x509_common.h
Go to the documentation of this file.
1 /**
2  * @file x509_common.h
3  * @brief X.509 common definitions
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2020 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 1.9.8
29  **/
30 
31 #ifndef _X509_COMMON_H
32 #define _X509_COMMON_H
33 
34 //Dependencies
35 #include "core/crypto.h"
36 #include "pkc/rsa.h"
37 #include "pkc/dsa.h"
38 #include "ecc/ecdsa.h"
39 #include "ecc/eddsa.h"
40 #include "date_time.h"
41 
42 //RSA certificate support
43 #ifndef X509_RSA_SUPPORT
44  #define X509_RSA_SUPPORT ENABLED
45 #elif (X509_RSA_SUPPORT != ENABLED && X509_RSA_SUPPORT != DISABLED)
46  #error X509_RSA_SUPPORT
47 #endif
48 
49 //RSA-PSS certificate support
50 #ifndef X509_RSA_PSS_SUPPORT
51  #define X509_RSA_PSS_SUPPORT DISABLED
52 #elif (X509_RSA_PSS_SUPPORT != ENABLED && X509_RSA_PSS_SUPPORT != DISABLED)
53  #error X509_RSA_PSS_SUPPORT
54 #endif
55 
56 //DSA certificate support
57 #ifndef X509_DSA_SUPPORT
58  #define X509_DSA_SUPPORT DISABLED
59 #elif (X509_DSA_SUPPORT != ENABLED && X509_DSA_SUPPORT != DISABLED)
60  #error X509_DSA_SUPPORT parameter is not valid
61 #endif
62 
63 //ECDSA certificate support
64 #ifndef X509_ECDSA_SUPPORT
65  #define X509_ECDSA_SUPPORT ENABLED
66 #elif (X509_ECDSA_SUPPORT != ENABLED && X509_ECDSA_SUPPORT != DISABLED)
67  #error X509_ECDSA_SUPPORT parameter is not valid
68 #endif
69 
70 //MD5 hash support (insecure)
71 #ifndef X509_MD5_SUPPORT
72  #define X509_MD5_SUPPORT DISABLED
73 #elif (X509_MD5_SUPPORT != ENABLED && X509_MD5_SUPPORT != DISABLED)
74  #error X509_MD5_SUPPORT parameter is not valid
75 #endif
76 
77 //SHA-1 hash support (weak)
78 #ifndef X509_SHA1_SUPPORT
79  #define X509_SHA1_SUPPORT DISABLED
80 #elif (X509_SHA1_SUPPORT != ENABLED && X509_SHA1_SUPPORT != DISABLED)
81  #error X509_SHA1_SUPPORT parameter is not valid
82 #endif
83 
84 //SHA-224 hash support (weak)
85 #ifndef X509_SHA224_SUPPORT
86  #define X509_SHA224_SUPPORT DISABLED
87 #elif (X509_SHA224_SUPPORT != ENABLED && X509_SHA224_SUPPORT != DISABLED)
88  #error X509_SHA224_SUPPORT parameter is not valid
89 #endif
90 
91 //SHA-256 hash support
92 #ifndef X509_SHA256_SUPPORT
93  #define X509_SHA256_SUPPORT ENABLED
94 #elif (X509_SHA256_SUPPORT != ENABLED && X509_SHA256_SUPPORT != DISABLED)
95  #error X509_SHA256_SUPPORT parameter is not valid
96 #endif
97 
98 //SHA-384 hash support
99 #ifndef X509_SHA384_SUPPORT
100  #define X509_SHA384_SUPPORT ENABLED
101 #elif (X509_SHA384_SUPPORT != ENABLED && X509_SHA384_SUPPORT != DISABLED)
102  #error X509_SHA384_SUPPORT parameter is not valid
103 #endif
104 
105 //SHA-512 hash support
106 #ifndef X509_SHA512_SUPPORT
107  #define X509_SHA512_SUPPORT ENABLED
108 #elif (X509_SHA512_SUPPORT != ENABLED && X509_SHA512_SUPPORT != DISABLED)
109  #error X509_SHA512_SUPPORT parameter is not valid
110 #endif
111 
112 //SHA3-224 hash support
113 #ifndef X509_SHA3_224_SUPPORT
114  #define X509_SHA3_224_SUPPORT DISABLED
115 #elif (X509_SHA3_224_SUPPORT != ENABLED && X509_SHA3_224_SUPPORT != DISABLED)
116  #error X509_SHA3_224_SUPPORT parameter is not valid
117 #endif
118 
119 //SHA3-256 hash support
120 #ifndef X509_SHA3_256_SUPPORT
121  #define X509_SHA3_256_SUPPORT DISABLED
122 #elif (X509_SHA3_256_SUPPORT != ENABLED && X509_SHA3_256_SUPPORT != DISABLED)
123  #error X509_SHA3_256_SUPPORT parameter is not valid
124 #endif
125 
126 //SHA3-384 hash support
127 #ifndef X509_SHA3_384_SUPPORT
128  #define X509_SHA3_384_SUPPORT DISABLED
129 #elif (X509_SHA3_384_SUPPORT != ENABLED && X509_SHA3_384_SUPPORT != DISABLED)
130  #error X509_SHA3_384_SUPPORT parameter is not valid
131 #endif
132 
133 //SHA3-512 hash support
134 #ifndef X509_SHA3_512_SUPPORT
135  #define X509_SHA3_512_SUPPORT DISABLED
136 #elif (X509_SHA3_512_SUPPORT != ENABLED && X509_SHA3_512_SUPPORT != DISABLED)
137  #error X509_SHA3_512_SUPPORT parameter is not valid
138 #endif
139 
140 //secp112r1 elliptic curve support (weak)
141 #ifndef X509_SECP112R1_SUPPORT
142  #define X509_SECP112R1_SUPPORT DISABLED
143 #elif (X509_SECP112R1_SUPPORT != ENABLED && X509_SECP112R1_SUPPORT != DISABLED)
144  #error X509_SECP112R1_SUPPORT parameter is not valid
145 #endif
146 
147 //secp112r2 elliptic curve support (weak)
148 #ifndef X509_SECP112R2_SUPPORT
149  #define X509_SECP112R2_SUPPORT DISABLED
150 #elif (X509_SECP112R2_SUPPORT != ENABLED && X509_SECP112R2_SUPPORT != DISABLED)
151  #error X509_SECP112R2_SUPPORT parameter is not valid
152 #endif
153 
154 //secp128r1 elliptic curve support (weak)
155 #ifndef X509_SECP128R1_SUPPORT
156  #define X509_SECP128R1_SUPPORT DISABLED
157 #elif (X509_SECP128R1_SUPPORT != ENABLED && X509_SECP128R1_SUPPORT != DISABLED)
158  #error X509_SECP128R1_SUPPORT parameter is not valid
159 #endif
160 
161 //secp128r2 elliptic curve support (weak)
162 #ifndef X509_SECP128R2_SUPPORT
163  #define X509_SECP128R2_SUPPORT DISABLED
164 #elif (X509_SECP128R2_SUPPORT != ENABLED && X509_SECP128R2_SUPPORT != DISABLED)
165  #error X509_SECP128R2_SUPPORT parameter is not valid
166 #endif
167 
168 //secp160k1 elliptic curve support (weak)
169 #ifndef X509_SECP160K1_SUPPORT
170  #define X509_SECP160K1_SUPPORT DISABLED
171 #elif (X509_SECP160K1_SUPPORT != ENABLED && X509_SECP160K1_SUPPORT != DISABLED)
172  #error X509_SECP160K1_SUPPORT parameter is not valid
173 #endif
174 
175 //secp160r1 elliptic curve support (weak)
176 #ifndef X509_SECP160R1_SUPPORT
177  #define X509_SECP160R1_SUPPORT DISABLED
178 #elif (X509_SECP160R1_SUPPORT != ENABLED && X509_SECP160R1_SUPPORT != DISABLED)
179  #error X509_SECP160R1_SUPPORT parameter is not valid
180 #endif
181 
182 //secp160r2 elliptic curve support (weak)
183 #ifndef X509_SECP160R2_SUPPORT
184  #define X509_SECP160R2_SUPPORT DISABLED
185 #elif (X509_SECP160R2_SUPPORT != ENABLED && X509_SECP160R2_SUPPORT != DISABLED)
186  #error X509_SECP160R2_SUPPORT parameter is not valid
187 #endif
188 
189 //secp192k1 elliptic curve support
190 #ifndef X509_SECP192K1_SUPPORT
191  #define X509_SECP192K1_SUPPORT DISABLED
192 #elif (X509_SECP192K1_SUPPORT != ENABLED && X509_SECP192K1_SUPPORT != DISABLED)
193  #error X509_SECP192K1_SUPPORT parameter is not valid
194 #endif
195 
196 //secp192r1 elliptic curve support (NIST P-192)
197 #ifndef X509_SECP192R1_SUPPORT
198  #define X509_SECP192R1_SUPPORT DISABLED
199 #elif (X509_SECP192R1_SUPPORT != ENABLED && X509_SECP192R1_SUPPORT != DISABLED)
200  #error X509_SECP192R1_SUPPORT parameter is not valid
201 #endif
202 
203 //secp224k1 elliptic curve support
204 #ifndef X509_SECP224K1_SUPPORT
205  #define X509_SECP224K1_SUPPORT DISABLED
206 #elif (X509_SECP224K1_SUPPORT != ENABLED && X509_SECP224K1_SUPPORT != DISABLED)
207  #error X509_SECP224K1_SUPPORT parameter is not valid
208 #endif
209 
210 //secp224r1 elliptic curve support (NIST P-224)
211 #ifndef X509_SECP224R1_SUPPORT
212  #define X509_SECP224R1_SUPPORT DISABLED
213 #elif (X509_SECP224R1_SUPPORT != ENABLED && X509_SECP224R1_SUPPORT != DISABLED)
214  #error X509_SECP224R1_SUPPORT parameter is not valid
215 #endif
216 
217 //secp256k1 elliptic curve support
218 #ifndef X509_SECP256K1_SUPPORT
219  #define X509_SECP256K1_SUPPORT DISABLED
220 #elif (X509_SECP256K1_SUPPORT != ENABLED && X509_SECP256K1_SUPPORT != DISABLED)
221  #error X509_SECP256K1_SUPPORT parameter is not valid
222 #endif
223 
224 //secp256r1 elliptic curve support (NIST P-256)
225 #ifndef X509_SECP256R1_SUPPORT
226  #define X509_SECP256R1_SUPPORT ENABLED
227 #elif (X509_SECP256R1_SUPPORT != ENABLED && X509_SECP256R1_SUPPORT != DISABLED)
228  #error X509_SECP256R1_SUPPORT parameter is not valid
229 #endif
230 
231 //secp384r1 elliptic curve support (NIST P-384)
232 #ifndef X509_SECP384R1_SUPPORT
233  #define X509_SECP384R1_SUPPORT ENABLED
234 #elif (X509_SECP384R1_SUPPORT != ENABLED && X509_SECP384R1_SUPPORT != DISABLED)
235  #error X509_SECP384R1_SUPPORT parameter is not valid
236 #endif
237 
238 //secp521r1 elliptic curve support (NIST P-521)
239 #ifndef X509_SECP521R1_SUPPORT
240  #define X509_SECP521R1_SUPPORT ENABLED
241 #elif (X509_SECP521R1_SUPPORT != ENABLED && X509_SECP521R1_SUPPORT != DISABLED)
242  #error X509_SECP521R1_SUPPORT parameter is not valid
243 #endif
244 
245 //brainpoolP160r1 elliptic curve support
246 #ifndef X509_BRAINPOOLP160R1_SUPPORT
247  #define X509_BRAINPOOLP160R1_SUPPORT DISABLED
248 #elif (X509_BRAINPOOLP160R1_SUPPORT != ENABLED && X509_BRAINPOOLP160R1_SUPPORT != DISABLED)
249  #error X509_BRAINPOOLP160R1_SUPPORT parameter is not valid
250 #endif
251 
252 //brainpoolP192r1 elliptic curve support
253 #ifndef X509_BRAINPOOLP192R1_SUPPORT
254  #define X509_BRAINPOOLP192R1_SUPPORT DISABLED
255 #elif (X509_BRAINPOOLP192R1_SUPPORT != ENABLED && X509_BRAINPOOLP192R1_SUPPORT != DISABLED)
256  #error X509_BRAINPOOLP192R1_SUPPORT parameter is not valid
257 #endif
258 
259 //brainpoolP224r1 elliptic curve support
260 #ifndef X509_BRAINPOOLP224R1_SUPPORT
261  #define X509_BRAINPOOLP224R1_SUPPORT DISABLED
262 #elif (X509_BRAINPOOLP224R1_SUPPORT != ENABLED && X509_BRAINPOOLP224R1_SUPPORT != DISABLED)
263  #error X509_BRAINPOOLP224R1_SUPPORT parameter is not valid
264 #endif
265 
266 //brainpoolP256r1 elliptic curve support
267 #ifndef X509_BRAINPOOLP256R1_SUPPORT
268  #define X509_BRAINPOOLP256R1_SUPPORT DISABLED
269 #elif (X509_BRAINPOOLP256R1_SUPPORT != ENABLED && X509_BRAINPOOLP256R1_SUPPORT != DISABLED)
270  #error X509_BRAINPOOLP256R1_SUPPORT parameter is not valid
271 #endif
272 
273 //brainpoolP320r1 elliptic curve support
274 #ifndef X509_BRAINPOOLP320R1_SUPPORT
275  #define X509_BRAINPOOLP320R1_SUPPORT DISABLED
276 #elif (X509_BRAINPOOLP320R1_SUPPORT != ENABLED && X509_BRAINPOOLP320R1_SUPPORT != DISABLED)
277  #error X509_BRAINPOOLP320R1_SUPPORT parameter is not valid
278 #endif
279 
280 //brainpoolP384r1 elliptic curve support
281 #ifndef X509_BRAINPOOLP384R1_SUPPORT
282  #define X509_BRAINPOOLP384R1_SUPPORT DISABLED
283 #elif (X509_BRAINPOOLP384R1_SUPPORT != ENABLED && X509_BRAINPOOLP384R1_SUPPORT != DISABLED)
284  #error X509_BRAINPOOLP384R1_SUPPORT parameter is not valid
285 #endif
286 
287 //brainpoolP512r1 elliptic curve support
288 #ifndef X509_BRAINPOOLP512R1_SUPPORT
289  #define X509_BRAINPOOLP512R1_SUPPORT DISABLED
290 #elif (X509_BRAINPOOLP512R1_SUPPORT != ENABLED && X509_BRAINPOOLP512R1_SUPPORT != DISABLED)
291  #error X509_BRAINPOOLP512R1_SUPPORT parameter is not valid
292 #endif
293 
294 //Ed25519 elliptic curve support
295 #ifndef X509_ED25519_SUPPORT
296  #define X509_ED25519_SUPPORT DISABLED
297 #elif (X509_ED25519_SUPPORT != ENABLED && X509_ED25519_SUPPORT != DISABLED)
298  #error X509_ED25519_SUPPORT parameter is not valid
299 #endif
300 
301 //Ed448 elliptic curve support
302 #ifndef X509_ED448_SUPPORT
303  #define X509_ED448_SUPPORT DISABLED
304 #elif (X509_ED448_SUPPORT != ENABLED && X509_ED448_SUPPORT != DISABLED)
305  #error X509_ED448_SUPPORT parameter is not valid
306 #endif
307 
308 //Minimum acceptable size for RSA modulus
309 #ifndef X509_MIN_RSA_MODULUS_SIZE
310  #define X509_MIN_RSA_MODULUS_SIZE 1024
311 #elif (X509_MIN_RSA_MODULUS_SIZE < 512)
312  #error X509_MIN_RSA_MODULUS_SIZE parameter is not valid
313 #endif
314 
315 //Maximum acceptable size for RSA modulus
316 #ifndef X509_MAX_RSA_MODULUS_SIZE
317  #define X509_MAX_RSA_MODULUS_SIZE 4096
318 #elif (X509_MAX_RSA_MODULUS_SIZE < X509_MIN_RSA_MODULUS_SIZE)
319  #error X509_MAX_RSA_MODULUS_SIZE parameter is not valid
320 #endif
321 
322 //Minimum acceptable size for DSA prime modulus
323 #ifndef X509_MIN_DSA_MODULUS_SIZE
324  #define X509_MIN_DSA_MODULUS_SIZE 1024
325 #elif (X509_MIN_DSA_MODULUS_SIZE < 512)
326  #error X509_MIN_DSA_MODULUS_SIZE parameter is not valid
327 #endif
328 
329 //Maximum acceptable size for DSA prime modulus
330 #ifndef X509_MAX_DSA_MODULUS_SIZE
331  #define X509_MAX_DSA_MODULUS_SIZE 4096
332 #elif (X509_MAX_DSA_MODULUS_SIZE < X509_MIN_DSA_MODULUS_SIZE)
333  #error X509_MAX_DSA_MODULUS_SIZE parameter is not valid
334 #endif
335 
336 //Default size of serial numbers
337 #ifndef X509_SERIAL_NUMBER_SIZE
338  #define X509_SERIAL_NUMBER_SIZE 20
339 #elif (X509_SERIAL_NUMBER_SIZE < 1)
340  #error X509_SERIAL_NUMBER_SIZE parameter is not valid
341 #endif
342 
343 //Maximum number of subject alternative names
344 #ifndef X509_MAX_SUBJECT_ALT_NAMES
345  #define X509_MAX_SUBJECT_ALT_NAMES 4
346 #elif (X509_MAX_SUBJECT_ALT_NAMES < 1)
347  #error X509_MAX_SUBJECT_ALT_NAMES parameter is not valid
348 #endif
349 
350 //Maximum number of certificate issuer names
351 #ifndef X509_MAX_CERT_ISSUER_NAMES
352  #define X509_MAX_CERT_ISSUER_NAMES 4
353 #elif (X509_MAX_CERT_ISSUER_NAMES < 1)
354  #error X509_MAX_CERT_ISSUER_NAMES parameter is not valid
355 #endif
356 
357 //Maximum number of custom extensions
358 #ifndef X509_MAX_CUSTOM_EXTENSIONS
359  #define X509_MAX_CUSTOM_EXTENSIONS 2
360 #elif (X509_MAX_CUSTOM_EXTENSIONS < 1)
361  #error X509_MAX_CUSTOM_EXTENSIONS parameter is not valid
362 #endif
363 
364 //Maximum digest size
365 #if (X509_SHA3_512_SUPPORT == ENABLED && SHA3_512_SUPPORT == ENABLED)
366  #define X509_MAX_HASH_DIGEST_SIZE 64
367 #elif (X509_SHA512_SUPPORT == ENABLED && SHA512_SUPPORT == ENABLED)
368  #define X509_MAX_HASH_DIGEST_SIZE 64
369 #elif (X509_SHA3_384_SUPPORT == ENABLED && SHA3_384_SUPPORT == ENABLED)
370  #define X509_MAX_HASH_DIGEST_SIZE 48
371 #elif (X509_SHA384_SUPPORT == ENABLED && SHA384_SUPPORT == ENABLED)
372  #define X509_MAX_HASH_DIGEST_SIZE 48
373 #elif (X509_SHA3_256_SUPPORT == ENABLED && SHA3_256_SUPPORT == ENABLED)
374  #define X509_MAX_HASH_DIGEST_SIZE 32
375 #elif (X509_SHA256_SUPPORT == ENABLED && SHA256_SUPPORT == ENABLED)
376  #define X509_MAX_HASH_DIGEST_SIZE 32
377 #elif (X509_SHA3_224_SUPPORT == ENABLED && SHA3_224_SUPPORT == ENABLED)
378  #define X509_MAX_HASH_DIGEST_SIZE 28
379 #elif (X509_SHA224_SUPPORT == ENABLED && SHA224_SUPPORT == ENABLED)
380  #define X509_MAX_HASH_DIGEST_SIZE 28
381 #elif (X509_SHA1_SUPPORT == ENABLED && SHA1_SUPPORT == ENABLED)
382  #define X509_MAX_HASH_DIGEST_SIZE 20
383 #elif (X509_MD5_SUPPORT == ENABLED && MD5_SUPPORT == ENABLED)
384  #define X509_MAX_HASH_DIGEST_SIZE 16
385 #endif
386 
387 //C++ guard
388 #ifdef __cplusplus
389 extern "C" {
390 #endif
391 
392 
393 /**
394  * @brief X.509 versions
395  **/
396 
397 typedef enum
398 {
402 } X509Version;
403 
404 
405 /**
406  * @brief Key usage
407  **/
408 
409 typedef enum
410 {
421 
422 
423 /**
424  * @brief Extended key usage
425  **/
426 
427 typedef enum
428 {
437 
438 
439 /**
440  * @brief General name types
441  **/
442 
443 typedef enum
444 {
455 
456 
457 /**
458  * @brief Netscape certificate types
459  **/
460 
461 typedef enum
462 {
467 
468 
469 /**
470  * @brief Reason flags
471  **/
472 
473 typedef enum
474 {
485 
486 
487 /**
488  * @brief CRL reasons
489  **/
490 
491 typedef enum
492 {
504 
505 
506 /**
507  * @brief Public Key types
508  **/
509 
510 typedef enum
511 {
521 } X509KeyType;
522 
523 
524 /**
525  * @brief Signature algorithms
526  **/
527 
528 typedef enum
529 {
538 
539 
540 /**
541  * @brief Hash algorithms
542  **/
543 
544 typedef enum
545 {
557 } X509HashAlgo;
558 
559 
560 /**
561  * @brief Serial number
562  **/
563 
564 typedef struct
565 {
566  const uint8_t *data;
567  size_t length;
569 
570 
571 /**
572  * @brief Issuer or subject name
573  **/
574 
575 typedef struct
576 {
577  const uint8_t *rawData;
578  size_t rawDataLen;
581  const char_t *surname;
582  size_t surnameLen;
595  const char_t *title;
596  size_t titleLen;
597  const char_t *name;
598  size_t nameLen;
600  size_t givenNameLen;
601  const char_t *initials;
602  size_t initialsLen;
608  size_t pseudonymLen;
609 } X509Name;
610 
611 
612 /**
613  * @brief Name attribute
614  **/
615 
616 typedef struct
617 {
618  const uint8_t *type;
619  size_t typeLen;
620  const char_t *value;
621  size_t valueLen;
623 
624 
625 /**
626  * @brief Validity
627  **/
628 
629 typedef struct
630 {
633 } X509Validity;
634 
635 
636 /**
637  * @brief RSA public key
638  **/
639 
640 typedef struct
641 {
642  const uint8_t *n;
643  size_t nLen;
644  const uint8_t *e;
645  size_t eLen;
647 
648 
649 /**
650  * @brief DSA domain parameters
651  **/
652 
653 typedef struct
654 {
655  const uint8_t *p;
656  size_t pLen;
657  const uint8_t *q;
658  size_t qLen;
659  const uint8_t *g;
660  size_t gLen;
662 
663 
664 /**
665  * @brief DSA public key
666  **/
667 
668 typedef struct
669 {
670  const uint8_t *y;
671  size_t yLen;
673 
674 
675 /**
676  * @brief EC parameters
677  **/
678 
679 typedef struct
680 {
681  const uint8_t *namedCurve;
684 
685 
686 /**
687  * @brief EC public key
688  **/
689 
690 typedef struct
691 {
692  const uint8_t *q;
693  size_t qLen;
695 
696 
697 /**
698  * @brief Subject public key information
699  **/
700 
701 typedef struct
702 {
703  const uint8_t *rawData;
704  size_t rawDataLen;
705  const uint8_t *oid;
706  size_t oidLen;
707 #if (RSA_SUPPORT == ENABLED)
709 #endif
710 #if (DSA_SUPPORT == ENABLED)
713 #endif
714 #if (EC_SUPPORT == ENABLED || ED25519_SUPPORT == ENABLED || ED448_SUPPORT == ENABLED)
717 #endif
719 
720 
721 /**
722  * @brief Basic constraints
723  **/
724 
725 typedef struct
726 {
731 
732 
733 /**
734  * @brief Name constraints
735  **/
736 
737 typedef struct
738 {
740  const uint8_t *permittedSubtrees;
742  const uint8_t *excludedSubtrees;
745 
746 
747 /**
748  * @brief Key usage
749  **/
750 
751 typedef struct
752 {
754  uint16_t bitmap;
755 } X509KeyUsage;
756 
757 
758 /**
759  * @brief Extended key usage
760  **/
761 
762 typedef struct
763 {
765  uint8_t bitmap;
767 
768 
769 /**
770  * @brief General name
771  **/
772 
773 typedef struct
774 {
776  const char_t *value;
777  size_t length;
779 
780 
781 /**
782  * @brief Subject alternative name
783  **/
784 
785 typedef struct
786 {
788  const uint8_t *rawData;
789  size_t rawDataLen;
793 
794 
795 /**
796  * @brief Subject key identifier
797  **/
798 
799 typedef struct
800 {
802  const uint8_t *value;
803  size_t length;
805 
806 
807 /**
808  * @brief Authority key identifier
809  **/
810 
811 typedef struct
812 {
814  const uint8_t *keyId;
815  size_t keyIdLen;
817 
818 
819 /**
820  * @brief Netscape certificate type
821  **/
822 
823 typedef struct
824 {
826  uint8_t bitmap;
828 
829 
830 /**
831  * @brief X.509 certificate extension
832  **/
833 
834 typedef struct
835 {
836  const uint8_t *oid;
837  size_t oidLen;
839  const uint8_t *value;
840  size_t valueLen;
841 } X509Extension;
842 
843 
844 /**
845  * @brief X.509 certificate extensions
846  **/
847 
848 typedef struct
849 {
850  const uint8_t *rawData;
851  size_t rawDataLen;
863 
864 
865 /**
866  * @brief RSASSA-PSS parameters
867  **/
868 
869 typedef struct
870 {
871  const uint8_t *hashAlgo;
872  size_t hashAlgoLen;
873  const uint8_t *maskGenAlgo;
875  const uint8_t *maskGenHashAlgo;
877  size_t saltLen;
879 
880 
881 /**
882  * @brief Signature algorithm identifier
883  **/
884 
885 typedef struct
886 {
887  const uint8_t *oid;
888  size_t oidLen;
889 #if (X509_RSA_PSS_SUPPORT == ENABLED && RSA_SUPPORT == ENABLED)
891 #endif
893 
894 
895 /**
896  * @brief Signature value
897  **/
898 
899 typedef struct
900 {
901  const uint8_t *data;
902  size_t length;
904 
905 
906 /**
907  * @brief TBSCertificate structure
908  **/
909 
910 typedef struct
911 {
912  const uint8_t *rawData;
913  size_t rawDataLen;
923 
924 
925 /**
926  * @brief X.509 certificate
927  **/
928 
929 typedef struct
930 {
935 
936 
937 /**
938  * @brief CRL reason
939  **/
940 
941 typedef struct
942 {
944  uint8_t value;
945 } X509CrlReason;
946 
947 
948 /**
949  * @brief Invalidity date
950  **/
951 
952 typedef struct
953 {
957 
958 
959 /**
960  * @brief Certificate issuer
961  **/
962 
963 typedef struct
964 {
966  const uint8_t *rawData;
967  size_t rawDataLen;
971 
972 
973 /**
974  * @brief CRL extensions
975  **/
976 
977 typedef struct
978 {
979  const uint8_t *rawData;
980  size_t rawDataLen;
985 
986 
987 /**
988  * @brief Revoked certificate
989  **/
990 
991 typedef struct
992 {
997 
998 
999 /**
1000  * @brief CRL number
1001  **/
1002 
