PolarSSL v1.2.10
Data Fields
_x509_cert Struct Reference

Container for an X.509 certificate. More...

#include <x509.h>

Collaboration diagram for _x509_cert:
Collaboration graph
[legend]

Data Fields

x509_buf raw
 The raw certificate data (DER). More...
 
x509_buf tbs
 The raw certificate body (DER). More...
 
int version
 The X.509 version. More...
 
x509_buf serial
 Unique id for certificate issued by a specific CA. More...
 
x509_buf sig_oid1
 Signature algorithm, e.g. More...
 
x509_buf issuer_raw
 The raw issuer data (DER). More...
 
x509_buf subject_raw
 The raw subject data (DER). More...
 
x509_name issuer
 The parsed issuer data (named information object). More...
 
x509_name subject
 The parsed subject data (named information object). More...
 
x509_time valid_from
 Start time of certificate validity. More...
 
x509_time valid_to
 End time of certificate validity. More...
 
x509_buf pk_oid
 Subject public key info. More...
 
rsa_context rsa
 Container for the RSA context. More...
 
x509_buf issuer_id
 Optional X.509 v2/v3 issuer unique identifier. More...
 
x509_buf subject_id
 Optional X.509 v2/v3 subject unique identifier. More...
 
x509_buf v3_ext
 Optional X.509 v3 extensions. More...
 
x509_sequence subject_alt_names
 Optional list of Subject Alternative Names (Only dNSName supported). More...
 
int ext_types
 Bit string containing detected and parsed extensions. More...
 
int ca_istrue
 Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. More...
 
int max_pathlen
 Optional Basic Constraint extension value: The maximum path length to the root certificate. More...
 
unsigned char key_usage
 Optional key usage extension value: See the values below. More...
 
x509_sequence ext_key_usage
 Optional list of extended key usage OIDs. More...
 
unsigned char ns_cert_type
 Optional Netscape certificate type extension value: See the values below. More...
 
x509_buf sig_oid2
 Signature algorithm. More...
 
x509_buf sig
 Signature: hash of the tbs part signed with the private key. More...
 
int sig_alg
 Internal representation of the signature algorithm, e.g. More...
 
struct _x509_certnext
 Next certificate in the CA-chain. More...
 

Detailed Description

Container for an X.509 certificate.

The certificate may be chained.

Definition at line 288 of file x509.h.

Field Documentation

int _x509_cert::ca_istrue

Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.

Definition at line 315 of file x509.h.

x509_sequence _x509_cert::ext_key_usage

Optional list of extended key usage OIDs.

Definition at line 320 of file x509.h.

int _x509_cert::ext_types

Bit string containing detected and parsed extensions.

Definition at line 314 of file x509.h.

x509_name _x509_cert::issuer

The parsed issuer data (named information object).

Definition at line 300 of file x509.h.

x509_buf _x509_cert::issuer_id

Optional X.509 v2/v3 issuer unique identifier.

Definition at line 309 of file x509.h.

x509_buf _x509_cert::issuer_raw

The raw issuer data (DER).

Used for quick comparison.

Definition at line 297 of file x509.h.

unsigned char _x509_cert::key_usage

Optional key usage extension value: See the values below.

Definition at line 318 of file x509.h.

int _x509_cert::max_pathlen

Optional Basic Constraint extension value: The maximum path length to the root certificate.

Path length is 1 higher than RFC 5280 'meaning', so 1+

Definition at line 316 of file x509.h.

struct _x509_cert* _x509_cert::next

Next certificate in the CA-chain.

Definition at line 328 of file x509.h.

unsigned char _x509_cert::ns_cert_type

Optional Netscape certificate type extension value: See the values below.

Definition at line 322 of file x509.h.

x509_buf _x509_cert::pk_oid

Subject public key info.

Includes the public key algorithm and the key itself.

Definition at line 306 of file x509.h.

x509_buf _x509_cert::raw

The raw certificate data (DER).

Definition at line 290 of file x509.h.

rsa_context _x509_cert::rsa

Container for the RSA context.

Only RSA is supported for public keys at this time.

Definition at line 307 of file x509.h.

x509_buf _x509_cert::serial

Unique id for certificate issued by a specific CA.

Definition at line 294 of file x509.h.

x509_buf _x509_cert::sig

Signature: hash of the tbs part signed with the private key.

Definition at line 325 of file x509.h.

int _x509_cert::sig_alg

Internal representation of the signature algorithm, e.g.

SIG_RSA_MD2

Definition at line 326 of file x509.h.

x509_buf _x509_cert::sig_oid1

Signature algorithm, e.g.

sha1RSA

Definition at line 295 of file x509.h.

x509_buf _x509_cert::sig_oid2

Signature algorithm.

Must match sig_oid1.

Definition at line 324 of file x509.h.

x509_name _x509_cert::subject

The parsed subject data (named information object).

Definition at line 301 of file x509.h.

x509_sequence _x509_cert::subject_alt_names

Optional list of Subject Alternative Names (Only dNSName supported).

Definition at line 312 of file x509.h.

x509_buf _x509_cert::subject_id

Optional X.509 v2/v3 subject unique identifier.

Definition at line 310 of file x509.h.

x509_buf _x509_cert::subject_raw

The raw subject data (DER).

Used for quick comparison.

Definition at line 298 of file x509.h.

x509_buf _x509_cert::tbs

The raw certificate body (DER).

The part that is To Be Signed.

Definition at line 291 of file x509.h.

x509_buf _x509_cert::v3_ext

Optional X.509 v3 extensions.

Only Basic Contraints are supported at this time.

Definition at line 311 of file x509.h.

x509_time _x509_cert::valid_from

Start time of certificate validity.

Definition at line 303 of file x509.h.

x509_time _x509_cert::valid_to

End time of certificate validity.

Definition at line 304 of file x509.h.

int _x509_cert::version

The X.509 version.

(0=v1, 1=v2, 2=v3)

Definition at line 293 of file x509.h.


The documentation for this struct was generated from the following file: