Include dependency graph for lc_x509_parser.h:
This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Macros | |
| #define | LC_X509_KEYS_SPHINCS_ON_STACK(name) |
| Allocate memory for struct lc_x509_keys_data holding Sphincs Plus keys on stack. | |
| #define | LC_X509_KEYS_DILITHIUM_ON_STACK(name) |
| Allocate memory for struct lc_x509_keys_data holding Dilithium keys on stack. | |
| #define | LC_X509_KEYS_DILITHIUM_ED25519_ON_STACK(name) |
| Allocate memory for struct lc_x509_keys_data holding Dilithium-ED25519 keys on stack. | |
| #define | LC_X509_KEYS_DILITHIUM_ED448_ON_STACK(name) |
| Allocate memory for struct lc_x509_keys_data holding Dilithium-ED448 keys on stack. | |
| #define | LC_X509_KEYS_ON_STACK(name) |
| Allocate memory for struct lc_x509_keys_data holding any kind of key type on stack. | |
| #define | LC_X509_POL_TRUE 1 |
| #define | LC_X509_POL_FALSE 0 |
Typedefs | |
| typedef int | lc_x509_pol_ret_t |
Functions | |
| void | lc_x509_cert_clear (struct lc_x509_certificate *cert) |
| Clear the resources used by the X.509 certificate parsing state. | |
| int | lc_x509_cert_decode (struct lc_x509_certificate *cert, const uint8_t *data, size_t datalen) |
| Decode an X.509 certificate. | |
| static void | lc_x509_keys_zero (struct lc_x509_key_data *keys) |
| Zeroize Dilithium context allocated with LC_X509_KEYS*_ON_STACK. | |
| int | lc_x509_keys_dilithium_ed25519_alloc (struct lc_x509_key_data **keys) |
| Allocate memory for struct lc_x509_keys_data holding Dilithium-ED25519 keys on heap. | |
| int | lc_x509_keys_dilithium_ed448_alloc (struct lc_x509_key_data **keys) |
| Allocate memory for struct lc_x509_keys_data holding Dilithium-ED448 keys on heap. | |
| int | lc_x509_keys_dilithium_alloc (struct lc_x509_key_data **keys) |
| Allocate memory for struct lc_x509_keys_data holding Dilithium keys on heap. | |
| int | lc_x509_keys_sphincs_alloc (struct lc_x509_key_data **keys) |
| Allocate memory for struct lc_x509_keys_data holding Sphincs Plus keys on heap. | |
| int | lc_x509_keys_alloc (struct lc_x509_key_data **keys) |
| Allocate memory for struct lc_x509_keys_data holding holding any kind of key type on heap. | |
| void | lc_x509_keys_zero_free (struct lc_x509_key_data *keys) |
| Zeroize and free keys buffer. | |
| int | lc_x509_sk_decode (struct lc_x509_key_data *key, enum lc_sig_types key_type, const uint8_t *data, size_t datalen) |
| Decode a private key in DER format. | |
| int | lc_x509_pk_decode (struct lc_x509_key_data *key, enum lc_sig_types key_type, const uint8_t *data, size_t datalen) |
| Decode a public key in raw format. | |
| int | lc_x509_signature_verify (const uint8_t *sig_data, size_t siglen, const struct lc_x509_certificate *cert, const uint8_t *m, size_t mlen, const struct lc_hash *prehash_algo) |
| Verify signature over user-supplied data. | |
| int | lc_x509_cert_load_pk_dilithium_ed25519 (struct lc_dilithium_ed25519_pk *dilithium_ed25519_pk, const uint8_t *pk_ptr, size_t pk_len) |
| Parse a Composite ML-DSA ASN.1 structure into a public key structure. | |
| int | lc_x509_cert_load_pk_dilithium_ed448 (struct lc_dilithium_ed448_pk *dilithium_ed448_pk, const uint8_t *pk_ptr, size_t pk_len) |
| Parse a Composite ML-DSA ASN.1 structure into a public key structure. | |
| int | lc_x509_cert_get_pubkey (const struct lc_x509_certificate *cert, const uint8_t **pk, size_t *pk_size, enum lc_sig_types *key_type) |
| Get a reference of the public key data. | |
| int | lc_x509_cert_get_eku (const struct lc_x509_certificate *cert, const char ***eku_names, unsigned int *num_eku) |
| Get the extended key usage in human readable form. | |
| int | lc_x509_cert_get_eku_val (const struct lc_x509_certificate *cert, uint16_t *val) |
| Get the extended key usage in integer form. | |
| int | lc_x509_cert_get_keyusage (const struct lc_x509_certificate *cert, const char ***keyusage_names, unsigned int *num_keyusage) |
| Get the key usage in human readable form. | |
| int | lc_x509_cert_get_keyusage_val (const struct lc_x509_certificate *cert, uint16_t *val) |
| Get the key usage in integer form. | |
| int | lc_x509_cert_get_san_dns (const struct lc_x509_certificate *cert, const char **san_dns_name, size_t *san_dns_len) |
| Get the SAN DNS name. | |
| int | lc_x509_cert_get_san_ip (const struct lc_x509_certificate *cert, const uint8_t **san_ip, size_t *san_ip_len) |
| Get the SAN IP value. | |
| int | lc_x509_dec_san_ip (const uint8_t *ip, size_t ip_len, char *ip_name, size_t ip_name_len) |
| Helper to convert the binary IP address value into human-readable form. | |
| int | lc_x509_cert_get_skid (const struct lc_x509_certificate *cert, const uint8_t **skid, size_t *skidlen) |
| Get the SKID value. | |
| int | lc_x509_cert_get_akid (const struct lc_x509_certificate *cert, const uint8_t **akid, size_t *akidlen) |
