diff options
Diffstat (limited to 'doc/reference/html/gnutls-x509.html')
| -rw-r--r-- | doc/reference/html/gnutls-x509.html | 19834 |
1 files changed, 19834 insertions, 0 deletions
diff --git a/doc/reference/html/gnutls-x509.html b/doc/reference/html/gnutls-x509.html new file mode 100644 index 0000000..8f48643 --- /dev/null +++ b/doc/reference/html/gnutls-x509.html @@ -0,0 +1,19834 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> +<title>x509: GnuTLS API Reference Manual</title> +<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot"> +<link rel="home" href="index.html" title="GnuTLS API Reference Manual"> +<link rel="up" href="intro.html" title="GnuTLS API Reference Manual"> +<link rel="prev" href="gnutls-abstract.html" title="abstract"> +<link rel="next" href="gnutls-openpgp.html" title="openpgp"> +<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)"> +<link rel="stylesheet" href="style.css" type="text/css"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="5"><tr valign="middle"> +<td width="100%" align="left" class="shortcuts"> +<a href="#" class="shortcut">Top</a><span id="nav_description"> <span class="dim">|</span> + <a href="#gnutls-x509.description" class="shortcut">Description</a></span> +</td> +<td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td> +<td><a accesskey="u" href="intro.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td> +<td><a accesskey="p" href="gnutls-abstract.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td> +<td><a accesskey="n" href="gnutls-openpgp.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td> +</tr></table> +<div class="refentry"> +<a name="gnutls-x509"></a><div class="titlepage"></div> +<div class="refnamediv"><table width="100%"><tr> +<td valign="top"> +<h2><span class="refentrytitle"><a name="gnutls-x509.top_of_page"></a>x509</span></h2> +<p>x509</p> +</td> +<td class="gallery_image" valign="top" align="right"></td> +</tr></table></div> +<div class="refsect1"> +<a name="gnutls-x509.functions"></a><h2>Functions</h2> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="functions_proto_type"> +<col class="functions_proto_name"> +</colgroup> +<tbody> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-init" title="gnutls_x509_crt_init ()">gnutls_x509_crt_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-deinit" title="gnutls_x509_crt_deinit ()">gnutls_x509_crt_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-flags" title="gnutls_x509_crt_set_flags ()">gnutls_x509_crt_set_flags</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-equals" title="gnutls_x509_crt_equals ()">gnutls_x509_crt_equals</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-equals2" title="gnutls_x509_crt_equals2 ()">gnutls_x509_crt_equals2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-import" title="gnutls_x509_crt_import ()">gnutls_x509_crt_import</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-list-import2" title="gnutls_x509_crt_list_import2 ()">gnutls_x509_crt_list_import2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-list-import" title="gnutls_x509_crt_list_import ()">gnutls_x509_crt_list_import</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-import-url" title="gnutls_x509_crt_import_url ()">gnutls_x509_crt_import_url</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-list-import-url" title="gnutls_x509_crt_list_import_url ()">gnutls_x509_crt_list_import_url</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-export" title="gnutls_x509_crt_export ()">gnutls_x509_crt_export</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-export2" title="gnutls_x509_crt_export2 ()">gnutls_x509_crt_export2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-private-key-usage-period" title="gnutls_x509_crt_get_private_key_usage_period ()">gnutls_x509_crt_get_private_key_usage_period</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-dn" title="gnutls_x509_crt_get_issuer_dn ()">gnutls_x509_crt_get_issuer_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-dn2" title="gnutls_x509_crt_get_issuer_dn2 ()">gnutls_x509_crt_get_issuer_dn2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-dn3" title="gnutls_x509_crt_get_issuer_dn3 ()">gnutls_x509_crt_get_issuer_dn3</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-dn-oid" title="gnutls_x509_crt_get_issuer_dn_oid ()">gnutls_x509_crt_get_issuer_dn_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-dn-by-oid" title="gnutls_x509_crt_get_issuer_dn_by_oid ()">gnutls_x509_crt_get_issuer_dn_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-dn" title="gnutls_x509_crt_get_dn ()">gnutls_x509_crt_get_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-dn2" title="gnutls_x509_crt_get_dn2 ()">gnutls_x509_crt_get_dn2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-dn3" title="gnutls_x509_crt_get_dn3 ()">gnutls_x509_crt_get_dn3</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-dn-oid" title="gnutls_x509_crt_get_dn_oid ()">gnutls_x509_crt_get_dn_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-dn-by-oid" title="gnutls_x509_crt_get_dn_by_oid ()">gnutls_x509_crt_get_dn_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-check-hostname" title="gnutls_x509_crt_check_hostname ()">gnutls_x509_crt_check_hostname</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-check-hostname2" title="gnutls_x509_crt_check_hostname2 ()">gnutls_x509_crt_check_hostname2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-check-email" title="gnutls_x509_crt_check_email ()">gnutls_x509_crt_check_email</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-check-ip" title="gnutls_x509_crt_check_ip ()">gnutls_x509_crt_check_ip</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-signature-algorithm" title="gnutls_x509_crt_get_signature_algorithm ()">gnutls_x509_crt_get_signature_algorithm</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-signature" title="gnutls_x509_crt_get_signature ()">gnutls_x509_crt_get_signature</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-version" title="gnutls_x509_crt_get_version ()">gnutls_x509_crt_get_version</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-pk-oid" title="gnutls_x509_crt_get_pk_oid ()">gnutls_x509_crt_get_pk_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-signature-oid" title="gnutls_x509_crt_get_signature_oid ()">gnutls_x509_crt_get_signature_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-key-id" title="gnutls_x509_crt_get_key_id ()">gnutls_x509_crt_get_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-private-key-usage-period" title="gnutls_x509_crt_set_private_key_usage_period ()">gnutls_x509_crt_set_private_key_usage_period</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-authority-key-id" title="gnutls_x509_crt_set_authority_key_id ()">gnutls_x509_crt_set_authority_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-authority-key-id" title="gnutls_x509_crt_get_authority_key_id ()">gnutls_x509_crt_get_authority_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-authority-key-gn-serial" title="gnutls_x509_crt_get_authority_key_gn_serial ()">gnutls_x509_crt_get_authority_key_gn_serial</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-key-id" title="gnutls_x509_crt_get_subject_key_id ()">gnutls_x509_crt_get_subject_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-unique-id" title="gnutls_x509_crt_get_subject_unique_id ()">gnutls_x509_crt_get_subject_unique_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-unique-id" title="gnutls_x509_crt_get_issuer_unique_id ()">gnutls_x509_crt_get_issuer_unique_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-pin-function" title="gnutls_x509_crt_set_pin_function ()">gnutls_x509_crt_set_pin_function</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-authority-info-access" title="gnutls_x509_crt_get_authority_info_access ()">gnutls_x509_crt_get_authority_info_access</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-check" title="gnutls_x509_name_constraints_check ()">gnutls_x509_name_constraints_check</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-check-crt" title="gnutls_x509_name_constraints_check_crt ()">gnutls_x509_name_constraints_check_crt</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-init" title="gnutls_x509_name_constraints_init ()">gnutls_x509_name_constraints_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-deinit" title="gnutls_x509_name_constraints_deinit ()">gnutls_x509_name_constraints_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-name-constraints" title="gnutls_x509_crt_get_name_constraints ()">gnutls_x509_crt_get_name_constraints</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-add-permitted" title="gnutls_x509_name_constraints_add_permitted ()">gnutls_x509_name_constraints_add_permitted</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-add-excluded" title="gnutls_x509_name_constraints_add_excluded ()">gnutls_x509_name_constraints_add_excluded</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-name-constraints" title="gnutls_x509_crt_set_name_constraints ()">gnutls_x509_crt_set_name_constraints</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-get-permitted" title="gnutls_x509_name_constraints_get_permitted ()">gnutls_x509_name_constraints_get_permitted</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-get-excluded" title="gnutls_x509_name_constraints_get_excluded ()">gnutls_x509_name_constraints_get_excluded</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-cidr-to-rfc5280" title="gnutls_x509_cidr_to_rfc5280 ()">gnutls_x509_cidr_to_rfc5280</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-crl-dist-points" title="gnutls_x509_crt_get_crl_dist_points ()">gnutls_x509_crt_get_crl_dist_points</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-crl-dist-points2" title="gnutls_x509_crt_set_crl_dist_points2 ()">gnutls_x509_crt_set_crl_dist_points2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-crl-dist-points" title="gnutls_x509_crt_set_crl_dist_points ()">gnutls_x509_crt_set_crl_dist_points</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-cpy-crl-dist-points" title="gnutls_x509_crt_cpy_crl_dist_points ()">gnutls_x509_crt_cpy_crl_dist_points</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-sign" title="gnutls_x509_crl_sign ()">gnutls_x509_crl_sign</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-sign2" title="gnutls_x509_crl_sign2 ()">gnutls_x509_crl_sign2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">time_t</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-activation-time" title="gnutls_x509_crt_get_activation_time ()">gnutls_x509_crt_get_activation_time</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">time_t</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-expiration-time" title="gnutls_x509_crt_get_expiration_time ()">gnutls_x509_crt_get_expiration_time</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-serial" title="gnutls_x509_crt_get_serial ()">gnutls_x509_crt_get_serial</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-spki-init" title="gnutls_x509_spki_init ()">gnutls_x509_spki_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-spki-deinit" title="gnutls_x509_spki_deinit ()">gnutls_x509_spki_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-spki-get-rsa-pss-params" title="gnutls_x509_spki_get_rsa_pss_params ()">gnutls_x509_spki_get_rsa_pss_params</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-spki-set-rsa-pss-params" title="gnutls_x509_spki_set_rsa_pss_params ()">gnutls_x509_spki_set_rsa_pss_params</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-pk-algorithm" title="gnutls_x509_crt_get_pk_algorithm ()">gnutls_x509_crt_get_pk_algorithm</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-spki" title="gnutls_x509_crt_set_spki ()">gnutls_x509_crt_set_spki</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-spki" title="gnutls_x509_crt_get_spki ()">gnutls_x509_crt_get_spki</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-pk-rsa-raw" title="gnutls_x509_crt_get_pk_rsa_raw ()">gnutls_x509_crt_get_pk_rsa_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-pk-dsa-raw" title="gnutls_x509_crt_get_pk_dsa_raw ()">gnutls_x509_crt_get_pk_dsa_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-pk-ecc-raw" title="gnutls_x509_crt_get_pk_ecc_raw ()">gnutls_x509_crt_get_pk_ecc_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-pk-gost-raw" title="gnutls_x509_crt_get_pk_gost_raw ()">gnutls_x509_crt_get_pk_gost_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-alt-name" title="gnutls_x509_crt_get_subject_alt_name ()">gnutls_x509_crt_get_subject_alt_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-alt-name2" title="gnutls_x509_crt_get_subject_alt_name2 ()">gnutls_x509_crt_get_subject_alt_name2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-alt-othername-oid" title="gnutls_x509_crt_get_subject_alt_othername_oid ()">gnutls_x509_crt_get_subject_alt_othername_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-alt-name" title="gnutls_x509_crt_get_issuer_alt_name ()">gnutls_x509_crt_get_issuer_alt_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-alt-name2" title="gnutls_x509_crt_get_issuer_alt_name2 ()">gnutls_x509_crt_get_issuer_alt_name2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-alt-othername-oid" title="gnutls_x509_crt_get_issuer_alt_othername_oid ()">gnutls_x509_crt_get_issuer_alt_othername_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-ca-status" title="gnutls_x509_crt_get_ca_status ()">gnutls_x509_crt_get_ca_status</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-basic-constraints" title="gnutls_x509_crt_get_basic_constraints ()">gnutls_x509_crt_get_basic_constraints</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-key-usage" title="gnutls_x509_crt_get_key_usage ()">gnutls_x509_crt_get_key_usage</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-key-usage" title="gnutls_x509_crt_set_key_usage ()">gnutls_x509_crt_set_key_usage</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-authority-info-access" title="gnutls_x509_crt_set_authority_info_access ()">gnutls_x509_crt_set_authority_info_access</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-inhibit-anypolicy" title="gnutls_x509_crt_get_inhibit_anypolicy ()">gnutls_x509_crt_get_inhibit_anypolicy</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-inhibit-anypolicy" title="gnutls_x509_crt_set_inhibit_anypolicy ()">gnutls_x509_crt_set_inhibit_anypolicy</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-proxy" title="gnutls_x509_crt_get_proxy ()">gnutls_x509_crt_get_proxy</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-init" title="gnutls_x509_tlsfeatures_init ()">gnutls_x509_tlsfeatures_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-deinit" title="gnutls_x509_tlsfeatures_deinit ()">gnutls_x509_tlsfeatures_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-get" title="gnutls_x509_tlsfeatures_get ()">gnutls_x509_tlsfeatures_get</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-tlsfeatures" title="gnutls_x509_crt_set_tlsfeatures ()">gnutls_x509_crt_set_tlsfeatures</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-tlsfeatures" title="gnutls_x509_crt_get_tlsfeatures ()">gnutls_x509_crt_get_tlsfeatures</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-check-crt" title="gnutls_x509_tlsfeatures_check_crt ()">gnutls_x509_tlsfeatures_check_crt</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-policy-release" title="gnutls_x509_policy_release ()">gnutls_x509_policy_release</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-policy" title="gnutls_x509_crt_get_policy ()">gnutls_x509_crt_get_policy</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-policy" title="gnutls_x509_crt_set_policy ()">gnutls_x509_crt_set_policy</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-oid-known" title="gnutls_x509_dn_oid_known ()">gnutls_x509_dn_oid_known</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type">const <span class="returnvalue">char</span> * +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-oid-name" title="gnutls_x509_dn_oid_name ()">gnutls_x509_dn_oid_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-extension-oid" title="gnutls_x509_crt_get_extension_oid ()">gnutls_x509_crt_get_extension_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-extension-by-oid" title="gnutls_x509_crt_get_extension_by_oid ()">gnutls_x509_crt_get_extension_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-signature-algorithm" title="gnutls_x509_crq_get_signature_algorithm ()">gnutls_x509_crq_get_signature_algorithm</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-extension-by-oid2" title="gnutls_x509_crq_get_extension_by_oid2 ()">gnutls_x509_crq_get_extension_by_oid2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-extension-info" title="gnutls_x509_crt_get_extension_info ()">gnutls_x509_crt_get_extension_info</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-extension-data" title="gnutls_x509_crt_get_extension_data ()">gnutls_x509_crt_get_extension_data</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-extension-data2" title="gnutls_x509_crt_get_extension_data2 ()">gnutls_x509_crt_get_extension_data2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-extension-by-oid" title="gnutls_x509_crt_set_extension_by_oid ()">gnutls_x509_crt_set_extension_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-dn" title="gnutls_x509_crt_set_dn ()">gnutls_x509_crt_set_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-dn-by-oid" title="gnutls_x509_crt_set_dn_by_oid ()">gnutls_x509_crt_set_dn_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-issuer-dn-by-oid" title="gnutls_x509_crt_set_issuer_dn_by_oid ()">gnutls_x509_crt_set_issuer_dn_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-issuer-dn" title="gnutls_x509_crt_set_issuer_dn ()">gnutls_x509_crt_set_issuer_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-version" title="gnutls_x509_crt_set_version ()">gnutls_x509_crt_set_version</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-key" title="gnutls_x509_crt_set_key ()">gnutls_x509_crt_set_key</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-ca-status" title="gnutls_x509_crt_set_ca_status ()">gnutls_x509_crt_set_ca_status</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-basic-constraints" title="gnutls_x509_crt_set_basic_constraints ()">gnutls_x509_crt_set_basic_constraints</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-subject-unique-id" title="gnutls_x509_crt_set_subject_unique_id ()">gnutls_x509_crt_set_subject_unique_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-issuer-unique-id" title="gnutls_x509_crt_set_issuer_unique_id ()">gnutls_x509_crt_set_issuer_unique_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-subject-alternative-name" title="gnutls_x509_crt_set_subject_alternative_name ()">gnutls_x509_crt_set_subject_alternative_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-subject-alt-name" title="gnutls_x509_crt_set_subject_alt_name ()">gnutls_x509_crt_set_subject_alt_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-subject-alt-othername" title="gnutls_x509_crt_set_subject_alt_othername ()">gnutls_x509_crt_set_subject_alt_othername</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-issuer-alt-name" title="gnutls_x509_crt_set_issuer_alt_name ()">gnutls_x509_crt_set_issuer_alt_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-issuer-alt-othername" title="gnutls_x509_crt_set_issuer_alt_othername ()">gnutls_x509_crt_set_issuer_alt_othername</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-sign" title="gnutls_x509_crt_sign ()">gnutls_x509_crt_sign</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-sign2" title="gnutls_x509_crt_sign2 ()">gnutls_x509_crt_sign2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-activation-time" title="gnutls_x509_crt_set_activation_time ()">gnutls_x509_crt_set_activation_time</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-expiration-time" title="gnutls_x509_crt_set_expiration_time ()">gnutls_x509_crt_set_expiration_time</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-serial" title="gnutls_x509_crt_set_serial ()">gnutls_x509_crt_set_serial</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-subject-key-id" title="gnutls_x509_crt_set_subject_key_id ()">gnutls_x509_crt_set_subject_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-proxy-dn" title="gnutls_x509_crt_set_proxy_dn ()">gnutls_x509_crt_set_proxy_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-proxy" title="gnutls_x509_crt_set_proxy ()">gnutls_x509_crt_set_proxy</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-print" title="gnutls_x509_crt_print ()">gnutls_x509_crt_print</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-print" title="gnutls_x509_crl_print ()">gnutls_x509_crl_print</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-raw-issuer-dn" title="gnutls_x509_crt_get_raw_issuer_dn ()">gnutls_x509_crt_get_raw_issuer_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-raw-dn" title="gnutls_x509_crt_get_raw_dn ()">gnutls_x509_crt_get_raw_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-rdn-get" title="gnutls_x509_rdn_get ()">gnutls_x509_rdn_get</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-rdn-get2" title="gnutls_x509_rdn_get2 ()">gnutls_x509_rdn_get2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-rdn-get-oid" title="gnutls_x509_rdn_get_oid ()">gnutls_x509_rdn_get_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-rdn-get-by-oid" title="gnutls_x509_rdn_get_by_oid ()">gnutls_x509_rdn_get_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject" title="gnutls_x509_crt_get_subject ()">gnutls_x509_crt_get_subject</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer" title="gnutls_x509_crt_get_issuer ()">gnutls_x509_crt_get_issuer</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-get-rdn-ava" title="gnutls_x509_dn_get_rdn_ava ()">gnutls_x509_dn_get_rdn_ava</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-get-str" title="gnutls_x509_dn_get_str ()">gnutls_x509_dn_get_str</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-get-str2" title="gnutls_x509_dn_get_str2 ()">gnutls_x509_dn_get_str2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-set-str" title="gnutls_x509_dn_set_str ()">gnutls_x509_dn_set_str</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-init" title="gnutls_x509_dn_init ()">gnutls_x509_dn_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-import" title="gnutls_x509_dn_import ()">gnutls_x509_dn_import</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-export" title="gnutls_x509_dn_export ()">gnutls_x509_dn_export</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-export2" title="gnutls_x509_dn_export2 ()">gnutls_x509_dn_export2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-deinit" title="gnutls_x509_dn_deinit ()">gnutls_x509_dn_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-init" title="gnutls_x509_crl_init ()">gnutls_x509_crl_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-deinit" title="gnutls_x509_crl_deinit ()">gnutls_x509_crl_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-import" title="gnutls_x509_crl_import ()">gnutls_x509_crl_import</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-export" title="gnutls_x509_crl_export ()">gnutls_x509_crl_export</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-export2" title="gnutls_x509_crl_export2 ()">gnutls_x509_crl_export2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-raw-issuer-dn" title="gnutls_x509_crl_get_raw_issuer_dn ()">gnutls_x509_crl_get_raw_issuer_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-issuer-dn" title="gnutls_x509_crl_get_issuer_dn ()">gnutls_x509_crl_get_issuer_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-issuer-dn2" title="gnutls_x509_crl_get_issuer_dn2 ()">gnutls_x509_crl_get_issuer_dn2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-issuer-dn3" title="gnutls_x509_crl_get_issuer_dn3 ()">gnutls_x509_crl_get_issuer_dn3</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-issuer-dn-by-oid" title="gnutls_x509_crl_get_issuer_dn_by_oid ()">gnutls_x509_crl_get_issuer_dn_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-dn-oid" title="gnutls_x509_crl_get_dn_oid ()">gnutls_x509_crl_get_dn_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-signature-algorithm" title="gnutls_x509_crl_get_signature_algorithm ()">gnutls_x509_crl_get_signature_algorithm</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-signature" title="gnutls_x509_crl_get_signature ()">gnutls_x509_crl_get_signature</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-version" title="gnutls_x509_crl_get_version ()">gnutls_x509_crl_get_version</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-signature-oid" title="gnutls_x509_crl_get_signature_oid ()">gnutls_x509_crl_get_signature_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">time_t</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-this-update" title="gnutls_x509_crl_get_this_update ()">gnutls_x509_crl_get_this_update</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">time_t</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-next-update" title="gnutls_x509_crl_get_next_update ()">gnutls_x509_crl_get_next_update</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-crt-count" title="gnutls_x509_crl_get_crt_count ()">gnutls_x509_crl_get_crt_count</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-crt-serial" title="gnutls_x509_crl_get_crt_serial ()">gnutls_x509_crl_get_crt_serial</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-iter-crt-serial" title="gnutls_x509_crl_iter_crt_serial ()">gnutls_x509_crl_iter_crt_serial</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-iter-deinit" title="gnutls_x509_crl_iter_deinit ()">gnutls_x509_crl_iter_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-check-issuer" title="gnutls_x509_crl_check_issuer ()">gnutls_x509_crl_check_issuer</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-list-import2" title="gnutls_x509_crl_list_import2 ()">gnutls_x509_crl_list_import2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-list-import" title="gnutls_x509_crl_list_import ()">gnutls_x509_crl_list_import</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-set-version" title="gnutls_x509_crl_set_version ()">gnutls_x509_crl_set_version</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-set-this-update" title="gnutls_x509_crl_set_this_update ()">gnutls_x509_crl_set_this_update</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-set-next-update" title="gnutls_x509_crl_set_next_update ()">gnutls_x509_crl_set_next_update</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-set-crt-serial" title="gnutls_x509_crl_set_crt_serial ()">gnutls_x509_crl_set_crt_serial</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-set-crt" title="gnutls_x509_crl_set_crt ()">gnutls_x509_crl_set_crt</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-authority-key-id" title="gnutls_x509_crl_get_authority_key_id ()">gnutls_x509_crl_get_authority_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-authority-key-gn-serial" title="gnutls_x509_crl_get_authority_key_gn_serial ()">gnutls_x509_crl_get_authority_key_gn_serial</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-number" title="gnutls_x509_crl_get_number ()">gnutls_x509_crl_get_number</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-extension-oid" title="gnutls_x509_crl_get_extension_oid ()">gnutls_x509_crl_get_extension_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-extension-info" title="gnutls_x509_crl_get_extension_info ()">gnutls_x509_crl_get_extension_info</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-extension-data" title="gnutls_x509_crl_get_extension_data ()">gnutls_x509_crl_get_extension_data</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-extension-data2" title="gnutls_x509_crl_get_extension_data2 ()">gnutls_x509_crl_get_extension_data2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-set-authority-key-id" title="gnutls_x509_crl_set_authority_key_id ()">gnutls_x509_crl_set_authority_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-set-number" title="gnutls_x509_crl_set_number ()">gnutls_x509_crl_set_number</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#GNUTLS-PROFILE-TO-VFLAGS:CAPS" title="GNUTLS_PROFILE_TO_VFLAGS()">GNUTLS_PROFILE_TO_VFLAGS</a><span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#GNUTLS-VFLAGS-TO-PROFILE:CAPS" title="GNUTLS_VFLAGS_TO_PROFILE()">GNUTLS_VFLAGS_TO_PROFILE</a><span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type">const <span class="returnvalue">char</span> * +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-certificate-verification-profile-get-name" title="gnutls_certificate_verification_profile_get_name ()">gnutls_certificate_verification_profile_get_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-list-verify" title="gnutls_x509_crt_list_verify ()">gnutls_x509_crt_list_verify</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-verify" title="gnutls_x509_crt_verify ()">gnutls_x509_crt_verify</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-verify" title="gnutls_x509_crl_verify ()">gnutls_x509_crl_verify</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-verify-data2" title="gnutls_x509_crt_verify_data2 ()">gnutls_x509_crt_verify_data2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-check-revocation" title="gnutls_x509_crt_check_revocation ()">gnutls_x509_crt_check_revocation</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-fingerprint" title="gnutls_x509_crt_get_fingerprint ()">gnutls_x509_crt_get_fingerprint</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-key-purpose-oid" title="gnutls_x509_crt_get_key_purpose_oid ()">gnutls_x509_crt_get_key_purpose_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-key-purpose-oid" title="gnutls_x509_crt_set_key_purpose_oid ()">gnutls_x509_crt_set_key_purpose_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-check-key-purpose" title="gnutls_x509_crt_check_key_purpose ()">gnutls_x509_crt_check_key_purpose</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#GNUTLS-PKCS-CIPHER-MASK:CAPS" title="GNUTLS_PKCS_CIPHER_MASK()">GNUTLS_PKCS_CIPHER_MASK</a><span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type">const <span class="returnvalue">char</span> * +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-pkcs-schema-get-name" title="gnutls_pkcs_schema_get_name ()">gnutls_pkcs_schema_get_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type">const <span class="returnvalue">char</span> * +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-pkcs-schema-get-oid" title="gnutls_pkcs_schema_get_oid ()">gnutls_pkcs_schema_get_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-init" title="gnutls_x509_privkey_init ()">gnutls_x509_privkey_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-deinit" title="gnutls_x509_privkey_deinit ()">gnutls_x509_privkey_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<a class="link" href="gnutls-gnutls.html#gnutls-sec-param-t" title="enum gnutls_sec_param_t"><span class="returnvalue">gnutls_sec_param_t</span></a> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-sec-param" title="gnutls_x509_privkey_sec_param ()">gnutls_x509_privkey_sec_param</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-set-pin-function" title="gnutls_x509_privkey_set_pin_function ()">gnutls_x509_privkey_set_pin_function</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-cpy" title="gnutls_x509_privkey_cpy ()">gnutls_x509_privkey_cpy</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-import" title="gnutls_x509_privkey_import ()">gnutls_x509_privkey_import</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-import-pkcs8" title="gnutls_x509_privkey_import_pkcs8 ()">gnutls_x509_privkey_import_pkcs8</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-import-openssl" title="gnutls_x509_privkey_import_openssl ()">gnutls_x509_privkey_import_openssl</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-pkcs8-info" title="gnutls_pkcs8_info ()">gnutls_pkcs8_info</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-import2" title="gnutls_x509_privkey_import2 ()">gnutls_x509_privkey_import2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-import-rsa-raw" title="gnutls_x509_privkey_import_rsa_raw ()">gnutls_x509_privkey_import_rsa_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-import-rsa-raw2" title="gnutls_x509_privkey_import_rsa_raw2 ()">gnutls_x509_privkey_import_rsa_raw2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-import-ecc-raw" title="gnutls_x509_privkey_import_ecc_raw ()">gnutls_x509_privkey_import_ecc_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-import-gost-raw" title="gnutls_x509_privkey_import_gost_raw ()">gnutls_x509_privkey_import_gost_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-fix" title="gnutls_x509_privkey_fix ()">gnutls_x509_privkey_fix</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export-dsa-raw" title="gnutls_x509_privkey_export_dsa_raw ()">gnutls_x509_privkey_export_dsa_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-import-dsa-raw" title="gnutls_x509_privkey_import_dsa_raw ()">gnutls_x509_privkey_import_dsa_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-get-pk-algorithm" title="gnutls_x509_privkey_get_pk_algorithm ()">gnutls_x509_privkey_get_pk_algorithm</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-get-pk-algorithm2" title="gnutls_x509_privkey_get_pk_algorithm2 ()">gnutls_x509_privkey_get_pk_algorithm2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-get-spki" title="gnutls_x509_privkey_get_spki ()">gnutls_x509_privkey_get_spki</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-set-spki" title="gnutls_x509_privkey_set_spki ()">gnutls_x509_privkey_set_spki</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-get-key-id" title="gnutls_x509_privkey_get_key_id ()">gnutls_x509_privkey_get_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-generate" title="gnutls_x509_privkey_generate ()">gnutls_x509_privkey_generate</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-set-flags" title="gnutls_x509_privkey_set_flags ()">gnutls_x509_privkey_set_flags</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-generate2" title="gnutls_x509_privkey_generate2 ()">gnutls_x509_privkey_generate2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-verify-seed" title="gnutls_x509_privkey_verify_seed ()">gnutls_x509_privkey_verify_seed</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-get-seed" title="gnutls_x509_privkey_get_seed ()">gnutls_x509_privkey_get_seed</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-verify-params" title="gnutls_x509_privkey_verify_params ()">gnutls_x509_privkey_verify_params</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export" title="gnutls_x509_privkey_export ()">gnutls_x509_privkey_export</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export2" title="gnutls_x509_privkey_export2 ()">gnutls_x509_privkey_export2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export-pkcs8" title="gnutls_x509_privkey_export_pkcs8 ()">gnutls_x509_privkey_export_pkcs8</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export2-pkcs8" title="gnutls_x509_privkey_export2_pkcs8 ()">gnutls_x509_privkey_export2_pkcs8</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export-rsa-raw2" title="gnutls_x509_privkey_export_rsa_raw2 ()">gnutls_x509_privkey_export_rsa_raw2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export-rsa-raw" title="gnutls_x509_privkey_export_rsa_raw ()">gnutls_x509_privkey_export_rsa_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export-ecc-raw" title="gnutls_x509_privkey_export_ecc_raw ()">gnutls_x509_privkey_export_ecc_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export-gost-raw" title="gnutls_x509_privkey_export_gost_raw ()">gnutls_x509_privkey_export_gost_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-privkey-sign-data" title="gnutls_x509_privkey_sign_data ()">gnutls_x509_privkey_sign_data</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-sign" title="gnutls_x509_crq_sign ()">gnutls_x509_crq_sign</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-sign2" title="gnutls_x509_crq_sign2 ()">gnutls_x509_crq_sign2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-print" title="gnutls_x509_crq_print ()">gnutls_x509_crq_print</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-verify" title="gnutls_x509_crq_verify ()">gnutls_x509_crq_verify</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-init" title="gnutls_x509_crq_init ()">gnutls_x509_crq_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-deinit" title="gnutls_x509_crq_deinit ()">gnutls_x509_crq_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-import" title="gnutls_x509_crq_import ()">gnutls_x509_crq_import</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-private-key-usage-period" title="gnutls_x509_crq_get_private_key_usage_period ()">gnutls_x509_crq_get_private_key_usage_period</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-dn" title="gnutls_x509_crq_get_dn ()">gnutls_x509_crq_get_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-dn2" title="gnutls_x509_crq_get_dn2 ()">gnutls_x509_crq_get_dn2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-dn3" title="gnutls_x509_crq_get_dn3 ()">gnutls_x509_crq_get_dn3</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-dn-oid" title="gnutls_x509_crq_get_dn_oid ()">gnutls_x509_crq_get_dn_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-dn-by-oid" title="gnutls_x509_crq_get_dn_by_oid ()">gnutls_x509_crq_get_dn_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-dn" title="gnutls_x509_crq_set_dn ()">gnutls_x509_crq_set_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-dn-by-oid" title="gnutls_x509_crq_set_dn_by_oid ()">gnutls_x509_crq_set_dn_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-version" title="gnutls_x509_crq_set_version ()">gnutls_x509_crq_set_version</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-version" title="gnutls_x509_crq_get_version ()">gnutls_x509_crq_get_version</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-key" title="gnutls_x509_crq_set_key ()">gnutls_x509_crq_set_key</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-extension-by-oid" title="gnutls_x509_crq_set_extension_by_oid ()">gnutls_x509_crq_set_extension_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-challenge-password" title="gnutls_x509_crq_set_challenge_password ()">gnutls_x509_crq_set_challenge_password</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-challenge-password" title="gnutls_x509_crq_get_challenge_password ()">gnutls_x509_crq_get_challenge_password</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-attribute-by-oid" title="gnutls_x509_crq_set_attribute_by_oid ()">gnutls_x509_crq_set_attribute_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-attribute-by-oid" title="gnutls_x509_crq_get_attribute_by_oid ()">gnutls_x509_crq_get_attribute_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-export" title="gnutls_x509_crq_export ()">gnutls_x509_crq_export</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-export2" title="gnutls_x509_crq_export2 ()">gnutls_x509_crq_export2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-crq" title="gnutls_x509_crt_set_crq ()">gnutls_x509_crt_set_crq</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-crq-extensions" title="gnutls_x509_crt_set_crq_extensions ()">gnutls_x509_crt_set_crq_extensions</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-crq-extension-by-oid" title="gnutls_x509_crt_set_crq_extension_by_oid ()">gnutls_x509_crt_set_crq_extension_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-private-key-usage-period" title="gnutls_x509_crq_set_private_key_usage_period ()">gnutls_x509_crq_set_private_key_usage_period</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-key-rsa-raw" title="gnutls_x509_crq_set_key_rsa_raw ()">gnutls_x509_crq_set_key_rsa_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-subject-alt-name" title="gnutls_x509_crq_set_subject_alt_name ()">gnutls_x509_crq_set_subject_alt_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-subject-alt-othername" title="gnutls_x509_crq_set_subject_alt_othername ()">gnutls_x509_crq_set_subject_alt_othername</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-key-usage" title="gnutls_x509_crq_set_key_usage ()">gnutls_x509_crq_set_key_usage</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-basic-constraints" title="gnutls_x509_crq_set_basic_constraints ()">gnutls_x509_crq_set_basic_constraints</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-key-purpose-oid" title="gnutls_x509_crq_set_key_purpose_oid ()">gnutls_x509_crq_set_key_purpose_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-key-purpose-oid" title="gnutls_x509_crq_get_key_purpose_oid ()">gnutls_x509_crq_get_key_purpose_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-extension-data" title="gnutls_x509_crq_get_extension_data ()">gnutls_x509_crq_get_extension_data</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-extension-data2" title="gnutls_x509_crq_get_extension_data2 ()">gnutls_x509_crq_get_extension_data2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-extension-info" title="gnutls_x509_crq_get_extension_info ()">gnutls_x509_crq_get_extension_info</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-attribute-data" title="gnutls_x509_crq_get_attribute_data ()">gnutls_x509_crq_get_attribute_data</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-attribute-info" title="gnutls_x509_crq_get_attribute_info ()">gnutls_x509_crq_get_attribute_info</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-pk-algorithm" title="gnutls_x509_crq_get_pk_algorithm ()">gnutls_x509_crq_get_pk_algorithm</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-spki" title="gnutls_x509_crq_get_spki ()">gnutls_x509_crq_get_spki</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-spki" title="gnutls_x509_crq_set_spki ()">gnutls_x509_crq_set_spki</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-signature-oid" title="gnutls_x509_crq_get_signature_oid ()">gnutls_x509_crq_get_signature_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-pk-oid" title="gnutls_x509_crq_get_pk_oid ()">gnutls_x509_crq_get_pk_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-key-id" title="gnutls_x509_crq_get_key_id ()">gnutls_x509_crq_get_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-key-rsa-raw" title="gnutls_x509_crq_get_key_rsa_raw ()">gnutls_x509_crq_get_key_rsa_raw</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-key-usage" title="gnutls_x509_crq_get_key_usage ()">gnutls_x509_crq_get_key_usage</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-basic-constraints" title="gnutls_x509_crq_get_basic_constraints ()">gnutls_x509_crq_get_basic_constraints</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-subject-alt-name" title="gnutls_x509_crq_get_subject_alt_name ()">gnutls_x509_crq_get_subject_alt_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-subject-alt-othername-oid" title="gnutls_x509_crq_get_subject_alt_othername_oid ()">gnutls_x509_crq_get_subject_alt_othername_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-extension-by-oid" title="gnutls_x509_crq_get_extension_by_oid ()">gnutls_x509_crq_get_extension_by_oid</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-tlsfeatures" title="gnutls_x509_crq_get_tlsfeatures ()">gnutls_x509_crq_get_tlsfeatures</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-tlsfeatures" title="gnutls_x509_crq_set_tlsfeatures ()">gnutls_x509_crq_set_tlsfeatures</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-extension-by-oid2" title="gnutls_x509_crt_get_extension_by_oid2 ()">gnutls_x509_crt_get_extension_by_oid2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-init" title="gnutls_x509_trust_list_init ()">gnutls_x509_trust_list_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-deinit" title="gnutls_x509_trust_list_deinit ()">gnutls_x509_trust_list_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-get-issuer" title="gnutls_x509_trust_list_get_issuer ()">gnutls_x509_trust_list_get_issuer</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-get-issuer-by-dn" title="gnutls_x509_trust_list_get_issuer_by_dn ()">gnutls_x509_trust_list_get_issuer_by_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-get-issuer-by-subject-key-id" title="gnutls_x509_trust_list_get_issuer_by_subject_key_id ()">gnutls_x509_trust_list_get_issuer_by_subject_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-cas" title="gnutls_x509_trust_list_add_cas ()">gnutls_x509_trust_list_add_cas</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-remove-cas" title="gnutls_x509_trust_list_remove_cas ()">gnutls_x509_trust_list_remove_cas</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-named-crt" title="gnutls_x509_trust_list_add_named_crt ()">gnutls_x509_trust_list_add_named_crt</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-crls" title="gnutls_x509_trust_list_add_crls ()">gnutls_x509_trust_list_add_crls</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-iter-get-ca" title="gnutls_x509_trust_list_iter_get_ca ()">gnutls_x509_trust_list_iter_get_ca</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-iter-deinit" title="gnutls_x509_trust_list_iter_deinit ()">gnutls_x509_trust_list_iter_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-session-set-verify-output-function" title="gnutls_session_set_verify_output_function ()">gnutls_session_set_verify_output_function</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-named-crt" title="gnutls_x509_trust_list_verify_named_crt ()">gnutls_x509_trust_list_verify_named_crt</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-crt2" title="gnutls_x509_trust_list_verify_crt2 ()">gnutls_x509_trust_list_verify_crt2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-crt" title="gnutls_x509_trust_list_verify_crt ()">gnutls_x509_trust_list_verify_crt</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-trust-mem" title="gnutls_x509_trust_list_add_trust_mem ()">gnutls_x509_trust_list_add_trust_mem</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-trust-file" title="gnutls_x509_trust_list_add_trust_file ()">gnutls_x509_trust_list_add_trust_file</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-trust-dir" title="gnutls_x509_trust_list_add_trust_dir ()">gnutls_x509_trust_list_add_trust_dir</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-remove-trust-file" title="gnutls_x509_trust_list_remove_trust_file ()">gnutls_x509_trust_list_remove_trust_file</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-remove-trust-mem" title="gnutls_x509_trust_list_remove_trust_mem ()">gnutls_x509_trust_list_remove_trust_mem</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-system-trust" title="gnutls_x509_trust_list_add_system_trust ()">gnutls_x509_trust_list_add_system_trust</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-set-getissuer-function" title="gnutls_x509_trust_list_set_getissuer_function ()">gnutls_x509_trust_list_set_getissuer_function</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-set-ptr" title="gnutls_x509_trust_list_set_ptr ()">gnutls_x509_trust_list_set_ptr</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> * +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-get-ptr" title="gnutls_x509_trust_list_get_ptr ()">gnutls_x509_trust_list_get_ptr</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-certificate-set-trust-list" title="gnutls_certificate_set_trust_list ()">gnutls_certificate_set_trust_list</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-certificate-get-trust-list" title="gnutls_certificate_get_trust_list ()">gnutls_certificate_get_trust_list</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-ext-deinit" title="gnutls_x509_ext_deinit ()">gnutls_x509_ext_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-x509.html#gnutls-x509-ext-print" title="gnutls_x509_ext_print ()">gnutls_x509_ext_print</a> <span class="c_punctuation">()</span> +</td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect1"> +<a name="gnutls-x509.other"></a><h2>Types and Values</h2> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="other_proto_type"> +<col class="other_proto_name"> +</colgroup> +<tbody> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-COUNTRY-NAME:CAPS" title="GNUTLS_OID_X520_COUNTRY_NAME">GNUTLS_OID_X520_COUNTRY_NAME</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-ORGANIZATION-NAME:CAPS" title="GNUTLS_OID_X520_ORGANIZATION_NAME">GNUTLS_OID_X520_ORGANIZATION_NAME</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-ORGANIZATIONAL-UNIT-NAME:CAPS" title="GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME">GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-COMMON-NAME:CAPS" title="GNUTLS_OID_X520_COMMON_NAME">GNUTLS_OID_X520_COMMON_NAME</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-LOCALITY-NAME:CAPS" title="GNUTLS_OID_X520_LOCALITY_NAME">GNUTLS_OID_X520_LOCALITY_NAME</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-STATE-OR-PROVINCE-NAME:CAPS" title="GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME">GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-INITIALS:CAPS" title="GNUTLS_OID_X520_INITIALS">GNUTLS_OID_X520_INITIALS</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-GENERATION-QUALIFIER:CAPS" title="GNUTLS_OID_X520_GENERATION_QUALIFIER">GNUTLS_OID_X520_GENERATION_QUALIFIER</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-SURNAME:CAPS" title="GNUTLS_OID_X520_SURNAME">GNUTLS_OID_X520_SURNAME</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-GIVEN-NAME:CAPS" title="GNUTLS_OID_X520_GIVEN_NAME">GNUTLS_OID_X520_GIVEN_NAME</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-TITLE:CAPS" title="GNUTLS_OID_X520_TITLE">GNUTLS_OID_X520_TITLE</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-DN-QUALIFIER:CAPS" title="GNUTLS_OID_X520_DN_QUALIFIER">GNUTLS_OID_X520_DN_QUALIFIER</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-PSEUDONYM:CAPS" title="GNUTLS_OID_X520_PSEUDONYM">GNUTLS_OID_X520_PSEUDONYM</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-POSTALCODE:CAPS" title="GNUTLS_OID_X520_POSTALCODE">GNUTLS_OID_X520_POSTALCODE</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-X520-NAME:CAPS" title="GNUTLS_OID_X520_NAME">GNUTLS_OID_X520_NAME</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-LDAP-DC:CAPS" title="GNUTLS_OID_LDAP_DC">GNUTLS_OID_LDAP_DC</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-LDAP-UID:CAPS" title="GNUTLS_OID_LDAP_UID">GNUTLS_OID_LDAP_UID</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-PKCS9-EMAIL:CAPS" title="GNUTLS_OID_PKCS9_EMAIL">GNUTLS_OID_PKCS9_EMAIL</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-PKIX-DATE-OF-BIRTH:CAPS" title="GNUTLS_OID_PKIX_DATE_OF_BIRTH">GNUTLS_OID_PKIX_DATE_OF_BIRTH</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-PKIX-PLACE-OF-BIRTH:CAPS" title="GNUTLS_OID_PKIX_PLACE_OF_BIRTH">GNUTLS_OID_PKIX_PLACE_OF_BIRTH</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-PKIX-GENDER:CAPS" title="GNUTLS_OID_PKIX_GENDER">GNUTLS_OID_PKIX_GENDER</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-PKIX-COUNTRY-OF-CITIZENSHIP:CAPS" title="GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP">GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-PKIX-COUNTRY-OF-RESIDENCE:CAPS" title="GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE">GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-KP-TLS-WWW-SERVER:CAPS" title="GNUTLS_KP_TLS_WWW_SERVER">GNUTLS_KP_TLS_WWW_SERVER</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-KP-TLS-WWW-CLIENT:CAPS" title="GNUTLS_KP_TLS_WWW_CLIENT">GNUTLS_KP_TLS_WWW_CLIENT</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-KP-CODE-SIGNING:CAPS" title="GNUTLS_KP_CODE_SIGNING">GNUTLS_KP_CODE_SIGNING</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-KP-MS-SMART-CARD-LOGON:CAPS" title="GNUTLS_KP_MS_SMART_CARD_LOGON">GNUTLS_KP_MS_SMART_CARD_LOGON</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-KP-EMAIL-PROTECTION:CAPS" title="GNUTLS_KP_EMAIL_PROTECTION">GNUTLS_KP_EMAIL_PROTECTION</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-KP-TIME-STAMPING:CAPS" title="GNUTLS_KP_TIME_STAMPING">GNUTLS_KP_TIME_STAMPING</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-KP-OCSP-SIGNING:CAPS" title="GNUTLS_KP_OCSP_SIGNING">GNUTLS_KP_OCSP_SIGNING</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-KP-IPSEC-IKE:CAPS" title="GNUTLS_KP_IPSEC_IKE">GNUTLS_KP_IPSEC_IKE</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-KP-ANY:CAPS" title="GNUTLS_KP_ANY">GNUTLS_KP_ANY</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-KP-FLAG-DISALLOW-ANY:CAPS" title="GNUTLS_KP_FLAG_DISALLOW_ANY">GNUTLS_KP_FLAG_DISALLOW_ANY</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-AIA:CAPS" title="GNUTLS_OID_AIA">GNUTLS_OID_AIA</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-AD-OCSP:CAPS" title="GNUTLS_OID_AD_OCSP">GNUTLS_OID_AD_OCSP</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-OID-AD-CAISSUERS:CAPS" title="GNUTLS_OID_AD_CAISSUERS">GNUTLS_OID_AD_CAISSUERS</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-FSAN-SET:CAPS" title="GNUTLS_FSAN_SET">GNUTLS_FSAN_SET</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-FSAN-APPEND:CAPS" title="GNUTLS_FSAN_APPEND">GNUTLS_FSAN_APPEND</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-FSAN-ENCODE-OCTET-STRING:CAPS" title="GNUTLS_FSAN_ENCODE_OCTET_STRING">GNUTLS_FSAN_ENCODE_OCTET_STRING</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-FSAN-ENCODE-UTF8-STRING:CAPS" title="GNUTLS_FSAN_ENCODE_UTF8_STRING">GNUTLS_FSAN_ENCODE_UTF8_STRING</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-SUBJECT-KEY-ID:CAPS" title="GNUTLS_X509EXT_OID_SUBJECT_KEY_ID">GNUTLS_X509EXT_OID_SUBJECT_KEY_ID</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-KEY-USAGE:CAPS" title="GNUTLS_X509EXT_OID_KEY_USAGE">GNUTLS_X509EXT_OID_KEY_USAGE</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-PRIVATE-KEY-USAGE-PERIOD:CAPS" title="GNUTLS_X509EXT_OID_PRIVATE_KEY_USAGE_PERIOD">GNUTLS_X509EXT_OID_PRIVATE_KEY_USAGE_PERIOD</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-SAN:CAPS" title="GNUTLS_X509EXT_OID_SAN">GNUTLS_X509EXT_OID_SAN</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-IAN:CAPS" title="GNUTLS_X509EXT_OID_IAN">GNUTLS_X509EXT_OID_IAN</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-BASIC-CONSTRAINTS:CAPS" title="GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS">GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-NAME-CONSTRAINTS:CAPS" title="GNUTLS_X509EXT_OID_NAME_CONSTRAINTS">GNUTLS_X509EXT_OID_NAME_CONSTRAINTS</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-CRL-DIST-POINTS:CAPS" title="GNUTLS_X509EXT_OID_CRL_DIST_POINTS">GNUTLS_X509EXT_OID_CRL_DIST_POINTS</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-CRT-POLICY:CAPS" title="GNUTLS_X509EXT_OID_CRT_POLICY">GNUTLS_X509EXT_OID_CRT_POLICY</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-AUTHORITY-KEY-ID:CAPS" title="GNUTLS_X509EXT_OID_AUTHORITY_KEY_ID">GNUTLS_X509EXT_OID_AUTHORITY_KEY_ID</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-EXTENDED-KEY-USAGE:CAPS" title="GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE">GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-INHIBIT-ANYPOLICY:CAPS" title="GNUTLS_X509EXT_OID_INHIBIT_ANYPOLICY">GNUTLS_X509EXT_OID_INHIBIT_ANYPOLICY</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-AUTHORITY-INFO-ACCESS:CAPS" title="GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS">GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-PROXY-CRT-INFO:CAPS" title="GNUTLS_X509EXT_OID_PROXY_CRT_INFO">GNUTLS_X509EXT_OID_PROXY_CRT_INFO</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-TLSFEATURES:CAPS" title="GNUTLS_X509EXT_OID_TLSFEATURES">GNUTLS_X509EXT_OID_TLSFEATURES</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509EXT-OID-CT-SCT-V1:CAPS" title="GNUTLS_X509EXT_OID_CT_SCT_V1">GNUTLS_X509EXT_OID_CT_SCT_V1</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509-OID-POLICY-ANY:CAPS" title="GNUTLS_X509_OID_POLICY_ANY">GNUTLS_X509_OID_POLICY_ANY</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-certificate-import-flags" title="enum gnutls_certificate_import_flags">gnutls_certificate_import_flags</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-crt-flags" title="enum gnutls_x509_crt_flags">gnutls_x509_crt_flags</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-keyid-flags-t" title="enum gnutls_keyid_flags_t">gnutls_keyid_flags_t</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-info-access-what-t" title="enum gnutls_info_access_what_t">gnutls_info_access_what_t</a></td> +</tr> +<tr> +<td class="typedef_keyword">typedef</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t">gnutls_x509_name_constraints_t</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-EXT-FLAG-APPEND:CAPS" title="GNUTLS_EXT_FLAG_APPEND">GNUTLS_EXT_FLAG_APPEND</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-NAME-CONSTRAINTS-FLAG-APPEND:CAPS" title="GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND">GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-CRL-REASON-SUPERSEEDED:CAPS" title="GNUTLS_CRL_REASON_SUPERSEEDED">GNUTLS_CRL_REASON_SUPERSEEDED</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-crl-reason-flags-t" title="enum gnutls_x509_crl_reason_flags_t">gnutls_x509_crl_reason_flags_t</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509-NO-WELL-DEFINED-EXPIRATION:CAPS" title="GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION">GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION</a></td> +</tr> +<tr> +<td class="typedef_keyword">typedef</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t">gnutls_x509_spki_t</a></td> +</tr> +<tr> +<td class="typedef_keyword">typedef</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-t" title="gnutls_x509_tlsfeatures_t">gnutls_x509_tlsfeatures_t</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-MAX-QUALIFIERS:CAPS" title="GNUTLS_MAX_QUALIFIERS">GNUTLS_MAX_QUALIFIERS</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-qualifier-t" title="enum gnutls_x509_qualifier_t">gnutls_x509_qualifier_t</a></td> +</tr> +<tr> +<td class="datatype_keyword"> </td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-policy-st" title="gnutls_x509_policy_st">gnutls_x509_policy_st</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-OID-RETURN-OID:CAPS" title="GNUTLS_X509_DN_OID_RETURN_OID">GNUTLS_X509_DN_OID_RETURN_OID</a></td> +</tr> +<tr> +<td class="typedef_keyword">typedef</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t">gnutls_x509_dn_t</a></td> +</tr> +<tr> +<td class="datatype_keyword"> </td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-ava-st" title="gnutls_x509_ava_st">gnutls_x509_ava_st</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT">GNUTLS_X509_DN_FLAG_COMPAT</a></td> +</tr> +<tr> +<td class="typedef_keyword">typedef</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-crl-iter-t" title="gnutls_x509_crl_iter_t">gnutls_x509_crl_iter_t</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-certificate-count" title="gnutls_x509_crl_get_certificate_count">gnutls_x509_crl_get_certificate_count</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-certificate" title="gnutls_x509_crl_get_certificate">gnutls_x509_crl_get_certificate</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-certificate-verify-flags" title="enum gnutls_certificate_verify_flags">gnutls_certificate_verify_flags</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-VERIFY-ALLOW-BROKEN:CAPS" title="GNUTLS_VERIFY_ALLOW_BROKEN">GNUTLS_VERIFY_ALLOW_BROKEN</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-certificate-verification-profiles-t" title="enum gnutls_certificate_verification_profiles_t">gnutls_certificate_verification_profiles_t</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-VFLAGS-PROFILE-MASK:CAPS" title="GNUTLS_VFLAGS_PROFILE_MASK">GNUTLS_VFLAGS_PROFILE_MASK</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS8-PLAIN:CAPS" title="GNUTLS_PKCS8_PLAIN">GNUTLS_PKCS8_PLAIN</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS8-USE-PKCS12-3DES:CAPS" title="GNUTLS_PKCS8_USE_PKCS12_3DES">GNUTLS_PKCS8_USE_PKCS12_3DES</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS8-USE-PKCS12-ARCFOUR:CAPS" title="GNUTLS_PKCS8_USE_PKCS12_ARCFOUR">GNUTLS_PKCS8_USE_PKCS12_ARCFOUR</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS8-USE-PKCS12-RC2-40:CAPS" title="GNUTLS_PKCS8_USE_PKCS12_RC2_40">GNUTLS_PKCS8_USE_PKCS12_RC2_40</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-pkcs-encrypt-flags-t" title="enum gnutls_pkcs_encrypt_flags_t">gnutls_pkcs_encrypt_flags_t</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PKCS12-3DES:CAPS" title="GNUTLS_PKCS_USE_PKCS12_3DES">GNUTLS_PKCS_USE_PKCS12_3DES</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PKCS12-ARCFOUR:CAPS" title="GNUTLS_PKCS_USE_PKCS12_ARCFOUR">GNUTLS_PKCS_USE_PKCS12_ARCFOUR</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PKCS12-RC2-40:CAPS" title="GNUTLS_PKCS_USE_PKCS12_RC2_40">GNUTLS_PKCS_USE_PKCS12_RC2_40</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PBES2-3DES:CAPS" title="GNUTLS_PKCS_USE_PBES2_3DES">GNUTLS_PKCS_USE_PBES2_3DES</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PBES2-AES-128:CAPS" title="GNUTLS_PKCS_USE_PBES2_AES_128">GNUTLS_PKCS_USE_PBES2_AES_128</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PBES2-AES-192:CAPS" title="GNUTLS_PKCS_USE_PBES2_AES_192">GNUTLS_PKCS_USE_PBES2_AES_192</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PBES2-AES-256:CAPS" title="GNUTLS_PKCS_USE_PBES2_AES_256">GNUTLS_PKCS_USE_PBES2_AES_256</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PBES2-GOST-TC26Z:CAPS" title="GNUTLS_PKCS_USE_PBES2_GOST_TC26Z">GNUTLS_PKCS_USE_PBES2_GOST_TC26Z</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PBES2-GOST-CPA:CAPS" title="GNUTLS_PKCS_USE_PBES2_GOST_CPA">GNUTLS_PKCS_USE_PBES2_GOST_CPA</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PBES2-GOST-CPB:CAPS" title="GNUTLS_PKCS_USE_PBES2_GOST_CPB">GNUTLS_PKCS_USE_PBES2_GOST_CPB</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PBES2-GOST-CPC:CAPS" title="GNUTLS_PKCS_USE_PBES2_GOST_CPC">GNUTLS_PKCS_USE_PBES2_GOST_CPC</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#GNUTLS-PKCS-USE-PBES2-GOST-CPD:CAPS" title="GNUTLS_PKCS_USE_PBES2_GOST_CPD">GNUTLS_PKCS_USE_PBES2_GOST_CPD</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-keygen-types-t" title="enum gnutls_keygen_types_t">gnutls_keygen_types_t</a></td> +</tr> +<tr> +<td class="datatype_keyword"> </td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-keygen-data-st" title="gnutls_keygen_data_st">gnutls_keygen_data_st</a></td> +</tr> +<tr> +<td class="typedef_keyword">typedef</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t">gnutls_x509_trust_list_t</a></td> +</tr> +<tr> +<td class="typedef_keyword">typedef</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-iter-t" title="gnutls_x509_trust_list_iter_t">gnutls_x509_trust_list_iter_t</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-trust-list-flags-t" title="enum gnutls_trust_list_flags_t">gnutls_trust_list_flags_t</a></td> +</tr> +<tr> +<td class="datatype_keyword"> </td> +<td class="function_name"><a class="link" href="gnutls-x509.html#gnutls-x509-ext-st" title="gnutls_x509_ext_st">gnutls_x509_ext_st</a></td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect1"> +<a name="gnutls-x509.description"></a><h2>Description</h2> +</div> +<div class="refsect1"> +<a name="gnutls-x509.functions_details"></a><h2>Functions</h2> +<div class="refsect2"> +<a name="gnutls-x509-crt-init"></a><h3>gnutls_x509_crt_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_init (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *cert</code></em>);</pre> +<p>This function will initialize an X.509 certificate structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>A pointer to the type to be initialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-deinit"></a><h3>gnutls_x509_crt_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_crt_deinit (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>);</pre> +<p>This function will deinitialize a certificate structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>The data to be deinitialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-flags"></a><h3>gnutls_x509_crt_set_flags ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_crt_set_flags (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function will set flags for the specified certificate. +Currently this is useful for the <a class="link" href="gnutls-x509.html#GNUTLS-X509-CRT-FLAG-IGNORE-SANITY:CAPS"><code class="literal">GNUTLS_X509_CRT_FLAG_IGNORE_SANITY</code></a> +which allows importing certificates even if they have known issues.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-flags.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>A type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>flags from the <a class="link" href="gnutls-x509.html#gnutls-x509-crt-flags" title="enum gnutls_x509_crt_flags"><code class="literal">gnutls_x509_crt_flags</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-equals"></a><h3>gnutls_x509_crt_equals ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_crt_equals (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert1</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert2</code></em>);</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-equals2"></a><h3>gnutls_x509_crt_equals2 ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_crt_equals2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert1</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *der</code></em>);</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-import"></a><h3>gnutls_x509_crt_import ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_import (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>);</pre> +<p>This function will convert the given DER or PEM encoded Certificate +to the native gnutls_x509_crt_t format. The output will be stored +in <em class="parameter"><code>cert</code></em> +.</p> +<p>If the Certificate is PEM encoded it should have a header of "X509 +CERTIFICATE", or "CERTIFICATE".</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-import.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>The data to store the parsed certificate.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The DER or PEM encoded certificate.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>One of DER or PEM</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-import.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-list-import2"></a><h3>gnutls_x509_crt_list_import2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_list_import2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> **certs</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *size</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will convert the given PEM encoded certificate list +to the native gnutls_x509_crt_t format. The output will be stored +in <em class="parameter"><code>certs</code></em> + which will be allocated and initialized.</p> +<p>If the Certificate is PEM encoded it should have a header of "X509 +CERTIFICATE", or "CERTIFICATE".</p> +<p>To deinitialize <em class="parameter"><code>certs</code></em> +, you need to deinitialize each crt structure +independently, and use <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a> at <em class="parameter"><code>certs</code></em> +.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-list-import2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>certs</p></td> +<td class="parameter_description"><p>Will hold the parsed certificate list.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>size</p></td> +<td class="parameter_description"><p>It will contain the size of the list.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The PEM encoded certificate.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>One of DER or PEM.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be (0) or an OR'd sequence of gnutls_certificate_import_flags.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-list-import2.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise a negative error code.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-list-import"></a><h3>gnutls_x509_crt_list_import ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_list_import (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *certs</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *cert_max</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will convert the given PEM encoded certificate list +to the native gnutls_x509_crt_t format. The output will be stored +in <em class="parameter"><code>certs</code></em> +. They will be automatically initialized.</p> +<p>The flag <a class="link" href="gnutls-x509.html#GNUTLS-X509-CRT-LIST-IMPORT-FAIL-IF-EXCEED:CAPS"><code class="literal">GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED</code></a> will cause +import to fail if the certificates in the provided buffer are more +than the available structures. The <a class="link" href="gnutls-x509.html#GNUTLS-X509-CRT-LIST-FAIL-IF-UNSORTED:CAPS"><code class="literal">GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED</code></a> +flag will cause the function to fail if the provided list is not +sorted from subject to issuer.</p> +<p>If the Certificate is PEM encoded it should have a header of "X509 +CERTIFICATE", or "CERTIFICATE".</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-list-import.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>certs</p></td> +<td class="parameter_description"><p>Indicates where the parsed list will be copied to. Must not be initialized.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert_max</p></td> +<td class="parameter_description"><p>Initially must hold the maximum number of certs. It will be updated with the number of certs available.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The PEM encoded certificate.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>One of DER or PEM.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be (0) or an OR'd sequence of gnutls_certificate_import_flags.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-list-import.returns"></a><h4>Returns</h4> +<p> the number of certificates read or a negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-import-url"></a><h3>gnutls_x509_crt_import_url ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_import_url (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will import a certificate present in a PKCS<span class="type">11</span> token +or any type of back-end that supports URLs.</p> +<p>In previous versions of gnutls this function was named +gnutls_x509_crt_import_pkcs11_url, and the old name is +an alias to this one.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-import-url.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>A certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>A PKCS 11 url</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>One of GNUTLS_PKCS11_OBJ_* flags for PKCS<span class="type">11</span> URLs or zero otherwise</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-import-url.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-list-import-url"></a><h3>gnutls_x509_crt_list_import_url ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_list_import_url (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> **certs</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *size</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pin-callback-t" title="gnutls_pin_callback_t ()"><span class="type">gnutls_pin_callback_t</span></a> pin_fn</code></em>, + <em class="parameter"><code><span class="type">void</span> *pin_fn_userdata</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will import a certificate chain present in a PKCS<span class="type">11</span> token +or any type of back-end that supports URLs. The certificates +must be deinitialized afterwards using <a class="link" href="gnutls-x509.html#gnutls-x509-crt-deinit" title="gnutls_x509_crt_deinit ()"><code class="function">gnutls_x509_crt_deinit()</code></a> +and the returned pointer must be freed using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<p>The URI provided must be the first certificate in the chain; subsequent +certificates will be retrieved using <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-get-raw-issuer" title="gnutls_pkcs11_get_raw_issuer ()"><code class="function">gnutls_pkcs11_get_raw_issuer()</code></a> or +equivalent functionality for the supported URI.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-list-import-url.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>certs</p></td> +<td class="parameter_description"><p>Will hold the allocated certificate list.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>size</p></td> +<td class="parameter_description"><p>It will contain the size of the list.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>A PKCS 11 url</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pin_fn</p></td> +<td class="parameter_description"><p>a PIN callback if not globally set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pin_fn_userdata</p></td> +<td class="parameter_description"><p>parameter for the PIN callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>One of GNUTLS_PKCS11_OBJ_* flags for PKCS<span class="type">11</span> URLs or zero otherwise</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-list-import-url.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.6.3</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-export"></a><h3>gnutls_x509_crt_export ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_export (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code><span class="type">void</span> *output_data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre> +<p>This function will export the certificate to DER or PEM format.</p> +<p>If the buffer provided is not long enough to hold the output, then +*output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will +be returned.</p> +<p>If the structure is PEM encoded, it will have a header +of "BEGIN CERTIFICATE".</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-export.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data</p></td> +<td class="parameter_description"><p>will contain a certificate PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data_size</p></td> +<td class="parameter_description"><p>holds the size of output_data (and will be +replaced by the actual size of parameters)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-export.returns"></a><h4>Returns</h4> +<p> In case of failure a negative error code will be +returned, and 0 on success.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-export2"></a><h3>gnutls_x509_crt_export2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_export2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will export the certificate to DER or PEM format. +The output buffer is allocated using <code class="function">gnutls_malloc()</code>.</p> +<p>If the structure is PEM encoded, it will have a header +of "BEGIN CERTIFICATE".</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-export2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>will contain a certificate PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-export2.returns"></a><h4>Returns</h4> +<p> In case of failure a negative error code will be +returned, and 0 on success.</p> +</div> +<p class="since">Since: 3.1.3</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-private-key-usage-period"></a><h3>gnutls_x509_crt_get_private_key_usage_period ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_private_key_usage_period + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">time_t</span> *activation</code></em>, + <em class="parameter"><code><span class="type">time_t</span> *expiration</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the expiration and activation +times of the private key of the certificate. It relies on +the PKIX extension 2.5.29.16 being present.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-private-key-usage-period.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>activation</p></td> +<td class="parameter_description"><p>The activation time</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>expiration</p></td> +<td class="parameter_description"><p>The expiration time</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>the extension status</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-private-key-usage-period.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +if the extension is not present, otherwise a negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-issuer-dn"></a><h3>gnutls_x509_crt_get_issuer_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_issuer_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">char</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *buf_size</code></em>);</pre> +<p>This function will copy the name of the Certificate issuer in the +provided buffer. The name will be in the form +"C=xxxx,O=yyyy,CN=zzzz" as described in RFC4514. The output string +will be ASCII or UTF-8 encoded, depending on the certificate data.</p> +<p>If <em class="parameter"><code>buf</code></em> + is null then only the size will be filled.</p> +<p>This function does not output a fully RFC4514 compliant string, if +that is required see <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-dn3" title="gnutls_x509_crt_get_issuer_dn3 ()"><code class="function">gnutls_x509_crt_get_issuer_dn3()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-dn.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is not +long enough, and in that case the <em class="parameter"><code>buf_size</code></em> +will be updated +with the required size. <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> if +the DN does not exist, or another error value on error. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-issuer-dn2"></a><h3>gnutls_x509_crt_get_issuer_dn2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_issuer_dn2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>);</pre> +<p>This function will allocate buffer and copy the name of issuer of the Certificate. +The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>This function does not output a fully RFC4514 compliant string, if +that is required see <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-dn3" title="gnutls_x509_crt_get_issuer_dn3 ()"><code class="function">gnutls_x509_crt_get_issuer_dn3()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-dn2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name; must be freed using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-dn2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.1.10</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-issuer-dn3"></a><h3>gnutls_x509_crt_get_issuer_dn3 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_issuer_dn3 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function will allocate buffer and copy the name of issuer of the Certificate. +The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>When the flag <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a> is specified, the output +format will match the format output by previous to 3.5.6 versions of GnuTLS +which was not not fully RFC4514-compliant.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-dn3.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name; must be freed using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-dn3.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.5.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-issuer-dn-oid"></a><h3>gnutls_x509_crt_get_issuer_dn_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_issuer_dn_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>);</pre> +<p>This function will extract the OIDs of the name of the Certificate +issuer specified by the given index.</p> +<p>If <em class="parameter"><code>oid</code></em> + is null then only the size will be filled. The <em class="parameter"><code>oid</code></em> + +returned will be null terminated, although <em class="parameter"><code>oid_size</code></em> + will not +account for the trailing null.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-dn-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>This specifies which OID to return. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a buffer to hold the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-dn-oid.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is not +long enough, and in that case the <em class="parameter"><code>buf_size</code></em> +will be updated with +the required size. <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> if there +are no data in the current index. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-issuer-dn-by-oid"></a><h3>gnutls_x509_crt_get_issuer_dn_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_issuer_dn_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> raw_flag</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *buf_size</code></em>);</pre> +<p>This function will extract the part of the name of the Certificate +issuer specified by the given OID. The output, if the raw flag is not +used, will be encoded as described in RFC4514. Thus a string that is +ASCII or UTF-8 encoded, depending on the certificate data.</p> +<p>Some helper macros with popular OIDs can be found in gnutls/x509.h +If raw flag is (0), this function will only return known OIDs as +text. Other OIDs will be DER encoded, as described in RFC4514 -- +in hex format with a '#' prefix. You can check about known OIDs +using <a class="link" href="gnutls-x509.html#gnutls-x509-dn-oid-known" title="gnutls_x509_dn_oid_known ()"><code class="function">gnutls_x509_dn_oid_known()</code></a>.</p> +<p>If <em class="parameter"><code>buf</code></em> + is null then only the size will be filled. If the <em class="parameter"><code>raw_flag</code></em> + +is not specified the output is always null terminated, although the +<em class="parameter"><code>buf_size</code></em> + will not include the null character.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-dn-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identified in null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>In case multiple same OIDs exist in the RDN, this specifies which to send. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>raw_flag</p></td> +<td class="parameter_description"><p>If non-zero returns the raw DER data of the DN part.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-dn-by-oid.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is not +long enough, and in that case the <em class="parameter"><code>buf_size</code></em> +will be updated with +the required size. <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> if there +are no data in the current index. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-dn"></a><h3>gnutls_x509_crt_get_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">char</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *buf_size</code></em>);</pre> +<p>This function will copy the name of the Certificate in the provided +buffer. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>The <em class="parameter"><code>buf</code></em> + returned will be null terminated and the <em class="parameter"><code>buf_size</code></em> + will account +for the trailing null. If <em class="parameter"><code>buf</code></em> + is null then only the size will be filled.</p> +<p>This function does not output a fully RFC4514 compliant string, if +that is required see <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-dn3" title="gnutls_x509_crt_get_dn3 ()"><code class="function">gnutls_x509_crt_get_dn3()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-dn.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is not +long enough, and in that case the <em class="parameter"><code>buf_size</code></em> +will be updated +with the required size. <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> if +the DN does not exist, or another error value on error. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-dn2"></a><h3>gnutls_x509_crt_get_dn2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_dn2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>);</pre> +<p>This function will allocate buffer and copy the name of the Certificate. +The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>This function does not output a fully RFC4514 compliant string, if +that is required see <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-dn3" title="gnutls_x509_crt_get_dn3 ()"><code class="function">gnutls_x509_crt_get_dn3()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-dn2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name; must be freed using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-dn2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.1.10</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-dn3"></a><h3>gnutls_x509_crt_get_dn3 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_dn3 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function will allocate buffer and copy the name of the Certificate. +The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>When the flag <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a> is specified, the output +format will match the format output by previous to 3.5.6 versions of GnuTLS +which was not not fully RFC4514-compliant.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-dn3.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name; must be freed using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-dn3.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.5.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-dn-oid"></a><h3>gnutls_x509_crt_get_dn_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_dn_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>);</pre> +<p>This function will extract the OIDs of the name of the Certificate +subject specified by the given index.</p> +<p>If <em class="parameter"><code>oid</code></em> + is null then only the size will be filled. The <em class="parameter"><code>oid</code></em> + +returned will be null terminated, although <em class="parameter"><code>oid_size</code></em> + will not +account for the trailing null.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-dn-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>This specifies which OID to return. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a buffer to hold the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-dn-oid.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is not +long enough, and in that case the <em class="parameter"><code>buf_size</code></em> +will be updated with +the required size. <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> if there +are no data in the current index. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-dn-by-oid"></a><h3>gnutls_x509_crt_get_dn_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_dn_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> raw_flag</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *buf_size</code></em>);</pre> +<p>This function will extract the part of the name of the Certificate +subject specified by the given OID. The output, if the raw flag is +not used, will be encoded as described in RFC4514. Thus a string +that is ASCII or UTF-8 encoded, depending on the certificate data.</p> +<p>Some helper macros with popular OIDs can be found in gnutls/x509.h +If raw flag is (0), this function will only return known OIDs as +text. Other OIDs will be DER encoded, as described in RFC4514 -- +in hex format with a '#' prefix. You can check about known OIDs +using <a class="link" href="gnutls-x509.html#gnutls-x509-dn-oid-known" title="gnutls_x509_dn_oid_known ()"><code class="function">gnutls_x509_dn_oid_known()</code></a>.</p> +<p>If <em class="parameter"><code>buf</code></em> + is null then only the size will be filled. If the <em class="parameter"><code>raw_flag</code></em> + +is not specified the output is always null terminated, although the +<em class="parameter"><code>buf_size</code></em> + will not include the null character.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-dn-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identified in null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>In case multiple same OIDs exist in the RDN, this specifies which to send. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>raw_flag</p></td> +<td class="parameter_description"><p>If non-zero returns the raw DER data of the DN part.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer where the DN part will be copied (may be null).</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-dn-by-oid.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is not +long enough, and in that case the <em class="parameter"><code>buf_size</code></em> +will be updated with +the required size. <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> if there +are no data in the current index. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-check-hostname"></a><h3>gnutls_x509_crt_check_hostname ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_crt_check_hostname (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *hostname</code></em>);</pre> +<p>This function will check if the given certificate's subject matches +the given hostname. This is a basic implementation of the matching +described in RFC6125, and takes into account wildcards, +and the DNSName/IPAddress subject alternative name PKIX extension.</p> +<p>For details see also <a class="link" href="gnutls-x509.html#gnutls-x509-crt-check-hostname2" title="gnutls_x509_crt_check_hostname2 ()"><code class="function">gnutls_x509_crt_check_hostname2()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-hostname.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain an gnutls_x509_crt_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>hostname</p></td> +<td class="parameter_description"><p>A null terminated string that contains a DNS name</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-hostname.returns"></a><h4>Returns</h4> +<p> non-zero for a successful match, and zero on failure.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-check-hostname2"></a><h3>gnutls_x509_crt_check_hostname2 ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_crt_check_hostname2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *hostname</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will check if the given certificate's subject matches +the given hostname. This is a basic implementation of the matching +described in RFC6125, and takes into account wildcards, +and the DNSName/IPAddress subject alternative name PKIX extension.</p> +<p>IPv4 addresses are accepted by this function in the dotted-decimal +format (e.g, ddd.ddd.ddd.ddd), and IPv6 addresses in the hexadecimal +x:x:x:x:x:x:x:x format. For them the IPAddress subject alternative +name extension is consulted. Previous versions to 3.6.0 of GnuTLS +in case of a non-match would consult (in a non-standard extension) +the DNSname and CN fields. This is no longer the case.</p> +<p>When the flag <a class="link" href="gnutls-x509.html#GNUTLS-VERIFY-DO-NOT-ALLOW-WILDCARDS:CAPS"><code class="literal">GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS</code></a> is specified no +wildcards are considered. Otherwise they are only considered if the +domain name consists of three components or more, and the wildcard +starts at the leftmost position.</p> +<p>When the flag <a class="link" href="gnutls-x509.html#GNUTLS-VERIFY-DO-NOT-ALLOW-IP-MATCHES:CAPS"><code class="literal">GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES</code></a> is specified, +the input will be treated as a DNS name, and matching of textual IP addresses +against the IPAddress part of the alternative name will not be allowed.</p> +<p>The function <a class="link" href="gnutls-x509.html#gnutls-x509-crt-check-ip" title="gnutls_x509_crt_check_ip ()"><code class="function">gnutls_x509_crt_check_ip()</code></a> is available for matching +IP addresses.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-hostname2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain an gnutls_x509_crt_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>hostname</p></td> +<td class="parameter_description"><p>A null terminated string that contains a DNS name</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>gnutls_certificate_verify_flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-hostname2.returns"></a><h4>Returns</h4> +<p> non-zero for a successful match, and zero on failure.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-check-email"></a><h3>gnutls_x509_crt_check_email ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_crt_check_email (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *email</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will check if the given certificate's subject matches +the given email address.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-email.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain an gnutls_x509_crt_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>email</p></td> +<td class="parameter_description"><p>A null terminated string that contains an email address (RFC822)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-email.returns"></a><h4>Returns</h4> +<p> non-zero for a successful match, and zero on failure.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-check-ip"></a><h3>gnutls_x509_crt_check_ip ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_crt_check_ip (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const unsigned <span class="type">char</span> *ip</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> ip_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will check if the IP allowed IP addresses in +the certificate's subject alternative name match the provided +IP address.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-ip.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain an gnutls_x509_crt_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ip</p></td> +<td class="parameter_description"><p>A pointer to the raw IP address</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ip_size</p></td> +<td class="parameter_description"><p>the number of bytes in ip (4 or 16)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-ip.returns"></a><h4>Returns</h4> +<p> non-zero for a successful match, and zero on failure.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-signature-algorithm"></a><h3>gnutls_x509_crt_get_signature_algorithm ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_signature_algorithm + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>);</pre> +<p>This function will return a value of the <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> +enumeration that is the signature algorithm that has been used to +sign this certificate.</p> +<p>Since 3.6.0 this function never returns a negative error code. +Error cases and unknown/unsupported signature algorithms are +mapped to <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-UNKNOWN:CAPS"><code class="literal">GNUTLS_SIGN_UNKNOWN</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-signature-algorithm.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-signature-algorithm.returns"></a><h4>Returns</h4> +<p> a <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> value</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-signature"></a><h3>gnutls_x509_crt_get_signature ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_signature (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">char</span> *sig</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_sig</code></em>);</pre> +<p>This function will extract the signature field of a certificate.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-signature.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sig</p></td> +<td class="parameter_description"><p>a pointer where the signature part will be copied (may be null).</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sig_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>sig</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-signature.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-version"></a><h3>gnutls_x509_crt_get_version ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_version (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>);</pre> +<p>This function will return the version of the specified Certificate.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-version.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-version.returns"></a><h4>Returns</h4> +<p> version of certificate, or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-pk-oid"></a><h3>gnutls_x509_crt_get_pk_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_pk_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>);</pre> +<p>This function will return the OID of the public key algorithm +on that certificate. This is function +is useful in the case <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-pk-algorithm" title="gnutls_x509_crt_get_pk_algorithm ()"><code class="function">gnutls_x509_crt_get_pk_algorithm()</code></a> +returned <a class="link" href="gnutls-gnutls.html#GNUTLS-PK-UNKNOWN:CAPS"><code class="literal">GNUTLS_PK_UNKNOWN</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a buffer to hold the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-oid.returns"></a><h4>Returns</h4> +<p> zero or a negative error code on error.</p> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-signature-oid"></a><h3>gnutls_x509_crt_get_signature_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_signature_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>);</pre> +<p>This function will return the OID of the signature algorithm +that has been used to sign this certificate. This is function +is useful in the case <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-signature-algorithm" title="gnutls_x509_crt_get_signature_algorithm ()"><code class="function">gnutls_x509_crt_get_signature_algorithm()</code></a> +returned <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-UNKNOWN:CAPS"><code class="literal">GNUTLS_SIGN_UNKNOWN</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-signature-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a buffer to hold the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-signature-oid.returns"></a><h4>Returns</h4> +<p> zero or a negative error code on error.</p> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-key-id"></a><h3>gnutls_x509_crt_get_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_key_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">char</span> *output_data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre> +<p>This function will return a unique ID that depends on the public +key parameters. This ID can be used in checking whether a +certificate corresponds to the given private key.</p> +<p>If the buffer provided is not long enough to hold the output, then +*output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will +be returned. The output will normally be a SHA-1 hash output, +which is 20 bytes.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be one of the flags from <a class="link" href="gnutls-x509.html#gnutls-keyid-flags-t" title="enum gnutls_keyid_flags_t"><code class="literal">gnutls_keyid_flags_t</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data</p></td> +<td class="parameter_description"><p>will contain the key ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data_size</p></td> +<td class="parameter_description"><p>holds the size of output_data (and will be +replaced by the actual size of parameters)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-key-id.returns"></a><h4>Returns</h4> +<p> In case of failure a negative error code will be +returned, and 0 on success.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-private-key-usage-period"></a><h3>gnutls_x509_crt_set_private_key_usage_period ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_private_key_usage_period + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><span class="type">time_t</span> activation</code></em>, + <em class="parameter"><code><span class="type">time_t</span> expiration</code></em>);</pre> +<p>This function will set the private key usage period extension (2.5.29.16).</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-private-key-usage-period.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>activation</p></td> +<td class="parameter_description"><p>The activation time</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>expiration</p></td> +<td class="parameter_description"><p>The expiration time</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-private-key-usage-period.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-authority-key-id"></a><h3>gnutls_x509_crt_set_authority_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_authority_key_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *id</code></em>, + <em class="parameter"><code><span class="type">size_t</span> id_size</code></em>);</pre> +<p>This function will set the X.509 certificate's authority key ID extension. +Only the keyIdentifier field can be set with this function.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-authority-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id</p></td> +<td class="parameter_description"><p>The key ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id_size</p></td> +<td class="parameter_description"><p>Holds the size of the key ID field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-authority-key-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-authority-key-id"></a><h3>gnutls_x509_crt_get_authority_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_authority_key_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">void</span> *id</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *id_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the X.509v3 certificate authority's key +identifier. This is obtained by the X.509 Authority Key +identifier extension field (2.5.29.35). Note that this function +only returns the keyIdentifier field of the extension and +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-X509-UNSUPPORTED-EXTENSION:CAPS" title="GNUTLS_E_X509_UNSUPPORTED_EXTENSION"><code class="literal">GNUTLS_E_X509_UNSUPPORTED_EXTENSION</code></a>, if the extension contains +the name and serial number of the certificate. In that case +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-authority-key-gn-serial" title="gnutls_x509_crt_get_authority_key_gn_serial ()"><code class="function">gnutls_x509_crt_get_authority_key_gn_serial()</code></a> may be used.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-authority-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id</p></td> +<td class="parameter_description"><p>The place where the identifier will be copied</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id_size</p></td> +<td class="parameter_description"><p>Holds the size of the id field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-authority-key-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +if the extension is not present, otherwise a negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-authority-key-gn-serial"></a><h3>gnutls_x509_crt_get_authority_key_gn_serial ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_authority_key_gn_serial + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *alt</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *alt_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *alt_type</code></em>, + <em class="parameter"><code><span class="type">void</span> *serial</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *serial_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the X.509 authority key +identifier when stored as a general name (authorityCertIssuer) +and serial number.</p> +<p>Because more than one general names might be stored +<em class="parameter"><code>seq</code></em> + can be used as a counter to request them all until +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-authority-key-gn-serial.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>alt</p></td> +<td class="parameter_description"><p>is the place where the alternative name will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>alt_size</p></td> +<td class="parameter_description"><p>holds the size of alt.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>alt_type</p></td> +<td class="parameter_description"><p>holds the type of the alternative name (one of gnutls_x509_subject_alt_name_t).</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial</p></td> +<td class="parameter_description"><p>buffer to store the serial number (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial_size</p></td> +<td class="parameter_description"><p>Holds the size of the serial field (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-authority-key-gn-serial.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +if the extension is not present, otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-subject-key-id"></a><h3>gnutls_x509_crt_get_subject_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_subject_key_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">void</span> *ret</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *ret_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the X.509v3 certificate's subject key +identifier. This is obtained by the X.509 Subject Key identifier +extension field (2.5.29.14).</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret</p></td> +<td class="parameter_description"><p>The place where the identifier will be copied</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret_size</p></td> +<td class="parameter_description"><p>Holds the size of the result field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject-key-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +if the extension is not present, otherwise a negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-subject-unique-id"></a><h3>gnutls_x509_crt_get_subject_unique_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_subject_unique_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><span class="type">char</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *buf_size</code></em>);</pre> +<p>This function will extract the subjectUniqueID value (if present) for +the given certificate.</p> +<p>If the user allocated memory buffer is not large enough to hold the +full subjectUniqueID, then a GNUTLS_E_SHORT_MEMORY_BUFFER error will be +returned, and buf_size will be set to the actual length.</p> +<p>This function had a bug prior to 3.4.8 that prevented the setting +of <code class="literal">NULL</code> <em class="parameter"><code>buf</code></em> + to discover the <em class="parameter"><code>buf_size</code></em> +. To use this function safely +with the older versions the <em class="parameter"><code>buf</code></em> + must be a valid buffer that can hold +at least a single byte if <em class="parameter"><code>buf_size</code></em> + is zero.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject-unique-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>user allocated memory buffer, will hold the unique id</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>size of user allocated memory buffer (on input), will hold +actual size of the unique ID on return.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject-unique-id.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise a negative error code.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-issuer-unique-id"></a><h3>gnutls_x509_crt_get_issuer_unique_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_issuer_unique_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><span class="type">char</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *buf_size</code></em>);</pre> +<p>This function will extract the issuerUniqueID value (if present) for +the given certificate.</p> +<p>If the user allocated memory buffer is not large enough to hold the +full subjectUniqueID, then a GNUTLS_E_SHORT_MEMORY_BUFFER error will be +returned, and buf_size will be set to the actual length.</p> +<p>This function had a bug prior to 3.4.8 that prevented the setting +of <code class="literal">NULL</code> <em class="parameter"><code>buf</code></em> + to discover the <em class="parameter"><code>buf_size</code></em> +. To use this function safely +with the older versions the <em class="parameter"><code>buf</code></em> + must be a valid buffer that can hold +at least a single byte if <em class="parameter"><code>buf_size</code></em> + is zero.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-unique-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>user allocated memory buffer, will hold the unique id</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>size of user allocated memory buffer (on input), will hold +actual size of the unique ID on return.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-unique-id.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise a negative error code.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-pin-function"></a><h3>gnutls_x509_crt_set_pin_function ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_crt_set_pin_function (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pin-callback-t" title="gnutls_pin_callback_t ()"><span class="type">gnutls_pin_callback_t</span></a> fn</code></em>, + <em class="parameter"><code><span class="type">void</span> *userdata</code></em>);</pre> +<p>This function will set a callback function to be used when +it is required to access a protected object. This function overrides +the global function set using <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-pin-function" title="gnutls_pkcs11_set_pin_function ()"><code class="function">gnutls_pkcs11_set_pin_function()</code></a>.</p> +<p>Note that this callback is currently used only during the import +of a PKCS <span class="type">11</span> certificate with <a class="link" href="gnutls-x509.html#gnutls-x509-crt-import-url" title="gnutls_x509_crt_import_url ()"><code class="function">gnutls_x509_crt_import_url()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-pin-function.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>The certificate structure</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fn</p></td> +<td class="parameter_description"><p>the callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>userdata</p></td> +<td class="parameter_description"><p>data associated with the callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.1.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-authority-info-access"></a><h3>gnutls_x509_crt_get_authority_info_access ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_authority_info_access + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">int</span> what</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>Note that a simpler API to access the authority info data is provided +by <code class="function">gnutls_x509_aia_get()</code> and <code class="function">gnutls_x509_ext_import_aia()</code>.</p> +<p>This function extracts the Authority Information Access (AIA) +extension, see RFC 5280 section 4.2.2.1 for more information. The +AIA extension holds a sequence of AccessDescription (AD) data.</p> +<p>The <em class="parameter"><code>seq</code></em> + input parameter is used to indicate which member of the +sequence the caller is interested in. The first member is 0, the +second member 1 and so on. When the <em class="parameter"><code>seq</code></em> + value is out of bounds, +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +<p>The type of data returned in <em class="parameter"><code>data</code></em> + is specified via <em class="parameter"><code>what</code></em> + which +should be <a class="link" href="gnutls-x509.html#gnutls-info-access-what-t" title="enum gnutls_info_access_what_t"><span class="type">gnutls_info_access_what_t</span></a> values.</p> +<p>If <em class="parameter"><code>what</code></em> + is <a class="link" href="gnutls-x509.html#GNUTLS-IA-ACCESSMETHOD-OID:CAPS"><code class="literal">GNUTLS_IA_ACCESSMETHOD_OID</code></a> then <em class="parameter"><code>data</code></em> + will hold the +accessMethod OID (e.g., "1.3.6.1.5.5.7.48.1").</p> +<p>If <em class="parameter"><code>what</code></em> + is <a class="link" href="gnutls-x509.html#GNUTLS-IA-ACCESSLOCATION-GENERALNAME-TYPE:CAPS"><code class="literal">GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE</code></a>, <em class="parameter"><code>data</code></em> + will +hold the accessLocation GeneralName type (e.g., +"uniformResourceIdentifier").</p> +<p>If <em class="parameter"><code>what</code></em> + is <a class="link" href="gnutls-x509.html#GNUTLS-IA-URI:CAPS"><code class="literal">GNUTLS_IA_URI</code></a>, <em class="parameter"><code>data</code></em> + will hold the accessLocation URI +data. Requesting this <em class="parameter"><code>what</code></em> + value leads to an error if the +accessLocation is not of the "uniformResourceIdentifier" type.</p> +<p>If <em class="parameter"><code>what</code></em> + is <a class="link" href="gnutls-x509.html#GNUTLS-IA-OCSP-URI:CAPS"><code class="literal">GNUTLS_IA_OCSP_URI</code></a>, <em class="parameter"><code>data</code></em> + will hold the OCSP URI. +Requesting this <em class="parameter"><code>what</code></em> + value leads to an error if the accessMethod +is not 1.3.6.1.5.5.7.48.1 aka OCSP, or if accessLocation is not of +the "uniformResourceIdentifier" type. In that case <a class="link" href="gnutls-gnutls.html#GNUTLS-E-UNKNOWN-ALGORITHM:CAPS" title="GNUTLS_E_UNKNOWN_ALGORITHM"><code class="literal">GNUTLS_E_UNKNOWN_ALGORITHM</code></a> +will be returned, and <em class="parameter"><code>seq</code></em> + should be increased and this function +called again.</p> +<p>If <em class="parameter"><code>what</code></em> + is <a class="link" href="gnutls-x509.html#GNUTLS-IA-CAISSUERS-URI:CAPS"><code class="literal">GNUTLS_IA_CAISSUERS_URI</code></a>, <em class="parameter"><code>data</code></em> + will hold the caIssuers +URI. Requesting this <em class="parameter"><code>what</code></em> + value leads to an error if the +accessMethod is not 1.3.6.1.5.5.7.48.2 aka caIssuers, or if +accessLocation is not of the "uniformResourceIdentifier" type. +In that case handle as in <a class="link" href="gnutls-x509.html#GNUTLS-IA-OCSP-URI:CAPS"><code class="literal">GNUTLS_IA_OCSP_URI</code></a>.</p> +<p>More <em class="parameter"><code>what</code></em> + values may be allocated in the future as needed.</p> +<p>If <em class="parameter"><code>data</code></em> + is NULL, the function does the same without storing the +output data, that is, it will set <em class="parameter"><code>critical</code></em> + and do error checking +as usual.</p> +<p>The value of the critical flag is returned in *<em class="parameter"><code>critical</code></em> +. Supply a +NULL <em class="parameter"><code>critical</code></em> + if you want the function to make sure the extension +is non-critical, as required by RFC 5280.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-authority-info-access.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the access descriptor (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>what</p></td> +<td class="parameter_description"><p>what data to get, a <a class="link" href="gnutls-x509.html#gnutls-info-access-what-t" title="enum gnutls_info_access_what_t"><span class="type">gnutls_info_access_what_t</span></a> type.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>output data to be freed with <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>pointer to output integer that is set to non-zero if the extension is marked as critical (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-authority-info-access.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INVALID-REQUEST:CAPS" title="GNUTLS_E_INVALID_REQUEST"><code class="literal">GNUTLS_E_INVALID_REQUEST</code></a> on +invalid <em class="parameter"><code>crt</code></em> +, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-CONSTRAINT-ERROR:CAPS" title="GNUTLS_E_CONSTRAINT_ERROR"><code class="literal">GNUTLS_E_CONSTRAINT_ERROR</code></a> if the extension is +incorrectly marked as critical (use a non-NULL <em class="parameter"><code>critical</code></em> +to +override), <a class="link" href="gnutls-gnutls.html#GNUTLS-E-UNKNOWN-ALGORITHM:CAPS" title="GNUTLS_E_UNKNOWN_ALGORITHM"><code class="literal">GNUTLS_E_UNKNOWN_ALGORITHM</code></a> if the requested OID does +not match (e.g., when using <a class="link" href="gnutls-x509.html#GNUTLS-IA-OCSP-URI:CAPS"><code class="literal">GNUTLS_IA_OCSP_URI</code></a>), otherwise a +negative error code.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-name-constraints-check"></a><h3>gnutls_x509_name_constraints_check ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_name_constraints_check (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t"><span class="type">gnutls_x509_name_constraints_t</span></a> nc</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> type</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *name</code></em>);</pre> +<p>This function will check the provided name against the constraints in +<em class="parameter"><code>nc</code></em> + using the RFC5280 rules. Currently this function is limited to DNS +names, emails and IP addresses (of type <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DNSNAME:CAPS"><code class="literal">GNUTLS_SAN_DNSNAME</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-RFC822NAME:CAPS"><code class="literal">GNUTLS_SAN_RFC822NAME</code></a> and <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-IPADDRESS:CAPS"><code class="literal">GNUTLS_SAN_IPADDRESS</code></a>).</p> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-check.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>nc</p></td> +<td class="parameter_description"><p>the extracted name constraints</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>the type of the constraint to check (of type gnutls_x509_subject_alt_name_t)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>the name to be checked</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-check.returns"></a><h4>Returns</h4> +<p> zero if the provided name is not acceptable, and non-zero otherwise.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-name-constraints-check-crt"></a><h3>gnutls_x509_name_constraints_check_crt ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_name_constraints_check_crt + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t"><span class="type">gnutls_x509_name_constraints_t</span></a> nc</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> type</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>);</pre> +<p>This function will check the provided certificate names against the constraints in +<em class="parameter"><code>nc</code></em> + using the RFC5280 rules. It will traverse all the certificate's names and +alternative names.</p> +<p>Currently this function is limited to DNS +names and emails (of type <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DNSNAME:CAPS"><code class="literal">GNUTLS_SAN_DNSNAME</code></a> and <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-RFC822NAME:CAPS"><code class="literal">GNUTLS_SAN_RFC822NAME</code></a>).</p> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-check-crt.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>nc</p></td> +<td class="parameter_description"><p>the extracted name constraints</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>the type of the constraint to check (of type gnutls_x509_subject_alt_name_t)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>the certificate to be checked</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-check-crt.returns"></a><h4>Returns</h4> +<p> zero if the provided name is not acceptable, and non-zero otherwise.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-name-constraints-init"></a><h3>gnutls_x509_name_constraints_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_name_constraints_init (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t"><span class="type">gnutls_x509_name_constraints_t</span></a> *nc</code></em>);</pre> +<p>This function will initialize a name constraints type.</p> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>nc</p></td> +<td class="parameter_description"><p>The nameconstraints</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-name-constraints-deinit"></a><h3>gnutls_x509_name_constraints_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_name_constraints_deinit (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t"><span class="type">gnutls_x509_name_constraints_t</span></a> nc</code></em>);</pre> +<p>This function will deinitialize a name constraints type.</p> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>nc</p></td> +<td class="parameter_description"><p>The nameconstraints</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-name-constraints"></a><h3>gnutls_x509_crt_get_name_constraints ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_name_constraints (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t"><span class="type">gnutls_x509_name_constraints_t</span></a> nc</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return an intermediate type containing +the name constraints of the provided CA certificate. That +structure can be used in combination with <a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-check" title="gnutls_x509_name_constraints_check ()"><code class="function">gnutls_x509_name_constraints_check()</code></a> +to verify whether a server's name is in accordance with the constraints.</p> +<p>When the <em class="parameter"><code>flags</code></em> + is set to <a class="link" href="gnutls-x509.html#GNUTLS-EXT-FLAG-APPEND:CAPS" title="GNUTLS_EXT_FLAG_APPEND"><code class="literal">GNUTLS_EXT_FLAG_APPEND</code></a>, +then if the <em class="parameter"><code>nc</code></em> + structure is empty this function will behave +identically as if the flag was not set. +Otherwise if there are elements in the <em class="parameter"><code>nc</code></em> + structure then the +constraints will be merged with the existing constraints following +RFC5280 p6.1.4 (excluded constraints will be appended, permitted +will be intersected).</p> +<p>Note that <em class="parameter"><code>nc</code></em> + must be initialized prior to calling this function.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-name-constraints.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>nc</p></td> +<td class="parameter_description"><p>The nameconstraints intermediate type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or <a class="link" href="gnutls-x509.html#GNUTLS-EXT-FLAG-APPEND:CAPS" title="GNUTLS_EXT_FLAG_APPEND"><code class="literal">GNUTLS_EXT_FLAG_APPEND</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>the extension status</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-name-constraints.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +if the extension is not present, otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-name-constraints-add-permitted"></a><h3>gnutls_x509_name_constraints_add_permitted ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_name_constraints_add_permitted + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t"><span class="type">gnutls_x509_name_constraints_t</span></a> nc</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> type</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *name</code></em>);</pre> +<p>This function will add a name constraint to the list of permitted +constraints. The constraints <em class="parameter"><code>type</code></em> + can be any of the following types: +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DNSNAME:CAPS"><code class="literal">GNUTLS_SAN_DNSNAME</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-RFC822NAME:CAPS"><code class="literal">GNUTLS_SAN_RFC822NAME</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DN:CAPS"><code class="literal">GNUTLS_SAN_DN</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-URI:CAPS"><code class="literal">GNUTLS_SAN_URI</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-IPADDRESS:CAPS"><code class="literal">GNUTLS_SAN_IPADDRESS</code></a>. For the latter, an IP address +in network byte order is expected, followed by its network mask.</p> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-add-permitted.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>nc</p></td> +<td class="parameter_description"><p>The nameconstraints</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>The type of the constraints</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>The data of the constraints</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-add-permitted.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-name-constraints-add-excluded"></a><h3>gnutls_x509_name_constraints_add_excluded ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_name_constraints_add_excluded + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t"><span class="type">gnutls_x509_name_constraints_t</span></a> nc</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> type</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *name</code></em>);</pre> +<p>This function will add a name constraint to the list of excluded +constraints. The constraints <em class="parameter"><code>type</code></em> + can be any of the following types: +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DNSNAME:CAPS"><code class="literal">GNUTLS_SAN_DNSNAME</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-RFC822NAME:CAPS"><code class="literal">GNUTLS_SAN_RFC822NAME</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DN:CAPS"><code class="literal">GNUTLS_SAN_DN</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-URI:CAPS"><code class="literal">GNUTLS_SAN_URI</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-IPADDRESS:CAPS"><code class="literal">GNUTLS_SAN_IPADDRESS</code></a>. For the latter, an IP address +in network byte order is expected, followed by its network mask (which is +4 bytes in IPv4 or 16-bytes in IPv6).</p> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-add-excluded.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>nc</p></td> +<td class="parameter_description"><p>The nameconstraints</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>The type of the constraints</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>The data of the constraints</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-add-excluded.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-name-constraints"></a><h3>gnutls_x509_crt_set_name_constraints ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_name_constraints (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t"><span class="type">gnutls_x509_name_constraints_t</span></a> nc</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> critical</code></em>);</pre> +<p>This function will set the provided name constraints to +the certificate extension list. This extension is always +marked as critical.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-name-constraints.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>The certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>nc</p></td> +<td class="parameter_description"><p>The nameconstraints structure</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>whether this extension will be critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-name-constraints.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-name-constraints-get-permitted"></a><h3>gnutls_x509_name_constraints_get_permitted ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_name_constraints_get_permitted + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t"><span class="type">gnutls_x509_name_constraints_t</span></a> nc</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> idx</code></em>, + <em class="parameter"><code><span class="type">unsigned</span> *type</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *name</code></em>);</pre> +<p>This function will return an intermediate type containing +the name constraints of the provided CA certificate. That +structure can be used in combination with <a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-check" title="gnutls_x509_name_constraints_check ()"><code class="function">gnutls_x509_name_constraints_check()</code></a> +to verify whether a server's name is in accordance with the constraints.</p> +<p>The name should be treated as constant and valid for the lifetime of <em class="parameter"><code>nc</code></em> +.</p> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-get-permitted.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>nc</p></td> +<td class="parameter_description"><p>the extracted name constraints</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>idx</p></td> +<td class="parameter_description"><p>the index of the constraint</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>the type of the constraint (of type gnutls_x509_subject_alt_name_t)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>the name in the constraint (of the specific type)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-get-permitted.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +if the extension is not present, otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-name-constraints-get-excluded"></a><h3>gnutls_x509_name_constraints_get_excluded ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_name_constraints_get_excluded + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-t" title="gnutls_x509_name_constraints_t"><span class="type">gnutls_x509_name_constraints_t</span></a> nc</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> idx</code></em>, + <em class="parameter"><code><span class="type">unsigned</span> *type</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *name</code></em>);</pre> +<p>This function will return an intermediate type containing +the name constraints of the provided CA certificate. That +structure can be used in combination with <a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-check" title="gnutls_x509_name_constraints_check ()"><code class="function">gnutls_x509_name_constraints_check()</code></a> +to verify whether a server's name is in accordance with the constraints.</p> +<p>The name should be treated as constant and valid for the lifetime of <em class="parameter"><code>nc</code></em> +.</p> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-get-excluded.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>nc</p></td> +<td class="parameter_description"><p>the extracted name constraints</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>idx</p></td> +<td class="parameter_description"><p>the index of the constraint</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>the type of the constraint (of type gnutls_x509_subject_alt_name_t)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>the name in the constraint (of the specific type)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-name-constraints-get-excluded.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +if the extension is not present, otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-cidr-to-rfc5280"></a><h3>gnutls_x509_cidr_to_rfc5280 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_cidr_to_rfc5280 (<em class="parameter"><code>const <span class="type">char</span> *cidr</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *cidr_rfc5280</code></em>);</pre> +<p>This function will convert text CIDR range with prefix (such as '10.0.0.0/8') +to RFC5280 (IP address in network byte order followed by its network mask). +Works for both IPv4 and IPv6.</p> +<p>The resulting object is directly usable for IP name constraints usage, +for example in functions <a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-add-permitted" title="gnutls_x509_name_constraints_add_permitted ()"><code class="literal">gnutls_x509_name_constraints_add_permitted</code></a> +or <a class="link" href="gnutls-x509.html#gnutls-x509-name-constraints-add-excluded" title="gnutls_x509_name_constraints_add_excluded ()"><code class="literal">gnutls_x509_name_constraints_add_excluded</code></a>.</p> +<p>The data in datum needs to be deallocated using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-cidr-to-rfc5280.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cidr</p></td> +<td class="parameter_description"><p>CIDR in RFC4632 format (IP/prefix), null-terminated</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cidr_rfc5280</p></td> +<td class="parameter_description"><p>CIDR range converted to RFC5280 format</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-cidr-to-rfc5280.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.5.4</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-crl-dist-points"></a><h3>gnutls_x509_crt_get_crl_dist_points ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_crl_dist_points (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *ret</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *ret_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *reason_flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function retrieves the CRL distribution points (2.5.29.31), +contained in the given certificate in the X509v3 Certificate +Extensions.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-crl-dist-points.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the distribution point (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>san</p></td> +<td class="parameter_description"><p>is the place where the distribution point will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>san_size</p></td> +<td class="parameter_description"><p>holds the size of ret.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>reason_flags</p></td> +<td class="parameter_description"><p>Revocation reasons. An ORed sequence of flags from <a class="link" href="gnutls-x509.html#gnutls-x509-crl-reason-flags-t" title="enum gnutls_x509_crl_reason_flags_t"><code class="literal">gnutls_x509_crl_reason_flags_t</code></a>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-crl-dist-points.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> and updates <em class="parameter"><code>ret_size</code></em> +if +<em class="parameter"><code>ret_size</code></em> +is not enough to hold the distribution point, or the +type of the distribution point if everything was ok. The type is +one of the enumerated <a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><code class="literal">gnutls_x509_subject_alt_name_t</code></a>. If the +certificate does not have an Alternative name with the specified +sequence number then <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is +returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-crl-dist-points2"></a><h3>gnutls_x509_crt_set_crl_dist_points2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_crl_dist_points2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> type</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *data</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> data_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> reason_flags</code></em>);</pre> +<p>This function will set the CRL distribution points certificate extension.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-crl-dist-points2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>is one of the gnutls_x509_subject_alt_name_t enumerations</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_size</p></td> +<td class="parameter_description"><p>The data size</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>reason_flags</p></td> +<td class="parameter_description"><p>revocation reasons</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-crl-dist-points2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-crl-dist-points"></a><h3>gnutls_x509_crt_set_crl_dist_points ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_crl_dist_points (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> type</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *data_string</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> reason_flags</code></em>);</pre> +<p>This function will set the CRL distribution points certificate extension.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-crl-dist-points.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>is one of the gnutls_x509_subject_alt_name_t enumerations</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_string</p></td> +<td class="parameter_description"><p>The data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>reason_flags</p></td> +<td class="parameter_description"><p>revocation reasons</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-crl-dist-points.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-cpy-crl-dist-points"></a><h3>gnutls_x509_crt_cpy_crl_dist_points ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_cpy_crl_dist_points (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> dst</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> src</code></em>);</pre> +<p>This function will copy the CRL distribution points certificate +extension, from the source to the destination certificate. +This may be useful to copy from a CA certificate to issued ones.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-cpy-crl-dist-points.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>dst</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>src</p></td> +<td class="parameter_description"><p>the certificate where the dist points will be copied from</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-cpy-crl-dist-points.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-sign"></a><h3>gnutls_x509_crl_sign ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_sign (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> issuer</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> issuer_key</code></em>);</pre> +<p>This function is the same a <a class="link" href="gnutls-x509.html#gnutls-x509-crl-sign2" title="gnutls_x509_crl_sign2 ()"><code class="function">gnutls_x509_crl_sign2()</code></a> with no flags, +and an appropriate hash algorithm. The hash algorithm used may +vary between versions of GnuTLS, and it is tied to the security +level of the issuer's public key.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-sign.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>is the certificate of the certificate issuer</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer_key</p></td> +<td class="parameter_description"><p>holds the issuer's private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-sign.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-sign2"></a><h3>gnutls_x509_crl_sign2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_sign2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> issuer</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> issuer_key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> dig</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will sign the CRL with the issuer's private key, and +will copy the issuer's information into the CRL.</p> +<p>This must be the last step in a certificate CRL since all +the previously set parameters are now signed.</p> +<p>A known limitation of this function is, that a newly-signed CRL will not +be fully functional (e.g., for signature verification), until it +is exported an re-imported.</p> +<p>After GnuTLS 3.6.1 the value of <em class="parameter"><code>dig</code></em> + may be <a class="link" href="gnutls-gnutls.html#GNUTLS-DIG-UNKNOWN:CAPS"><code class="literal">GNUTLS_DIG_UNKNOWN</code></a>, +and in that case, a suitable but reasonable for the key algorithm will be selected.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-sign2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>is the certificate of the certificate issuer</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer_key</p></td> +<td class="parameter_description"><p>holds the issuer's private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dig</p></td> +<td class="parameter_description"><p>The message digest to use. GNUTLS_DIG_SHA256 is the safe choice unless you know what you're doing.