|
|
gnutls_x509_crt_get_authority_info_access — API function
#include <gnutls/x509.h>
int
gnutls_x509_crt_get_authority_info_access( |
gnutls_x509_crt_t crt, |
| unsigned int seq, | |
| int what, | |
| gnutls_datum_t * data, | |
unsigned int * critical); |
Holds the certificate
specifies the sequence number of the access descriptor (0 for the first one, 1 for the second etc.)
what data to get, a gnutls_info_access_what_t type.
output data to be freed with gnutls_free().
pointer to output integer that is set to non−0
if the extension is marked as critical (may be
NULL)
This function extracts the Authority Information Access (AIA) extension, see RFC 5280 section 4.2.2.1 for more information. The AIA extension holds a sequence of AccessDescription (AD) data:
<informalexample><programlisting> AuthorityInfoAccessSyntax ::= SEQUENCE SIZE (1..MAX) OF AccessDescription
AccessDescription ::= SEQUENCE { accessMethod OBJECT IDENTIFIER, accessLocation GeneralName } </programlisting></informalexample>
The seq input
parameter is used to indicate which member of the sequence
the caller is interested in. The first member is 0, the
second member 1 and so on. When the seq value is out of bounds,
GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is
returned.
The type of data returned in data is specified via
what which should be
gnutls_info_access_what_t
values.
If what is
GNUTLS_IA_ACCESSMETHOD_OID then
data will hold the
accessMethod OID (e.g., "1.3.6.1.5.5.7.48.1").
If what is
GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE,
data will hold the
accessLocation GeneralName type (e.g.,
"uniformResourceIdentifier").
If what is
GNUTLS_IA_URI, data will hold the
accessLocation URI data. Requesting this what value leads to an error if
the accessLocation is not of the "uniformResourceIdentifier"
type.
If what is
GNUTLS_IA_OCSP_URI, data will hold the OCSP URI.
Requesting this what
value leads to an error if the accessMethod is not
1.3.6.1.5.5.7.48.1 aka OSCP, or if accessLocation is not of
the "uniformResourceIdentifier" type.
If what is
GNUTLS_IA_CAISSUERS_URI,
data will hold the
caIssuers URI. Requesting this what value leads to an error if
the accessMethod is not 1.3.6.1.5.5.7.48.2 aka caIssuers, or
if accessLocation is not of the "uniformResourceIdentifier"
type.
More what values
may be allocated in the future as needed.
If data is NULL,
the function does the same without storing the output data,
that is, it will set critical and do error checking
as usual.
The value of the critical flag is returned in * critical . Supply a NULL
critical if you want
the function to make sure the extension is
non−critical, as required by RFC 5280.
GNUTLS_E_SUCCESS on
success, GNUTLS_E_INVALID_REQUEST on invalid
crt , GNUTLS_E_CONSTRAINT_ERROR if the extension
is incorrectly marked as critical (use a non−NULL
critical to
override), GNUTLS_E_UNKNOWN_ALGORITHM if the
requested OID does not match (e.g., when using GNUTLS_IA_OCSP_URI), otherwise a negative
error code.
Report bugs to <bug-gnutls@gnu.org>.
General guidelines for reporting bugs: http://www.gnu.org/gethelp/
GnuTLS home page: http://www.gnu.org/software/gnutls/
The full documentation for gnutls is maintained as a Texinfo manual. If the info and gnutls programs are properly installed at your site, the command
info gnutls
should give you access to the complete manual. As an alternative you may obtain the manual from:
| COPYRIGHT |
|---|
|
Copyright © 2001-2013 Free Software Foundation, Inc.. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. |