1 /**
2  * \file x509_crt.h
3  *
4  * \brief X.509 certificate parsing and writing
5  *
6  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
7  *  SPDX-License-Identifier: Apache-2.0
8  *
9  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
10  *  not use this file except in compliance with the License.
11  *  You may obtain a copy of the License at
12  *
13  *  http://www.apache.org/licenses/LICENSE-2.0
14  *
15  *  Unless required by applicable law or agreed to in writing, software
16  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18  *  See the License for the specific language governing permissions and
19  *  limitations under the License.
20  *
21  *  This file is part of mbed TLS (https://tls.mbed.org)
22  */
23 #ifndef MBEDTLS_X509_CRT_H
24 #define MBEDTLS_X509_CRT_H
25 
26 #if !defined(MBEDTLS_CONFIG_FILE)
27 #include "config.h"
28 #else
29 #include MBEDTLS_CONFIG_FILE
30 #endif
31 
32 #include "x509.h"
33 #include "x509_crl.h"
34 
35 /**
36  * \addtogroup x509_module
37  * \{
38  */
39 
40 #ifdef __cplusplus
41 extern "C" {
42 #endif
43 
44 /**
45  * \name Structures and functions for parsing and writing X.509 certificates
46  * \{
47  */
48 
49 /**
50  * Container for an X.509 certificate. The certificate may be chained.
51  */
52 typedef struct mbedtls_x509_crt
53 {
54     mbedtls_x509_buf raw;               /**< The raw certificate data (DER). */
55     mbedtls_x509_buf tbs;               /**< The raw certificate body (DER). The part that is To Be Signed. */
56 
57     int version;                /**< The X.509 version. (1=v1, 2=v2, 3=v3) */
58     mbedtls_x509_buf serial;            /**< Unique id for certificate issued by a specific CA. */
59     mbedtls_x509_buf sig_oid;           /**< Signature algorithm, e.g. sha1RSA */
60 
61     mbedtls_x509_buf issuer_raw;        /**< The raw issuer data (DER). Used for quick comparison. */
62     mbedtls_x509_buf subject_raw;       /**< The raw subject data (DER). Used for quick comparison. */
63 
64     mbedtls_x509_name issuer;           /**< The parsed issuer data (named information object). */
65     mbedtls_x509_name subject;          /**< The parsed subject data (named information object). */
66 
67     mbedtls_x509_time valid_from;       /**< Start time of certificate validity. */
68     mbedtls_x509_time valid_to;         /**< End time of certificate validity. */
69 
70     mbedtls_pk_context pk;              /**< Container for the public key context. */
71 
72     mbedtls_x509_buf issuer_id;         /**< Optional X.509 v2/v3 issuer unique identifier. */
73     mbedtls_x509_buf subject_id;        /**< Optional X.509 v2/v3 subject unique identifier. */
74     mbedtls_x509_buf v3_ext;            /**< Optional X.509 v3 extensions.  */
75     mbedtls_x509_sequence subject_alt_names;    /**< Optional list of Subject Alternative Names (Only dNSName supported). */
76 
77     int ext_types;              /**< Bit string containing detected and parsed extensions */
78     int ca_istrue;              /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
79     int max_pathlen;            /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */
80 
81     unsigned int key_usage;     /**< Optional key usage extension value: See the values in x509.h */
82 
83     mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
84 
85     unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */
86 
87     mbedtls_x509_buf sig;               /**< Signature: hash of the tbs part signed with the private key. */
88     mbedtls_md_type_t sig_md;           /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
89     mbedtls_pk_type_t sig_pk;           /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
90     void *sig_opts;             /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
91 
92     struct mbedtls_x509_crt *next;     /**< Next certificate in the CA-chain. */
93 }
94 mbedtls_x509_crt;
95 
96 /**
97  * Build flag from an algorithm/curve identifier (pk, md, ecp)
98  * Since 0 is always XXX_NONE, ignore it.
99  */
100 #define MBEDTLS_X509_ID_FLAG( id )   ( 1 << ( id - 1 ) )
101 
102 /**
103  * Security profile for certificate verification.
104  *
105  * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().
