Data Structures | Macros | Enumerations | Functions | Variables
x509_common.h File Reference

X.509 common definitions. More...

#include "core/crypto.h"
#include "pkc/sign_algorithms.h"
#include "pkc/rsa.h"
#include "pkc/dsa.h"
#include "ecc/ecdsa.h"
#include "ecc/eddsa.h"
#include "date_time.h"

Go to the source code of this file.

Data Structures

struct  X509String
 String. More...
 
struct  X509OctetString
 Octet string. More...
 
struct  X509SerialNumber
 Serial number. More...
 
struct  X509Name
 Issuer or subject name. More...
 
struct  X509NameAttribute
 Name attribute. More...
 
struct  X509Validity
 Validity. More...
 
struct  X509AlgoId
 Algorithm identifier. More...
 
struct  X509RsaPublicKey
 RSA public key. More...
 
struct  X509DsaParameters
 DSA domain parameters. More...
 
struct  X509DsaPublicKey
 DSA public key. More...
 
struct  X509EcParameters
 EC parameters. More...
 
struct  X509EcPublicKey
 EC public key. More...
 
struct  X509SubjectPublicKeyInfo
 Subject Public Key Information extension. More...
 
struct  X509BasicConstraints
 Basic Constraints extension. More...
 
struct  X509NameConstraints
 Name Constraints extension. More...
 
struct  X509KeyUsage
 Key Usage extension. More...
 
struct  X509ExtendedKeyUsage
 Extended Key Usage extension. More...
 
struct  X509GeneralName
 General name. More...
 
struct  X509SubjectAltName
 Subject Alternative Name extension. More...
 
struct  X509SubjectKeyId
 Subject Key Identifier extension. More...
 
struct  X509AuthKeyId
 Authority Key Identifier extension. More...
 
struct  X509DistrPointName
 Distribution Point Name structure. More...
 
struct  X509DistrPoint
 Distribution Point structure. More...
 
struct  X509CrlDistrPoints
 CRL Distribution Points extension. More...
 
struct  X509AccessDescription
 Access Description extension. More...
 
struct  X509AuthInfoAccess
 Authority Information Access extension. More...
 
struct  X509PkixOcspNoCheck
 PKIX OCSP No Check extension. More...
 
struct  X509NsCertType
 Netscape certificate type. More...
 
struct  X509Extension
 X.509 certificate extension. More...
 
struct  X509Extensions
 X.509 certificate extensions. More...
 
struct  X509RsaPssParameters
 RSASSA-PSS parameters. More...
 
struct  X509SignAlgoId
 Signature algorithm identifier. More...
 
struct  X509TbsCertificate
 TBSCertificate structure. More...
 
struct  X509CertInfo
 X.509 certificate. More...
 
struct  X509CrlReason
 CRL Reason extension. More...
 
struct  X509InvalidityDate
 Invalidity Date extension. More...
 
struct  X509CertificateIssuer
 Certificate Issuer extension. More...
 
struct  X509CrlEntryExtensions
 CRL entry extensions. More...
 
struct  X509RevokedCertificate
 Revoked certificate. More...
 
struct  X509CrlNumber
 CRL number. More...
 
struct  X509DeltaCrlIndicator
 Delta CRL Indicator extension. More...
 
struct  X509IssuingDistrPoint
 Issuing Distribution Point extension. More...
 
struct  X509CrlExtensions
 CRL extensions. More...
 
struct  X509TbsCertList
 TBSCertList structure. More...
 
struct  X509CrlInfo
 CRL (Certificate Revocation List) More...
 
struct  X509ChallengePassword
 PKCS #9 ChallengePassword attribute. More...
 
struct  X509Attribute
 CSR attribute. More...
 
struct  X509Attributes
 CSR attributes. More...
 
struct  X509CertRequestInfo
 CertificationRequestInfo structure. More...
 
struct  X509CsrInfo
 CSR (Certificate Signing Request) More...
 

