gnutls_x509_crq_get_basic_constraints — API function

Synopsis

#include <gnutls/x509.h>

int gnutls_x509_crq_get_basic_constraints(gnutls_x509_crq_t crq, unsigned int * critical, unsigned int * ca, int * pathlen);

Arguments

gnutls_x509_crq_t crq

should contain a gnutls_x509_crq_t type

unsigned int * critical

will be non-zero if the extension is marked as critical

unsigned int * ca

pointer to output integer indicating CA status, may be NULL, value is 1 if the certificate CA flag is set, 0 otherwise.

int * pathlen

pointer to output integer indicating path length (may be NULL), non-negative error codes indicate a present pathLenConstraint field and the actual value, -1 indicate that the field is absent.

Description

This function will read the certificate's basic constraints, and return the certificates CA status.  It reads the basicConstraints X.509 extension (2.5.29.19).

Returns

If the certificate is a CA a positive value will be returned, or (0) if the certificate does not have CA flag set. A negative error code may be returned in case of errors.  If the certificate does not contain the basicConstraints extension GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.

Since

2.8.0

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

https://www.gnutls.org/manual/

Info

3.6.9 gnutls