106  */
107 typedef struct
108 {
109     uint32_t allowed_mds;       /**< MDs for signatures         */
110     uint32_t allowed_pks;       /**< PK algs for signatures     */
111     uint32_t allowed_curves;    /**< Elliptic curves for ECDSA  */
112     uint32_t rsa_min_bitlen;    /**< Minimum size for RSA keys  */
113 }
114 mbedtls_x509_crt_profile;
115 
116 #define MBEDTLS_X509_CRT_VERSION_1              0
117 #define MBEDTLS_X509_CRT_VERSION_2              1
118 #define MBEDTLS_X509_CRT_VERSION_3              2
119 
120 #define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32
121 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN   15
122 
123 #if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN )
124 #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512
125 #endif
126 
127 /**
128  * Container for writing a certificate (CRT)
129  */
130 typedef struct mbedtls_x509write_cert
131 {
132     int version;
133     mbedtls_mpi serial;
134     mbedtls_pk_context *subject_key;
135     mbedtls_pk_context *issuer_key;
136     mbedtls_asn1_named_data *subject;
137     mbedtls_asn1_named_data *issuer;
138     mbedtls_md_type_t md_alg;
139     char not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1];
140     char not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1];
141     mbedtls_asn1_named_data *extensions;
142 }
143 mbedtls_x509write_cert;
144 
145 #if defined(MBEDTLS_X509_CRT_PARSE_C)
146 /**
147  * Default security profile. Should provide a good balance between security
148  * and compatibility with current deployments.
149  */
150 extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default;
151 
152 /**
153  * Expected next default profile. Recommended for new deployments.
154  * Currently targets a 128-bit security level, except for RSA-2048.
155  */
156 extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next;
157 
158 /**
159  * NSA Suite B profile.
160  */
161 extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb;
162 
163 /**
164  * \brief          Parse a single DER formatted certificate and add it
165  *                 to the chained list.
166  *
167  * \param chain    points to the start of the chain
168  * \param buf      buffer holding the certificate DER data
169  * \param buflen   size of the buffer
170  *
171  * \return         0 if successful, or a specific X509 or PEM error code
172  */
173 int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *buf,
174                         size_t buflen );
175 
176 /**
177  * \brief          Parse one or more certificates and add them
178  *                 to the chained list. Parses permissively. If some
179  *                 certificates can be parsed, the result is the number
180  *                 of failed certificates it encountered. If none complete
181  *                 correctly, the first error is returned.
182  *
183  * \param chain    points to the start of the chain
184  * \param buf      buffer holding the certificate data in PEM or DER format
185  * \param buflen   size of the buffer
186  *                 (including the terminating null byte for PEM data)
187  *
188  * \return         0 if all certificates parsed successfully, a positive number
189  *                 if partly successful or a specific X509 or PEM error code
190  */
191 int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen );
192 
193 #if defined(MBEDTLS_FS_IO)
194 /**
195  * \brief          Load one or more certificates and add them
196  *                 to the chained list. Parses permissively. If some
197  *                 certificates can be parsed, the result is the number
198  *                 of failed certificates it encountered. If none complete
199  *                 correctly, the first error is returned.
200  *
201  * \param chain    points to the start of the chain
202  * \param path     filename to read the certificates from
203  *
204  * \return         0 if all certificates parsed successfully, a positive number
205  *                 if partly successful or a specific X509 or PEM error code
206  */
207 int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path );
208 
209 /**
210  * \brief          Load one or more certificate files from a path and add them
211  *                 to the chained list. Parses permissively. If some
212  *                 certificates can be parsed, the result is the number
213  *                 of failed certificates it encountered. If none complete
214  *                 correctly, the first error is returned.
215  *
216  * \param chain    points to the start of the chain
217  * \param path     directory / folder to read the certificate files from
218  *
219  * \return         0 if all certificates parsed successfully, a positive number
220  *                 if partly successful or a specific X509 or PEM error code
221  */
222 int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
223 #endif /* MBEDTLS_FS_IO */
224 
225 /**
226  * \brief          Returns an informational string about the
227  *                 certificate.
228  *
229  * \param buf      Buffer to write to
230  * \param size     Maximum size of buffer
231  * \param prefix   A line prefix
232  * \param crt      The X509 certificate to represent
233  *
234  * \return         The length of the string written (not including the
235  *                 terminated nul byte), or a negative error code.
236  */
237 int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
238                    const mbedtls_x509_crt *crt );
239 
240 /**
241  * \brief          Returns an informational string about the
242  *                 verification status of a certificate.
243  *
244  * \param buf      Buffer to write to
245  * \param size     Maximum size of buffer
246  * \param prefix   A line prefix
247  * \param flags    Verification flags created by mbedtls_x509_crt_verify()
248  *
249  * \return         The length of the string written (not including the
250  *                 terminated nul byte), or a negative error code.