Macros

#define X509_SIGN_CALLBACK_SUPPORT   DISABLED
 
#define X509_RSA_SUPPORT   ENABLED
 
#define X509_RSA_PSS_SUPPORT   DISABLED
 
#define X509_DSA_SUPPORT   DISABLED
 
#define X509_ECDSA_SUPPORT   ENABLED
 
#define X509_MD5_SUPPORT   DISABLED
 
#define X509_SHA1_SUPPORT   DISABLED
 
#define X509_SHA224_SUPPORT   DISABLED
 
#define X509_SHA256_SUPPORT   ENABLED
 
#define X509_SHA384_SUPPORT   ENABLED
 
#define X509_SHA512_SUPPORT   ENABLED
 
#define X509_SHA3_224_SUPPORT   DISABLED
 
#define X509_SHA3_256_SUPPORT   DISABLED
 
#define X509_SHA3_384_SUPPORT   DISABLED
 
#define X509_SHA3_512_SUPPORT   DISABLED
 
#define X509_SM3_SUPPORT   DISABLED
 
#define X509_SECP112R1_SUPPORT   DISABLED
 
#define X509_SECP112R2_SUPPORT   DISABLED
 
#define X509_SECP128R1_SUPPORT   DISABLED
 
#define X509_SECP128R2_SUPPORT   DISABLED
 
#define X509_SECP160K1_SUPPORT   DISABLED
 
#define X509_SECP160R1_SUPPORT   DISABLED
 
#define X509_SECP160R2_SUPPORT   DISABLED
 
#define X509_SECP192K1_SUPPORT   DISABLED
 
#define X509_SECP192R1_SUPPORT   DISABLED
 
#define X509_SECP224K1_SUPPORT   DISABLED
 
#define X509_SECP224R1_SUPPORT   DISABLED
 
#define X509_SECP256K1_SUPPORT   DISABLED
 
#define X509_SECP256R1_SUPPORT   ENABLED
 
#define X509_SECP384R1_SUPPORT   ENABLED
 
#define X509_SECP521R1_SUPPORT   ENABLED
 
#define X509_BRAINPOOLP160R1_SUPPORT   DISABLED
 
#define X509_BRAINPOOLP192R1_SUPPORT   DISABLED
 
#define X509_BRAINPOOLP224R1_SUPPORT   DISABLED
 
#define X509_BRAINPOOLP256R1_SUPPORT   DISABLED
 
#define X509_BRAINPOOLP320R1_SUPPORT   DISABLED
 
#define X509_BRAINPOOLP384R1_SUPPORT   DISABLED
 
#define X509_BRAINPOOLP512R1_SUPPORT   DISABLED
 
#define X509_SM2_SUPPORT   DISABLED
 
#define X509_ED25519_SUPPORT   DISABLED
 
#define X509_ED448_SUPPORT   DISABLED
 
#define X509_MIN_RSA_MODULUS_SIZE   1024
 
#define X509_MAX_RSA_MODULUS_SIZE   4096
 
#define X509_MIN_DSA_MODULUS_SIZE   1024
 
#define X509_MAX_DSA_MODULUS_SIZE   4096
 
#define X509_SERIAL_NUMBER_SIZE   20
 
#define X509_MAX_DOMAIN_COMPONENTS   4
 
#define X509_MAX_SUBJECT_ALT_NAMES   4
 
#define X509_MAX_CERT_ISSUERS   4
 
#define X509_MAX_CRL_ISSUERS   2
 
#define X509_MAX_DISTR_POINTS   2
 
#define X509_MAX_FULL_NAMES   2
 
#define X509_MAX_ACCESS_DESCRIPTIONS   2
 
#define X509_MAX_CUSTOM_EXTENSIONS   2
 
#define X509_PRIVATE_EXTENSIONS
 

Enumerations

enum  Pkcs1Version { PKCS1_VERSION_1 = 0 }
 PKCS #1 versions. More...
 
enum  Pkcs8Version { PKCS8_VERSION_1 = 0 , PKCS8_VERSION_2 = 1 }
 PKCS #8 versions. More...
 
enum  X509Version { X509_VERSION_1 = 0 , X509_VERSION_2 = 1 , X509_VERSION_3 = 2 }
 X.509 versions. More...
 
enum  X509KeyUsageBitmap {
  X509_KEY_USAGE_DIGITAL_SIGNATURE = 0x0001 , X509_KEY_USAGE_NON_REPUDIATION = 0x0002 , X509_KEY_USAGE_KEY_ENCIPHERMENT = 0x0004 , X509_KEY_USAGE_DATA_ENCIPHERMENT = 0x0008 ,
  X509_KEY_USAGE_KEY_AGREEMENT = 0x0010 , X509_KEY_USAGE_KEY_CERT_SIGN = 0x0020 , X509_KEY_USAGE_CRL_SIGN = 0x0040 , X509_KEY_USAGE_ENCIPHER_ONLY = 0x0080 ,
  X509_KEY_USAGE_DECIPHER_ONLY = 0x0100
}
 Key usage. More...
 
enum  X509ExtKeyUsageBitmap {
  X509_EXT_KEY_USAGE_SERVER_AUTH = 0x00000001 , X509_EXT_KEY_USAGE_CLIENT_AUTH = 0x00000002 , X509_EXT_KEY_USAGE_CODE_SIGNING = 0x00000004 , X509_EXT_KEY_USAGE_EMAIL_PROTECTION = 0x00000008 ,
  X509_EXT_KEY_USAGE_IPSEC_END_SYSTEM = 0x00000010 , X509_EXT_KEY_USAGE_IPSEC_TUNNEL = 0x00000020 , X509_EXT_KEY_USAGE_IPSEC_USER = 0x00000040 , X509_EXT_KEY_USAGE_TIME_STAMPING = 0x00000080 ,
  X509_EXT_KEY_USAGE_OCSP_SIGNING = 0x00000100 , X509_EXT_KEY_USAGE_IPSEC_IKE = 0x00000200 , X509_EXT_KEY_USAGE_SSH_CLIENT = 0x00000400 , X509_EXT_KEY_USAGE_SSH_SERVER = 0x00000800 ,
  X509_EXT_KEY_USAGE_DOC_SIGNING = 0x00001000 , X509_EXT_KEY_USAGE_ANY = 0x00001FFF
}
 Extended key usage. More...
 
enum  X509GeneralNameType {
  X509_GENERAL_NAME_TYPE_OTHER = 0 , X509_GENERAL_NAME_TYPE_RFC822 = 1 , X509_GENERAL_NAME_TYPE_DNS = 2 , X509_GENERAL_NAME_TYPE_X400_ADDRESS = 3 ,
  X509_GENERAL_NAME_TYPE_DIRECTORY = 4 , X509_GENERAL_NAME_TYPE_EDI_PARTY = 5 , X509_GENERAL_NAME_TYPE_URI = 6 , X509_GENERAL_NAME_TYPE_IP_ADDRESS = 7 ,
  X509_GENERAL_NAME_TYPE_REGISTERED_ID = 8
}
 General name types. More...
 
enum  X509NsCertTypeBitmap { X509_NS_CERT_TYPE_SSL_CLIENT = 0x01 , X509_NS_CERT_TYPE_SSL_SERVER = 0x02 , X509_NS_CERT_TYPE_SSL_CA = 0x20 }
 Netscape certificate types. More...
 
enum  X509ReasonFlags {
  X509_REASON_FLAGS_UNUSED = 0x0001 , X509_REASON_FLAGS_KEY_COMPROMISE = 0x0002 , X509_REASON_FLAGS_CA_COMPROMISE = 0x0004 , X509_REASON_FLAGS_AFFILIATION_CHANGED = 0x0008 ,
  X509_REASON_FLAGS_SUPERSEDED = 0x0010 , X509_REASON_FLAGS_CESSATION_OF_OPERATION = 0x0020 , X509_REASON_FLAGS_CERTIFICATE_HOLD = 0x0040 , X509_REASON_FLAGS_PRIVILEGE_WITHDRAWN = 0x0080 ,
  X509_REASON_FLAGS_AA_COMPROMISE = 0x0100
}
 Reason flags. More...
 
