serialNumber, const X509Validity *validity, const X509SignatureAlgoId *signatureAlgo, const void *signerPrivateKey, uint8_t *output, size_t *written) |
| Generate a X.509 certificate. More... | |
| error_t | x509FormatTbsCertificate (const PrngAlgo *prngAlgo, void *prngContext, const X509SerialNumber *serialNumber, const X509SignatureAlgoId *signatureAlgo, const X509Name *issuer, const X509Validity *validity, const X509Name *subject, const X509SubjectPublicKeyInfo *subjectPublicKeyInfo, const void *publicKey, const X509Extensions *extensions, const X509AuthorityKeyId *authKeyId, uint8_t *output, size_t *written) |
| Format TBSCertificate structure. More... | |
| error_t | x509FormatVersion (X509Version version, uint8_t *output, size_t *written) |
| Format Version field. More... | |
| error_t | x509FormatSerialNumber (const PrngAlgo *prngAlgo, void *prngContext, const X509SerialNumber *serialNumber, uint8_t *output, size_t *written) |
| Format SerialNumber field. More... | |
| error_t | x509FormatName (const X509Name *name, uint8_t *output, size_t *written) |
| Format Name structure. More... | |
| error_t | x509FormatNameAttribute (uint_t type, const uint8_t *oid, size_t oidLen, const char_t *value, size_t valueLen, uint8_t *output, size_t *written) |
| Format Name attribute. More... | |
| error_t | x509FormatValidity (const X509Validity *validity, uint8_t *output, size_t *written) |
| Format Validity structure. More... | |
| error_t | x509FormatTime (const DateTime *dateTime, uint8_t *output, size_t *written) |
| Format UTCTime or GeneralizedTime field. More... | |
| error_t | x509FormatExtensions (const X509Extensions *extensions, const X509SubjectKeyId *subjectKeyId, const X509AuthorityKeyId *authKeyId, uint8_t *output, size_t *written) |
| Format Extensions structure. More... | |
| error_t | x509FormatBasicConstraints (const X509BasicConstraints *basicConstraints, uint8_t *output, size_t *written) |
| Format BasicConstraints extension. More... | |
| error_t | x509FormatKeyUsage (const X509KeyUsage *keyUsage, uint8_t *output, size_t *written) |
| Format KeyUsage extension. More... | |
| error_t | x509FormatSubjectAltName (const X509SubjectAltName *subjectAltName, uint8_t *output, size_t *written) |
| Format SubjectAltName extension. More... | |
| error_t | x509FormatSubjectKeyId (const X509SubjectKeyId *subjectKeyId, uint8_t *output, size_t *written) |
| Format SubjectKeyIdentifier extension. More... | |
| error_t | x509FormatAuthorityKeyId (const X509AuthorityKeyId *authKeyId, uint8_t *output, size_t *written) |
| Format AuthorityKeyIdentifier extension. More... | |
| error_t | x509FormatNsCertType (const X509NsCertType *nsCertType, uint8_t *output, size_t *written) |
| Format NetscapeCertType extension. More... | |
| error_t | x509FormatSignatureAlgo (const X509SignatureAlgoId *signatureAlgo, uint8_t *output, size_t *written) |
| Format SignatureAlgorithm structure. More... | |
| error_t | x509FormatSignatureValue (const PrngAlgo *prngAlgo, void *prngContext, const uint8_t *tbsCert, size_t tbsCertLen, const X509SignatureAlgoId *signatureAlgoId, const X509SubjectPublicKeyInfo *publicKeyInfo, const void *privateKey, uint8_t *output, size_t *written) |
| Format SignatureValue field. More... | |
| error_t | x509GenerateSignature (const PrngAlgo *prngAlgo, void *prngContext, const uint8_t *tbsCert, size_t tbsCertLen, const X509SignatureAlgoId *signatureAlgoId, const X509SubjectPublicKeyInfo *publicKeyInfo, const void *privateKey, uint8_t *output, size_t *written) |
| Certificate signature generation. More... | |
Detailed Description
X.509 certificate generation.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2010-2019 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneCrypto Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 1.9.6
Definition in file x509_cert_create.c.
Macro Definition Documentation
◆ TRACE_LEVEL
| #define TRACE_LEVEL CRYPTO_TRACE_LEVEL |
Definition at line 32 of file x509_cert_create.c.
Function Documentation
◆ x509CreateCertificate()
| error_t x509CreateCertificate | ( | const PrngAlgo * | prngAlgo, |
| void * | prngContext, | ||
| const X509CertRequestInfo * | certReqInfo, | ||
| const void * | subjectPublicKey, | ||
| const X509CertificateInfo * | issuerCertInfo, | ||
| const X509SerialNumber * | serialNumber, | ||
| const X509Validity * | validity, | ||
| const X509SignatureAlgoId * | signatureAlgo, | ||
| const void * | signerPrivateKey, | ||
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Generate a X.509 certificate.
- Parameters
-
[in] prngAlgo PRNG algorithm [in] prngContext Pointer to the PRNG context [in] certReqInfo Certificate request information [in] subjectPublicKey Subject's public key (optional parameter) [in] issuerCertInfo Issuer's certificate (optional parameter) [in] serialNumber Serial number (optional parameter) [in] validity Validity period [in] signatureAlgo Signature algorithm [in] signerPrivateKey Pointer to the issuer's private key [out] output Buffer where to store the X.509 certificate [out] written Length of the resulting X.509 certificate
- Returns
- Error code
Definition at line 69 of file x509_cert_create.c.
◆ x509FormatAuthorityKeyId()
| error_t x509FormatAuthorityKeyId | ( | const X509AuthorityKeyId * | authKeyId, |
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format AuthorityKeyIdentifier extension.
- Parameters
-
[in] authKeyId Value of the extension [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 1495 of file x509_cert_create.c.
◆ x509FormatBasicConstraints()
| error_t x509FormatBasicConstraints | ( | const X509BasicConstraints * | basicConstraints, |
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format BasicConstraints extension.
- Parameters
-
[in] basicConstraints Value of the extension [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 965 of file x509_cert_create.c.
◆ x509FormatExtensions()
| error_t x509FormatExtensions | ( | const X509Extensions * | extensions, |
| const X509SubjectKeyId * | subjectKeyId, | ||
| const X509AuthorityKeyId * | authKeyId, | ||
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format Extensions structure.
- Parameters
-
[in] extensions Pointer to the X.509 extensions [in] subjectKeyId SubjectKeyIdentifier extension [in] authKeyId AuthorityKeyIdentifier extension [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 844 of file x509_cert_create.c.
◆ x509FormatKeyUsage()
| error_t x509FormatKeyUsage | ( | const X509KeyUsage * | keyUsage, |
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format KeyUsage extension.
- Parameters
-
[in] keyUsage Value of the extension [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 1128 of file x509_cert_create.c.
◆ x509FormatName()
Format Name structure.
- Parameters
-
[in] name Information about the name to be encoded [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 468 of file x509_cert_create.c.
◆ x509FormatNameAttribute()
| error_t x509FormatNameAttribute | ( | uint_t | type, |
| const uint8_t * | oid, | ||
| size_t | oidLen, | ||
| const char_t * | value, | ||
| size_t | valueLen, | ||
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format Name attribute.
- Parameters
-
[in] type ASN.1 string type [in] oid Attribute OID [in] oidLen Length of the attribute OID, in bytes [in] value Attribute value [in] valueLen Length of the attribute value, in bytes [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 625 of file x509_cert_create.c.
◆ x509FormatNsCertType()
| error_t x509FormatNsCertType | ( | const X509NsCertType * | nsCertType, |
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format NetscapeCertType extension.
- Parameters
-
[in] nsCertType Value of the extension [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 1605 of file x509_cert_create.c.
◆ x509FormatSerialNumber()
| error_t x509FormatSerialNumber | ( | const PrngAlgo * | prngAlgo, |
| void * | prngContext, | ||
| const X509SerialNumber * | serialNumber, | ||
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format SerialNumber field.
- Parameters
-
[in] prngAlgo PRNG algorithm [in] prngContext Pointer to the PRNG context [in] serialNumber Pointer to the serial number (optional parameter) [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 408 of file x509_cert_create.c.
◆ x509FormatSignatureAlgo()
| error_t x509FormatSignatureAlgo | ( | const X509SignatureAlgoId * | signatureAlgo, |
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format SignatureAlgorithm structure.
- Parameters
-
[in] signatureAlgo Pointer to the SignatureAlgorithm structure [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 1714 of file x509_cert_create.c.
