libcoap
4.2.1
|
The structure used for defining the PKI setup data to be used. More...
#include <coap_dtls.h>
Data Fields | |
uint8_t | version |
uint8_t | verify_peer_cert |
Set to 1 to support this version of the struct. More... | |
uint8_t | require_peer_cert |
1 if peer cert is required More... | |
uint8_t | allow_self_signed |
1 if self signed certs are allowed More... | |
uint8_t | allow_expired_certs |
1 if expired certs are allowed More... | |
uint8_t | cert_chain_validation |
1 if to check cert_chain_verify_depth More... | |
uint8_t | cert_chain_verify_depth |
recommended depth is 3 More... | |
uint8_t | check_cert_revocation |
1 if revocation checks wanted More... | |
uint8_t | allow_no_crl |
1 ignore if CRL not there More... | |
uint8_t | allow_expired_crl |
1 if expired crl is allowed More... | |
uint8_t | reserved [6] |
Reserved - must be set to 0 for future compatibility. More... | |
coap_dtls_cn_callback_t | validate_cn_call_back |
CN check call-back function. More... | |
void * | cn_call_back_arg |
Passed in to the CN call-back function. More... | |
coap_dtls_sni_callback_t | validate_sni_call_back |
SNI check call-back function. More... | |
void * | sni_call_back_arg |
Passed in to the sni call-back function. More... | |
coap_dtls_security_setup_t | additional_tls_setup_call_back |
Additional Security call-back handler that is invoked when libcoap has done the standerd, defined validation checks at the TLS level, If not NULL , called from within the TLS Client Hello connection setup. More... | |
char * | client_sni |
If not NULL, SNI to use in client TLS setup. More... | |
coap_dtls_key_t | pki_key |
PKI key definition. More... | |
The structure used for defining the PKI setup data to be used.
Definition at line 193 of file coap_dtls.h.
coap_dtls_security_setup_t coap_dtls_pki_t::additional_tls_setup_call_back |
Additional Security call-back handler that is invoked when libcoap has done the standerd, defined validation checks at the TLS level, If not NULL
, called from within the TLS Client Hello connection setup.
Definition at line 236 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::allow_expired_certs |
1 if expired certs are allowed
Definition at line 200 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::allow_expired_crl |
1 if expired crl is allowed
Definition at line 205 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::allow_no_crl |
1 ignore if CRL not there
Definition at line 204 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::allow_self_signed |
1 if self signed certs are allowed
Definition at line 199 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::cert_chain_validation |
1 if to check cert_chain_verify_depth
Definition at line 201 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::cert_chain_verify_depth |
recommended depth is 3
Definition at line 202 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::check_cert_revocation |
1 if revocation checks wanted
Definition at line 203 of file coap_dtls.h.
char* coap_dtls_pki_t::client_sni |
If not NULL, SNI to use in client TLS setup.
Owned by the client app and must remain valid during the call to coap_new_client_session_pki()
Definition at line 238 of file coap_dtls.h.
void* coap_dtls_pki_t::cn_call_back_arg |
Passed in to the CN call-back function.
Definition at line 221 of file coap_dtls.h.
coap_dtls_key_t coap_dtls_pki_t::pki_key |
PKI key definition.
Definition at line 242 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::require_peer_cert |
1 if peer cert is required
Definition at line 198 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::reserved[6] |
Reserved - must be set to 0 for future compatibility.
Definition at line 206 of file coap_dtls.h.
void* coap_dtls_pki_t::sni_call_back_arg |
Passed in to the sni call-back function.
Definition at line 229 of file coap_dtls.h.
coap_dtls_cn_callback_t coap_dtls_pki_t::validate_cn_call_back |
CN check call-back function.
If not NULL, is called when the TLS connection has passed the configured TLS options above for the application to verify if the CN is valid.
Definition at line 220 of file coap_dtls.h.
coap_dtls_sni_callback_t coap_dtls_pki_t::validate_sni_call_back |
SNI check call-back function.
If not NULL
, called if the SNI is not previously seen and prior to sending a certificate set back to the client so that the appropriate certificate set can be used based on the requesting SNI.
Definition at line 228 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::verify_peer_cert |
Set to 1 to support this version of the struct.
1 if peer cert is to be verified
Definition at line 197 of file coap_dtls.h.
uint8_t coap_dtls_pki_t::version |
Definition at line 194 of file coap_dtls.h.