enum  X509CrlReasons {
  X509_CRL_REASON_UNSPECIFIED = 0 , X509_CRL_REASON_KEY_COMPROMISE = 1 , X509_CRL_REASON_CA_COMPROMISE = 2 , X509_CRL_REASON_AFFILIATION_CHANGED = 3 ,
  X509_CRL_REASON_SUPERSEDED = 4 , X509_CRL_REASON_CESSATION_OF_OPERATION = 5 , X509_CRL_REASON_CERTIFICATE_HOLD = 6 , X509_CRL_REMOVE_FROM_CRL = 8 ,
  X509_CRL_REASON_PRIVILEGE_WITHDRAWN = 9 , X509_CRL_REASON_AA_COMPROMISE = 10
}
 CRL reasons. More...
 
enum  X509KeyType {
  X509_KEY_TYPE_UNKNOWN = 0 , X509_KEY_TYPE_RSA = 1 , X509_KEY_TYPE_RSA_PSS = 2 , X509_KEY_TYPE_DSA = 3 ,
  X509_KEY_TYPE_EC = 4 , X509_KEY_TYPE_SM2 = 5 , X509_KEY_TYPE_X25519 = 6 , X509_KEY_TYPE_ED25519 = 7 ,
  X509_KEY_TYPE_X448 = 8 , X509_KEY_TYPE_ED448 = 9
}
 Public Key types. More...
 
enum  X509SignatureAlgo {
  X509_SIGN_ALGO_NONE = 0 , X509_SIGN_ALGO_RSA = 1 , X509_SIGN_ALGO_RSA_PSS = 2 , X509_SIGN_ALGO_DSA = 3 ,
  X509_SIGN_ALGO_ECDSA = 4 , X509_SIGN_ALGO_SM2 = 5 , X509_SIGN_ALGO_ED25519 = 6 , X509_SIGN_ALGO_ED448 = 7
}
 Signature algorithms. More...
 
enum  X509HashAlgo {
  X509_HASH_ALGO_NONE = 0 , X509_HASH_ALGO_MD5 = 1 , X509_HASH_ALGO_SHA1 = 2 , X509_HASH_ALGO_SHA224 = 3 ,
  X509_HASH_ALGO_SHA256 = 4 , X509_HASH_ALGO_SHA384 = 5 , X509_HASH_ALGO_SHA512 = 6 , X509_HASH_ALGO_SHA3_224 = 7 ,
  X509_HASH_ALGO_SHA3_256 = 8 , X509_HASH_ALGO_SHA3_384 = 9 , X509_HASH_ALGO_SHA3_512 = 10 , X509_HASH_ALGO_SM3 = 11
}
 Hash algorithms. More...
 

Functions

bool_t x509IsSignAlgoSupported (X509SignatureAlgo signAlgo)
 Check whether a given signature algorithm is supported. More...
 
bool_t x509IsHashAlgoSupported (X509HashAlgo hashAlgo)
 Check whether a given hash algorithm is supported. More...
 
bool_t x509IsCurveSupported (const uint8_t *oid, size_t length)
 Check whether a given elliptic curve is supported. More...
 
error_t x509GetSignHashAlgo (const X509SignAlgoId *signAlgoId, X509SignatureAlgo *signAlgo, const HashAlgo **hashAlgo)
 Get the signature and hash algorithms that match the specified identifier. More...
 
X509KeyType x509GetPublicKeyType (const uint8_t *oid, size_t length)
 Get the public key type that matches the specified OID. More...
 
const EcCurveInfox509GetCurveInfo (const uint8_t *oid, size_t length)
 Get the elliptic curve that matches the specified OID. More...
 

Variables

const uint8_t X509_COMMON_NAME_OID [3]
 
const uint8_t X509_SURNAME_OID [3]
 
const uint8_t X509_SERIAL_NUMBER_OID [3]
 
const uint8_t X509_COUNTRY_NAME_OID [3]
 
const uint8_t X509_LOCALITY_NAME_OID [3]
 
const uint8_t X509_STATE_OR_PROVINCE_NAME_OID [3]
 
const uint8_t X509_ORGANIZATION_NAME_OID [3]
 
const uint8_t X509_ORGANIZATIONAL_UNIT_NAME_OID [3]
 
const uint8_t X509_TITLE_OID [3]
 
const uint8_t X509_NAME_OID [3]
 
const uint8_t X509_GIVEN_NAME_OID [3]
 
const uint8_t X509_INITIALS_OID [3]
 
const uint8_t X509_GENERATION_QUALIFIER_OID [3]
 
const uint8_t X509_DN_QUALIFIER_OID [3]
 
const uint8_t X509_PSEUDONYM_OID [3]
 
const uint8_t X509_DOMAIN_COMPONENT_OID [10]
 
const uint8_t X509_SUBJECT_DIR_ATTR_OID [3]
 
const uint8_t X509_SUBJECT_KEY_ID_OID [3]
 
const uint8_t X509_KEY_USAGE_OID [3]
 
const uint8_t X509_SUBJECT_ALT_NAME_OID [3]
 
const uint8_t X509_ISSUER_ALT_NAME_OID [3]
 
const uint8_t X509_BASIC_CONSTRAINTS_OID [3]
 
const uint8_t X509_CRL_NUMBER_OID [3]
 
const uint8_t X509_REASON_CODE_OID [3]
 
const uint8_t X509_INVALIDITY_DATE_OID [3]
 
const uint8_t X509_DELTA_CRL_INDICATOR_OID [3]
 
const uint8_t X509_ISSUING_DISTR_POINT_OID [3]
 
const uint8_t X509_CERTIFICATE_ISSUER_OID [3]
 
const uint8_t X509_NAME_CONSTRAINTS_OID [3]
 
const uint8_t X509_CRL_DISTR_POINTS_OID [3]
 
const uint8_t X509_CERTIFICATE_POLICIES_OID [3]
 
const uint8_t X509_POLICY_MAPPINGS_OID [3]
 
const uint8_t X509_AUTHORITY_KEY_ID_OID [3]
 
const uint8_t X509_POLICY_CONSTRAINTS_OID [3]
 