251  */
252 int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
253                           uint32_t flags );
254 
255 /**
256  * \brief          Verify the certificate signature
257  *
258  *                 The verify callback is a user-supplied callback that
259  *                 can clear / modify / add flags for a certificate. If set,
260  *                 the verification callback is called for each
261  *                 certificate in the chain (from the trust-ca down to the
262  *                 presented crt). The parameters for the callback are:
263  *                 (void *parameter, mbedtls_x509_crt *crt, int certificate_depth,
264  *                 int *flags). With the flags representing current flags for
265  *                 that specific certificate and the certificate depth from
266  *                 the bottom (Peer cert depth = 0).
267  *
268  *                 All flags left after returning from the callback
269  *                 are also returned to the application. The function should
270  *                 return 0 for anything but a fatal error.
271  *
272  * \note           In case verification failed, the results can be displayed
273  *                 using \c mbedtls_x509_crt_verify_info()
274  *
275  * \note           Same as \c mbedtls_x509_crt_verify_with_profile() with the
276  *                 default security profile.
277  *
278  * \note           It is your responsibility to provide up-to-date CRLs for
279  *                 all trusted CAs. If no CRL is provided for the CA that was
280  *                 used to sign the certificate, CRL verification is skipped
281  *                 silently, that is *without* setting any flag.
282  *
283  * \param crt      a certificate (chain) to be verified
284  * \param trust_ca the list of trusted CAs
285  * \param ca_crl   the list of CRLs for trusted CAs (see note above)
286  * \param cn       expected Common Name (can be set to
287  *                 NULL if the CN must not be verified)
288  * \param flags    result of the verification
289  * \param f_vrfy   verification function
290  * \param p_vrfy   verification parameter
291  *
292  * \return         0 if successful or MBEDTLS_ERR_X509_CERT_VERIFY_FAILED
293  *                 in which case *flags will have one or more
294  *                 MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX flags
295  *                 set,
296  *                 or another error in case of a fatal error encountered
297  *                 during the verification process.
298  */
299 int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
300                      mbedtls_x509_crt *trust_ca,
301                      mbedtls_x509_crl *ca_crl,
302                      const char *cn, uint32_t *flags,
303                      int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
304                      void *p_vrfy );
305 
306 /**
307  * \brief          Verify the certificate signature according to profile
308  *
309  * \note           Same as \c mbedtls_x509_crt_verify(), but with explicit
310  *                 security profile.
311  *
312  * \note           The restrictions on keys (RSA minimum size, allowed curves
313  *                 for ECDSA) apply to all certificates: trusted root,
314  *                 intermediate CAs if any, and end entity certificate.
315  *
316  * \param crt      a certificate (chain) to be verified
317  * \param trust_ca the list of trusted CAs
318  * \param ca_crl   the list of CRLs for trusted CAs
319  * \param profile  security profile for verification
320  * \param cn       expected Common Name (can be set to
321  *                 NULL if the CN must not be verified)
322  * \param flags    result of the verification
323  * \param f_vrfy   verification function
324  * \param p_vrfy   verification parameter
325  *
326  * \return         0 if successful or MBEDTLS_ERR_X509_CERT_VERIFY_FAILED
327  *                 in which case *flags will have one or more
328  *                 MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX flags
329  *                 set,
330  *                 or another error in case of a fatal error encountered
331  *                 during the verification process.
332  */
333 int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
334                      mbedtls_x509_crt *trust_ca,
335                      mbedtls_x509_crl *ca_crl,
336                      const mbedtls_x509_crt_profile *profile,
337                      const char *cn, uint32_t *flags,
338                      int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
339                      void *p_vrfy );
340 
341 #if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
342 /**
343  * \brief          Check usage of certificate against keyUsage extension.
344  *
345  * \param crt      Leaf certificate used.
346  * \param usage    Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT
347  *                 before using the certificate to perform an RSA key
348  *                 exchange).
349  *
350  * \note           Except for decipherOnly and encipherOnly, a bit set in the
351  *                 usage argument means this bit MUST be set in the
352  *                 certificate. For decipherOnly and encipherOnly, it means
353  *                 that bit MAY be set.
354  *
355  * \return         0 is these uses of the certificate are allowed,
356  *                 MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension
357  *                 is present but does not match the usage argument.
358  *
359  * \note           You should only call this function on leaf certificates, on
360  *                 (intermediate) CAs the keyUsage extension is automatically
361  *                 checked by \c mbedtls_x509_crt_verify().
362  */
363 int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
364                                       unsigned int usage );
365 #endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */
366 
367 #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
368 /**
369  * \brief          Check usage of certificate against extentedJeyUsage.
370  *
371  * \param crt      Leaf certificate used.
372  * \param usage_oid Intended usage (eg MBEDTLS_OID_SERVER_AUTH or MBEDTLS_OID_CLIENT_AUTH).
373  * \param usage_len Length of usage_oid (eg given by MBEDTLS_OID_SIZE()).
374  *
375  * \return         0 if this use of the certificate is allowed,
376  *                 MBEDTLS_ERR_X509_BAD_INPUT_DATA if not.
377  *
378  * \note           Usually only makes sense on leaf certificates.
379  */
380 int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
381                                        const char *usage_oid,
382                                        size_t usage_len );
383 #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) */
384 
385 #if defined(MBEDTLS_X509_CRL_PARSE_C)
386 /**
387  * \brief          Verify the certificate revocation status
388  *
389  * \param crt      a certificate to be verified
390  * \param crl      the CRL to verify against
391  *
392  * \return         1 if the certificate is revoked, 0 otherwise
393  *
394  */
395 int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl );
396 #endif /* MBEDTLS_X509_CRL_PARSE_C */
397 
398 /**
399  * \brief          Initialize a certificate (chain)
400  *
401  * \param crt      Certificate chain to initialize
402  */
403 void mbedtls_x509_crt_init( mbedtls_x509_crt *crt );
404 
405 /**
406  * \brief          Unallocate all certificate data
407  *
408  * \param crt      Certificate chain to free
409  */
410 void mbedtls_x509_crt_free( mbedtls_x509_crt *crt );
411 #endif /* MBEDTLS_X509_CRT_PARSE_C */
412 
413 /* \} name */
414 /* \} addtogroup x509_module */
415 
416 #if defined(MBEDTLS_X509_CRT_WRITE_C)
417 /**
418  * \brief           Initialize a CRT writing context
419  *
420  * \param ctx       CRT context to initialize
421  */
422 void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx );
423 
424 /**
425  * \brief           Set the verion for a Certificate
426  *                  Default: MBEDTLS_X509_CRT_VERSION_3
427  *
428  * \param ctx       CRT context to use
429  * \param version   version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or
430  *                                  MBEDTLS_X509_CRT_VERSION_3)
431  */
432 void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version );
433 
434 /**
435  * \brief           Set the serial number for a Certificate.
436  *
437  * \param ctx       CRT context to use
438  * \param serial    serial number to set
439  *
440  * \return          0 if successful
441  */
442 int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial );
443 
444 /**
445  * \brief           Set the validity period for a Certificate
446  *                  Timestamps should be in string format for UTC timezone
447  *                  i.e. "YYYYMMDDhhmmss"
448  *                  e.g. "20131231235959" for December 31st 2013
449  *                       at 23:59:59
450  *
451  * \param ctx       CRT context to use
452  * \param not_before    not_before timestamp
453  * \param not_after     not_after timestamp
454  *
455  * \return          0 if timestamp was parsed successfully, or
456  *                  a specific error code
457  */
458 int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before,
459                                 const char *not_after );
460 
461 /**
462  * \brief           Set the issuer name for a Certificate
463  *                  Issuer names should contain a comma-separated list
464  *                  of OID types and values:
465  *                  e.g. "C=UK,O=ARM,CN=mbed TLS CA"
466  *
467  * \param ctx           CRT context to use
468  * \param issuer_name   issuer name to set
469  *
470  * \return          0 if issuer name was parsed successfully, or
471  *                  a specific error code
472  */
473 int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
474                                    const char *issuer_name );
475 
476 /**
477  * \brief           Set the subject name for a Certificate
478  *                  Subject names should contain a comma-separated list
479  *                  of OID types and values:
480  *                  e.g. "C=UK,O=ARM,CN=mbed TLS Server 1"
481  *
482  * \param ctx           CRT context to use
483  * \param subject_name  subject name to set
484  *
485  * \return          0 if subject name was parsed successfully, or
486  *                  a specific error code
487  */
488 int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
489                                     const char *subject_name );
490 
491 /**
492  * \brief           Set the subject public key for the certificate
493  *
494  * \param ctx       CRT context to use
495  * \param key       public key to include
496  */
497 void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
498 
499 /**
500  * \brief           Set the issuer key used for signing the certificate
501  *
502  * \param ctx       CRT context to use
503  * \param key       private key to sign with
504  */
505 void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
506 
507 /**
508  * \brief           Set the MD algorithm to use for the signature
509  *                  (e.g. MBEDTLS_MD_SHA1)
510  *
511  * \param ctx       CRT context to use
512  * \param md_alg    MD algorithm to use
513  */
514 void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg );
515 
516 /**
517  * \brief           Generic function to add to or replace an extension in the
518  *                  CRT
519  *