| Get the AKID value. | |
| int | lc_x509_cert_get_valid_from (const struct lc_x509_certificate *cert, time64_t *time_since_epoch) |
| Get the valid-from data from the certificate. | |
| int | lc_x509_cert_get_valid_to (const struct lc_x509_certificate *cert, time64_t *time_since_epoch) |
| Get the valid-to data from the certificate. | |
| int | lc_x509_cert_get_subject_cn (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the subject CN field from the certificate. | |
| int | lc_x509_cert_get_subject_email (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the subject email field from the certificate. | |
| int | lc_x509_cert_get_subject_ou (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the subject OU field from the certificate. | |
| int | lc_x509_cert_get_subject_o (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the subject O field from the certificate. | |
| int | lc_x509_cert_get_subject_st (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the subject ST field from the certificate. | |
| int | lc_x509_cert_get_subject_c (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the subject C field from the certificate. | |
| int | lc_x509_cert_get_issuer_cn (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the issuer CN field from the certificate. | |
| int | lc_x509_cert_get_issuer_email (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the issuer email field from the certificate. | |
| int | lc_x509_cert_get_issuer_ou (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the issuer OU field from the certificate. | |
| int | lc_x509_cert_get_issuer_o (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the issuer O field from the certificate. | |
| int | lc_x509_cert_get_issuer_st (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the issuer ST field from the certificate. | |
| int | lc_x509_cert_get_issuer_c (const struct lc_x509_certificate *cert, const char **string, size_t *string_len) |
| Get the issuer C field from the certificate. | |
| int | lc_x509_cert_get_serial (const struct lc_x509_certificate *cert, const uint8_t **serial, size_t *serial_len) |
| Get the serial number of the certificate. | |
| lc_x509_pol_ret_t | lc_x509_policy_is_ca (const struct lc_x509_certificate *cert) |
| Is the given certificate a CA certificate (root or intermediate)? | |
| lc_x509_pol_ret_t | lc_x509_policy_can_validate_crls (const struct lc_x509_certificate *cert) |
| Can the given certificate validate CRLs? | |
| lc_x509_pol_ret_t | lc_x509_policy_is_selfsigned (const struct lc_x509_certificate *cert) |
| Is the given certificate a self-signed certificate? | |
| lc_x509_pol_ret_t | lc_x509_policy_is_root_ca (const struct lc_x509_certificate *cert) |
| Is the given certificate a root CA certificate? | |
| lc_x509_pol_ret_t | lc_x509_policy_match_akid (const struct lc_x509_certificate *cert, const uint8_t *reference_akid, size_t reference_akid_len) |
| Does the given AKID match the certificate AKID? | |
| lc_x509_pol_ret_t | lc_x509_policy_match_skid (const struct lc_x509_certificate *cert, const uint8_t *reference_skid, size_t reference_skid_len) |
| Does the given SKID match the certificate SKID? | |
| lc_x509_pol_ret_t | lc_x509_policy_match_key_usage (const struct lc_x509_certificate *cert, uint16_t required_key_usage) |
| Check if set of required key usage flags are present. | |
| lc_x509_pol_ret_t | lc_x509_policy_match_extended_key_usage (const struct lc_x509_certificate *cert, uint16_t required_eku) |
| Check if set of required extended key usage flags are present. | |
| lc_x509_pol_ret_t | lc_x509_policy_time_valid (const struct lc_x509_certificate *cert, time64_t current_time) |
| Check if the given time falls within the range of the certificate validity time. | |
| lc_x509_pol_ret_t | lc_x509_policy_cert_valid (const struct lc_x509_certificate *cert) |
| Check if certificate is valid. | |
| int | lc_x509_policy_verify_cert (const struct lc_public_key *pkey, const struct lc_x509_certificate *cert, uint64_t flags) |
| Verification of an X.509 certificate against a public key. | |
Macro Definition Documentation
◆ LC_X509_POL_FALSE
| #define LC_X509_POL_FALSE 0 |
X.509 Policy checks: "False" result
Definition at line 888 of file lc_x509_parser.h.
◆ LC_X509_POL_TRUE
| #define LC_X509_POL_TRUE 1 |
X.509 Policy checks: "True" result
Definition at line 885 of file lc_x509_parser.h.
Typedef Documentation
◆ lc_x509_pol_ret_t
| typedef int lc_x509_pol_ret_t |
X.509 Policy checks: returns True or False, or a POSIX error
Definition at line 882 of file lc_x509_parser.h.
Function Documentation
◆ lc_x509_keys_zero()
|
inlinestatic |
Zeroize Dilithium context allocated with LC_X509_KEYS*_ON_STACK.
- Parameters
-
[in] keys Keys to be zeroized
Definition at line 275 of file lc_x509_parser.h.
Generated by
1.15.0