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be 0</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-sign2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-activation-time"></a><h3>gnutls_x509_crt_get_activation_time ()</h3> +<pre class="programlisting"><span class="returnvalue">time_t</span> +gnutls_x509_crt_get_activation_time (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>);</pre> +<p>This function will return the time this Certificate was or will be +activated.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-activation-time.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-activation-time.returns"></a><h4>Returns</h4> +<p> activation time, or (time_t)-1 on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-expiration-time"></a><h3>gnutls_x509_crt_get_expiration_time ()</h3> +<pre class="programlisting"><span class="returnvalue">time_t</span> +gnutls_x509_crt_get_expiration_time (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>);</pre> +<p>This function will return the time this certificate was or will be +expired.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-expiration-time.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-expiration-time.returns"></a><h4>Returns</h4> +<p> expiration time, or (time_t)-1 on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-serial"></a><h3>gnutls_x509_crt_get_serial ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_serial (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">void</span> *result</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *result_size</code></em>);</pre> +<p>This function will return the X.509 certificate's serial number. +This is obtained by the X509 Certificate serialNumber field. Serial +is not always a 32 or 64bit number. Some CAs use large serial +numbers, thus it may be wise to handle it as something uint8_t.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-serial.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>result</p></td> +<td class="parameter_description"><p>The place where the serial number will be copied</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>result_size</p></td> +<td class="parameter_description"><p>Holds the size of the result field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-serial.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-spki-init"></a><h3>gnutls_x509_spki_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_spki_init (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a> *spki</code></em>);</pre> +<p>This function will initialize a SubjectPublicKeyInfo structure used +in PKIX. The structure is used to set additional parameters +in the public key information field of a certificate.</p> +<div class="refsect3"> +<a name="gnutls-x509-spki-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>A pointer to the type to be initialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-spki-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-spki-deinit"></a><h3>gnutls_x509_spki_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_spki_deinit (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a> spki</code></em>);</pre> +<p>This function will deinitialize a SubjectPublicKeyInfo structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-spki-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>the SubjectPublicKeyInfo structure</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<p class="since">Since: 3.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-spki-get-rsa-pss-params"></a><h3>gnutls_x509_spki_get_rsa_pss_params ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_spki_get_rsa_pss_params (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a> spki</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> *dig</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *salt_size</code></em>);</pre> +<p>This function will get the public key algorithm parameters +of RSA-PSS type.</p> +<div class="refsect3"> +<a name="gnutls-x509-spki-get-rsa-pss-params.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>the SubjectPublicKeyInfo structure</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dig</p></td> +<td class="parameter_description"><p>if non-NULL, it will hold the digest algorithm</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>salt_size</p></td> +<td class="parameter_description"><p>if non-NULL, it will hold the salt size</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-spki-get-rsa-pss-params.returns"></a><h4>Returns</h4> +<p> zero if the parameters are present or a negative +value on error.</p> +</div> +<p class="since">Since: 3.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-spki-set-rsa-pss-params"></a><h3>gnutls_x509_spki_set_rsa_pss_params ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_spki_set_rsa_pss_params (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a> spki</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> dig</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> salt_size</code></em>);</pre> +<p>This function will set the public key parameters for +an RSA-PSS algorithm, in the SubjectPublicKeyInfo structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-spki-set-rsa-pss-params.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>the SubjectPublicKeyInfo structure</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dig</p></td> +<td class="parameter_description"><p>a digest algorithm of type <a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>salt_size</p></td> +<td class="parameter_description"><p>the size of salt string</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-pk-algorithm"></a><h3>gnutls_x509_crt_get_pk_algorithm ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_pk_algorithm (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *bits</code></em>);</pre> +<p>This function will return the public key algorithm of an X.509 +certificate.</p> +<p>If bits is non null, it should have enough size to hold the parameters +size in bits. For RSA the bits returned is the modulus. +For DSA the bits returned are of the public +exponent.</p> +<p>Unknown/unsupported algorithms are mapped to <a class="link" href="gnutls-gnutls.html#GNUTLS-PK-UNKNOWN:CAPS"><code class="literal">GNUTLS_PK_UNKNOWN</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-algorithm.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>bits</p></td> +<td class="parameter_description"><p>if bits is non null it will hold the size of the parameters' in bits</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-algorithm.returns"></a><h4>Returns</h4> +<p> a member of the <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> enumeration on +success, or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-spki"></a><h3>gnutls_x509_crt_set_spki ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_spki (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a> spki</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will set the certificate's subject public key +information explicitly. This is intended to be used in the cases +where a single public key (e.g., RSA) can be used for multiple +signature algorithms (RSA PKCS1-1.5, and RSA-PSS).</p> +<p>To export the public key (i.e., the SubjectPublicKeyInfo part), check +<a class="link" href="gnutls-abstract.html#gnutls-pubkey-import-x509" title="gnutls_pubkey_import_x509 ()"><code class="function">gnutls_pubkey_import_x509()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-spki.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>a SubjectPublicKeyInfo structure of type <a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-spki.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-spki"></a><h3>gnutls_x509_crt_get_spki ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_spki (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a> spki</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will return the public key information of an X.509 +certificate. The provided <em class="parameter"><code>spki</code></em> + must be initialized.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-spki.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>a SubjectPublicKeyInfo structure of type <a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-pk-rsa-raw"></a><h3>gnutls_x509_crt_get_pk_rsa_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_pk_rsa_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *m</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e</code></em>);</pre> +<p>This function will export the RSA public key's parameters found in +the given structure. The new parameters will be allocated using +<code class="function">gnutls_malloc()</code> and will be stored in the appropriate datum.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-rsa-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>m</p></td> +<td class="parameter_description"><p>will hold the modulus</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e</p></td> +<td class="parameter_description"><p>will hold the public exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-rsa-raw.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise a negative error code.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-pk-dsa-raw"></a><h3>gnutls_x509_crt_get_pk_dsa_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_pk_dsa_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *p</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *q</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *g</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *y</code></em>);</pre> +<p>This function will export the DSA public key's parameters found in +the given certificate. The new parameters will be allocated using +<code class="function">gnutls_malloc()</code> and will be stored in the appropriate datum.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-dsa-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>p</p></td> +<td class="parameter_description"><p>will hold the p</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>q</p></td> +<td class="parameter_description"><p>will hold the q</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>g</p></td> +<td class="parameter_description"><p>will hold the g</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>y</p></td> +<td class="parameter_description"><p>will hold the y</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-dsa-raw.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise a negative error code.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-pk-ecc-raw"></a><h3>gnutls_x509_crt_get_pk_ecc_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_pk_ecc_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-ecc-curve-t" title="enum gnutls_ecc_curve_t"><span class="type">gnutls_ecc_curve_t</span></a> *curve</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *x</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *y</code></em>);</pre> +<p>This function will export the ECC public key's parameters found in +the given certificate. The new parameters will be allocated using +<code class="function">gnutls_malloc()</code> and will be stored in the appropriate datum.</p> +<p>In EdDSA curves the <em class="parameter"><code>y</code></em> + parameter will be <code class="literal">NULL</code> and the other parameters +will be in the native format for the curve.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-ecc-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>curve</p></td> +<td class="parameter_description"><p>will hold the curve</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>x</p></td> +<td class="parameter_description"><p>will hold the x-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>y</p></td> +<td class="parameter_description"><p>will hold the y-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-ecc-raw.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise a negative error code.</p> +</div> +<p class="since">Since: 3.4.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-pk-gost-raw"></a><h3>gnutls_x509_crt_get_pk_gost_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_pk_gost_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-ecc-curve-t" title="enum gnutls_ecc_curve_t"><span class="type">gnutls_ecc_curve_t</span></a> *curve</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> *digest</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-gost-paramset-t" title="enum gnutls_gost_paramset_t"><span class="type">gnutls_gost_paramset_t</span></a> *paramset</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *x</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *y</code></em>);</pre> +<p>This function will export the GOST public key's parameters found in +the given certificate. The new parameters will be allocated using +<code class="function">gnutls_malloc()</code> and will be stored in the appropriate datum.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-gost-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>curve</p></td> +<td class="parameter_description"><p>will hold the curve</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>digest</p></td> +<td class="parameter_description"><p>will hold the digest</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>paramset</p></td> +<td class="parameter_description"><p>will hold the GOST parameter set ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>x</p></td> +<td class="parameter_description"><p>will hold the x-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>y</p></td> +<td class="parameter_description"><p>will hold the y-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-pk-gost-raw.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise a negative error code.</p> +</div> +<p class="since">Since: 3.6.3</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-subject-alt-name"></a><h3>gnutls_x509_crt_get_subject_alt_name ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_subject_alt_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *san</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *san_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function retrieves the Alternative Name (2.5.29.17), contained +in the given certificate in the X509v3 Certificate Extensions.</p> +<p>When the SAN type is otherName, it will extract the data in the +otherName's value field, and <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME</code></a> is returned. +You may use <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-alt-othername-oid" title="gnutls_x509_crt_get_subject_alt_othername_oid ()"><code class="function">gnutls_x509_crt_get_subject_alt_othername_oid()</code></a> to get +the corresponding OID and the "virtual" SAN types (e.g., +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME-XMPP:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></a>).</p> +<p>If an otherName OID is known, the data will be decoded. Otherwise +the returned data will be DER encoded, and you will have to decode +it yourself. Currently, only the RFC 3920 id-on-xmppAddr SAN is +recognized.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject-alt-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>san</p></td> +<td class="parameter_description"><p>is the place where the alternative name will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>san_size</p></td> +<td class="parameter_description"><p>holds the size of san.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject-alt-name.returns"></a><h4>Returns</h4> +<p> the alternative subject name type on success, one of the +enumerated <a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a>. It will return +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if <em class="parameter"><code>san_size</code></em> +is not large enough to +hold the value. In that case <em class="parameter"><code>san_size</code></em> +will be updated with the +required size. If the certificate does not have an Alternative +name with the specified sequence number then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-subject-alt-name2"></a><h3>gnutls_x509_crt_get_subject_alt_name2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_subject_alt_name2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *san</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *san_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *san_type</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the alternative names, contained in the +given certificate. It is the same as +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-alt-name" title="gnutls_x509_crt_get_subject_alt_name ()"><code class="function">gnutls_x509_crt_get_subject_alt_name()</code></a> except for the fact that it +will return the type of the alternative name in <em class="parameter"><code>san_type</code></em> + even if +the function fails for some reason (i.e. the buffer provided is +not enough).</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject-alt-name2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>san</p></td> +<td class="parameter_description"><p>is the place where the alternative name will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>san_size</p></td> +<td class="parameter_description"><p>holds the size of ret.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>san_type</p></td> +<td class="parameter_description"><p>holds the type of the alternative name (one of gnutls_x509_subject_alt_name_t).</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject-alt-name2.returns"></a><h4>Returns</h4> +<p> the alternative subject name type on success, one of the +enumerated <a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a>. It will return +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if <em class="parameter"><code>san_size</code></em> +is not large enough +to hold the value. In that case <em class="parameter"><code>san_size</code></em> +will be updated with +the required size. If the certificate does not have an +Alternative name with the specified sequence number then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-subject-alt-othername-oid"></a><h3>gnutls_x509_crt_get_subject_alt_othername_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_subject_alt_othername_oid + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>);</pre> +<p>This function will extract the type OID of an otherName Subject +Alternative Name, contained in the given certificate, and return +the type as an enumerated element.</p> +<p>This function is only useful if +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-alt-name" title="gnutls_x509_crt_get_subject_alt_name ()"><code class="function">gnutls_x509_crt_get_subject_alt_name()</code></a> returned +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME</code></a>.</p> +<p>If <em class="parameter"><code>oid</code></em> + is null then only the size will be filled. The <em class="parameter"><code>oid</code></em> + +returned will be null terminated, although <em class="parameter"><code>oid_size</code></em> + will not +account for the trailing null.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject-alt-othername-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>is the place where the otherName OID will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>holds the size of ret.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject-alt-othername-oid.returns"></a><h4>Returns</h4> +<p> the alternative subject name type on success, one of the +enumerated gnutls_x509_subject_alt_name_t. For supported OIDs, it +will return one of the virtual (GNUTLS_SAN_OTHERNAME_*) types, +e.g. <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME-XMPP:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></a>, and <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME</code></a> for +unknown OIDs. It will return <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if +<em class="parameter"><code>ian_size</code></em> +is not large enough to hold the value. In that case +<em class="parameter"><code>ian_size</code></em> +will be updated with the required size. If the +certificate does not have an Alternative name with the specified +sequence number and with the otherName type then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-issuer-alt-name"></a><h3>gnutls_x509_crt_get_issuer_alt_name ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_issuer_alt_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *ian</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *ian_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function retrieves the Issuer Alternative Name (2.5.29.18), +contained in the given certificate in the X509v3 Certificate +Extensions.</p> +<p>When the SAN type is otherName, it will extract the data in the +otherName's value field, and <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME</code></a> is returned. +You may use <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-alt-othername-oid" title="gnutls_x509_crt_get_subject_alt_othername_oid ()"><code class="function">gnutls_x509_crt_get_subject_alt_othername_oid()</code></a> to get +the corresponding OID and the "virtual" SAN types (e.g., +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME-XMPP:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></a>).</p> +<p>If an otherName OID is known, the data will be decoded. Otherwise +the returned data will be DER encoded, and you will have to decode +it yourself. Currently, only the RFC 3920 id-on-xmppAddr Issuer +AltName is recognized.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-alt-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ian</p></td> +<td class="parameter_description"><p>is the place where the alternative name will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ian_size</p></td> +<td class="parameter_description"><p>holds the size of ian.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-alt-name.returns"></a><h4>Returns</h4> +<p> the alternative issuer name type on success, one of the +enumerated <a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a>. It will return +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if <em class="parameter"><code>ian_size</code></em> +is not large enough +to hold the value. In that case <em class="parameter"><code>ian_size</code></em> +will be updated with +the required size. If the certificate does not have an +Alternative name with the specified sequence number then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +</div> +<p class="since">Since: 2.10.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-issuer-alt-name2"></a><h3>gnutls_x509_crt_get_issuer_alt_name2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_issuer_alt_name2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *ian</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *ian_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *ian_type</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the alternative names, contained in the +given certificate. It is the same as +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-alt-name" title="gnutls_x509_crt_get_issuer_alt_name ()"><code class="function">gnutls_x509_crt_get_issuer_alt_name()</code></a> except for the fact that it +will return the type of the alternative name in <em class="parameter"><code>ian_type</code></em> + even if +the function fails for some reason (i.e. the buffer provided is +not enough).</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-alt-name2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ian</p></td> +<td class="parameter_description"><p>is the place where the alternative name will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ian_size</p></td> +<td class="parameter_description"><p>holds the size of ret.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ian_type</p></td> +<td class="parameter_description"><p>holds the type of the alternative name (one of gnutls_x509_subject_alt_name_t).</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-alt-name2.returns"></a><h4>Returns</h4> +<p> the alternative issuer name type on success, one of the +enumerated <a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a>. It will return +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if <em class="parameter"><code>ian_size</code></em> +is not large enough +to hold the value. In that case <em class="parameter"><code>ian_size</code></em> +will be updated with +the required size. If the certificate does not have an +Alternative name with the specified sequence number then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +</div> +<p class="since">Since: 2.10.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-issuer-alt-othername-oid"></a><h3>gnutls_x509_crt_get_issuer_alt_othername_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_issuer_alt_othername_oid + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *ret</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *ret_size</code></em>);</pre> +<p>This function will extract the type OID of an otherName Subject +Alternative Name, contained in the given certificate, and return +the type as an enumerated element.</p> +<p>If <em class="parameter"><code>oid</code></em> + is null then only the size will be filled. The <em class="parameter"><code>oid</code></em> + +returned will be null terminated, although <em class="parameter"><code>oid_size</code></em> + will not +account for the trailing null.</p> +<p>This function is only useful if +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-issuer-alt-name" title="gnutls_x509_crt_get_issuer_alt_name ()"><code class="function">gnutls_x509_crt_get_issuer_alt_name()</code></a> returned +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-alt-othername-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret</p></td> +<td class="parameter_description"><p>is the place where the otherName OID will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret_size</p></td> +<td class="parameter_description"><p>holds the size of ret.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer-alt-othername-oid.returns"></a><h4>Returns</h4> +<p> the alternative issuer name type on success, one of the +enumerated gnutls_x509_subject_alt_name_t. For supported OIDs, it +will return one of the virtual (GNUTLS_SAN_OTHERNAME_*) types, +e.g. <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME-XMPP:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></a>, and <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME</code></a> for +unknown OIDs. It will return <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if +<em class="parameter"><code>ret_size</code></em> +is not large enough to hold the value. In that case +<em class="parameter"><code>ret_size</code></em> +will be updated with the required size. If the +certificate does not have an Alternative name with the specified +sequence number and with the otherName type then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +</div> +<p class="since">Since: 2.10.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-ca-status"></a><h3>gnutls_x509_crt_get_ca_status ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_ca_status (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return certificates CA status, by reading the +basicConstraints X.509 extension (2.5.29.19). If the certificate is +a CA a positive value will be returned, or (0) if the certificate +does not have CA flag set.</p> +<p>Use <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-basic-constraints" title="gnutls_x509_crt_get_basic_constraints ()"><code class="function">gnutls_x509_crt_get_basic_constraints()</code></a> if you want to read the +pathLenConstraint field too.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-ca-status.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-ca-status.returns"></a><h4>Returns</h4> +<p> If the certificate is a CA a positive value will be +returned, or (0) if the certificate does not have CA flag set. A +negative error code may be returned in case of errors. If the +certificate does not contain the basicConstraints extension +GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-basic-constraints"></a><h3>gnutls_x509_crt_get_basic_constraints ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_basic_constraints (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *ca</code></em>, + <em class="parameter"><code><span class="type">int</span> *pathlen</code></em>);</pre> +<p>This function will read the certificate's basic constraints, and +return the certificates CA status. It reads the basicConstraints +X.509 extension (2.5.29.19).