gnutls_x509_crt_get_key_usage — API function

Synopsis

#include <gnutls/x509.h>

int gnutls_x509_crt_get_key_usage(gnutls_x509_crt_t cert, unsigned int * key_usage, unsigned int * critical);

Arguments

gnutls_x509_crt_t cert

should contain a gnutls_x509_crt_t type

unsigned int * key_usage

where the key usage bits will be stored

unsigned int * critical

will be non-zero if the extension is marked as critical

Description

This function will return certificate's key usage, by reading the keyUsage X.509 extension (2.5.29.15). The key usage value will ORed values of the: GNUTLS_KEY_DIGITAL_SIGNATURE, GNUTLS_KEY_NON_REPUDIATION, GNUTLS_KEY_KEY_ENCIPHERMENT, GNUTLS_KEY_DATA_ENCIPHERMENT, GNUTLS_KEY_KEY_AGREEMENT, GNUTLS_KEY_KEY_CERT_SIGN, GNUTLS_KEY_CRL_SIGN, GNUTLS_KEY_ENCIPHER_ONLY, GNUTLS_KEY_DECIPHER_ONLY.

Returns

zero on success, or a negative error code in case of parsing error.  If the certificate does not contain the keyUsage extension GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

https://www.gnutls.org/manual/

Info

3.6.9 gnutls