mbedtls_x509write_crt_set_extension() function

CRT context to use

OID of the extension

length of the OID

if the extension is critical (per the RFC's definition)

value of the extension OCTET STRING

length of the value data

Write a built up certificate to a X509 DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer

Set Subject Alternative Name

Initialize a CRT writing context

Set the version for a Certificate Default: MBEDTLS_X509_CRT_VERSION_3

Set the serial number for a Certificate.

Set the validity period for a Certificate Timestamps should be in string format for UTC timezone i.e. "YYYYMMDDhhmmss" e.g. "20131231235959" for December 31st 2013 at 23:59:59

Set the issuer name for a Certificate Issuer names should contain a comma-separated list of OID types and values: e.g. "C=UK,O=ARM,CN=Mbed TLS CA"

Set the subject name for a Certificate Subject names should contain a comma-separated list of OID types and values: e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1"

Set the subject public key for the certificate

Set the issuer key used for signing the certificate

Set the MD algorithm to use for the signature (e.g. MBEDTLS_MD_SHA1)

Set the basicConstraints extension for a CRT

Set the subjectKeyIdentifier extension for a CRT Requires that mbedtls_x509write_crt_set_subject_key() has been called before

Set the authorityKeyIdentifier extension for a CRT Requires that mbedtls_x509write_crt_set_issuer_key() has been called before

Set the Key Usage Extension flags (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)

Set the Extended Key Usage Extension (e.g. MBEDTLS_OID_SERVER_AUTH)

Set the Netscape Cert Type flags (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)

Free the contents of a CRT write context

Write a built up certificate to a X509 PEM string