TLS-facing export container for a local certificate chain and private key for CertificateVerify generation. More...

#include <x509wrap.h>

Data Fields
qsc_tls_certificate_view	chain [QSC_TLS_CERTIFICATE_LIST_MAX_ENTRIES]
uint8_t	chainder [QSC_TLS_CERTIFICATE_LIST_MAX_ENTRIES][QSC_X509_CERTIFICATE_WRITE_MAX]
size_t	chainlength
qsc_tls_signature_scheme	verifyscheme
uint8_t	privatekeydata [QSC_TLS_MAX_SIGNING_PRIVATE_KEY_SIZE]
size_t	privatekeylen

Detailed Description

TLS-facing export container for a local certificate chain and private key for CertificateVerify generation.

C6 fix: the previous version stored a pre-computed signature buffer, which is cryptographically invalid (RFC 8446 4.4.3, the signature must cover the live transcript hash). This struct now stores the private key instead; the signature is produced at CertificateVerify build time by the internal trampoline installed by qsc_tls_handshake_set_local_certificate().

Field Documentation

◆ chain

qsc_tls_certificate_view chain[QSC_TLS_CERTIFICATE_LIST_MAX_ENTRIES]

TLS certificate views referencing the embedded DER buffers.

◆ chainder

uint8_t chainder[QSC_TLS_CERTIFICATE_LIST_MAX_ENTRIES][QSC_X509_CERTIFICATE_WRITE_MAX]

Embedded DER storage for the exported certificate chain.

◆ chainlength

size_t chainlength

Number of certificate views currently populated.

◆ privatekeydata

uint8_t privatekeydata[QSC_TLS_MAX_SIGNING_PRIVATE_KEY_SIZE]

Raw private key bytes for the signing scheme.

◆ privatekeylen

size_t privatekeylen

Length in bytes of the private key.

◆ verifyscheme

qsc_tls_signature_scheme verifyscheme

TLS CertificateVerify signature scheme.

The documentation for this struct was generated from the following file:

C:/Users/stepp/Documents/Visual Studio 2022/Projects/C/QSC/QSC/x509wrap.h

Data Fields