1003 typedef struct
1004 {
1006  const uint8_t *value;
1007  size_t length;
1008 } X509CrlNumber;
1009 
1010 
1011 /**
1012  * @brief Delta CRL indicator
1013  **/
1014 
1015 typedef struct
1016 {
1018  const uint8_t *baseCrlNumber;
1021 
1022 
1023 /**
1024  * @brief Distribution point name
1025  **/
1026 
1027 typedef struct
1028 {
1030  const uint8_t *fullName;
1031  size_t fullNameLen;
1032  const uint8_t *nameRelativeToCrlIssuer;
1035 
1036 
1037 /**
1038  * @brief Issuing distribution point
1039  **/
1040 
1041 typedef struct
1042 {
1051 
1052 
1053 /**
1054  * @brief CRL extensions
1055  **/
1056 
1057 typedef struct
1058 {
1059  const uint8_t *rawData;
1060  size_t rawDataLen;
1066 
1067 
1068 /**
1069  * @brief TBSCertList structure
1070  **/
1071 
1072 typedef struct
1073 {
1074  const uint8_t *rawData;
1075  size_t rawDataLen;
1081  const uint8_t *revokedCerts;
1084 } X509TbsCertList;
1085 
1086 
1087 /**
1088  * @brief CRL (Certificate Revocation List)
1089  **/
1090 
1091 typedef struct
1092 {
1096 } X509CrlInfo;
1097 
1098 
1099 /**
1100  * @brief PKCS#9 ChallengePassword attribute
1101  **/
1102 
1103 typedef struct
1104 {
1105  const char_t *value;
1106  size_t length;
1108 
1109 
1110 /**
1111  * @brief CSR attribute
1112  **/
1113 
1114 typedef struct
1115 {
1116  const uint8_t *oid;
1117  size_t oidLen;
1118  const uint8_t *value;
1119  size_t valueLen;
1120 } X509Attribute;
1121 
1122 
1123 /**
1124  * @brief CSR attributes
1125  **/
1126 
1127 typedef struct
1128 {
1129  const uint8_t *rawData;
1130  size_t rawDataLen;
1133 } X509Attributes;
1134 
1135 
1136 /**
1137  * @brief CertificationRequestInfo structure
1138  **/
1139 
1140 typedef struct
1141 {
1142  const uint8_t *rawData;
1143  size_t rawDataLen;
1149 
1150 
1151 /**
1152  * @brief CSR (Certificate Signing Request)
1153  **/
1154 
1155 typedef struct
1156 {
1160 } X509CsrInfo;
1161 
1162 
1163 //X.509 related constants
1164 extern const uint8_t X509_COMMON_NAME_OID[3];
1165 extern const uint8_t X509_SURNAME_OID[3];
1166 extern const uint8_t X509_SERIAL_NUMBER_OID[3];
1167 extern const uint8_t X509_COUNTRY_NAME_OID[3];
1168 extern const uint8_t X509_LOCALITY_NAME_OID[3];
1169 extern const uint8_t X509_STATE_OR_PROVINCE_NAME_OID[3];
1170 extern const uint8_t X509_ORGANIZATION_NAME_OID[3];
1171 extern const uint8_t X509_ORGANIZATIONAL_UNIT_NAME_OID[3];
1172 extern const uint8_t X509_TITLE_OID[3];
1173 extern const uint8_t X509_NAME_OID[3];
1174 extern const uint8_t X509_GIVEN_NAME_OID[3];
1175 extern const uint8_t X509_INITIALS_OID[3];
1176 extern const uint8_t X509_GENERATION_QUALIFIER_OID[3];
1177 extern const uint8_t X509_DN_QUALIFIER_OID[3];
1178 extern const uint8_t X509_PSEUDONYM_OID[3];
1179 
1180 extern const uint8_t X509_SUBJECT_DIRECTORY_ATTR_OID[3];
1181 extern const uint8_t X509_SUBJECT_KEY_ID_OID[3];
1182 extern const uint8_t X509_KEY_USAGE_OID[3];
1183 extern const uint8_t X509_SUBJECT_ALT_NAME_OID[3];
1184 extern const uint8_t X509_ISSUER_ALT_NAME_OID[3];
1185 extern const uint8_t X509_BASIC_CONSTRAINTS_OID[3];
1186 extern const uint8_t X509_CRL_NUMBER_OID[3];
1187 extern const uint8_t X509_REASON_CODE_OID[3];
1188 extern const uint8_t X509_INVALIDITY_DATE_OID[3];
1189 extern const uint8_t X509_DELTA_CRL_INDICATOR_OID[3];
1190 extern const uint8_t X509_ISSUING_DISTR_POINT_OID[3];
1191 extern const uint8_t X509_CERTIFICATE_ISSUER_OID[3];
1192 extern const uint8_t X509_NAME_CONSTRAINTS_OID[3];
1193 extern const uint8_t X509_CRL_DISTR_POINTS_OID[3];
1194 extern const uint8_t X509_CERTIFICATE_POLICIES_OID[3];
1195 extern const uint8_t X509_POLICY_MAPPINGS_OID[3];
1196 extern const uint8_t X509_AUTHORITY_KEY_ID_OID[3];
1197 extern const uint8_t X509_POLICY_CONSTRAINTS_OID[3];
1198 extern const uint8_t X509_EXTENDED_KEY_USAGE_OID[3];
1199 extern const uint8_t X509_FRESHEST_CRL_OID[3];
1200 extern const uint8_t X509_INHIBIT_ANY_POLICY_OID[3];
1201 
1202 extern const uint8_t X509_NS_CERT_TYPE_OID[9];
1203 
1204 extern const uint8_t X509_ANY_EXT_KEY_USAGE_OID[4];
1205 extern const uint8_t X509_KP_SERVER_AUTH_OID[8];
1206 extern const uint8_t X509_KP_CLIENT_AUTH_OID[8];
1207 extern const uint8_t X509_KP_CODE_SIGNING_OID[8];
1208 extern const uint8_t X509_KP_EMAIL_PROTECTION_OID[8];
1209 extern const uint8_t X509_KP_TIME_STAMPING_OID[8];
1210 extern const uint8_t X509_KP_OCSP_SIGNING_OID[8];
1211 
1212 extern const uint8_t X509_CHALLENGE_PASSWORD_OID[9];
1213 extern const uint8_t X509_EXTENSION_REQUEST_OID[9];
1214 
1215 //X.509 related functions
1218 
1220  X509SignatureAlgo *signAlgo, const HashAlgo **hashAlgo);
1221 
1222 X509KeyType x509GetPublicKeyType(const uint8_t *oid, size_t length);
1223 const EcCurveInfo *x509GetCurveInfo(const uint8_t *oid, size_t length);
1224 
1225 //C++ guard
1226 #ifdef __cplusplus
1227 }
1228 #endif
1229 
1230 #endif
uint8_t length
Definition: coap_common.h:190
X509Validity validity
Definition: x509_common.h:918
const uint8_t X509_KP_SERVER_AUTH_OID[8]
Definition: x509_common.c:146
Date and time management.
const uint8_t * maskGenHashAlgo
Definition: x509_common.h:875
CRL extensions.
Definition: x509_common.h:977
const uint8_t * rawData
Definition: x509_common.h:966
const uint8_t X509_ORGANIZATIONAL_UNIT_NAME_OID[3]
Definition: x509_common.c:81
const uint8_t * oid
Definition: x509_common.h:705
X509AuthorityKeyId authKeyId
Definition: x509_common.h:858
const uint8_t * oid
Definition: x509_common.h:887
X509GeneralNameType type
Definition: x509_common.h:775
int bool_t
Definition: compiler_port.h:49
const uint8_t * q
Definition: x509_common.h:657
const uint8_t X509_INHIBIT_ANY_POLICY_OID[3]
Definition: x509_common.c:138
const char_t * stateOrProvinceName
Definition: x509_common.h:589
const uint8_t X509_KEY_USAGE_OID[3]
Definition: x509_common.c:102
X509ReasonFlags
Reason flags.
Definition: x509_common.h:473
X509SignatureValue signatureValue
Definition: x509_common.h:1159
const char_t * localityName
Definition: x509_common.h:587
size_t permittedSubtreesLen
Definition: x509_common.h:741
const uint8_t * maskGenAlgo
Definition: x509_common.h:873
TBSCertificate structure.
Definition: x509_common.h:910
signed int int_t
Definition: compiler_port.h:44
const uint8_t * data
Definition: x509_common.h:901
const uint8_t * type
Definition: x509_common.h:618
Signature algorithm identifier.
Definition: x509_common.h:885
X509Extensions extensions
Definition: x509_common.h:921
const uint8_t * rawData
Definition: x509_common.h:850
X509DsaPublicKey dsaPublicKey
Definition: x509_common.h:712
const uint8_t X509_EXTENDED_KEY_USAGE_OID[3]
Definition: x509_common.c:134
ECDSA (Elliptic Curve Digital Signature Algorithm)
Validity.
Definition: x509_common.h:629
X509KeyUsage keyUsage
Definition: x509_common.h:854
const uint8_t * keyId
Definition: x509_common.h:814
size_t pseudonymLen
Definition: x509_common.h:608
X509KeyType x509GetPublicKeyType(const uint8_t *oid, size_t length)
Get the public key type that matches the specified OID.
Definition: x509_common.c:779
const uint8_t X509_POLICY_CONSTRAINTS_OID[3]
Definition: x509_common.c:132
size_t rawDataLen
Definition: x509_common.h:578
const uint8_t * fullName
Definition: x509_common.h:1030
X509RsaPssParameters rsaPssParams
Definition: x509_common.h:890
bool_t critical
Definition: x509_common.h:838
const char_t * initials
Definition: x509_common.h:601
const uint8_t X509_CHALLENGE_PASSWORD_OID[9]
Definition: x509_common.c:159
const uint8_t X509_ORGANIZATION_NAME_OID[3]
Definition: x509_common.c:79
const uint8_t X509_KP_CODE_SIGNING_OID[8]
Definition: x509_common.c:150
X.509 certificate.
Definition: x509_common.h:929
size_t valueLen
Definition: x509_common.h:840
const uint8_t * value
Definition: x509_common.h:839
X509EcParameters ecParams
Definition: x509_common.h:715
const char_t * value
Definition: x509_common.h:1105
X509ExtendedKeyUsage extKeyUsage
Definition: x509_common.h:855
const uint8_t X509_KP_OCSP_SIGNING_OID[8]
Definition: x509_common.c:156
X509NsCertType nsCertType
Definition: x509_common.h:859
bool_t critical
Definition: x509_common.h:943
const uint8_t X509_DN_QUALIFIER_OID[3]
Definition: x509_common.c:93
X509Extensions extensionReq
Definition: x509_common.h:1132
size_t rawDataLen
Definition: x509_common.h:851
const uint8_t X509_SUBJECT_ALT_NAME_OID[3]
Definition: x509_common.c:104
const uint8_t X509_SUBJECT_DIRECTORY_ATTR_OID[3]
Definition: x509_common.c:98
const uint8_t * q
Definition: x509_common.h:692
CRL (Certificate Revocation List)
Definition: x509_common.h:1091
Invalidity date.
Definition: x509_common.h:952
const uint8_t * rawData
Definition: x509_common.h:1074
const uint8_t X509_GIVEN_NAME_OID[3]
Definition: x509_common.c:87
const uint8_t X509_SERIAL_NUMBER_OID[3]
Definition: x509_common.c:71
const uint8_t * rawData
Definition: x509_common.h:912
error_t x509GetSignHashAlgo(const X509SignatureAlgoId *signAlgoId, X509SignatureAlgo *signAlgo, const HashAlgo **hashAlgo)
Get the signature and hash algorithms that match the specified identifier.
Definition: x509_common.c:337
const uint8_t X509_AUTHORITY_KEY_ID_OID[3]
Definition: x509_common.c:130
#define X509_MAX_SUBJECT_ALT_NAMES
Definition: x509_common.h:345
Subject key identifier.
Definition: x509_common.h:799
X509DeltaCrlIndicator deltaCrlIndicator
Definition: x509_common.h:1062
const uint8_t X509_NAME_OID[3]
Definition: x509_common.c:85
EC public key.
