gnutls_x509_crt_get_ca_status — API function

Synopsis

#include <gnutls/x509.h>

int gnutls_x509_crt_get_ca_status(gnutls_x509_crt_t cert, unsigned int * critical);

Arguments

gnutls_x509_crt_t cert

should contain a gnutls_x509_crt_t type

unsigned int * critical

will be non-zero if the extension is marked as critical

Description

This function will return certificates CA status, by reading the basicConstraints X.509 extension (2.5.29.19). If the certificate is a CA a positive value will be returned, or (0) if the certificate does not have CA flag set.

Use gnutls_x509_crt_get_basic_constraints() if you want to read the pathLenConstraint field too.

Returns

If the certificate is a CA a positive value will be returned, or (0) if the certificate does not have CA flag set.  A negative error code may be returned in case of errors.  If the certificate does not contain the basicConstraints extension GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

https://www.gnutls.org/manual/

Info

3.6.9 gnutls