const uint8_t X509_EXTENDED_KEY_USAGE_OID [3]
 
const uint8_t X509_FRESHEST_CRL_OID [3]
 
const uint8_t X509_INHIBIT_ANY_POLICY_OID [3]
 
const uint8_t X509_AUTH_INFO_ACCESS_OID [8]
 
const uint8_t X509_PKIX_OCSP_NO_CHECK_OID [9]
 
const uint8_t X509_NS_CERT_TYPE_OID [9]
 
const uint8_t X509_ANY_EXT_KEY_USAGE_OID [4]
 
const uint8_t X509_KP_SERVER_AUTH_OID [8]
 
const uint8_t X509_KP_CLIENT_AUTH_OID [8]
 
const uint8_t X509_KP_CODE_SIGNING_OID [8]
 
const uint8_t X509_KP_EMAIL_PROTECTION_OID [8]
 
const uint8_t X509_KP_IPSEC_END_SYSTEM_OID [8]
 
const uint8_t X509_KP_IPSEC_TUNNEL_OID [8]
 
const uint8_t X509_KP_IPSEC_USER_OID [8]
 
const uint8_t X509_KP_TIME_STAMPING_OID [8]
 
const uint8_t X509_KP_OCSP_SIGNING_OID [8]
 
const uint8_t X509_KP_IPSEC_IKE_OID [8]
 
const uint8_t X509_KP_SSH_CLIENT_OID [8]
 
const uint8_t X509_KP_SSH_SERVER_OID [8]
 
const uint8_t X509_KP_DOC_SIGNING_OID [8]
 
const uint8_t X509_AD_CA_ISSUERS [8]
 
const uint8_t X509_AD_OCSP [8]
 
const uint8_t X509_EMAIL_ADDRESS_OID [9]
 
const uint8_t X509_CHALLENGE_PASSWORD_OID [9]
 
const uint8_t X509_EXTENSION_REQUEST_OID [9]
 

Detailed Description

X.509 common definitions.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneCRYPTO Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.4.0

Definition in file x509_common.h.

Macro Definition Documentation

◆ X509_BRAINPOOLP160R1_SUPPORT

#define X509_BRAINPOOLP160R1_SUPPORT   DISABLED

Definition at line 262 of file x509_common.h.

◆ X509_BRAINPOOLP192R1_SUPPORT

#define X509_BRAINPOOLP192R1_SUPPORT   DISABLED

Definition at line 269 of file x509_common.h.

◆ X509_BRAINPOOLP224R1_SUPPORT

#define X509_BRAINPOOLP224R1_SUPPORT   DISABLED

Definition at line 276 of file x509_common.h.

◆ X509_BRAINPOOLP256R1_SUPPORT

#define X509_BRAINPOOLP256R1_SUPPORT   DISABLED

Definition at line 283 of file x509_common.h.

◆ X509_BRAINPOOLP320R1_SUPPORT

#define X509_BRAINPOOLP320R1_SUPPORT   DISABLED

Definition at line 290 of file x509_common.h.

◆ X509_BRAINPOOLP384R1_SUPPORT

#define X509_BRAINPOOLP384R1_SUPPORT   DISABLED

Definition at line 297 of file x509_common.h.

◆ X509_BRAINPOOLP512R1_SUPPORT

#define X509_BRAINPOOLP512R1_SUPPORT   DISABLED

Definition at line 304 of file x509_common.h.

◆ X509_DSA_SUPPORT

#define X509_DSA_SUPPORT   DISABLED

Definition at line 66 of file x509_common.h.

◆ X509_ECDSA_SUPPORT

#define X509_ECDSA_SUPPORT   ENABLED

Definition at line 73 of file x509_common.h.

◆ X509_ED25519_SUPPORT

#define X509_ED25519_SUPPORT   DISABLED

Definition at line 318 of file x509_common.h.

◆ X509_ED448_SUPPORT

#define X509_ED448_SUPPORT   DISABLED

Definition at line 325 of file x509_common.h.

◆ X509_MAX_ACCESS_DESCRIPTIONS

#define X509_MAX_ACCESS_DESCRIPTIONS   2

Definition at line 409 of file x509_common.h.

◆ X509_MAX_CERT_ISSUERS

#define X509_MAX_CERT_ISSUERS   4

Definition at line 381 of file x509_common.h.

◆ X509_MAX_CRL_ISSUERS

#define X509_MAX_CRL_ISSUERS   2

Definition at line 388 of file x509_common.h.

◆ X509_MAX_CUSTOM_EXTENSIONS

#define X509_MAX_CUSTOM_EXTENSIONS   2

Definition at line 416 of file x509_common.h.

◆ X509_MAX_DISTR_POINTS

#define X509_MAX_DISTR_POINTS   2

Definition at line 395 of file x509_common.h.

◆ X509_MAX_DOMAIN_COMPONENTS

#define X509_MAX_DOMAIN_COMPONENTS   4

Definition at line 367 of file x509_common.h.

◆ X509_MAX_DSA_MODULUS_SIZE

#define X509_MAX_DSA_MODULUS_SIZE   4096

Definition at line 353 of file x509_common.h.

◆ X509_MAX_FULL_NAMES

#define X509_MAX_FULL_NAMES   2

Definition at line 402 of file x509_common.h.

◆ X509_MAX_RSA_MODULUS_SIZE

#define X509_MAX_RSA_MODULUS_SIZE   4096

Definition at line 339 of file x509_common.h.

◆ X509_MAX_SUBJECT_ALT_NAMES

#define X509_MAX_SUBJECT_ALT_NAMES   4

Definition at line 374 of file x509_common.h.

◆ X509_MD5_SUPPORT

#define X509_MD5_SUPPORT   DISABLED

Definition at line 80 of file x509_common.h.

◆ X509_MIN_DSA_MODULUS_SIZE

#define X509_MIN_DSA_MODULUS_SIZE   1024

Definition at line 346 of file x509_common.h.

◆ X509_MIN_RSA_MODULUS_SIZE

#define X509_MIN_RSA_MODULUS_SIZE   1024

Definition at line 332 of file x509_common.h.