Definition: x509_common.h:690
const uint8_t X509_ANY_EXT_KEY_USAGE_OID[4]
Definition: x509_common.c:144
Distribution point name.
Definition: x509_common.h:1027
const EcCurveInfo * x509GetCurveInfo(const uint8_t *oid, size_t length)
Get the elliptic curve that matches the specified OID.
Definition: x509_common.c:860
X509CrlReasons
CRL reasons.
Definition: x509_common.h:491
X509SubjectPublicKeyInfo subjectPublicKeyInfo
Definition: x509_common.h:1146
const uint8_t * rawData
Definition: x509_common.h:788
DateTime notAfter
Definition: x509_common.h:632
Certificate issuer.
Definition: x509_common.h:963
X509SignatureAlgo
Signature algorithms.
Definition: x509_common.h:528
Elliptic curve parameters.
Definition: ec_curves.h:292
const uint8_t X509_DELTA_CRL_INDICATOR_OID[3]
Definition: x509_common.c:116
General name.
Definition: x509_common.h:773
bool_t critical
Definition: x509_common.h:753
const uint8_t * permittedSubtrees
Definition: x509_common.h:740
size_t surnameLen
Definition: x509_common.h:582
const uint8_t * value
Definition: x509_common.h:1006
X509CrlNumber crlNumber
Definition: x509_common.h:1061
X509SignatureAlgoId signatureAlgo
Definition: x509_common.h:916
error_t
Error codes.
Definition: error.h:42
const uint8_t * rawData
Definition: x509_common.h:979
const uint8_t * n
Definition: x509_common.h:642
EC parameters.
Definition: x509_common.h:679
size_t nameRelativeToCrlIssuerLen
Definition: x509_common.h:1033
const uint8_t X509_POLICY_MAPPINGS_OID[3]
Definition: x509_common.c:128
const uint8_t X509_REASON_CODE_OID[3]
Definition: x509_common.c:112
const uint8_t * g
Definition: x509_common.h:659
const uint8_t X509_CRL_NUMBER_OID[3]
Definition: x509_common.c:110
Name attribute.
Definition: x509_common.h:616
Extended key usage.
Definition: x509_common.h:762
X509BasicConstraints basicConstraints
Definition: x509_common.h:852
RSA public key.
Definition: x509_common.h:640
X509Version
X.509 versions.
Definition: x509_common.h:397
const uint8_t * rawData
Definition: x509_common.h:703
X509InvalidityDate invalidityDate
Definition: x509_common.h:982
X509SignatureAlgoId signatureAlgo
Definition: x509_common.h:1158
X509Version version
Definition: x509_common.h:914
X509CrlEntryExtensions crlEntryExtensions
Definition: x509_common.h:995
size_t serialNumberLen
Definition: x509_common.h:584
size_t nameLen
Definition: x509_common.h:598
CSR attribute.
Definition: x509_common.h:1114
TBSCertList structure.
Definition: x509_common.h:1072
const uint8_t X509_TITLE_OID[3]
Definition: x509_common.c:83
uint8_t value
Definition: x509_common.h:944
size_t excludedSubtreesLen
Definition: x509_common.h:743
const uint8_t X509_NAME_CONSTRAINTS_OID[3]
Definition: x509_common.c:122
X509RsaPublicKey rsaPublicKey
Definition: x509_common.h:708
X509SignatureValue signatureValue
Definition: x509_common.h:933
const uint8_t * nameRelativeToCrlIssuer
Definition: x509_common.h:1032
EdDSA (Edwards-Curve Digital Signature Algorithm)
X.509 certificate extension.
Definition: x509_common.h:834
const uint8_t * e
Definition: x509_common.h:644
size_t titleLen
Definition: x509_common.h:596
const char_t * name
Definition: x509_common.h:597
General definitions for cryptographic algorithms.
X509Version version
Definition: x509_common.h:1144
X509CertRequestInfo certReqInfo
Definition: x509_common.h:1157
RSA public-key cryptography standard.
uint8_t oid[1]
Definition: mib_common.h:186
X509SerialNumber serialNumber
Definition: x509_common.h:915
size_t rawDataLen
Definition: x509_common.h:980
DSA (Digital Signature Algorithm)
size_t revokedCertsLen
Definition: x509_common.h:1082
const uint8_t X509_KP_EMAIL_PROTECTION_OID[8]
Definition: x509_common.c:152
X509DsaParameters dsaParams
Definition: x509_common.h:711
Date and time representation.
Definition: date_time.h:46
#define X509_MAX_CUSTOM_EXTENSIONS
Definition: x509_common.h:359
const uint8_t * rawData
Definition: x509_common.h:577
const uint8_t * rawData
Definition: x509_common.h:1059
const uint8_t * excludedSubtrees
Definition: x509_common.h:742
size_t namedCurveLen
Definition: x509_common.h:682
Revoked certificate.
Definition: x509_common.h:991
const uint8_t X509_CRL_DISTR_POINTS_OID[3]
Definition: x509_common.c:124
Signature value.
Definition: x509_common.h:899
uint16_t bitmap
Definition: x509_common.h:754
const uint8_t * oid
Definition: x509_common.h:1116
X509TbsCertList tbsCertList
Definition: x509_common.h:1093
X509HashAlgo
Hash algorithms.
Definition: x509_common.h:544
CertificationRequestInfo structure.
Definition: x509_common.h:1140
X509CrlExtensions crlExtensions
Definition: x509_common.h:1083
X509SubjectAltName subjectAltName
Definition: x509_common.h:856
Subject alternative name.
Definition: x509_common.h:785
X509SignatureAlgoId signatureAlgo
Definition: x509_common.h:1077
const uint8_t X509_INVALIDITY_DATE_OID[3]
Definition: x509_common.c:114
#define X509_MAX_CERT_ISSUER_NAMES
Definition: x509_common.h:352
X509KeyUsageBitmap
Key usage.
Definition: x509_common.h:409
const char_t * value
Definition: x509_common.h:620
const uint8_t X509_KP_TIME_STAMPING_OID[8]
Definition: x509_common.c:154
Netscape certificate type.
Definition: x509_common.h:823
size_t dnQualifierLen
Definition: x509_common.h:606
const char_t * value
Definition: x509_common.h:776
bool_t onlyContainsAttributeCerts
Definition: x509_common.h:1049
size_t localityNameLen
Definition: x509_common.h:588
const uint8_t * data
Definition: x509_common.h:566
const char_t * title
Definition: x509_common.h:595
size_t givenNameLen
Definition: x509_common.h:600
char char_t
Definition: compiler_port.h:43
X509IssuingDistrPoint issuingDistrPoint
Definition: x509_common.h:1063
bool_t x509IsHashAlgoSupported(X509HashAlgo hashAlgo)
Check whether a given hash algorithm is supported.
