commit 8e5bdfbbcf86e1867b5af22f5f7d23461fa54022
author Nicholas Wilson <nicholas.wilson@realvnc.com> Wed Sep 09 19:03:34 2015 +0100
committer Dave Rodgman <dave.rodgman@arm.com> Tue Aug 30 10:08:43 2022 +0100
tree 4436f0b99194c5041c39ca33b93be9f2f1fc05ed
parent 0edfa9dd26c7cb9265a4ace8f5961f987ee84651

Improve programs/cert_write with a way to set extended key usages

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

include/mbedtls/x509_crt.h

diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 1ddc997..0a5d1f5 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -1145,6 +1145,19 @@
                                          unsigned int key_usage );
 
 /**
+ * \brief           Set the Extended Key Usage Extension
+ *                  (e.g. MBEDTLS_OID_SERVER_AUTH)
+ *
+ * \param ctx       CRT context to use
+ * \param exts      extended key usage extensions to set, a sequence of
+ *                  MBEDTLS_ASN1_OID objects
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_crt_set_ext_key_usage( mbedtls_x509write_cert *ctx,
+                                             const mbedtls_asn1_sequence *exts );
+
+/**
  * \brief           Set the Netscape Cert Type flags
  *                  (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)
  *