ASN.1 DER writing helpers for X.509 primitive values, composite objects, SPKI objects, and extension payloads. More...

#include "qsccommon.h"
#include "x509crl.h"
#include "x509crlwrite.h"
#include "x509types.h"

Functions
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_length (size_t length, uint8_t output, size_t outputlen)
	Write an ASN.1 DER length field.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_tag (uint8_t tagclass, bool constructed, uint32_t tagnumber, uint8_t output, size_t outputlen)
	Write an ASN.1 DER tag field.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_integer (const uint8_t value, size_t valuelen, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER INTEGER object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_boolean (bool value, uint8_t output, size_t outputlen)
	Write an ASN.1 DER BOOLEAN object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_null (uint8_t output, size_t outputlen)
	Write an ASN.1 DER NULL object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_oid (const qsc_asn1_oid oid, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER OBJECT IDENTIFIER object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_octet_string (const uint8_t value, size_t valuelen, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER OCTET STRING object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_bit_string (const uint8_t value, size_t valuelen, uint8_t unusedbits, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER BIT STRING object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_utf8_string (const char value, size_t valuelen, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER UTF8String object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_printable_string (const char value, size_t valuelen, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER PrintableString object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_ia5_string (const char value, size_t valuelen, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER IA5String object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_utctime (const qsc_asn1_time value, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER UTCTime object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_generalized_time (const qsc_asn1_time value, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER GeneralizedTime object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_sequence (const uint8_t content, size_t contentlen, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER SEQUENCE object from pre-encoded contents.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_set (const uint8_t content, size_t contentlen, uint8_t output, size_t *outputlen)
	Write an ASN.1 DER SET object from pre-encoded contents.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_explicit (uint32_t tagnumber, const uint8_t content, size_t contentlen, uint8_t output, size_t *outputlen)
	Write an explicitly tagged ASN.1 DER object from pre-encoded contents.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_raw (uint8_t tagclass, bool constructed, uint32_t tagnumber, const uint8_t content, size_t contentlen, uint8_t output, size_t *outputlen)
	Write a raw ASN.1 DER object from tag metadata and pre-encoded contents.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_algorithm_identifier_for_signature (qsc_x509_signature_algorithm signature, uint8_t output, size_t outputlen)
	Write an AlgorithmIdentifier object for a signature algorithm.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_algorithm_identifier_for_public_key (qsc_x509_public_key_algorithm publickey, qsc_x509_named_curve curve, qsc_x509_pqc_parameter_set pqcparameter, uint8_t output, size_t outputlen)
	Write an AlgorithmIdentifier object for a public-key algorithm.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_spki_ec (qsc_x509_named_curve curve, const uint8_t publickey, size_t publickeylen, uint8_t output, size_t *outputlen)
	Write an elliptic-curve SubjectPublicKeyInfo object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_spki_ml_dsa (qsc_x509_pqc_parameter_set parameterset, const uint8_t publickey, size_t publickeylen, uint8_t output, size_t *outputlen)
	Write an ML-DSA SubjectPublicKeyInfo object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_spki_ml_kem (qsc_x509_pqc_parameter_set parameterset, const uint8_t publickey, size_t publickeylen, uint8_t output, size_t *outputlen)
	Write an ML-KEM SubjectPublicKeyInfo object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_algorithm_identifier (const qsc_x509_algorithm_identifier algorithm, uint8_t output, size_t *outputlen)
	Write a normalized AlgorithmIdentifier object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_name (const qsc_x509_name name, uint8_t output, size_t *outputlen)
	Write a normalized X.509 Name object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_validity (const qsc_x509_validity validity, uint8_t output, size_t *outputlen)
	Write a normalized X.509 Validity object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_general_name (const qsc_x509_general_name name, uint8_t output, size_t *outputlen)
	Write a normalized GeneralName object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_spki (const qsc_x509_subject_public_key_info spki, uint8_t output, size_t *outputlen)
	Write a normalized SubjectPublicKeyInfo object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_extension (const qsc_x509_extension extension, uint8_t output, size_t *outputlen)
	Write a normalized X.509 Extension object.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_extensions (const qsc_x509_extensions extensions, uint8_t output, size_t *outputlen)
	Write a normalized Extensions collection.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_basic_constraints (const qsc_x509_basic_constraints basicconstraints, uint8_t output, size_t *outputlen)
	Write a BasicConstraints extension payload.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_key_usage (const qsc_x509_key_usage keyusage, uint8_t output, size_t *outputlen)
	Write a KeyUsage extension payload.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_extended_key_usage (const qsc_x509_extended_key_usage extendedkeyusage, uint8_t output, size_t *outputlen)
	Write an ExtendedKeyUsage extension payload.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_subject_key_identifier (const qsc_x509_subject_key_identifier subjectkeyidentifier, uint8_t output, size_t *outputlen)
	Write a SubjectKeyIdentifier extension payload.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_authority_key_identifier (const qsc_x509_authority_key_identifier authoritykeyidentifier, uint8_t output, size_t *outputlen)
	Write an AuthorityKeyIdentifier extension payload.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_subject_alt_name (const qsc_x509_subject_alt_name subjectaltname, uint8_t output, size_t *outputlen)
	Write a SubjectAltName extension payload.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_write_issuer_alt_name (const qsc_x509_issuer_alt_name issueraltname, uint8_t output, size_t *outputlen)
	Write an IssuerAltName extension payload.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_crl_builder_set_authority_key_identifier (qsc_x509_crl_builder builder, const qsc_x509_authority_key_identifier authoritykeyidentifier)
	Sets the Authority Key Identifier (AKI) extension in the CRL builder.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_crl_builder_set_crl_number (qsc_x509_crl_builder builder, const uint8_t value, size_t valuelen, bool critical)
	Sets the CRL Number extension in the CRL builder.
QSC_EXPORT_API qsc_asn1_status	qsc_x509_compute_authority_key_identifier_from_issuer (const qsc_x509_certificate issuer, qsc_x509_authority_key_identifier authoritykeyidentifier)
	Computes the Authority Key Identifier (AKI) from an issuer certificate.

Detailed Description

ASN.1 DER writing helpers for X.509 primitive values, composite objects, SPKI objects, and extension payloads.

This header defines the low-level encoding interface used to serialize ASN.1 DER objects required by the X.509 writer layer. The routines in this layer emit DER definite-length encodings only and reject malformed parameter combinations that would produce non-canonical output. The functions declared here support primitive TLV emission, construction of common ASN.1 string and time types, explicit and raw tagged-object encoding, and serialization of normalized X.509 structures such as AlgorithmIdentifier, Name, Validity, GeneralName, SubjectPublicKeyInfo, Extension, and Extensions. When an output buffer is not supplied, or when the supplied buffer is too small, the encoder updates outputlen with the required DER size and returns QSC_ASN1_STATUS_BUFFER_TOO_SMALL. This enables a consistent two-pass sizing and encoding pattern across the writer interface.

The interface also provides specialized helpers for writing public-key algorithm identifiers, elliptic-curve and post-quantum SubjectPublicKeyInfo objects, and commonly used certificate extension payloads.

Function Documentation

◆ qsc_x509_compute_authority_key_identifier_from_issuer()

QSC_EXPORT_API qsc_asn1_status qsc_x509_compute_authority_key_identifier_from_issuer	(	const qsc_x509_certificate *	issuer,
		qsc_x509_authority_key_identifier *	authoritykeyidentifier )

Computes the Authority Key Identifier (AKI) from an issuer certificate.

This function derives an Authority Key Identifier structure from the provided issuer certificate. The AKI is constructed according to standard X.509 practices:

If the issuer certificate contains a Subject Key Identifier (SKI) extension, that value is used directly as the key identifier.
If no SKI is present, the key identifier is derived from the issuer�s Subject Public Key Information (SPKI), typically using a SHA-1 hash over the public key bit string as specified in RFC 5280.

The resulting structure is fully populated with the key identifier and marked as present. The caller may then pass the result to qsc_x509_crl_builder_set_authority_key_identifier() to include the extension in a CRL.

This function does not modify the CRL builder directly.

Parameters

issuer	[const struct] Pointer to the issuer certificate.
authoritykeyidentifier	[struct] Pointer to the output AKI structure.

Returns: Returns QSC_ASN1_STATUS_SUCCESS on success, QSC_ASN1_STATUS_INVALID_INPUT if parameters are invalid or QSC_ASN1_STATUS_FAILURE if AKI derivation fails.

