libcoap 4.3.5-develop-72190a8
Loading...
Searching...
No Matches
coap_dtls_pki_t Struct Reference

The structure used for defining the PKI setup data to be used. More...

#include <coap_dtls.h>

+ Collaboration diagram for coap_dtls_pki_t:

Data Fields

uint8_t version
 
uint8_t verify_peer_cert
 Set to COAP_DTLS_PKI_SETUP_VERSION to support this version of the struct.
 
uint8_t check_common_ca
 1 if peer cert is to be signed by the same CA as the local cert
 
uint8_t allow_self_signed
 1 if self-signed certs are allowed.
 
uint8_t allow_expired_certs
 1 if expired certs are allowed
 
uint8_t cert_chain_validation
 1 if to check cert_chain_verify_depth
 
uint8_t cert_chain_verify_depth
 recommended depth is 3
 
uint8_t check_cert_revocation
 1 if revocation checks wanted
 
uint8_t allow_no_crl
 1 ignore if CRL not there
 
uint8_t allow_expired_crl
 1 if expired crl is allowed
 
uint8_t allow_bad_md_hash
 1 if unsupported MD hashes are allowed
 
uint8_t allow_short_rsa_length
 1 if small RSA keysizes are allowed
 
uint8_t is_rpk_not_cert
 1 is RPK instead of Public Certificate.
 
uint8_t use_cid
 1 if DTLS Connection ID is to be used (Client only, server always enabled) if supported
 
uint8_t reserved [2]
 Reserved - must be set to 0 for future compatibility.
 
coap_dtls_cn_callback_t validate_cn_call_back
 CN check callback function.
 
void * cn_call_back_arg
 Passed in to the CN callback function.
 
coap_dtls_pki_sni_callback_t validate_sni_call_back
 SNI check callback function.
 
void * sni_call_back_arg
 Passed in to the sni callback function.
 
coap_dtls_security_setup_t additional_tls_setup_call_back
 Additional Security callback handler that is invoked when libcoap has done the standard, defined validation checks at the TLS level, If not NULL, called from within the TLS Client Hello connection setup.
 
char * client_sni
 If not NULL, SNI to use in client TLS setup.
 
coap_dtls_key_t pki_key
 PKI key definition.
 

Detailed Description

The structure used for defining the PKI setup data to be used.

Definition at line 312 of file coap_dtls.h.

Field Documentation

◆ additional_tls_setup_call_back

coap_dtls_security_setup_t coap_dtls_pki_t::additional_tls_setup_call_back

Additional Security callback handler that is invoked when libcoap has done the standard, defined validation checks at the TLS level, If not NULL, called from within the TLS Client Hello connection setup.

Definition at line 366 of file coap_dtls.h.

◆ allow_bad_md_hash

uint8_t coap_dtls_pki_t::allow_bad_md_hash

1 if unsupported MD hashes are allowed

Definition at line 328 of file coap_dtls.h.

◆ allow_expired_certs

uint8_t coap_dtls_pki_t::allow_expired_certs

1 if expired certs are allowed

Definition at line 322 of file coap_dtls.h.

◆ allow_expired_crl

uint8_t coap_dtls_pki_t::allow_expired_crl

1 if expired crl is allowed

Definition at line 327 of file coap_dtls.h.

◆ allow_no_crl

uint8_t coap_dtls_pki_t::allow_no_crl

1 ignore if CRL not there

Definition at line 326 of file coap_dtls.h.

◆ allow_self_signed

uint8_t coap_dtls_pki_t::allow_self_signed

1 if self-signed certs are allowed.

Ignored if check_common_ca set

Definition at line 320 of file coap_dtls.h.

◆ allow_short_rsa_length

uint8_t coap_dtls_pki_t::allow_short_rsa_length

1 if small RSA keysizes are allowed

Definition at line 329 of file coap_dtls.h.

◆ cert_chain_validation

uint8_t coap_dtls_pki_t::cert_chain_validation

1 if to check cert_chain_verify_depth

Definition at line 323 of file coap_dtls.h.

◆ cert_chain_verify_depth

uint8_t coap_dtls_pki_t::cert_chain_verify_depth

recommended depth is 3

Definition at line 324 of file coap_dtls.h.

◆ check_cert_revocation

uint8_t coap_dtls_pki_t::check_cert_revocation

1 if revocation checks wanted

Definition at line 325 of file coap_dtls.h.

◆ check_common_ca

uint8_t coap_dtls_pki_t::check_common_ca

1 if peer cert is to be signed by the same CA as the local cert

Definition at line 318 of file coap_dtls.h.

◆ client_sni

char* coap_dtls_pki_t::client_sni

If not NULL, SNI to use in client TLS setup.

Owned by the client app and must remain valid during the call to coap_new_client_session_pki(). Note: Ignored if literal IPv4 or IPv6 address.

Definition at line 368 of file coap_dtls.h.

◆ cn_call_back_arg

void* coap_dtls_pki_t::cn_call_back_arg

Passed in to the CN callback function.

Definition at line 351 of file coap_dtls.h.

◆ is_rpk_not_cert

uint8_t coap_dtls_pki_t::is_rpk_not_cert

1 is RPK instead of Public Certificate.

If set, PKI key format type cannot be COAP_PKI_KEY_PEM

Definition at line 330 of file coap_dtls.h.

◆ pki_key

coap_dtls_key_t coap_dtls_pki_t::pki_key

PKI key definition.

Definition at line 373 of file coap_dtls.h.

◆ reserved

uint8_t coap_dtls_pki_t::reserved[2]

Reserved - must be set to 0 for future compatibility.

Definition at line 336 of file coap_dtls.h.

◆ sni_call_back_arg

void* coap_dtls_pki_t::sni_call_back_arg

Passed in to the sni callback function.

Definition at line 359 of file coap_dtls.h.

◆ use_cid

uint8_t coap_dtls_pki_t::use_cid

1 if DTLS Connection ID is to be used (Client only, server always enabled) if supported

Definition at line 333 of file coap_dtls.h.

◆ validate_cn_call_back

coap_dtls_cn_callback_t coap_dtls_pki_t::validate_cn_call_back

CN check callback function.

If not NULL, is called when the TLS connection has passed the configured TLS options above for the application to verify if the CN is valid.

Definition at line 350 of file coap_dtls.h.

◆ validate_sni_call_back

coap_dtls_pki_sni_callback_t coap_dtls_pki_t::validate_sni_call_back

SNI check callback function.

If not NULL, called if the SNI is not previously seen and prior to sending a certificate set back to the client so that the appropriate certificate set can be used based on the requesting SNI.

Definition at line 358 of file coap_dtls.h.

◆ verify_peer_cert

uint8_t coap_dtls_pki_t::verify_peer_cert

Set to COAP_DTLS_PKI_SETUP_VERSION to support this version of the struct.

1 if peer cert is to be verified

Definition at line 317 of file coap_dtls.h.

◆ version

uint8_t coap_dtls_pki_t::version

Definition at line 313 of file coap_dtls.h.


The documentation for this struct was generated from the following file: