zh/hitls__pki__x509_8h_source.html

/*

 * This file is part of the openHiTLS project.

 *

 * openHiTLS is licensed under the Mulan PSL v2.

 * You can use this software according to the terms and conditions of the Mulan PSL v2.

 * You may obtain a copy of Mulan PSL v2 at:

 *

 *     http://license.coscl.org.cn/MulanPSL2

 *

 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,

 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,

 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.

 * See the Mulan PSL v2 for more details.

 */


#ifndef HITLS_PKI_X509_H

#define HITLS_PKI_X509_H


#include "hitls_pki_cert.h"

#include "hitls_pki_crl.h"


#ifdef __cplusplus

extern "C" {

#endif


typedef struct _HITLS_X509_StoreCtx HITLS_X509_StoreCtx;


typedef int32_t (*X509_STORECTX_VerifyCb)(int32_t, HITLS_X509_StoreCtx *);


HITLS_X509_StoreCtx *HITLS_X509_StoreCtxNew(void);


HITLS_X509_StoreCtx *HITLS_X509_ProviderStoreCtxNew(HITLS_PKI_LibCtx *libCtx, const char *attrName);


void HITLS_X509_StoreCtxFree(HITLS_X509_StoreCtx *storeCtx);


int32_t HITLS_X509_StoreCtxCtrl(HITLS_X509_StoreCtx *storeCtx, int32_t cmd, void *val, uint32_t valLen);


int32_t HITLS_X509_CertVerify(HITLS_X509_StoreCtx *storeCtx, HITLS_X509_List *chain);


int32_t HITLS_X509_CertVerifyByPubKey(HITLS_X509_Cert *cert, CRYPT_EAL_PkeyCtx *pubKey);


int32_t HITLS_X509_CertChainBuild(HITLS_X509_StoreCtx *storeCtx, bool isWithRoot, HITLS_X509_Cert *cert,

    HITLS_X509_List **chain);


int32_t HITLS_X509_VerifyHostname(HITLS_X509_Cert *cert, uint32_t flags, const char *hostname, uint32_t hostnameLen);


int32_t HITLS_X509_CheckKey(HITLS_X509_Cert *cert, CRYPT_EAL_PkeyCtx *prvKey);


#ifdef __cplusplus

}

#endif


#endif // HITLS_PKI_X509_H

CRYPT_EAL_PkeyCtx
struct EAL_PkeyCtx CRYPT_EAL_PkeyCtx
定义 crypt_eal_pkey.h:108

HITLS_X509_StoreCtxFree
void HITLS_X509_StoreCtxFree(HITLS_X509_StoreCtx *storeCtx)
Release the StoreCtx.

HITLS_X509_ProviderStoreCtxNew
HITLS_X509_StoreCtx * HITLS_X509_ProviderStoreCtxNew(HITLS_PKI_LibCtx *libCtx, const char *attrName)
Create a new X509 store object using the provider mechanism

HITLS_X509_CertVerifyByPubKey
int32_t HITLS_X509_CertVerifyByPubKey(HITLS_X509_Cert *cert, CRYPT_EAL_PkeyCtx *pubKey)
Verify a single certificate's signature using an external public key.

HITLS_X509_StoreCtxCtrl
int32_t HITLS_X509_StoreCtxCtrl(HITLS_X509_StoreCtx *storeCtx, int32_t cmd, void *val, uint32_t valLen)
Generic function to process StoreCtx.

HITLS_X509_CertVerify
int32_t HITLS_X509_CertVerify(HITLS_X509_StoreCtx *storeCtx, HITLS_X509_List *chain)
Certificate chain verify function.

HITLS_X509_CertChainBuild
int32_t HITLS_X509_CertChainBuild(HITLS_X509_StoreCtx *storeCtx, bool isWithRoot, HITLS_X509_Cert *cert, HITLS_X509_List **chain)
Certificate chain build function.

X509_STORECTX_VerifyCb
int32_t(* X509_STORECTX_VerifyCb)(int32_t, HITLS_X509_StoreCtx *)
Certificate chain build function.
定义 hitls_pki_x509.h:39

HITLS_X509_StoreCtxNew
HITLS_X509_StoreCtx * HITLS_X509_StoreCtxNew(void)
Allocate a StoreCtx.

HITLS_X509_CheckKey
int32_t HITLS_X509_CheckKey(HITLS_X509_Cert *cert, CRYPT_EAL_PkeyCtx *prvKey)
Verify that a certificate's public key matches a given private key.

HITLS_X509_VerifyHostname
int32_t HITLS_X509_VerifyHostname(HITLS_X509_Cert *cert, uint32_t flags, const char *hostname, uint32_t hostnameLen)
Verifies a certificate's hostname according to RFC6125 and RFC9525. It first checks for a matching dN...