x509_cert_create.h File Reference

X.509 certificate generation. More...

#include "core/crypto.h"
#include "pkix/x509_common.h"

Go to the source code of this file.

Functions

error_t x509CreateCertificate (const PrngAlgo *prngAlgo, void *prngContext, const X509CertRequestInfo *certReqInfo, const void *subjectPublicKey, const X509CertificateInfo *issuerCertInfo, const X509SerialNumber *serialNumber, const X509Validity *validity, const X509SignatureAlgoId *signatureAlgo, const void *signerPrivateKey, uint8_t *output, size_t *written)
 Generate a X.509 certificate. More...
 
error_t x509FormatTbsCertificate (const PrngAlgo *prngAlgo, void *prngContext, const X509SerialNumber *serialNumber, const X509SignatureAlgoId *signatureAlgo, const X509Name *issuer, const X509Validity *validity, const X509Name *subject, const X509SubjectPublicKeyInfo *subjectPublicKeyInfo, const void *publicKey, const X509Extensions *extensions, const X509AuthorityKeyId *authKeyId, uint8_t *output, size_t *written)
 Format TBSCertificate structure. More...
 
error_t x509FormatVersion (X509Version version, uint8_t *output, size_t *written)
 Format Version field. More...
 
error_t x509FormatSerialNumber (const PrngAlgo *prngAlgo, void *prngContext, const X509SerialNumber *serialNumber, uint8_t *output, size_t *written)
 Format SerialNumber field. More...
 
error_t x509FormatName (const X509Name *name, uint8_t *output, size_t *written)
 Format Name structure. More...
 
error_t x509FormatNameAttribute (uint_t type, const uint8_t *oid, size_t oidLen, const char_t *value, size_t valueLen, uint8_t *output, size_t *written)
 Format Name attribute. More...
 
error_t x509FormatValidity (const X509Validity *validity, uint8_t *output, size_t *written)
 Format Validity structure. More...
 
error_t x509FormatTime (const DateTime *dateTime, uint8_t *output, size_t *written)
 Format UTCTime or GeneralizedTime field. More...
 
error_t x509FormatExtensions (const X509Extensions *extensions, const X509SubjectKeyId *subjectKeyId, const X509AuthorityKeyId *authKeyId, uint8_t *output, size_t *written)
 Format Extensions structure. More...
 
error_t x509FormatBasicConstraints (const X509BasicConstraints *basicConstraints, uint8_t *output, size_t *written)
 Format BasicConstraints extension. More...
 
error_t x509FormatKeyUsage (const X509KeyUsage *keyUsage, uint8_t *output, size_t *written)
 Format KeyUsage extension. More...
 
error_t x509FormatSubjectAltName (const X509SubjectAltName *subjectAltName, uint8_t *output, size_t *written)
 Format SubjectAltName extension. More...
 
error_t x509FormatSubjectKeyId (const X509SubjectKeyId *subjectKeyId, uint8_t *output, size_t *written)
 Format SubjectKeyIdentifier extension. More...
 
error_t x509FormatAuthorityKeyId (const X509AuthorityKeyId *authKeyId, uint8_t *output, size_t *written)
 Format AuthorityKeyIdentifier extension. More...
 
error_t x509FormatNsCertType (const X509NsCertType *nsCertType, uint8_t *output, size_t *written)
 Format NetscapeCertType extension. More...
 
error_t x509FormatSignatureAlgo (const X509SignatureAlgoId *signatureAlgo, uint8_t *output, size_t *written)
 Format SignatureAlgorithm structure. More...
 
error_t x509FormatSignatureValue (const PrngAlgo *prngAlgo, void *prngContext, const uint8_t *tbsCert, size_t tbsCertLen, const X509SignatureAlgoId *signatureAlgoId, const X509SubjectPublicKeyInfo *publicKeyInfo, const void *privateKey, uint8_t *output, size_t *written)
 Format SignatureValue field. More...
 
error_t x509GenerateSignature (const PrngAlgo *prngAlgo, void *prngContext, const uint8_t *tbsCert, size_t tbsCertLen, const X509SignatureAlgoId *signatureAlgoId, const X509SubjectPublicKeyInfo *publicKeyInfo, const void *privateKey, uint8_t *output, size_t *written)
 Certificate signature generation. More...
 

Detailed Description

X.509 certificate generation.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2010-2019 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneCrypto Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
1.9.6

Definition in file x509_cert_create.h.

Function Documentation

◆ x509CreateCertificate()

error_t x509CreateCertificate ( const PrngAlgo prngAlgo,
void *  prngContext,
const X509CertRequestInfo certReqInfo,
const void *  subjectPublicKey,
const X509CertificateInfo issuerCertInfo,
const X509SerialNumber serialNumber,
const X509Validity validity,
const X509SignatureAlgoId signatureAlgo,
const void *  signerPrivateKey,
uint8_t *  output,
size_t *  written 
)

Generate a X.509 certificate.

Parameters
[in]prngAlgoPRNG algorithm
[in]prngContextPointer to the PRNG context
[in]certReqInfoCertificate request information
[in]subjectPublicKeySubject's public key (optional parameter)
[in]issuerCertInfoIssuer's certificate (optional parameter)
[in]serialNumberSerial number (optional parameter)
[in]validityValidity period
[in]signatureAlgoSignature algorithm
[in]signerPrivateKeyPointer to the issuer's private key
[out]outputBuffer where to store the X.509 certificate
[out]writtenLength of the resulting X.509 certificate
Returns
Error code

Definition at line 69 of file x509_cert_create.c.

◆ x509FormatAuthorityKeyId()

error_t x509FormatAuthorityKeyId ( const X509AuthorityKeyId authKeyId,
uint8_t *  output,
size_t *  written 
)

Format AuthorityKeyIdentifier extension.

Parameters
[in]authKeyIdValue of the extension
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 1495 of file x509_cert_create.c.

◆ x509FormatBasicConstraints()

error_t x509FormatBasicConstraints ( const X509BasicConstraints basicConstraints,
uint8_t *  output,
size_t *  written 
)

Format BasicConstraints extension.

Parameters
[in]basicConstraintsValue of the extension
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 965 of file x509_cert_create.c.

◆ x509FormatExtensions()

error_t x509FormatExtensions ( const X509Extensions extensions,
const X509SubjectKeyId subjectKeyId,
const X509AuthorityKeyId authKeyId,
uint8_t *  output,
size_t *  written 
)

Format Extensions structure.

Parameters
[in]extensionsPointer to the X.509 extensions
[in]subjectKeyIdSubjectKeyIdentifier extension
[in]authKeyIdAuthorityKeyIdentifier extension
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 844 of file x509_cert_create.c.

◆ x509FormatKeyUsage()

error_t x509FormatKeyUsage ( const X509KeyUsage keyUsage,
uint8_t *  output,
size_t *  written 
)

Format KeyUsage extension.

Parameters
[in]keyUsageValue of the extension
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 1128 of file x509_cert_create.c.

◆ x509FormatName()

error_t x509FormatName ( const X509Name name,
uint8_t *  output,
size_t *  written 
)

Format Name structure.

Parameters
[in]nameInformation about the name to be encoded
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 468 of file x509_cert_create.c.

◆ x509FormatNameAttribute()

error_t x509FormatNameAttribute ( uint_t  type,
const uint8_t *  oid,
size_t  oidLen,
const char_t value,
size_t  valueLen,
uint8_t *  output,
size_t *  written 
)

Format Name attribute.

Parameters
[in]typeASN.1 string type
[in]oidAttribute OID
[in]oidLenLength of the attribute OID, in bytes
[in]valueAttribute value
[in]valueLenLength of the attribute value, in bytes
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 625 of file x509_cert_create.c.

◆ x509FormatNsCertType()

error_t x509FormatNsCertType ( const X509NsCertType nsCertType,
uint8_t *  output,
size_t *  written 
)

Format NetscapeCertType extension.

Parameters
[in]nsCertTypeValue of the extension
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 1605 of file x509_cert_create.c.

◆ x509FormatSerialNumber()

error_t x509FormatSerialNumber ( const PrngAlgo prngAlgo,
void *  prngContext,
const X509SerialNumber serialNumber,
uint8_t *  output,
size_t *  written 
)

Format SerialNumber field.

Parameters
[in]prngAlgoPRNG algorithm
[in]prngContextPointer to the PRNG context
[in]serialNumberPointer to the serial number (optional parameter)
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 408 of file x509_cert_create.c.

◆ x509FormatSignatureAlgo()

error_t x509FormatSignatureAlgo ( const X509SignatureAlgoId signatureAlgo,
uint8_t *  output,
size_t *  written 
)

Format SignatureAlgorithm structure.

Parameters
[in]signatureAlgoPointer to the SignatureAlgorithm structure
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 1714 of file x509_cert_create.c.

