Holder for the X.509-backed TLS certificate interface. More...

#include <tlscertx509.h>

Data Fields
const qsc_x509_store *	truststore
bool	allowselfsigned
bool	enforcehostname
bool	enforcevalidityperiod
qsc_x509_verify_status	lastverifystatus
qsc_tls_alert_description	lastalert

Detailed Description

Holder for the X.509-backed TLS certificate interface.

The state stores a pointer to an optional trust store (NULL for pinned-key or self-signed deployments) plus a scratch buffer used while decoding the peer chain. Decoded certificate objects live on the stack inside the callbacks; the caller must keep the original DER bytes alive for the duration of the handshake.

Field Documentation

◆ allowselfsigned

bool allowselfsigned

When truststore is NULL, accept self-signed leaf.

◆ enforcehostname

bool enforcehostname

Fail validation if the leaf doesn't match config.hostname.

◆ enforcevalidityperiod

bool enforcevalidityperiod

Fail validation if notBefore/notAfter excludes now.

◆ lastalert

qsc_tls_alert_description lastalert

Alert description corresponding to lastverifystatus.

◆ lastverifystatus

qsc_x509_verify_status lastverifystatus

Most recent validation status.

◆ truststore

const qsc_x509_store* truststore

Optional trust anchors; NULL => self-signed/pinned OK.

The documentation for this struct was generated from the following file:

C:/Users/stepp/Documents/Visual Studio 2022/Projects/C/QSC/QSC/tlscertx509.h

Data Fields