xref: /third_party/libwebsockets/lib/tls/mbedtls/mbedtls-x509.c

98 lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type,
104 	if (!x509)
112 		buf->time = lws_tls_mbedtls_time_to_unix(&x509->MBEDTLS_PRIVATE_V30_ONLY(valid_from));
118 		buf->time = lws_tls_mbedtls_time_to_unix(&x509->MBEDTLS_PRIVATE_V30_ONLY(valid_to));
124 		return lws_tls_mbedtls_get_x509_name(&x509->MBEDTLS_PRIVATE_V30_ONLY(subject), buf, len);
127 		return lws_tls_mbedtls_get_x509_name(&x509->MBEDTLS_PRIVATE_V30_ONLY(issuer), buf, len);
130 		buf->usage = x509->MBEDTLS_PRIVATE(key_usage);
138 		switch (mbedtls_pk_get_type(&x509->MBEDTLS_PRIVATE_V30_ONLY(pk))) {
141 			mbedtls_rsa_context *rsa = mbedtls_pk_rsa(x509->MBEDTLS_PRIVATE_V30_ONLY(pk));
156 			mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(x509->MBEDTLS_PRIVATE_V30_ONLY(pk));
173 			lwsl_notice("%s: x509 has unsupported pubkey type %d\n",
175 				    mbedtls_pk_get_type(&x509->MBEDTLS_PRIVATE_V30_ONLY(pk)));
183 		buf->ns.len = (int)x509->MBEDTLS_PRIVATE_V30_ONLY(raw).MBEDTLS_PRIVATE_V30_ONLY(len);
185 		if (len < x509->MBEDTLS_PRIVATE_V30_ONLY(raw).MBEDTLS_PRIVATE_V30_ONLY(len))
192 		memcpy(buf->ns.name, x509->MBEDTLS_PRIVATE_V30_ONLY(raw).MBEDTLS_PRIVATE_V30_ONLY(p),
193 				x509->MBEDTLS_PRIVATE_V30_ONLY(raw).MBEDTLS_PRIVATE_V30_ONLY(len));
201 		lws_x509_get_crt_ext(x509, &skid, &akid);
217 		lws_x509_get_crt_ext(x509, &skid, &akid);
243 		lws_x509_get_crt_ext(x509, &skid, &akid);
260 		lws_x509_get_crt_ext(x509, &skid, &akid);
281 	mbedtls_x509_crt *x509;
283 	x509 = ssl_ctx_get_mbedtls_x509_crt(vhost->tls.ssl_ctx);
285 	return lws_tls_mbedtls_cert_info(x509, type, buf, len);
292 	mbedtls_x509_crt *x509;
296 	x509 = ssl_get_peer_mbedtls_x509_crt(wsi->tls.ssl);
298 	if (!x509)
306 		return lws_tls_mbedtls_cert_info(x509, type, buf, len);
314 lws_x509_info(struct lws_x509_cert *x509, enum lws_tls_cert_info type,
317 	return lws_tls_mbedtls_cert_info(&x509->cert, type, buf, len);
321 lws_x509_create(struct lws_x509_cert **x509)
323 	*x509 = lws_malloc(sizeof(**x509), __func__);
325 	return !(*x509);
334 lws_x509_parse_from_pem(struct lws_x509_cert *x509, const void *pem, size_t len)
338 	mbedtls_x509_crt_init(&x509->cert);
340 	ret = mbedtls_x509_crt_parse(&x509->cert, pem, len);
343 			mbedtls_x509_crt_free(&x509->cert);
354 lws_x509_verify(struct lws_x509_cert *x509, struct lws_x509_cert *trusted,
360 	ret = mbedtls_x509_crt_verify_with_profile(&x509->cert, &trusted->cert,
379 lws_x509_public_to_jwk(struct lws_jwk *jwk, struct lws_x509_cert *x509,
382 	int kt = (int)mbedtls_pk_get_type(&x509->cert.MBEDTLS_PRIVATE_V30_ONLY(pk)),
394 		rsactx = mbedtls_pk_rsa(x509->cert.MBEDTLS_PRIVATE_V30_ONLY(pk));
412 		ecpctx = mbedtls_pk_ec(x509->cert.MBEDTLS_PRIVATE_V30_ONLY(pk));
531 lws_x509_destroy(struct lws_x509_cert **x509)
533 	if (!*x509)
536 	mbedtls_x509_crt_free(&(*x509)->cert);
538 	lws_free_set_NULL(*x509);

Indexes created Thu Nov 07 10:32:03 CST 2024