520  * \param ctx       CRT context to use
521  * \param oid       OID of the extension
522  * \param oid_len   length of the OID
523  * \param critical  if the extension is critical (per the RFC's definition)
524  * \param val       value of the extension OCTET STRING
525  * \param val_len   length of the value data
526  *
527  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
528  */
529 int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
530                                  const char *oid, size_t oid_len,
531                                  int critical,
532                                  const unsigned char *val, size_t val_len );
533 
534 /**
535  * \brief           Set the basicConstraints extension for a CRT
536  *
537  * \param ctx       CRT context to use
538  * \param is_ca     is this a CA certificate
539  * \param max_pathlen   maximum length of certificate chains below this
540  *                      certificate (only for CA certificates, -1 is
541  *                      inlimited)
542  *
543  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
544  */
545 int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
546                                          int is_ca, int max_pathlen );
547 
548 #if defined(MBEDTLS_SHA1_C)
549 /**
550  * \brief           Set the subjectKeyIdentifier extension for a CRT
551  *                  Requires that mbedtls_x509write_crt_set_subject_key() has been
552  *                  called before
553  *
554  * \param ctx       CRT context to use
555  *
556  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
557  */
558 int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx );
559 
560 /**
561  * \brief           Set the authorityKeyIdentifier extension for a CRT
562  *                  Requires that mbedtls_x509write_crt_set_issuer_key() has been
563  *                  called before
564  *
565  * \param ctx       CRT context to use
566  *
567  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
568  */
569 int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx );
570 #endif /* MBEDTLS_SHA1_C */
571 
572 /**
573  * \brief           Set the Key Usage Extension flags
574  *                  (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)
575  *
576  * \param ctx       CRT context to use
577  * \param key_usage key usage flags to set
578  *
579  * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
580  */
581 int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
582                                          unsigned int key_usage );
583 
584 /**
585  * \brief           Set the Netscape Cert Type flags
586  *                  (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)
587  *
588  * \param ctx           CRT context to use
589  * \param ns_cert_type  Netscape Cert Type flags to set
590  *
591  * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
592  */
593 int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
594                                     unsigned char ns_cert_type );
595 
596 /**
597  * \brief           Free the contents of a CRT write context
598  *
599  * \param ctx       CRT context to free
600  */
601 void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx );
602 
603 /**
604  * \brief           Write a built up certificate to a X509 DER structure
605  *                  Note: data is written at the end of the buffer! Use the
606  *                        return value to determine where you should start
607  *                        using the buffer
608  *
609  * \param ctx       certificate to write away
610  * \param buf       buffer to write to
611  * \param size      size of the buffer
612  * \param f_rng     RNG function (for signature, see note)
613  * \param p_rng     RNG parameter
614  *
615  * \return          length of data written if successful, or a specific
616  *                  error code
617  *
618  * \note            f_rng may be NULL if RSA is used for signature and the
619  *                  signature is made offline (otherwise f_rng is desirable
620  *                  for countermeasures against timing attacks).
621  *                  ECDSA signatures always require a non-NULL f_rng.
622  */
623 int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
624                        int (*f_rng)(void *, unsigned char *, size_t),
625                        void *p_rng );
626 
627 #if defined(MBEDTLS_PEM_WRITE_C)
628 /**
629  * \brief           Write a built up certificate to a X509 PEM string
630  *
631  * \param ctx       certificate to write away
632  * \param buf       buffer to write to
633  * \param size      size of the buffer
634  * \param f_rng     RNG function (for signature, see note)
635  * \param p_rng     RNG parameter
636  *
637  * \return          0 if successful, or a specific error code
638  *
639  * \note            f_rng may be NULL if RSA is used for signature and the
640  *                  signature is made offline (otherwise f_rng is desirable
641  *                  for countermeasures against timing attacks).
642  *                  ECDSA signatures always require a non-NULL f_rng.
643  */
644 int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
645                        int (*f_rng)(void *, unsigned char *, size_t),
646                        void *p_rng );
647 #endif /* MBEDTLS_PEM_WRITE_C */
648 #endif /* MBEDTLS_X509_CRT_WRITE_C */
649 
650 #ifdef __cplusplus
651 }
652 #endif
653 
654 #endif /* mbedtls_x509_crt.h */
655