◆ X509_PRIVATE_EXTENSIONS

#define X509_PRIVATE_EXTENSIONS

Definition at line 423 of file x509_common.h.

◆ X509_RSA_PSS_SUPPORT

#define X509_RSA_PSS_SUPPORT   DISABLED

Definition at line 59 of file x509_common.h.

◆ X509_RSA_SUPPORT

#define X509_RSA_SUPPORT   ENABLED

Definition at line 52 of file x509_common.h.

◆ X509_SECP112R1_SUPPORT

#define X509_SECP112R1_SUPPORT   DISABLED

Definition at line 157 of file x509_common.h.

◆ X509_SECP112R2_SUPPORT

#define X509_SECP112R2_SUPPORT   DISABLED

Definition at line 164 of file x509_common.h.

◆ X509_SECP128R1_SUPPORT

#define X509_SECP128R1_SUPPORT   DISABLED

Definition at line 171 of file x509_common.h.

◆ X509_SECP128R2_SUPPORT

#define X509_SECP128R2_SUPPORT   DISABLED

Definition at line 178 of file x509_common.h.

◆ X509_SECP160K1_SUPPORT

#define X509_SECP160K1_SUPPORT   DISABLED

Definition at line 185 of file x509_common.h.

◆ X509_SECP160R1_SUPPORT

#define X509_SECP160R1_SUPPORT   DISABLED

Definition at line 192 of file x509_common.h.

◆ X509_SECP160R2_SUPPORT

#define X509_SECP160R2_SUPPORT   DISABLED

Definition at line 199 of file x509_common.h.

◆ X509_SECP192K1_SUPPORT

#define X509_SECP192K1_SUPPORT   DISABLED

Definition at line 206 of file x509_common.h.

◆ X509_SECP192R1_SUPPORT

#define X509_SECP192R1_SUPPORT   DISABLED

Definition at line 213 of file x509_common.h.

◆ X509_SECP224K1_SUPPORT

#define X509_SECP224K1_SUPPORT   DISABLED

Definition at line 220 of file x509_common.h.

◆ X509_SECP224R1_SUPPORT

#define X509_SECP224R1_SUPPORT   DISABLED

Definition at line 227 of file x509_common.h.

◆ X509_SECP256K1_SUPPORT

#define X509_SECP256K1_SUPPORT   DISABLED

Definition at line 234 of file x509_common.h.

◆ X509_SECP256R1_SUPPORT

#define X509_SECP256R1_SUPPORT   ENABLED

Definition at line 241 of file x509_common.h.

◆ X509_SECP384R1_SUPPORT

#define X509_SECP384R1_SUPPORT   ENABLED

Definition at line 248 of file x509_common.h.

◆ X509_SECP521R1_SUPPORT

#define X509_SECP521R1_SUPPORT   ENABLED

Definition at line 255 of file x509_common.h.

◆ X509_SERIAL_NUMBER_SIZE

#define X509_SERIAL_NUMBER_SIZE   20

Definition at line 360 of file x509_common.h.

◆ X509_SHA1_SUPPORT

#define X509_SHA1_SUPPORT   DISABLED

Definition at line 87 of file x509_common.h.

◆ X509_SHA224_SUPPORT

#define X509_SHA224_SUPPORT   DISABLED

Definition at line 94 of file x509_common.h.

◆ X509_SHA256_SUPPORT

#define X509_SHA256_SUPPORT   ENABLED

Definition at line 101 of file x509_common.h.

◆ X509_SHA384_SUPPORT

#define X509_SHA384_SUPPORT   ENABLED

Definition at line 108 of file x509_common.h.

◆ X509_SHA3_224_SUPPORT

#define X509_SHA3_224_SUPPORT   DISABLED

Definition at line 122 of file x509_common.h.

◆ X509_SHA3_256_SUPPORT

#define X509_SHA3_256_SUPPORT   DISABLED

Definition at line 129 of file x509_common.h.

◆ X509_SHA3_384_SUPPORT

#define X509_SHA3_384_SUPPORT   DISABLED

Definition at line 136 of file x509_common.h.

◆ X509_SHA3_512_SUPPORT

#define X509_SHA3_512_SUPPORT   DISABLED

Definition at line 143 of file x509_common.h.

◆ X509_SHA512_SUPPORT

#define X509_SHA512_SUPPORT   ENABLED

Definition at line 115 of file x509_common.h.

◆ X509_SIGN_CALLBACK_SUPPORT

#define X509_SIGN_CALLBACK_SUPPORT   DISABLED

Definition at line 45 of file x509_common.h.

◆ X509_SM2_SUPPORT

#define X509_SM2_SUPPORT   DISABLED

Definition at line 311 of file x509_common.h.

◆ X509_SM3_SUPPORT

#define X509_SM3_SUPPORT   DISABLED

Definition at line 150 of file x509_common.h.

Enumeration Type Documentation

◆ Pkcs1Version

enum Pkcs1Version

PKCS #1 versions.

Enumerator
PKCS1_VERSION_1 

Definition at line 436 of file x509_common.h.

◆ Pkcs8Version

enum Pkcs8Version

PKCS #8 versions.

Enumerator
PKCS8_VERSION_1 
PKCS8_VERSION_2 

Definition at line 446 of file x509_common.h.

◆ X509CrlReasons

enum X509CrlReasons

CRL reasons.

Enumerator
X509_CRL_REASON_UNSPECIFIED 
X509_CRL_REASON_KEY_COMPROMISE 
X509_CRL_REASON_CA_COMPROMISE 
X509_CRL_REASON_AFFILIATION_CHANGED 
X509_CRL_REASON_SUPERSEDED 
X509_CRL_REASON_CESSATION_OF_OPERATION 
X509_CRL_REASON_CERTIFICATE_HOLD 
X509_CRL_REMOVE_FROM_CRL 
X509_CRL_REASON_PRIVILEGE_WITHDRAWN 
X509_CRL_REASON_AA_COMPROMISE 

Definition at line 558 of file x509_common.h.

◆ X509ExtKeyUsageBitmap

enum X509ExtKeyUsageBitmap

Extended key usage.

