NAME¶
gnutls_x509_crt_get_authority_info_access - API function
SYNOPSIS¶
#include <gnutls/x509.h>
int gnutls_x509_crt_get_authority_info_access(gnutls_x509_crt_t
crt, unsigned int seq, int what,
gnutls_datum_t * data, unsigned int *
critical);
ARGUMENTS¶
- gnutls_x509_crt_t crt
- Holds the certificate
- unsigned int seq
- specifies the sequence number of the access descriptor (0 for the first
one, 1 for the second etc.)
- int what
- what data to get, a gnutls_info_access_what_t type.
- gnutls_datum_t * data
- output data to be freed with gnutls_free().
- unsigned int * critical
- pointer to output integer that is set to non-zero if the extension is
marked as critical (may be NULL)
DESCRIPTION¶
Note that a simpler API to access the authority info data is provided by
gnutls_x509_aia_get() and
gnutls_x509_ext_import_aia().
This function extracts the Authority Information Access (AIA) extension, see RFC
5280 section 4.2.2.1 for more information. The AIA extension holds a sequence
of AccessDescription (AD) data.
The
seq input parameter is used to indicate which member of the sequence
the caller is interested in. The first member is 0, the second member 1 and so
on. When the
seq value is out of bounds,
GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
The type of data returned in
data is specified via
what which
should be
gnutls_info_access_what_t values.
If
what is
GNUTLS_IA_ACCESSMETHOD_OID then
data will hold
the accessMethod OID (e.g., "1.3.6.1.5.5.7.48.1").
If
what is
GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE,
data
will hold the accessLocation GeneralName type (e.g.,
"uniformResourceIdentifier").
If
what is
GNUTLS_IA_URI,
data will hold the accessLocation
URI data. Requesting this
what value leads to an error if the
accessLocation is not of the "uniformResourceIdentifier" type.
If
what is
GNUTLS_IA_OCSP_URI,
data will hold the OCSP URI.
Requesting this
what value leads to an error if the accessMethod is not
1.3.6.1.5.5.7.48.1 aka OSCP, or if accessLocation is not of the
"uniformResourceIdentifier" type.
If
what is
GNUTLS_IA_CAISSUERS_URI,
data will hold the
caIssuers URI. Requesting this
what value leads to an error if the
accessMethod is not 1.3.6.1.5.5.7.48.2 aka caIssuers, or if accessLocation is
not of the "uniformResourceIdentifier" type.
More
what values may be allocated in the future as needed.
If
data is NULL, the function does the same without storing the output
data, that is, it will set
critical and do error checking as usual.
The value of the critical flag is returned in *
critical . Supply a NULL
critical if you want the function to make sure the extension is
non-critical, as required by RFC 5280.
RETURNS¶
GNUTLS_E_SUCCESS on success,
GNUTLS_E_INVALID_REQUEST on invalid
crt ,
GNUTLS_E_CONSTRAINT_ERROR if the extension is incorrectly
marked as critical (use a non-NULL
critical to override),
GNUTLS_E_UNKNOWN_ALGORITHM if the requested OID does not match (e.g.,
when using
GNUTLS_IA_OCSP_URI), otherwise a negative error code.
SINCE¶
3.0
REPORTING BUGS¶
Report bugs to <bugs@gnutls.org>.
Home page:
http://www.gnutls.org
COPYRIGHT¶
Copyright © 2001-2014 Free Software Foundation, Inc..
Copying and distribution of this file, with or without modification, are
permitted in any medium without royalty provided the copyright notice and this
notice are preserved.
SEE ALSO¶
The full documentation for
gnutls is maintained as a Texinfo manual. If
the /usr/share/doc/gnutls/ directory does not contain the HTML form visit
- http://www.gnutls.org/manual/