Struct esp_idf_sys::mbedtls_x509_crt_profile

#[repr(C)]pub struct mbedtls_x509_crt_profile {
    pub allowed_mds: u32,
    pub allowed_pks: u32,
    pub allowed_curves: u32,
    pub rsa_min_bitlen: u32,
}

Expand description

Security profile for certificate verification.

All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().

The fields of this structure are part of the public API and can be manipulated directly by applications. Future versions of the library may add extra fields or reorder existing fields.

You can create custom profiles by starting from a copy of an existing profile, such as mbedtls_x509_crt_profile_default or mbedtls_x509_ctr_profile_none and then tune it to your needs.

For example to allow SHA-224 in addition to the default:

mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default; my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 );

Or to allow only RSA-3072+ with SHA-256:

mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_none; my_profile.allowed_mds = MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ); my_profile.allowed_pks = MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA ); my_profile.rsa_min_bitlen = 3072;

Fields§

§allowed_mds: u32

< MDs for signatures

§allowed_pks: u32

< PK algs for public keys; this applies to all certificates in the provided chain.

§allowed_curves: u32

< Elliptic curves for ECDSA

§rsa_min_bitlen: u32

< Minimum size for RSA keys

Trait Implementations§

impl Clone for mbedtls_x509_crt_profile

fn clone(&self) -> mbedtls_x509_crt_profile

Returns a copy of the value. Read more

1.0.0§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for mbedtls_x509_crt_profile

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl Default for mbedtls_x509_crt_profile

fn default() -> mbedtls_x509_crt_profile

Returns the “default value” for a type. Read more

impl Copy for mbedtls_x509_crt_profile

Auto Trait Implementations§

impl RefUnwindSafe for mbedtls_x509_crt_profile

impl Send for mbedtls_x509_crt_profile

impl Sync for mbedtls_x509_crt_profile

impl Unpin for mbedtls_x509_crt_profile

impl UnwindSafe for mbedtls_x509_crt_profile

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of [From]<T> for U chooses to do.

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.