Enumerator
X509_EXT_KEY_USAGE_SERVER_AUTH 
X509_EXT_KEY_USAGE_CLIENT_AUTH 
X509_EXT_KEY_USAGE_CODE_SIGNING 
X509_EXT_KEY_USAGE_EMAIL_PROTECTION 
X509_EXT_KEY_USAGE_IPSEC_END_SYSTEM 
X509_EXT_KEY_USAGE_IPSEC_TUNNEL 
X509_EXT_KEY_USAGE_IPSEC_USER 
X509_EXT_KEY_USAGE_TIME_STAMPING 
X509_EXT_KEY_USAGE_OCSP_SIGNING 
X509_EXT_KEY_USAGE_IPSEC_IKE 
X509_EXT_KEY_USAGE_SSH_CLIENT 
X509_EXT_KEY_USAGE_SSH_SERVER 
X509_EXT_KEY_USAGE_DOC_SIGNING 
X509_EXT_KEY_USAGE_ANY 

Definition at line 487 of file x509_common.h.

◆ X509GeneralNameType

enum X509GeneralNameType

General name types.

Enumerator
X509_GENERAL_NAME_TYPE_OTHER 
X509_GENERAL_NAME_TYPE_RFC822 
X509_GENERAL_NAME_TYPE_DNS 
X509_GENERAL_NAME_TYPE_X400_ADDRESS 
X509_GENERAL_NAME_TYPE_DIRECTORY 
X509_GENERAL_NAME_TYPE_EDI_PARTY 
X509_GENERAL_NAME_TYPE_URI 
X509_GENERAL_NAME_TYPE_IP_ADDRESS 
X509_GENERAL_NAME_TYPE_REGISTERED_ID 

Definition at line 510 of file x509_common.h.

◆ X509HashAlgo

enum X509HashAlgo

Hash algorithms.

Enumerator
X509_HASH_ALGO_NONE 
X509_HASH_ALGO_MD5 
X509_HASH_ALGO_SHA1 
X509_HASH_ALGO_SHA224 
X509_HASH_ALGO_SHA256 
X509_HASH_ALGO_SHA384 
X509_HASH_ALGO_SHA512 
X509_HASH_ALGO_SHA3_224 
X509_HASH_ALGO_SHA3_256 
X509_HASH_ALGO_SHA3_384 
X509_HASH_ALGO_SHA3_512 
X509_HASH_ALGO_SM3 

Definition at line 613 of file x509_common.h.

◆ X509KeyType

enum X509KeyType

Public Key types.

Enumerator
X509_KEY_TYPE_UNKNOWN 
X509_KEY_TYPE_RSA 
X509_KEY_TYPE_RSA_PSS 
X509_KEY_TYPE_DSA 
X509_KEY_TYPE_EC 
X509_KEY_TYPE_SM2 
X509_KEY_TYPE_X25519 
X509_KEY_TYPE_ED25519 
X509_KEY_TYPE_X448 
X509_KEY_TYPE_ED448 

Definition at line 577 of file x509_common.h.

◆ X509KeyUsageBitmap

enum X509KeyUsageBitmap

Key usage.

Enumerator
X509_KEY_USAGE_DIGITAL_SIGNATURE 
X509_KEY_USAGE_NON_REPUDIATION 
X509_KEY_USAGE_KEY_ENCIPHERMENT 
X509_KEY_USAGE_DATA_ENCIPHERMENT 
X509_KEY_USAGE_KEY_AGREEMENT 
X509_KEY_USAGE_KEY_CERT_SIGN 
X509_KEY_USAGE_CRL_SIGN 
X509_KEY_USAGE_ENCIPHER_ONLY 
X509_KEY_USAGE_DECIPHER_ONLY 

Definition at line 469 of file x509_common.h.

◆ X509NsCertTypeBitmap

enum X509NsCertTypeBitmap

Netscape certificate types.

Enumerator
X509_NS_CERT_TYPE_SSL_CLIENT 
X509_NS_CERT_TYPE_SSL_SERVER 
X509_NS_CERT_TYPE_SSL_CA 

Definition at line 528 of file x509_common.h.

◆ X509ReasonFlags

enum X509ReasonFlags

Reason flags.

Enumerator
X509_REASON_FLAGS_UNUSED 
X509_REASON_FLAGS_KEY_COMPROMISE 
X509_REASON_FLAGS_CA_COMPROMISE 
X509_REASON_FLAGS_AFFILIATION_CHANGED 
X509_REASON_FLAGS_SUPERSEDED 
X509_REASON_FLAGS_CESSATION_OF_OPERATION 
X509_REASON_FLAGS_CERTIFICATE_HOLD 
X509_REASON_FLAGS_PRIVILEGE_WITHDRAWN 
X509_REASON_FLAGS_AA_COMPROMISE 

Definition at line 540 of file x509_common.h.

◆ X509SignatureAlgo

enum X509SignatureAlgo

Signature algorithms.

Enumerator
X509_SIGN_ALGO_NONE 
X509_SIGN_ALGO_RSA 
X509_SIGN_ALGO_RSA_PSS 
X509_SIGN_ALGO_DSA 
X509_SIGN_ALGO_ECDSA 
X509_SIGN_ALGO_SM2 
X509_SIGN_ALGO_ED25519 
X509_SIGN_ALGO_ED448 

Definition at line 596 of file x509_common.h.

◆ X509Version

enum X509Version

X.509 versions.

Enumerator
X509_VERSION_1 
X509_VERSION_2 
X509_VERSION_3 

Definition at line 457 of file x509_common.h.

Function Documentation

◆ x509GetCurveInfo()

const EcCurveInfo* x509GetCurveInfo ( const uint8_t *  oid,
size_t  length 
)

Get the elliptic curve that matches the specified OID.

Parameters
[in]oidObject identifier
[in]lengthLength of the OID, in bytes
Returns
Elliptic curve domain parameters

Definition at line 910 of file x509_common.c.

◆ x509GetPublicKeyType()

X509KeyType x509GetPublicKeyType ( const uint8_t *  oid,
size_t  length 
)

Get the public key type that matches the specified OID.