◆ x509FormatSignatureValue()
| error_t x509FormatSignatureValue | ( | const PrngAlgo * | prngAlgo, |
| void * | prngContext, | ||
| const uint8_t * | tbsCert, | ||
| size_t | tbsCertLen, | ||
| const X509SignatureAlgoId * | signatureAlgoId, | ||
| const X509SubjectPublicKeyInfo * | publicKeyInfo, | ||
| const void * | privateKey, | ||
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format SignatureValue field.
- Parameters
-
[in] prngAlgo PRNG algorithm [in] prngContext Pointer to the PRNG context [in] tbsCert Pointer to the TBSCertificate to be signed [in] tbsCertLen Length of the TBSCertificate, in bytes [in] signatureAlgoId Signature algorithm identifier [in] publicKeyInfo Signer's public key information [in] privateKey Signer's private key [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 1868 of file x509_cert_create.c.
◆ x509FormatSubjectAltName()
| error_t x509FormatSubjectAltName | ( | const X509SubjectAltName * | subjectAltName, |
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format SubjectAltName extension.
- Parameters
-
[in] subjectAltName Value of the extension [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 1274 of file x509_cert_create.c.
◆ x509FormatSubjectKeyId()
| error_t x509FormatSubjectKeyId | ( | const X509SubjectKeyId * | subjectKeyId, |
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format SubjectKeyIdentifier extension.
- Parameters
-
[in] subjectKeyId Value of the extension [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 1398 of file x509_cert_create.c.
◆ x509FormatTbsCertificate()
| error_t x509FormatTbsCertificate | ( | const PrngAlgo * | prngAlgo, |
| void * | prngContext, | ||
| const X509SerialNumber * | serialNumber, | ||
| const X509SignatureAlgoId * | signatureAlgo, | ||
| const X509Name * | issuer, | ||
| const X509Validity * | validity, | ||
| const X509Name * | subject, | ||
| const X509SubjectPublicKeyInfo * | subjectPublicKeyInfo, | ||
| const void * | publicKey, | ||
| const X509Extensions * | extensions, | ||
| const X509AuthorityKeyId * | authKeyId, | ||
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format TBSCertificate structure.
- Parameters
-
[in] prngAlgo PRNG algorithm [in] prngContext Pointer to the PRNG context [in] serialNumber Serial number [in] signatureAlgo Signature algorithm [in] issuer Issuer's name [in] validity Validity period [in] subject Subject's name [in] subjectPublicKeyInfo Subject's public key information [in] publicKey Subject's public key [in] extensions X.509 certificates extensions [in] authKeyId AuthorityKeyIdentifier extension [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 228 of file x509_cert_create.c.
◆ x509FormatTime()
Format UTCTime or GeneralizedTime field.
- Parameters
-
[in] dateTime Date to be encoded [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 778 of file x509_cert_create.c.
◆ x509FormatValidity()
| error_t x509FormatValidity | ( | const X509Validity * | validity, |
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format Validity structure.
- Parameters
-
[in] validity Validity period [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 715 of file x509_cert_create.c.
◆ x509FormatVersion()
| error_t x509FormatVersion | ( | X509Version | version, |
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Format Version field.
- Parameters
-
[in] version Version number [out] output Buffer where to format the ASN.1 structure [out] written Length of the resulting ASN.1 structure
- Returns
- Error code
Definition at line 364 of file x509_cert_create.c.
◆ x509GenerateSignature()
| error_t x509GenerateSignature | ( | const PrngAlgo * | prngAlgo, |
| void * | prngContext, | ||
| const uint8_t * | tbsCert, | ||
| size_t | tbsCertLen, | ||
| const X509SignatureAlgoId * | signatureAlgoId, | ||
| const X509SubjectPublicKeyInfo * | publicKeyInfo, | ||
| const void * | privateKey, | ||
| uint8_t * | output, | ||
| size_t * | written | ||
| ) |
Certificate signature generation.
- Parameters
-
[in] prngAlgo PRNG algorithm [in] prngContext Pointer to the PRNG context [in] tbsCert Pointer to the TBSCertificate to be signed [in] tbsCertLen Length of the TBSCertificate, in bytes [in] signatureAlgoId Signature algorithm identifier [in] publicKeyInfo Signer's public key information [in] privateKey Signer's private key [out] output Resulting signature [out] written Length of the resulting signature
- Returns
- Error code
Definition at line 1924 of file x509_cert_create.c.
Generated by
1.8.16