Function anjay_security_config_pkix

Function Documentation

anjay_security_config_t anjay_security_config_pkix(anjay_t *anjay)

Returns the security configuration that Anjay is configured to use for X.509 certificate-based security, if no server-specific certificate is known, but PKIX certificate validation is requested.

The returned security information is determined by the default_tls_ciphersuites, use_system_trust_store, trust_store_certs and trust_store_crls fields of anjay_configuration_t, which may be overridden by an /est/crts request if est_cacerts_policy is set to ANJAY_EST_CACERTS_IF_EST_CONFIGURED or ANJAY_EST_CACERTS_ALWAYS.

NOTE: Pointers in the returned structure will point to internal Anjay structures. Attempting to modify or deallocate them will result in undefined behavior.

NOTE: If no valid trust store is available, an unsafe “trust everything” configuration is returned (security_info.data.cert.server_cert_validation is set to false).

Returns:

Security configuration for the global trust store. The structure contains no dynamically allocated data.