Parameters
[in]oidObject identifier
[in]lengthOID length
Returns
Public key type

Definition at line 829 of file x509_common.c.

◆ x509GetSignHashAlgo()

error_t x509GetSignHashAlgo ( const X509SignAlgoId signAlgoId,
X509SignatureAlgo signAlgo,
const HashAlgo **  hashAlgo 
)

Get the signature and hash algorithms that match the specified identifier.

Parameters
[in]signAlgoIdSignature algorithm identifier
[out]signAlgoSignature algorithm
[out]hashAlgoHash algorithm
Returns
Error code

Definition at line 377 of file x509_common.c.

◆ x509IsCurveSupported()

bool_t x509IsCurveSupported ( const uint8_t *  oid,
size_t  length 
)

Check whether a given elliptic curve is supported.

Parameters
[in]oidObject identifier
[in]lengthLength of the OID, in bytes
Returns
TRUE is the elliptic curve is supported, else FALSE

Definition at line 354 of file x509_common.c.

◆ x509IsHashAlgoSupported()

bool_t x509IsHashAlgoSupported ( X509HashAlgo  hashAlgo)

Check whether a given hash algorithm is supported.

Parameters
[in]hashAlgosignature hash
Returns
TRUE is the signature hash is supported, else FALSE

Definition at line 250 of file x509_common.c.

◆ x509IsSignAlgoSupported()

bool_t x509IsSignAlgoSupported ( X509SignatureAlgo  signAlgo)

Check whether a given signature algorithm is supported.

Parameters
[in]signAlgosignature algorithm
Returns
TRUE is the signature algorithm is supported, else FALSE

Definition at line 175 of file x509_common.c.

Variable Documentation

◆ X509_AD_CA_ISSUERS

const uint8_t X509_AD_CA_ISSUERS[8]
extern

Definition at line 157 of file x509_common.c.

◆ X509_AD_OCSP

const uint8_t X509_AD_OCSP[8]
extern

Definition at line 159 of file x509_common.c.

◆ X509_ANY_EXT_KEY_USAGE_OID

const uint8_t X509_ANY_EXT_KEY_USAGE_OID[4]
extern

Definition at line 128 of file x509_common.c.

◆ X509_AUTH_INFO_ACCESS_OID

const uint8_t X509_AUTH_INFO_ACCESS_OID[8]
extern

Definition at line 121 of file x509_common.c.

◆ X509_AUTHORITY_KEY_ID_OID

const uint8_t X509_AUTHORITY_KEY_ID_OID[3]
extern

Definition at line 111 of file x509_common.c.

◆ X509_BASIC_CONSTRAINTS_OID

const uint8_t X509_BASIC_CONSTRAINTS_OID[3]
extern

Definition at line 89 of file x509_common.c.

◆ X509_CERTIFICATE_ISSUER_OID

const uint8_t X509_CERTIFICATE_ISSUER_OID[3]
extern

Definition at line 101 of file x509_common.c.

◆ X509_CERTIFICATE_POLICIES_OID

const uint8_t X509_CERTIFICATE_POLICIES_OID[3]
extern

Definition at line 107 of file x509_common.c.

◆ X509_CHALLENGE_PASSWORD_OID

const uint8_t X509_CHALLENGE_PASSWORD_OID[9]
extern

Definition at line 164 of file x509_common.c.

◆ X509_COMMON_NAME_OID

const uint8_t X509_COMMON_NAME_OID[3]
extern

Definition at line 46 of file x509_common.c.

◆ X509_COUNTRY_NAME_OID

const uint8_t X509_COUNTRY_NAME_OID[3]
extern

Definition at line 52 of file x509_common.c.

◆ X509_CRL_DISTR_POINTS_OID

const uint8_t X509_CRL_DISTR_POINTS_OID[3]
extern

Definition at line 105 of file x509_common.c.

◆ X509_CRL_NUMBER_OID

const uint8_t X509_CRL_NUMBER_OID[3]
extern

Definition at line 91 of file x509_common.c.

◆ X509_DELTA_CRL_INDICATOR_OID

const uint8_t X509_DELTA_CRL_INDICATOR_OID[3]
extern

Definition at line 97 of file x509_common.c.

◆ X509_DN_QUALIFIER_OID

const uint8_t X509_DN_QUALIFIER_OID[3]
extern

Definition at line 72 of file x509_common.c.

◆ X509_DOMAIN_COMPONENT_OID

const uint8_t X509_DOMAIN_COMPONENT_OID[10]
extern

Definition at line 76 of file x509_common.c.

◆ X509_EMAIL_ADDRESS_OID

const uint8_t X509_EMAIL_ADDRESS_OID[9]
extern

Definition at line 162 of file x509_common.c.

◆ X509_EXTENDED_KEY_USAGE_OID

const uint8_t X509_EXTENDED_KEY_USAGE_OID[3]
extern

Definition at line 115 of file x509_common.c.

◆ X509_EXTENSION_REQUEST_OID

const uint8_t X509_EXTENSION_REQUEST_OID[9]
extern

Definition at line 166 of file x509_common.c.

◆ X509_FRESHEST_CRL_OID

const uint8_t X509_FRESHEST_CRL_OID[3]
extern

Definition at line 117 of file x509_common.c.

◆ X509_GENERATION_QUALIFIER_OID

const uint8_t X509_GENERATION_QUALIFIER_OID[3]
extern

Definition at line 70 of file x509_common.c.

◆ X509_GIVEN_NAME_OID

const uint8_t X509_GIVEN_NAME_OID[3]
extern

Definition at line 66 of file x509_common.c.

◆ X509_INHIBIT_ANY_POLICY_OID

const uint8_t X509_INHIBIT_ANY_POLICY_OID[3]
extern

Definition at line 119 of file x509_common.c.

◆ X509_INITIALS_OID

const uint8_t X509_INITIALS_OID[3]
extern

Definition at line 68 of file x509_common.c.

◆ X509_INVALIDITY_DATE_OID

const uint8_t X509_INVALIDITY_DATE_OID[3]
extern

Definition at line 95 of file x509_common.c.

