diff options
| author | Michael Brown | 2014-03-31 02:11:06 +0200 |
|---|---|---|
| committer | Michael Brown | 2014-03-31 14:36:54 +0200 |
| commit | f10726c8bb4e09bf53d0c40b90c1a2cb434672d4 (patch) | |
| tree | c03009237acfb4fe00e334ffac244644543a0970 /src/include/ipxe/x509.h | |
| parent | [test] Add subject alternative names to X.509 server test certificate (diff) | |
| download | ipxe-f10726c8bb4e09bf53d0c40b90c1a2cb434672d4.tar.gz ipxe-f10726c8bb4e09bf53d0c40b90c1a2cb434672d4.tar.xz ipxe-f10726c8bb4e09bf53d0c40b90c1a2cb434672d4.zip | |
[crypto] Add support for subjectAltName and wildcard certificates
Originally-implemented-by: Alex Chernyakhovsky <achernya@google.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/include/ipxe/x509.h')
| -rw-r--r-- | src/include/ipxe/x509.h | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/include/ipxe/x509.h b/src/include/ipxe/x509.h index c9254723..055a4460 100644 --- a/src/include/ipxe/x509.h +++ b/src/include/ipxe/x509.h @@ -136,6 +136,18 @@ struct x509_authority_info_access { struct x509_ocsp_responder ocsp; }; +/** X.509 certificate subject alternative name */ +struct x509_subject_alt_name { + /** Names */ + struct asn1_cursor names; +}; + +/** X.509 certificate general name types */ +enum x509_general_name_types { + X509_GENERAL_NAME_DNS = ASN1_IMPLICIT_TAG ( 2 ), + X509_GENERAL_NAME_URI = ASN1_IMPLICIT_TAG ( 6 ), +}; + /** An X.509 certificate extensions set */ struct x509_extensions { /** Basic constraints */ @@ -146,6 +158,8 @@ struct x509_extensions { struct x509_extended_key_usage ext_usage; /** Authority information access */ struct x509_authority_info_access auth_info; + /** Subject alternative name */ + struct x509_subject_alt_name alt_name; }; /** A link in an X.509 certificate chain */ |