◆ qsc_x509_crl_builder_set_authority_key_identifier()

QSC_EXPORT_API qsc_asn1_status qsc_x509_crl_builder_set_authority_key_identifier	(	qsc_x509_crl_builder *	builder,
		const qsc_x509_authority_key_identifier *	authoritykeyidentifier )

Sets the Authority Key Identifier (AKI) extension in the CRL builder.

This function assigns a fully populated Authority Key Identifier structure to the CRL builder. The AKI extension identifies the public key corresponding to the private key used to sign the CRL, and is typically derived from the issuer certificate. When present, it enables relying parties to match the CRL to the correct issuer certificate during validation.

The provided structure must be fully initialized by the caller. At minimum, the key identifier field should be present and contain the issuer�s key identifier. Optional fields such as issuer name and serial number may also be included if required.

If this function is not called, and no AKI is otherwise set, the CRL will be generated without an Authority Key Identifier extension.

Parameters

builder	[struct] Pointer to the CRL builder instance.
authoritykeyidentifier	[const struct] Pointer to a populated AKI structure.

Returns: Returns QSC_ASN1_STATUS_SUCCESS on success or QSC_ASN1_STATUS_INVALID_INPUT if parameters are invalid.

◆ qsc_x509_crl_builder_set_crl_number()

QSC_EXPORT_API qsc_asn1_status qsc_x509_crl_builder_set_crl_number	(	qsc_x509_crl_builder *	builder,
		const uint8_t *	value,
		size_t	valuelen,
		bool	critical )

Sets the CRL Number extension in the CRL builder.

This function assigns a CRL Number extension to the CRL builder. The CRL Number is a monotonically increasing integer used to identify and order CRLs issued by a given authority. It is encoded as a DER INTEGER within the extension value.

The caller provides the CRL number as a big-endian byte array. The value is normalized during encoding to ensure proper ASN.1 INTEGER representation, including removal of leading zeros and insertion of a leading 0x00 byte if required to enforce a positive integer.

The critical flag determines whether the extension is marked critical in the CRL. In most deployments, CRL Number is non-critical.

If this function is not called, the CRL will be generated without a CRL Number extension.

Parameters

builder	[struct] Pointer to the CRL builder instance.
value	[const] Pointer to the big-endian CRL number byte array.
valuelen	[size_t] Length of the CRL number in bytes.
critical	[bool] Set to true to mark the extension as critical.

Returns: Returns QSC_ASN1_STATUS_SUCCESS on success, QSC_ASN1_STATUS_INVALID_INPUT if parameters are invalid, QSC_ASN1_STATUS_OUT_OF_RANGE if the value length exceeds supported limits.

◆ qsc_x509_write_algorithm_identifier()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_algorithm_identifier	(	const qsc_x509_algorithm_identifier *	algorithm,
		uint8_t *	output,
		size_t *	outputlen )

Write a normalized AlgorithmIdentifier object.

Parameters

algorithm	[const][struct] The algorithm identifier to encode.
output	The destination buffer receiving the DER AlgorithmIdentifier object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_algorithm_identifier_for_public_key()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_algorithm_identifier_for_public_key	(	qsc_x509_public_key_algorithm	publickey,
		qsc_x509_named_curve	curve,
		qsc_x509_pqc_parameter_set	pqcparameter,
		uint8_t *	output,
		size_t *	outputlen )

Write an AlgorithmIdentifier object for a public-key algorithm.

Encodes the canonical AlgorithmIdentifier corresponding to the supplied public-key algorithm selector and associated curve or PQC parameter set.

Parameters

publickey	[enum] The public-key algorithm selector.
curve	[enum] The named elliptic curve when applicable.
pqcparameter	[enum] The post-quantum parameter set when applicable.
output	The destination buffer receiving the DER AlgorithmIdentifier object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_algorithm_identifier_for_signature()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_algorithm_identifier_for_signature	(	qsc_x509_signature_algorithm	signature,
		uint8_t *	output,
		size_t *	outputlen )

Write an AlgorithmIdentifier object for a signature algorithm.

Encodes the canonical AlgorithmIdentifier corresponding to the supplied normalized X.509 signature algorithm selector.

Parameters

signature	[enum] The signature algorithm selector.
output	The destination buffer receiving the DER AlgorithmIdentifier object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_authority_key_identifier()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_authority_key_identifier	(	const qsc_x509_authority_key_identifier *	authoritykeyidentifier,
		uint8_t *	output,
		size_t *	outputlen )

Write an AuthorityKeyIdentifier extension payload.

Parameters

authoritykeyidentifier	[const][struct] The Authority Key Identifier value to encode.
output	The destination buffer receiving the DER payload.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_basic_constraints()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_basic_constraints	(	const qsc_x509_basic_constraints *	basicconstraints,
		uint8_t *	output,
		size_t *	outputlen )

Write a BasicConstraints extension payload.

Parameters

basicconstraints	[const][struct] The Basic Constraints value to encode.
output	The destination buffer receiving the DER payload.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_bit_string()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_bit_string	(	const uint8_t *	value,
		size_t	valuelen,
		uint8_t	unusedbits,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER BIT STRING object.

Encodes the supplied bit-string contents together with the number of unused bits in the final content octet.

Parameters

value	[const] The bit-string contents.
valuelen	The length of the bit-string contents in bytes.
unusedbits	The number of unused bits in the final content octet.
output	The destination buffer receiving the DER BIT STRING object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_boolean()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_boolean	(	bool	value,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER BOOLEAN object.

Parameters

value	The boolean value to encode.
output	The destination buffer receiving the DER BOOLEAN object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_explicit()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_explicit	(	uint32_t	tagnumber,
		const uint8_t *	content,
		size_t	contentlen,
		uint8_t *	output,
		size_t *	outputlen )

Write an explicitly tagged ASN.1 DER object from pre-encoded contents.

Parameters

tagnumber	The explicit context-specific tag number.
content	[const] The pre-encoded inner contents.
contentlen	The length of the inner contents in bytes.
output	The destination buffer receiving the explicitly tagged object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_extended_key_usage()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_extended_key_usage	(	const qsc_x509_extended_key_usage *	extendedkeyusage,
		uint8_t *	output,
		size_t *	outputlen )

Write an ExtendedKeyUsage extension payload.

Parameters

extendedkeyusage	[const][struct] The Extended Key Usage value to encode.
output	The destination buffer receiving the DER payload.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_extension()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_extension	(	const qsc_x509_extension *	extension,
		uint8_t *	output,
		size_t *	outputlen )

Write a normalized X.509 Extension object.

Parameters

extension	[const][struct] The extension object to encode.
output	The destination buffer receiving the DER Extension object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_extensions()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_extensions	(	const qsc_x509_extensions *	extensions,
		uint8_t *	output,
		size_t *	outputlen )

Write a normalized Extensions collection.

Parameters

extensions	[const][struct] The extension set to encode.
output	The destination buffer receiving the DER Extensions object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_general_name()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_general_name	(	const qsc_x509_general_name *	name,
		uint8_t *	output,
		size_t *	outputlen )

Write a normalized GeneralName object.

Parameters

name	[const][struct] The general name to encode.
output	The destination buffer receiving the DER GeneralName object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_generalized_time()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_generalized_time	(	const qsc_asn1_time *	value,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER GeneralizedTime object.

Parameters

value	[const][struct] The time value to encode.
output	The destination buffer receiving the DER GeneralizedTime object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_ia5_string()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_ia5_string	(	const char *	value,
		size_t	valuelen,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER IA5String object.

Parameters

value	[const] The IA5String bytes.
valuelen	The length of the string in bytes.
output	The destination buffer receiving the DER IA5String object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_integer()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_integer	(	const uint8_t *	value,
		size_t	valuelen,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER INTEGER object.

Encodes the supplied integer value bytes as a DER INTEGER object.

Parameters

value	[const] The integer value bytes in big-endian form.
valuelen	The length of the integer value in bytes.
output	The destination buffer receiving the DER INTEGER object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_issuer_alt_name()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_issuer_alt_name	(	const qsc_x509_issuer_alt_name *	issueraltname,
		uint8_t *	output,
		size_t *	outputlen )

Write an IssuerAltName extension payload.

Parameters

issueraltname	[const][struct] The Issuer Alternative Name value to encode.
output	The destination buffer receiving the DER payload.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_key_usage()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_key_usage	(	const qsc_x509_key_usage *	keyusage,
		uint8_t *	output,
		size_t *	outputlen )

Write a KeyUsage extension payload.

Parameters

keyusage	[const][struct] The Key Usage value to encode.
output	The destination buffer receiving the DER payload.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_length()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_length	(	size_t	length,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER length field.

Encodes the supplied content length using DER definite-length form and writes the result to the output buffer.

Parameters

length	The content length to encode.
output	The destination buffer receiving the encoded length field.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_name()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_name	(	const qsc_x509_name *	name,
		uint8_t *	output,
		size_t *	outputlen )

Write a normalized X.509 Name object.

Parameters

name	[const][struct] The distinguished name to encode.
output	The destination buffer receiving the DER Name object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_null()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_null	(	uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER NULL object.

Parameters

output	The destination buffer receiving the DER NULL object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_octet_string()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_octet_string	(	const uint8_t *	value,
		size_t	valuelen,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER OCTET STRING object.

Parameters

value	[const] The octet-string contents.
valuelen	The length of the octet-string contents in bytes.
output	The destination buffer receiving the DER OCTET STRING object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_oid()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_oid	(	const qsc_asn1_oid *	oid,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER OBJECT IDENTIFIER object.

Parameters

oid	[const][struct] The object identifier to encode.
output	The destination buffer receiving the DER OBJECT IDENTIFIER object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_printable_string()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_printable_string	(	const char *	value,
		size_t	valuelen,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER PrintableString object.

Parameters

value	[const] The PrintableString bytes.
valuelen	The length of the string in bytes.
output	The destination buffer receiving the DER PrintableString object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_raw()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_raw	(	uint8_t	tagclass,
		bool	constructed,
		uint32_t	tagnumber,
		const uint8_t *	content,
		size_t	contentlen,
		uint8_t *	output,
		size_t *	outputlen )

Write a raw ASN.1 DER object from tag metadata and pre-encoded contents.

Parameters

tagclass	The ASN.1 tag class.
constructed	Indicates whether the encoded object is constructed.
tagnumber	The ASN.1 tag number.
content	[const] The pre-encoded content bytes.
contentlen	The length of the content in bytes.
output	The destination buffer receiving the encoded object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_sequence()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_sequence	(	const uint8_t *	content,
		size_t	contentlen,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER SEQUENCE object from pre-encoded contents.

Parameters

content	[const] The pre-encoded content bytes.
contentlen	The length of the content in bytes.
output	The destination buffer receiving the DER SEQUENCE object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_set()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_set	(	const uint8_t *	content,
		size_t	contentlen,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER SET object from pre-encoded contents.

Parameters

content	[const] The pre-encoded content bytes.
contentlen	The length of the content in bytes.
output	The destination buffer receiving the DER SET object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_spki()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_spki	(	const qsc_x509_subject_public_key_info *	spki,
		uint8_t *	output,
		size_t *	outputlen )

Write a normalized SubjectPublicKeyInfo object.

Parameters

spki	[const][struct] The subject public key information object to encode.
output	The destination buffer receiving the DER SubjectPublicKeyInfo object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_spki_ec()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_spki_ec	(	qsc_x509_named_curve	curve,
		const uint8_t *	publickey,
		size_t	publickeylen,
		uint8_t *	output,
		size_t *	outputlen )

Write an elliptic-curve SubjectPublicKeyInfo object.

Parameters

curve	[enum] The named elliptic curve identifier.
publickey	[const] The encoded EC public-key bytes.
publickeylen	The length of the public key in bytes.
output	The destination buffer receiving the DER SubjectPublicKeyInfo object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_spki_ml_dsa()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_spki_ml_dsa	(	qsc_x509_pqc_parameter_set	parameterset,
		const uint8_t *	publickey,
		size_t	publickeylen,
		uint8_t *	output,
		size_t *	outputlen )

Write an ML-DSA SubjectPublicKeyInfo object.

Parameters

parameterset	[enum] The ML-DSA parameter-set identifier.
publickey	[const] The ML-DSA public-key bytes.
publickeylen	The length of the public key in bytes.
output	The destination buffer receiving the DER SubjectPublicKeyInfo object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_spki_ml_kem()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_spki_ml_kem	(	qsc_x509_pqc_parameter_set	parameterset,
		const uint8_t *	publickey,
		size_t	publickeylen,
		uint8_t *	output,
		size_t *	outputlen )

Write an ML-KEM SubjectPublicKeyInfo object.

Parameters

parameterset	[enum] The ML-KEM parameter-set identifier.
publickey	[const] The ML-KEM public-key bytes.
publickeylen	The length of the public key in bytes.
output	The destination buffer receiving the DER SubjectPublicKeyInfo object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_subject_alt_name()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_subject_alt_name	(	const qsc_x509_subject_alt_name *	subjectaltname,
		uint8_t *	output,
		size_t *	outputlen )

Write a SubjectAltName extension payload.

Parameters

subjectaltname	[const][struct] The Subject Alternative Name value to encode.
output	The destination buffer receiving the DER payload.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_subject_key_identifier()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_subject_key_identifier	(	const qsc_x509_subject_key_identifier *	subjectkeyidentifier,
		uint8_t *	output,
		size_t *	outputlen )

Write a SubjectKeyIdentifier extension payload.

Parameters

subjectkeyidentifier	[const][struct] The Subject Key Identifier value to encode.
output	The destination buffer receiving the DER payload.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_tag()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_tag	(	uint8_t	tagclass,
		bool	constructed,
		uint32_t	tagnumber,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER tag field.

Encodes the supplied tag class, constructed flag, and tag number as a DER tag field and writes the result to the output buffer.

Parameters

tagclass	The ASN.1 tag class.
constructed	Indicates whether the encoded object is constructed.
tagnumber	The ASN.1 tag number.
output	The destination buffer receiving the encoded tag field.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_utctime()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_utctime	(	const qsc_asn1_time *	value,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER UTCTime object.

Parameters

value	[const][struct] The time value to encode.
output	The destination buffer receiving the DER UTCTime object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_utf8_string()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_utf8_string	(	const char *	value,
		size_t	valuelen,
		uint8_t *	output,
		size_t *	outputlen )

Write an ASN.1 DER UTF8String object.

Parameters

value	[const] The UTF-8 string bytes.
valuelen	The length of the string in bytes.
output	The destination buffer receiving the DER UTF8String object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

◆ qsc_x509_write_validity()

QSC_EXPORT_API qsc_asn1_status qsc_x509_write_validity	(	const qsc_x509_validity *	validity,
		uint8_t *	output,
		size_t *	outputlen )

Write a normalized X.509 Validity object.

Parameters

validity	[const][struct] The validity interval to encode.
output	The destination buffer receiving the DER Validity object.
outputlen	The input capacity of the output buffer and, on success, the number of bytes written.

Returns: [enum] Returns a qsc_asn1_status code.

Functions

Detailed Description

Function Documentation

◆ qsc_x509_compute_authority_key_identifier_from_issuer()

◆ qsc_x509_crl_builder_set_authority_key_identifier()

◆ qsc_x509_crl_builder_set_crl_number()

◆ qsc_x509_write_algorithm_identifier()

◆ qsc_x509_write_algorithm_identifier_for_public_key()

◆ qsc_x509_write_algorithm_identifier_for_signature()

◆ qsc_x509_write_authority_key_identifier()

◆ qsc_x509_write_basic_constraints()

◆ qsc_x509_write_bit_string()

◆ qsc_x509_write_boolean()

◆ qsc_x509_write_explicit()

◆ qsc_x509_write_extended_key_usage()

◆ qsc_x509_write_extension()

◆ qsc_x509_write_extensions()

◆ qsc_x509_write_general_name()

◆ qsc_x509_write_generalized_time()

◆ qsc_x509_write_ia5_string()

◆ qsc_x509_write_integer()

◆ qsc_x509_write_issuer_alt_name()

◆ qsc_x509_write_key_usage()

◆ qsc_x509_write_length()

◆ qsc_x509_write_name()

◆ qsc_x509_write_null()

◆ qsc_x509_write_octet_string()

◆ qsc_x509_write_oid()

◆ qsc_x509_write_printable_string()

◆ qsc_x509_write_raw()

◆ qsc_x509_write_sequence()

◆ qsc_x509_write_set()

◆ qsc_x509_write_spki()

◆ qsc_x509_write_spki_ec()

◆ qsc_x509_write_spki_ml_dsa()

◆ qsc_x509_write_spki_ml_kem()

◆ qsc_x509_write_subject_alt_name()

◆ qsc_x509_write_subject_key_identifier()

◆ qsc_x509_write_tag()

◆ qsc_x509_write_utctime()

◆ qsc_x509_write_utf8_string()

◆ qsc_x509_write_validity()