◆ X509_ISSUER_ALT_NAME_OID

const uint8_t X509_ISSUER_ALT_NAME_OID[3]
extern

Definition at line 87 of file x509_common.c.

◆ X509_ISSUING_DISTR_POINT_OID

const uint8_t X509_ISSUING_DISTR_POINT_OID[3]
extern

Definition at line 99 of file x509_common.c.

◆ X509_KEY_USAGE_OID

const uint8_t X509_KEY_USAGE_OID[3]
extern

Definition at line 83 of file x509_common.c.

◆ X509_KP_CLIENT_AUTH_OID

const uint8_t X509_KP_CLIENT_AUTH_OID[8]
extern

Definition at line 132 of file x509_common.c.

◆ X509_KP_CODE_SIGNING_OID

const uint8_t X509_KP_CODE_SIGNING_OID[8]
extern

Definition at line 134 of file x509_common.c.

◆ X509_KP_DOC_SIGNING_OID

const uint8_t X509_KP_DOC_SIGNING_OID[8]
extern

Definition at line 154 of file x509_common.c.

◆ X509_KP_EMAIL_PROTECTION_OID

const uint8_t X509_KP_EMAIL_PROTECTION_OID[8]
extern

Definition at line 136 of file x509_common.c.

◆ X509_KP_IPSEC_END_SYSTEM_OID

const uint8_t X509_KP_IPSEC_END_SYSTEM_OID[8]
extern

Definition at line 138 of file x509_common.c.

◆ X509_KP_IPSEC_IKE_OID

const uint8_t X509_KP_IPSEC_IKE_OID[8]
extern

Definition at line 148 of file x509_common.c.

◆ X509_KP_IPSEC_TUNNEL_OID

const uint8_t X509_KP_IPSEC_TUNNEL_OID[8]
extern

Definition at line 140 of file x509_common.c.

◆ X509_KP_IPSEC_USER_OID

const uint8_t X509_KP_IPSEC_USER_OID[8]
extern

Definition at line 142 of file x509_common.c.

◆ X509_KP_OCSP_SIGNING_OID

const uint8_t X509_KP_OCSP_SIGNING_OID[8]
extern

Definition at line 146 of file x509_common.c.

◆ X509_KP_SERVER_AUTH_OID

const uint8_t X509_KP_SERVER_AUTH_OID[8]
extern

Definition at line 130 of file x509_common.c.

◆ X509_KP_SSH_CLIENT_OID

const uint8_t X509_KP_SSH_CLIENT_OID[8]
extern

Definition at line 150 of file x509_common.c.

◆ X509_KP_SSH_SERVER_OID

const uint8_t X509_KP_SSH_SERVER_OID[8]
extern

Definition at line 152 of file x509_common.c.

◆ X509_KP_TIME_STAMPING_OID

const uint8_t X509_KP_TIME_STAMPING_OID[8]
extern

Definition at line 144 of file x509_common.c.

◆ X509_LOCALITY_NAME_OID

const uint8_t X509_LOCALITY_NAME_OID[3]
extern

Definition at line 54 of file x509_common.c.

◆ X509_NAME_CONSTRAINTS_OID

const uint8_t X509_NAME_CONSTRAINTS_OID[3]
extern

Definition at line 103 of file x509_common.c.

◆ X509_NAME_OID

const uint8_t X509_NAME_OID[3]
extern

Definition at line 64 of file x509_common.c.

◆ X509_NS_CERT_TYPE_OID

const uint8_t X509_NS_CERT_TYPE_OID[9]
extern

Definition at line 125 of file x509_common.c.

◆ X509_ORGANIZATION_NAME_OID

const uint8_t X509_ORGANIZATION_NAME_OID[3]
extern

Definition at line 58 of file x509_common.c.

◆ X509_ORGANIZATIONAL_UNIT_NAME_OID

const uint8_t X509_ORGANIZATIONAL_UNIT_NAME_OID[3]
extern

Definition at line 60 of file x509_common.c.

◆ X509_PKIX_OCSP_NO_CHECK_OID

const uint8_t X509_PKIX_OCSP_NO_CHECK_OID[9]
extern

Definition at line 123 of file x509_common.c.

◆ X509_POLICY_CONSTRAINTS_OID

const uint8_t X509_POLICY_CONSTRAINTS_OID[3]
extern

Definition at line 113 of file x509_common.c.

◆ X509_POLICY_MAPPINGS_OID

const uint8_t X509_POLICY_MAPPINGS_OID[3]
extern

Definition at line 109 of file x509_common.c.

◆ X509_PSEUDONYM_OID

const uint8_t X509_PSEUDONYM_OID[3]
extern

Definition at line 74 of file x509_common.c.

◆ X509_REASON_CODE_OID

const uint8_t X509_REASON_CODE_OID[3]
extern

Definition at line 93 of file x509_common.c.

◆ X509_SERIAL_NUMBER_OID

const uint8_t X509_SERIAL_NUMBER_OID[3]
extern

Definition at line 50 of file x509_common.c.

◆ X509_STATE_OR_PROVINCE_NAME_OID

const uint8_t X509_STATE_OR_PROVINCE_NAME_OID[3]
extern

Definition at line 56 of file x509_common.c.

◆ X509_SUBJECT_ALT_NAME_OID

const uint8_t X509_SUBJECT_ALT_NAME_OID[3]
extern

Definition at line 85 of file x509_common.c.

◆ X509_SUBJECT_DIR_ATTR_OID

const uint8_t X509_SUBJECT_DIR_ATTR_OID[3]
extern

Definition at line 79 of file x509_common.c.

◆ X509_SUBJECT_KEY_ID_OID

const uint8_t X509_SUBJECT_KEY_ID_OID[3]
extern

Definition at line 81 of file x509_common.c.

◆ X509_SURNAME_OID

const uint8_t X509_SURNAME_OID[3]
extern

Definition at line 48 of file x509_common.c.

◆ X509_TITLE_OID

const uint8_t X509_TITLE_OID[3]
extern

Definition at line 62 of file x509_common.c.