◆ x509FormatSignatureValue()

error_t x509FormatSignatureValue ( const PrngAlgo prngAlgo,
void *  prngContext,
const uint8_t *  tbsCert,
size_t  tbsCertLen,
const X509SignatureAlgoId signatureAlgoId,
const X509SubjectPublicKeyInfo publicKeyInfo,
const void *  privateKey,
uint8_t *  output,
size_t *  written 
)

Format SignatureValue field.

Parameters
[in]prngAlgoPRNG algorithm
[in]prngContextPointer to the PRNG context
[in]tbsCertPointer to the TBSCertificate to be signed
[in]tbsCertLenLength of the TBSCertificate, in bytes
[in]signatureAlgoIdSignature algorithm identifier
[in]publicKeyInfoSigner's public key information
[in]privateKeySigner's private key
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 1868 of file x509_cert_create.c.

◆ x509FormatSubjectAltName()

error_t x509FormatSubjectAltName ( const X509SubjectAltName subjectAltName,
uint8_t *  output,
size_t *  written 
)

Format SubjectAltName extension.

Parameters
[in]subjectAltNameValue of the extension
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 1274 of file x509_cert_create.c.

◆ x509FormatSubjectKeyId()

error_t x509FormatSubjectKeyId ( const X509SubjectKeyId subjectKeyId,
uint8_t *  output,
size_t *  written 
)

Format SubjectKeyIdentifier extension.

Parameters
[in]subjectKeyIdValue of the extension
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 1398 of file x509_cert_create.c.

◆ x509FormatTbsCertificate()

error_t x509FormatTbsCertificate ( const PrngAlgo prngAlgo,
void *  prngContext,
const X509SerialNumber serialNumber,
const X509SignatureAlgoId signatureAlgo,
const X509Name issuer,
const X509Validity validity,
const X509Name subject,
const X509SubjectPublicKeyInfo subjectPublicKeyInfo,
const void *  publicKey,
const X509Extensions extensions,
const X509AuthorityKeyId authKeyId,
uint8_t *  output,
size_t *  written 
)

Format TBSCertificate structure.

Parameters
[in]prngAlgoPRNG algorithm
[in]prngContextPointer to the PRNG context
[in]serialNumberSerial number
[in]signatureAlgoSignature algorithm
[in]issuerIssuer's name
[in]validityValidity period
[in]subjectSubject's name
[in]subjectPublicKeyInfoSubject's public key information
[in]publicKeySubject's public key
[in]extensionsX.509 certificates extensions
[in]authKeyIdAuthorityKeyIdentifier extension
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 228 of file x509_cert_create.c.

◆ x509FormatTime()

error_t x509FormatTime ( const DateTime dateTime,
uint8_t *  output,
size_t *  written 
)

Format UTCTime or GeneralizedTime field.

Parameters
[in]dateTimeDate to be encoded
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 778 of file x509_cert_create.c.

◆ x509FormatValidity()

error_t x509FormatValidity ( const X509Validity validity,
uint8_t *  output,
size_t *  written 
)

Format Validity structure.

Parameters
[in]validityValidity period
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 715 of file x509_cert_create.c.

◆ x509FormatVersion()

error_t x509FormatVersion ( X509Version  version,
uint8_t *  output,
size_t *  written 
)

Format Version field.

Parameters
[in]versionVersion number
[out]outputBuffer where to format the ASN.1 structure
[out]writtenLength of the resulting ASN.1 structure
Returns
Error code

Definition at line 364 of file x509_cert_create.c.

◆ x509GenerateSignature()

error_t x509GenerateSignature ( const PrngAlgo prngAlgo,
void *  prngContext,
const uint8_t *  tbsCert,
size_t  tbsCertLen,
const X509SignatureAlgoId signatureAlgoId,
const X509SubjectPublicKeyInfo publicKeyInfo,
const void *  privateKey,
uint8_t *  output,
size_t *  written 
)

Certificate signature generation.

Parameters
[in]prngAlgoPRNG algorithm
[in]prngContextPointer to the PRNG context
[in]tbsCertPointer to the TBSCertificate to be signed
[in]tbsCertLenLength of the TBSCertificate, in bytes
[in]signatureAlgoIdSignature algorithm identifier
[in]publicKeyInfoSigner's public key information
[in]privateKeySigner's private key
[out]outputResulting signature
[out]writtenLength of the resulting signature
Returns
Error code

Definition at line 1924 of file x509_cert_create.c.