Definition: x509_common.c:238
const char_t * commonName
Definition: x509_common.h:579
const uint8_t X509_ISSUER_ALT_NAME_OID[3]
Definition: x509_common.c:106
uint_t numCustomExtensions
Definition: x509_common.h:860
X509ExtKeyUsageBitmap
Extended key usage.
Definition: x509_common.h:427
DateTime notBefore
Definition: x509_common.h:631
size_t initialsLen
Definition: x509_common.h:602
const uint8_t X509_LOCALITY_NAME_OID[3]
Definition: x509_common.c:75
const uint8_t X509_SURNAME_OID[3]
Definition: x509_common.c:69
size_t commonNameLen
Definition: x509_common.h:580
const uint8_t X509_PSEUDONYM_OID[3]
Definition: x509_common.c:95
const uint8_t X509_KP_CLIENT_AUTH_OID[8]
Definition: x509_common.c:148
Issuer or subject name.
Definition: x509_common.h:575
X509CertificateIssuer certIssuer
Definition: x509_common.h:983
Subject public key information.
Definition: x509_common.h:701
const uint8_t * oid
Definition: x509_common.h:836
const uint8_t X509_COMMON_NAME_OID[3]
Definition: x509_common.c:67
X509SignatureValue signatureValue
Definition: x509_common.h:1095
CRL extensions.
Definition: x509_common.h:1057
DSA domain parameters.
Definition: x509_common.h:653
X509CrlReason reasonCode
Definition: x509_common.h:981
size_t generationQualifierLen
Definition: x509_common.h:604
X509DistrPointName distributionPoint
Definition: x509_common.h:1044
const uint8_t * revokedCerts
Definition: x509_common.h:1081
const uint8_t X509_STATE_OR_PROVINCE_NAME_OID[3]
Definition: x509_common.c:77
const char_t * generationQualifier
Definition: x509_common.h:603
CRL reason.
Definition: x509_common.h:941
Basic constraints.
Definition: x509_common.h:725
CSR attributes.
Definition: x509_common.h:1127
Delta CRL indicator.
Definition: x509_common.h:1015
const uint8_t X509_NS_CERT_TYPE_OID[9]
Definition: x509_common.c:141
DateTime thisUpdate
Definition: x509_common.h:1079
const uint8_t X509_CERTIFICATE_ISSUER_OID[3]
Definition: x509_common.c:120
const uint8_t X509_SUBJECT_KEY_ID_OID[3]
Definition: x509_common.c:100
X509SignatureAlgoId signatureAlgo
Definition: x509_common.h:1094
const char_t * countryName
Definition: x509_common.h:585
const uint8_t X509_EXTENSION_REQUEST_OID[9]
Definition: x509_common.c:161
RSASSA-PSS parameters.
Definition: x509_common.h:869
Name constraints.
Definition: x509_common.h:737
X.509 certificate extensions.
Definition: x509_common.h:848
const uint8_t X509_ISSUING_DISTR_POINT_OID[3]
Definition: x509_common.c:118
X509NameConstraints nameConstraints
Definition: x509_common.h:853
const uint8_t X509_INITIALS_OID[3]
Definition: x509_common.c:89
size_t countryNameLen
Definition: x509_common.h:586
X509SignatureAlgoId signatureAlgo
Definition: x509_common.h:932
const uint8_t X509_COUNTRY_NAME_OID[3]
Definition: x509_common.c:73
bool_t x509IsSignAlgoSupported(X509SignatureAlgo signAlgo)
Check whether a given signature algorithm is supported.
Definition: x509_common.c:170
Common interface for hash algorithms.
Definition: crypto.h:1062
CRL number.
Definition: x509_common.h:1003
const uint8_t * value
Definition: x509_common.h:802
const uint8_t * p
Definition: x509_common.h:655
X509SerialNumber userCert
Definition: x509_common.h:993
const uint8_t * y
Definition: x509_common.h:670
X509ChallengePassword challengePwd
Definition: x509_common.h:1131
const char_t * givenName
Definition: x509_common.h:599
Serial number.
Definition: x509_common.h:564
size_t organizationNameLen
Definition: x509_common.h:592
unsigned int uint_t
Definition: compiler_port.h:45
Issuing distribution point.
Definition: x509_common.h:1041
DateTime nextUpdate
Definition: x509_common.h:1080
const uint8_t X509_FRESHEST_CRL_OID[3]
Definition: x509_common.c:136
uint8_t bitmap
Definition: x509_common.h:826
const uint8_t X509_BASIC_CONSTRAINTS_OID[3]
Definition: x509_common.c:108
X509KeyType
Public Key types.
Definition: x509_common.h:510
X509EcPublicKey ecPublicKey
Definition: x509_common.h:716
X509SubjectPublicKeyInfo subjectPublicKeyInfo
Definition: x509_common.h:920
const uint8_t * rawData
Definition: x509_common.h:1129
const char_t * serialNumber
Definition: x509_common.h:583
DSA public key.
Definition: x509_common.h:668
X509GeneralNameType
General name types.
Definition: x509_common.h:443
X509SubjectKeyId subjectKeyId
Definition: x509_common.h:857
X509Version version
Definition: x509_common.h:1076
CSR (Certificate Signing Request)
Definition: x509_common.h:1155
size_t stateOrProvinceNameLen
Definition: x509_common.h:590
const char_t * surname
Definition: x509_common.h:581
const char_t * dnQualifier
Definition: x509_common.h:605
X509AuthorityKeyId authKeyId
Definition: x509_common.h:1064
const uint8_t * value
Definition: x509_common.h:1118
X509Attributes attributes
Definition: x509_common.h:1147
Authority key identifier.
Definition: x509_common.h:811
const uint8_t * namedCurve
Definition: x509_common.h:681
const char_t * pseudonym
Definition: x509_common.h:607
PKCS#9 ChallengePassword attribute.
Definition: x509_common.h:1103
const uint8_t * baseCrlNumber
Definition: x509_common.h:1018
X509TbsCertificate tbsCert
Definition: x509_common.h:931
X509NsCertTypeBitmap
Netscape certificate types.
Definition: x509_common.h:461
const char_t * organizationName
Definition: x509_common.h:591
const uint8_t * rawData
Definition: x509_common.h:1142
size_t organizationalUnitNameLen
Definition: x509_common.h:594
const uint8_t * hashAlgo
Definition: x509_common.h:871
const char_t * organizationalUnitName
Definition: x509_common.h:593
Key usage.
Definition: x509_common.h:751
const uint8_t X509_CERTIFICATE_POLICIES_OID[3]
Definition: x509_common.c:126
const uint8_t X509_GENERATION_QUALIFIER_OID[3]
Definition: x509_common.c:91