</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-basic-constraints.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ca</p></td> +<td class="parameter_description"><p>pointer to output integer indicating CA status, may be NULL, +value is 1 if the certificate CA flag is set, 0 otherwise.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pathlen</p></td> +<td class="parameter_description"><p>pointer to output integer indicating path length (may be +NULL), non-negative error codes indicate a present pathLenConstraint +field and the actual value, -1 indicate that the field is absent.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-basic-constraints.returns"></a><h4>Returns</h4> +<p> If the certificate is a CA a positive value will be +returned, or (0) if the certificate does not have CA flag set. A +negative error code may be returned in case of errors. If the +certificate does not contain the basicConstraints extension +GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-key-usage"></a><h3>gnutls_x509_crt_get_key_usage ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_key_usage (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *key_usage</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return certificate's key usage, by reading the +keyUsage X.509 extension (2.5.29.15). The key usage value will ORed +values of the: <a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-DIGITAL-SIGNATURE:CAPS" title="GNUTLS_KEY_DIGITAL_SIGNATURE"><code class="literal">GNUTLS_KEY_DIGITAL_SIGNATURE</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-NON-REPUDIATION:CAPS" title="GNUTLS_KEY_NON_REPUDIATION"><code class="literal">GNUTLS_KEY_NON_REPUDIATION</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-KEY-ENCIPHERMENT:CAPS" title="GNUTLS_KEY_KEY_ENCIPHERMENT"><code class="literal">GNUTLS_KEY_KEY_ENCIPHERMENT</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-DATA-ENCIPHERMENT:CAPS" title="GNUTLS_KEY_DATA_ENCIPHERMENT"><code class="literal">GNUTLS_KEY_DATA_ENCIPHERMENT</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-KEY-AGREEMENT:CAPS" title="GNUTLS_KEY_KEY_AGREEMENT"><code class="literal">GNUTLS_KEY_KEY_AGREEMENT</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-KEY-CERT-SIGN:CAPS" title="GNUTLS_KEY_KEY_CERT_SIGN"><code class="literal">GNUTLS_KEY_KEY_CERT_SIGN</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-CRL-SIGN:CAPS" title="GNUTLS_KEY_CRL_SIGN"><code class="literal">GNUTLS_KEY_CRL_SIGN</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-ENCIPHER-ONLY:CAPS" title="GNUTLS_KEY_ENCIPHER_ONLY"><code class="literal">GNUTLS_KEY_ENCIPHER_ONLY</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-DECIPHER-ONLY:CAPS" title="GNUTLS_KEY_DECIPHER_ONLY"><code class="literal">GNUTLS_KEY_DECIPHER_ONLY</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-key-usage.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key_usage</p></td> +<td class="parameter_description"><p>where the key usage bits will be stored</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-key-usage.returns"></a><h4>Returns</h4> +<p> zero on success, or a negative error code in case of +parsing error. If the certificate does not contain the keyUsage +extension <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> will be +returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-key-usage"></a><h3>gnutls_x509_crt_set_key_usage ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_key_usage (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> usage</code></em>);</pre> +<p>This function will set the keyUsage certificate extension.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-key-usage.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>usage</p></td> +<td class="parameter_description"><p>an ORed sequence of the GNUTLS_KEY_* elements.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-key-usage.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-authority-info-access"></a><h3>gnutls_x509_crt_set_authority_info_access ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_authority_info_access + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><span class="type">int</span> what</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>);</pre> +<p>This function sets the Authority Information Access (AIA) +extension, see RFC 5280 section 4.2.2.1 for more information. </p> +<p>The type of data stored in <em class="parameter"><code>data</code></em> + is specified via <em class="parameter"><code>what</code></em> + which +should be <a class="link" href="gnutls-x509.html#gnutls-info-access-what-t" title="enum gnutls_info_access_what_t"><span class="type">gnutls_info_access_what_t</span></a> values.</p> +<p>If <em class="parameter"><code>what</code></em> + is <a class="link" href="gnutls-x509.html#GNUTLS-IA-OCSP-URI:CAPS"><code class="literal">GNUTLS_IA_OCSP_URI</code></a>, <em class="parameter"><code>data</code></em> + will hold the OCSP URI. +If <em class="parameter"><code>what</code></em> + is <a class="link" href="gnutls-x509.html#GNUTLS-IA-CAISSUERS-URI:CAPS"><code class="literal">GNUTLS_IA_CAISSUERS_URI</code></a>, <em class="parameter"><code>data</code></em> + will hold the caIssuers +URI.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-authority-info-access.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>what</p></td> +<td class="parameter_description"><p>what data to get, a <a class="link" href="gnutls-x509.html#gnutls-info-access-what-t" title="enum gnutls_info_access_what_t"><span class="type">gnutls_info_access_what_t</span></a> type.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>output data to be freed with <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-authority-info-access.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-inhibit-anypolicy"></a><h3>gnutls_x509_crt_get_inhibit_anypolicy ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_inhibit_anypolicy (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *skipcerts</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return certificate's value of the SkipCerts, i.e., +the Inhibit anyPolicy X.509 extension (2.5.29.54).</p> +<p>The returned value is the number of additional certificates that +may appear in the path before the anyPolicy is no longer acceptable.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-inhibit-anypolicy.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>skipcerts</p></td> +<td class="parameter_description"><p>will hold the number of certificates after which anypolicy is no longer acceptable.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-inhibit-anypolicy.returns"></a><h4>Returns</h4> +<p> zero on success, or a negative error code in case of +parsing error. If the certificate does not contain the Inhibit anyPolicy +extension <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> will be +returned.</p> +</div> +<p class="since">Since: 3.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-inhibit-anypolicy"></a><h3>gnutls_x509_crt_set_inhibit_anypolicy ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_inhibit_anypolicy (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> skipcerts</code></em>);</pre> +<p>This function will set the Inhibit anyPolicy certificate extension.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-inhibit-anypolicy.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>skipcerts</p></td> +<td class="parameter_description"><p>number of certificates after which anypolicy is no longer acceptable.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-inhibit-anypolicy.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-proxy"></a><h3>gnutls_x509_crt_get_proxy ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_proxy (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>, + <em class="parameter"><code><span class="type">int</span> *pathlen</code></em>, + <em class="parameter"><code><span class="type">char</span> **policyLanguage</code></em>, + <em class="parameter"><code><span class="type">char</span> **policy</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_policy</code></em>);</pre> +<p>This function will get information from a proxy certificate. It +reads the ProxyCertInfo X.509 extension (1.3.6.1.5.5.7.1.14).</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-proxy.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pathlen</p></td> +<td class="parameter_description"><p>pointer to output integer indicating path length (may be +NULL), non-negative error codes indicate a present pCPathLenConstraint +field and the actual value, -1 indicate that the field is absent.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>policyLanguage</p></td> +<td class="parameter_description"><p>output variable with OID of policy language</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>policy</p></td> +<td class="parameter_description"><p>output variable with policy data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_policy</p></td> +<td class="parameter_description"><p>output variable size of policy data</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-proxy.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error code is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-tlsfeatures-init"></a><h3>gnutls_x509_tlsfeatures_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_tlsfeatures_init (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-t" title="gnutls_x509_tlsfeatures_t"><span class="type">gnutls_x509_tlsfeatures_t</span></a> *features</code></em>);</pre> +<p>This function will initialize a X.509 TLS features extension structure</p> +<div class="refsect3"> +<a name="gnutls-x509-tlsfeatures-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>f</p></td> +<td class="parameter_description"><p>The TLS features</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-tlsfeatures-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.5.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-tlsfeatures-deinit"></a><h3>gnutls_x509_tlsfeatures_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_tlsfeatures_deinit (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-t" title="gnutls_x509_tlsfeatures_t"><span class="type">gnutls_x509_tlsfeatures_t</span></a> Param1</code></em>);</pre> +<p>This function will deinitialize a X.509 TLS features extension structure</p> +<div class="refsect3"> +<a name="gnutls-x509-tlsfeatures-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>f</p></td> +<td class="parameter_description"><p>The TLS features</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<p class="since">Since: 3.5.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-tlsfeatures-get"></a><h3>gnutls_x509_tlsfeatures_get ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_tlsfeatures_get (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-t" title="gnutls_x509_tlsfeatures_t"><span class="type">gnutls_x509_tlsfeatures_t</span></a> f</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> idx</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *feature</code></em>);</pre> +<p>This function will get a feature from the X.509 TLS features +extension structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-tlsfeatures-get.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>f</p></td> +<td class="parameter_description"><p>The TLS features</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>idx</p></td> +<td class="parameter_description"><p>The index of the feature to get</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>feature</p></td> +<td class="parameter_description"><p>If the function succeeds, the feature will be stored in this variable</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-tlsfeatures-get.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.5.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-tlsfeatures"></a><h3>gnutls_x509_crt_set_tlsfeatures ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_tlsfeatures (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-t" title="gnutls_x509_tlsfeatures_t"><span class="type">gnutls_x509_tlsfeatures_t</span></a> features</code></em>);</pre> +<p>This function will set the certificates +X.509 TLS extension from the given structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-tlsfeatures.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>A X.509 certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>features</p></td> +<td class="parameter_description"><p>If the function succeeds, the +features will be added to the certificate.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-tlsfeatures.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.5.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-tlsfeatures"></a><h3>gnutls_x509_crt_get_tlsfeatures ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_tlsfeatures (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-t" title="gnutls_x509_tlsfeatures_t"><span class="type">gnutls_x509_tlsfeatures_t</span></a> features</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will get the X.509 TLS features +extension structure from the certificate. The +returned structure needs to be freed using +<a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-deinit" title="gnutls_x509_tlsfeatures_deinit ()"><code class="function">gnutls_x509_tlsfeatures_deinit()</code></a>.</p> +<p>When the <em class="parameter"><code>flags</code></em> + is set to <a class="link" href="gnutls-x509.html#GNUTLS-EXT-FLAG-APPEND:CAPS" title="GNUTLS_EXT_FLAG_APPEND"><code class="literal">GNUTLS_EXT_FLAG_APPEND</code></a>, +then if the <em class="parameter"><code>features</code></em> + structure is empty this function will behave +identically as if the flag was not set. Otherwise if there are elements +in the <em class="parameter"><code>features</code></em> + structure then they will be merged with.</p> +<p>Note that <em class="parameter"><code>features</code></em> + must be initialized prior to calling this function.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-tlsfeatures.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>A X.509 certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>features</p></td> +<td class="parameter_description"><p>If the function succeeds, the +features will be stored in this variable.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or <a class="link" href="gnutls-x509.html#GNUTLS-EXT-FLAG-APPEND:CAPS" title="GNUTLS_EXT_FLAG_APPEND"><code class="literal">GNUTLS_EXT_FLAG_APPEND</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>the extension status</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-tlsfeatures.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.5.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-tlsfeatures-check-crt"></a><h3>gnutls_x509_tlsfeatures_check_crt ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_tlsfeatures_check_crt (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-t" title="gnutls_x509_tlsfeatures_t"><span class="type">gnutls_x509_tlsfeatures_t</span></a> feat</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>);</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-policy-release"></a><h3>gnutls_x509_policy_release ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_policy_release (<em class="parameter"><code><span class="type">struct gnutls_x509_policy_st</span> *policy</code></em>);</pre> +<p>This function will deinitialize all memory associated with the provided +<em class="parameter"><code>policy</code></em> +. The policy is allocated using <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-policy" title="gnutls_x509_crt_get_policy ()"><code class="function">gnutls_x509_crt_get_policy()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-policy-release.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>policy</p></td> +<td class="parameter_description"><p>a certificate policy</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<p class="since">Since: 3.1.5</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-policy"></a><h3>gnutls_x509_crt_get_policy ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_policy (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">struct gnutls_x509_policy_st</span> *policy</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will extract the certificate policy (extension 2.5.29.32) +specified by the given index.</p> +<p>The policy returned by this function must be deinitialized by using +<a class="link" href="gnutls-x509.html#gnutls-x509-policy-release" title="gnutls_x509_policy_release ()"><code class="function">gnutls_x509_policy_release()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-policy.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>This specifies which policy to return. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>policy</p></td> +<td class="parameter_description"><p>A pointer to a policy structure.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-policy.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +if the extension is not present, otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.1.5</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-policy"></a><h3>gnutls_x509_crt_set_policy ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_policy (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">struct gnutls_x509_policy_st</span> *policy</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> critical</code></em>);</pre> +<p>This function will set the certificate policy extension (2.5.29.32). +Multiple calls to this function append a new policy.</p> +<p>Note the maximum text size for the qualifier <a class="link" href="gnutls-x509.html#GNUTLS-X509-QUALIFIER-NOTICE:CAPS"><code class="literal">GNUTLS_X509_QUALIFIER_NOTICE</code></a> +is 200 characters. This function will fail with <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INVALID-REQUEST:CAPS" title="GNUTLS_E_INVALID_REQUEST"><code class="literal">GNUTLS_E_INVALID_REQUEST</code></a> +if this is exceeded.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-policy.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>policy</p></td> +<td class="parameter_description"><p>A pointer to a policy</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>use non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-policy.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.1.5</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-oid-known"></a><h3>gnutls_x509_dn_oid_known ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_dn_oid_known (<em class="parameter"><code>const <span class="type">char</span> *oid</code></em>);</pre> +<p>This function will inform about known DN OIDs. This is useful since +functions like <a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-dn-by-oid" title="gnutls_x509_crt_set_dn_by_oid ()"><code class="function">gnutls_x509_crt_set_dn_by_oid()</code></a> use the information +on known OIDs to properly encode their input. Object Identifiers +that are not known are not encoded by these functions, and their +input is stored directly into the ASN.1 structure. In that case of +unknown OIDs, you have the responsibility of DER encoding your +data.</p> +<div class="refsect3"> +<a name="gnutls-x509-dn-oid-known.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in a null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-dn-oid-known.returns"></a><h4>Returns</h4> +<p> 1 on known OIDs and 0 otherwise.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-oid-name"></a><h3>gnutls_x509_dn_oid_name ()</h3> +<pre class="programlisting">const <span class="returnvalue">char</span> * +gnutls_x509_dn_oid_name (<em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will return the name of a known DN OID. If +<a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-OID-RETURN-OID:CAPS" title="GNUTLS_X509_DN_OID_RETURN_OID"><code class="literal">GNUTLS_X509_DN_OID_RETURN_OID</code></a> is specified this function +will return the given OID if no descriptive name has been +found.</p> +<div class="refsect3"> +<a name="gnutls-x509-dn-oid-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in a null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>0 or GNUTLS_X509_DN_OID_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-dn-oid-name.returns"></a><h4>Returns</h4> +<p> A null terminated string or NULL otherwise.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-extension-oid"></a><h3>gnutls_x509_crt_get_extension_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_extension_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>);</pre> +<p>This function will return the requested extension OID in the certificate. +The extension OID will be stored as a string in the provided buffer.</p> +<p>The <em class="parameter"><code>oid</code></em> + returned will be null terminated, although <em class="parameter"><code>oid_size</code></em> + will not +account for the trailing null.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension OID to send. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error code is returned. If you have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-extension-by-oid"></a><h3>gnutls_x509_crt_get_extension_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_extension_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *buf_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the extension specified by the OID in the +certificate. The extensions will be returned as binary data DER +encoded, in the provided buffer.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identified in null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>In case multiple same OIDs exist in the extensions, this specifies which to send. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error code is returned. If the certificate does not +contain the specified extension +GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-signature-algorithm"></a><h3>gnutls_x509_crq_get_signature_algorithm ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_signature_algorithm + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>);</pre> +<p>This function will return a value of the <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> +enumeration that is the signature algorithm that has been used to +sign this certificate request.</p> +<p>Since 3.6.0 this function never returns a negative error code. +Error cases and unknown/unsupported signature algorithms are +mapped to <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-UNKNOWN:CAPS"><code class="literal">GNUTLS_SIGN_UNKNOWN</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-signature-algorithm.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <span class="type">gnutls_x509_cr_t</span> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-signature-algorithm.returns"></a><h4>Returns</h4> +<p> a <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> value</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-extension-by-oid2"></a><h3>gnutls_x509_crq_get_extension_by_oid2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_extension_by_oid2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *output</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the extension specified by the OID in +the certificate. The extensions will be returned as binary data +DER encoded, in the provided buffer.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-extension-by-oid2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in a null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>In case multiple same OIDs exist in the extensions, this +specifies which to get. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output</p></td> +<td class="parameter_description"><p>will hold the allocated extension data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-extension-by-oid2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error. If the certificate does not +contain the specified extension +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> will be returned.</p> +</div> +<p class="since">Since: 3.3.8</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-extension-info"></a><h3>gnutls_x509_crt_get_extension_info ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_extension_info (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the requested extension OID in the +certificate, and the critical flag for it. The extension OID will +be stored as a string in the provided buffer. Use +<code class="function">gnutls_x509_crt_get_extension()</code> to extract the data.</p> +<p>If the buffer provided is not long enough to hold the output, then +<em class="parameter"><code>oid_size</code></em> + is updated and <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> will be +returned. The <em class="parameter"><code>oid</code></em> + returned will be null terminated, although +<em class="parameter"><code>oid_size</code></em> + will not account for the trailing null (the latter is not +true for GnuTLS prior to 3.6.0).</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-info.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension OID to send. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>initially holds the maximum size of <em class="parameter"><code>oid</code></em> +, on return +holds actual size of <em class="parameter"><code>oid</code></em> +.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>output variable with critical flag, may be NULL.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-info.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error code is returned. If you have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-extension-data"></a><h3>gnutls_x509_crt_get_extension_data ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_extension_data (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_data</code></em>);</pre> +<p>This function will return the requested extension data in the +certificate. The extension data will be stored in the +provided buffer.</p> +<p>Use <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-extension-info" title="gnutls_x509_crt_get_extension_info ()"><code class="function">gnutls_x509_crt_get_extension_info()</code></a> to extract the OID and +critical flag. Use <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-extension-by-oid" title="gnutls_x509_crt_get_extension_by_oid ()"><code class="function">gnutls_x509_crt_get_extension_by_oid()</code></a> instead, +if you want to get data indexed by the extension OID rather than +sequence.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-data.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension OID to send. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the data (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_data</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>data</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-data.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error code is returned. If you have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-extension-data2"></a><h3>gnutls_x509_crt_get_extension_data2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_extension_data2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>);</pre> +<p>This function will return the requested by the index extension data in the +certificate. The extension data will be allocated using +<code class="function">gnutls_malloc()</code>.</p> +<p>Use <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-extension-info" title="gnutls_x509_crt_get_extension_info ()"><code class="function">gnutls_x509_crt_get_extension_info()</code></a> to extract the OID.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-data2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension OID to read. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>will contain the extension DER-encoded data</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-data2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error code is returned. If you have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-extension-by-oid"></a><h3>gnutls_x509_crt_set_extension_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_extension_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> sizeof_buf</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> critical</code></em>);</pre> +<p>This function will set an the extension, by the specified OID, in +the certificate. The extension data should be binary data DER +encoded.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-extension-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a DER encoded data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_buf</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>should be non-zero if the extension is to be marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-extension-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-dn"></a><h3>gnutls_x509_crt_set_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *dn</code></em>, + <em class="parameter"><code>const <span class="type">char</span> **err</code></em>);</pre> +<p>This function will set the DN on the provided certificate. +The input string should be plain ASCII or UTF-8 encoded. On +DN parsing error <a class="link" href="gnutls-gnutls.html#GNUTLS-E-PARSING-ERROR:CAPS" title="GNUTLS_E_PARSING_ERROR"><code class="literal">GNUTLS_E_PARSING_ERROR</code></a> is returned.</p> +<p>Note that DNs are not expected to hold DNS information, and thus +no automatic IDNA conversions are attempted when using this function. +If that is required (e.g., store a domain in CN), process the corresponding +input with <a class="link" href="gnutls-gnutls.html#gnutls-idna-map" title="gnutls_idna_map ()"><code class="function">gnutls_idna_map()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a comma separated DN string (RFC4514)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>err</p></td> +<td class="parameter_description"><p>indicates the error position (if any)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-dn.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-dn-by-oid"></a><h3>gnutls_x509_crt_set_dn_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_dn_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> raw_flag</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *name</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> sizeof_name</code></em>);</pre> +<p>This function will set the part of the name of the Certificate +subject, specified by the given OID. The input string should be +ASCII or UTF-8 encoded.</p> +<p>Some helper macros with popular OIDs can be found in gnutls/x509.h +With this function you can only set the known OIDs. You can test +for known OIDs using <a class="link" href="gnutls-x509.html#gnutls-x509-dn-oid-known" title="gnutls_x509_dn_oid_known ()"><code class="function">gnutls_x509_dn_oid_known()</code></a>. For OIDs that are +not known (by gnutls) you should properly DER encode your data, +and call this function with <em class="parameter"><code>raw_flag</code></em> + set.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-dn-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in a null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>raw_flag</p></td> +<td class="parameter_description"><p>must be 0, or 1 if the data are DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>a pointer to the name</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_name</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>name</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-dn-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-issuer-dn-by-oid"></a><h3>gnutls_x509_crt_set_issuer_dn_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_issuer_dn_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> raw_flag</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *name</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> sizeof_name</code></em>);</pre> +<p>This function will set the part of the name of the Certificate +issuer, specified by the given OID. The input string should be +ASCII or UTF-8 encoded.</p> +<p>Some helper macros with popular OIDs can be found in gnutls/x509.h +With this function you can only set the known OIDs. You can test +for known OIDs using <a class="link" href="gnutls-x509.html#gnutls-x509-dn-oid-known" title="gnutls_x509_dn_oid_known ()"><code class="function">gnutls_x509_dn_oid_known()</code></a>. For OIDs that are +not known (by gnutls) you should properly DER encode your data, +and call this function with <em class="parameter"><code>raw_flag</code></em> + set.</p> +<p>Normally you do not need to call this function, since the signing +operation will copy the signer's name as the issuer of the +certificate.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-issuer-dn-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in a null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>raw_flag</p></td> +<td class="parameter_description"><p>must be 0, or 1 if the data are DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>a pointer to the name</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_name</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>name</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-issuer-dn-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-issuer-dn"></a><h3>gnutls_x509_crt_set_issuer_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_issuer_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *dn</code></em>, + <em class="parameter"><code>const <span class="type">char</span> **err</code></em>);</pre> +<p>This function will set the DN on the provided certificate. +The input string should be plain ASCII or UTF-8 encoded. On +DN parsing error <a class="link" href="gnutls-gnutls.html#GNUTLS-E-PARSING-ERROR:CAPS" title="GNUTLS_E_PARSING_ERROR"><code class="literal">GNUTLS_E_PARSING_ERROR</code></a> is returned.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-issuer-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a comma separated DN string (RFC4514)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>err</p></td> +<td class="parameter_description"><p>indicates the error position (if any)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-issuer-dn.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-version"></a><h3>gnutls_x509_crt_set_version ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_version (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> version</code></em>);</pre> +<p>This function will set the version of the certificate. This must +be one for X.509 version 1, and so on. Plain certificates without +extensions must have version set to one.</p> +<p>To create well-formed certificates, you must specify version 3 if +you use any certificate extensions. Extensions are created by +functions such as <a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-subject-alt-name" title="gnutls_x509_crt_set_subject_alt_name ()"><code class="function">gnutls_x509_crt_set_subject_alt_name()</code></a> +or <a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-key-usage" title="gnutls_x509_crt_set_key_usage ()"><code class="function">gnutls_x509_crt_set_key_usage()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-version.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>version</p></td> +<td class="parameter_description"><p>holds the version number. For X.509v1 certificates must be 1.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-version.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-key"></a><h3>gnutls_x509_crt_set_key ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_key (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>);</pre> +<p>This function will set the public parameters from the given +private key to the certificate.</p> +<p>To export the public key (i.e., the SubjectPublicKeyInfo part), check +<a class="link" href="gnutls-abstract.html#gnutls-pubkey-import-x509" title="gnutls_pubkey_import_x509 ()"><code class="function">gnutls_pubkey_import_x509()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-key.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>holds a private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-key.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-ca-status"></a><h3>gnutls_x509_crt_set_ca_status ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_ca_status (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> ca</code></em>);</pre> +<p>This function will set the basicConstraints certificate extension. +Use <a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-basic-constraints" title="gnutls_x509_crt_set_basic_constraints ()"><code class="function">gnutls_x509_crt_set_basic_constraints()</code></a> if you want to control +the pathLenConstraint field too.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-ca-status.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ca</p></td> +<td class="parameter_description"><p>true(1) or false(0). Depending on the Certificate authority status.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-ca-status.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-basic-constraints"></a><h3>gnutls_x509_crt_set_basic_constraints ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_basic_constraints (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> ca</code></em>, + <em class="parameter"><code><span class="type">int</span> pathLenConstraint</code></em>);</pre> +<p>This function will set the basicConstraints certificate extension.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-basic-constraints.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ca</p></td> +<td class="parameter_description"><p>true(1) or false(0). Depending on the Certificate authority status.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pathLenConstraint</p></td> +<td class="parameter_description"><p>non-negative error codes indicate maximum length of path, +and negative error codes indicate that the pathLenConstraints field should +not be present.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-basic-constraints.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-subject-unique-id"></a><h3>gnutls_x509_crt_set_subject_unique_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_subject_unique_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *id</code></em>, + <em class="parameter"><code><span class="type">size_t</span> id_size</code></em>);</pre> +<p>This function will set the X.509 certificate's subject unique ID field.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-subject-unique-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id</p></td> +<td class="parameter_description"><p>The unique ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id_size</p></td> +<td class="parameter_description"><p>Holds the size of the unique ID.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-subject-unique-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-issuer-unique-id"></a><h3>gnutls_x509_crt_set_issuer_unique_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_issuer_unique_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *id</code></em>, + <em class="parameter"><code><span class="type">size_t</span> id_size</code></em>);</pre> +<p>This function will set the X.509 certificate's issuer unique ID field.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-issuer-unique-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id</p></td> +<td class="parameter_description"><p>The unique ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id_size</p></td> +<td class="parameter_description"><p>Holds the size of the unique ID.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-issuer-unique-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-subject-alternative-name"></a><h3>gnutls_x509_crt_set_subject_alternative_name ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_subject_alternative_name + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> type</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *data_string</code></em>);</pre> +<p>This function will set the subject alternative name certificate +extension. This function assumes that data can be expressed as a null +terminated string.</p> +<p>The name of the function is unfortunate since it is inconsistent with +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-alt-name" title="gnutls_x509_crt_get_subject_alt_name ()"><code class="function">gnutls_x509_crt_get_subject_alt_name()</code></a>.</p> +<p>See <a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-subject-alt-name" title="gnutls_x509_crt_set_subject_alt_name ()"><code class="function">gnutls_x509_crt_set_subject_alt_name()</code></a> for more information.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-subject-alternative-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>is one of the gnutls_x509_subject_alt_name_t enumerations</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_string</p></td> +<td class="parameter_description"><p>The data to be set, a (0) terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-subject-alternative-name.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-subject-alt-name"></a><h3>gnutls_x509_crt_set_subject_alt_name ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_subject_alt_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> type</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *data</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> data_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will set the subject alternative name certificate +extension. It can set the following types: <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DNSNAME:CAPS"><code class="literal">GNUTLS_SAN_DNSNAME</code></a> as a text string, +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-RFC822NAME:CAPS"><code class="literal">GNUTLS_SAN_RFC822NAME</code></a> as a text string, <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-URI:CAPS"><code class="literal">GNUTLS_SAN_URI</code></a> as a text string, +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-IPADDRESS:CAPS"><code class="literal">GNUTLS_SAN_IPADDRESS</code></a> as a binary IP address (4 or 16 bytes), +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME-XMPP:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></a> as a UTF8 string (since 3.5.0).</p> +<p>Since version 3.5.7 the <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-RFC822NAME:CAPS"><code class="literal">GNUTLS_SAN_RFC822NAME</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DNSNAME:CAPS"><code class="literal">GNUTLS_SAN_DNSNAME</code></a>, and +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME-XMPP:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></a> are converted to ACE format when necessary.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-subject-alt-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>is one of the gnutls_x509_subject_alt_name_t enumerations</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_size</p></td> +<td class="parameter_description"><p>The size of data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>GNUTLS_FSAN_SET to clear previous data or GNUTLS_FSAN_APPEND to append. </p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-subject-alt-name.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-subject-alt-othername"></a><h3>gnutls_x509_crt_set_subject_alt_othername ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_subject_alt_othername + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *data</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> data_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will set an "othername" to the subject alternative name certificate +extension.</p> +<p>The values set are set as binary values and are expected to have the proper DER encoding. +For convenience the flags <a class="link" href="gnutls-x509.html#GNUTLS-FSAN-ENCODE-OCTET-STRING:CAPS" title="GNUTLS_FSAN_ENCODE_OCTET_STRING"><code class="literal">GNUTLS_FSAN_ENCODE_OCTET_STRING</code></a> and <a class="link" href="gnutls-x509.html#GNUTLS-FSAN-ENCODE-UTF8-STRING:CAPS" title="GNUTLS_FSAN_ENCODE_UTF8_STRING"><code class="literal">GNUTLS_FSAN_ENCODE_UTF8_STRING</code></a> +can be used to encode the provided data.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-subject-alt-othername.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>The other name OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_size</p></td> +<td class="parameter_description"><p>The size of data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>GNUTLS_FSAN_SET to clear previous data or GNUTLS_FSAN_APPEND to append. </p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-subject-alt-othername.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-issuer-alt-name"></a><h3>gnutls_x509_crt_set_issuer_alt_name ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_issuer_alt_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> type</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *data</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> data_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will set the issuer alternative name certificate +extension. It can set the same types as <a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-subject-alt-name" title="gnutls_x509_crt_set_subject_alt_name ()"><code class="function">gnutls_x509_crt_set_subject_alt_name()</code></a>.</p> +<p>Since version 3.5.7 the <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-RFC822NAME:CAPS"><code class="literal">GNUTLS_SAN_RFC822NAME</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DNSNAME:CAPS"><code class="literal">GNUTLS_SAN_DNSNAME</code></a>, and +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME-XMPP:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></a> are converted to ACE format when necessary.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-issuer-alt-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>is one of the gnutls_x509_subject_alt_name_t enumerations</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_size</p></td> +<td class="parameter_description"><p>The size of data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>GNUTLS_FSAN_SET to clear previous data or GNUTLS_FSAN_APPEND to append. </p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-issuer-alt-name.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-issuer-alt-othername"></a><h3>gnutls_x509_crt_set_issuer_alt_othername ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_issuer_alt_othername + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *data</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> data_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will set an "othername" to the issuer alternative name certificate +extension.</p> +<p>The values set are set as binary values and are expected to have the proper DER encoding. +For convenience the flags <a class="link" href="gnutls-x509.html#GNUTLS-FSAN-ENCODE-OCTET-STRING:CAPS" title="GNUTLS_FSAN_ENCODE_OCTET_STRING"><code class="literal">GNUTLS_FSAN_ENCODE_OCTET_STRING</code></a> and <a class="link" href="gnutls-x509.html#GNUTLS-FSAN-ENCODE-UTF8-STRING:CAPS" title="GNUTLS_FSAN_ENCODE_UTF8_STRING"><code class="literal">GNUTLS_FSAN_ENCODE_UTF8_STRING</code></a> +can be used to encode the provided data.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-issuer-alt-othername.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>The other name OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_size</p></td> +<td class="parameter_description"><p>The size of data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>GNUTLS_FSAN_SET to clear previous data or GNUTLS_FSAN_APPEND to append. </p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-issuer-alt-othername.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-sign"></a><h3>gnutls_x509_crt_sign ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_sign (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> issuer</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> issuer_key</code></em>);</pre> +<p>This function is the same a <a class="link" href="gnutls-x509.html#gnutls-x509-crt-sign2" title="gnutls_x509_crt_sign2 ()"><code class="function">gnutls_x509_crt_sign2()</code></a> with no flags, +and an appropriate hash algorithm. The hash algorithm used may +vary between versions of GnuTLS, and it is tied to the security +level of the issuer's public key.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-sign.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>is the certificate of the certificate issuer</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer_key</p></td> +<td class="parameter_description"><p>holds the issuer's private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-sign.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-sign2"></a><h3>gnutls_x509_crt_sign2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_sign2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> issuer</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> issuer_key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> dig</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will sign the certificate with the issuer's private key, and +will copy the issuer's information into the certificate.</p> +<p>This must be the last step in a certificate generation since all +the previously set parameters are now signed.</p> +<p>A known limitation of this function is, that a newly-signed certificate will not +be fully functional (e.g., for signature verification), until it +is exported an re-imported.</p> +<p>After GnuTLS 3.6.1 the value of <em class="parameter"><code>dig</code></em> + may be <a class="link" href="gnutls-gnutls.html#GNUTLS-DIG-UNKNOWN:CAPS"><code class="literal">GNUTLS_DIG_UNKNOWN</code></a>, +and in that case, a suitable but reasonable for the key algorithm will be selected.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-sign2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>is the certificate of the certificate issuer</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer_key</p></td> +<td class="parameter_description"><p>holds the issuer's private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dig</p></td> +<td class="parameter_description"><p>The message digest to use, <a class="link" href="gnutls-gnutls.html#GNUTLS-DIG-SHA256:CAPS"><code class="literal">GNUTLS_DIG_SHA256</code></a> is a safe choice</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be 0</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-sign2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-activation-time"></a><h3>gnutls_x509_crt_set_activation_time ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_activation_time (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">time_t</span> act_time</code></em>);</pre> +<p>This function will set the time this certificate was or will be +activated.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-activation-time.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>act_time</p></td> +<td class="parameter_description"><p>The actual time</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-activation-time.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-expiration-time"></a><h3>gnutls_x509_crt_set_expiration_time ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_expiration_time (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">time_t</span> exp_time</code></em>);</pre> +<p>This function will set the time this Certificate will expire. +Setting an expiration time to (time_t)-1 will set +to the no well-defined expiration date value.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-expiration-time.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>exp_time</p></td> +<td class="parameter_description"><p>The actual time</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-expiration-time.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-serial"></a><h3>gnutls_x509_crt_set_serial ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_serial (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *serial</code></em>, + <em class="parameter"><code><span class="type">size_t</span> serial_size</code></em>);</pre> +<p>This function will set the X.509 certificate's serial number. +While the serial number is an integer, it is often handled +as an opaque field by several CAs. For this reason this function +accepts any kind of data as a serial number. To be consistent +with the X.509/PKIX specifications the provided <em class="parameter"><code>serial</code></em> + should be +a big-endian positive number (i.e. its leftmost bit should be zero).</p> +<p>The size of the serial is restricted to 20 bytes maximum by RFC5280. +This function allows writing more than 20 bytes but the generated +certificates in that case may be rejected by other implementations.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-serial.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial</p></td> +<td class="parameter_description"><p>The serial number</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial_size</p></td> +<td class="parameter_description"><p>Holds the size of the serial field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-serial.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-subject-key-id"></a><h3>gnutls_x509_crt_set_subject_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_subject_key_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *id</code></em>, + <em class="parameter"><code><span class="type">size_t</span> id_size</code></em>);</pre> +<p>This function will set the X.509 certificate's subject key ID +extension.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-subject-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id</p></td> +<td class="parameter_description"><p>The key ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id_size</p></td> +<td class="parameter_description"><p>Holds the size of the subject key ID field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-subject-key-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-proxy-dn"></a><h3>gnutls_x509_crt_set_proxy_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_proxy_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> eecrt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> raw_flag</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *name</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> sizeof_name</code></em>);</pre> +<p>This function will set the subject in <em class="parameter"><code>crt</code></em> + to the end entity's +<em class="parameter"><code>eecrt</code></em> + subject name, and add a single Common Name component <em class="parameter"><code>name</code></em> + +of size <em class="parameter"><code>sizeof_name</code></em> +. This corresponds to the required proxy +certificate naming style. Note that if <em class="parameter"><code>name</code></em> + is <code class="literal">NULL</code>, you MUST +set it later by using <a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-dn-by-oid" title="gnutls_x509_crt_set_dn_by_oid ()"><code class="function">gnutls_x509_crt_set_dn_by_oid()</code></a> or similar.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-proxy-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a gnutls_x509_crt_t type with the new proxy cert</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>eecrt</p></td> +<td class="parameter_description"><p>the end entity certificate that will be issuing the proxy</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>raw_flag</p></td> +<td class="parameter_description"><p>must be 0, or 1 if the CN is DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>a pointer to the CN name, may be NULL (but MUST then be added later)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_name</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>name</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-proxy-dn.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-proxy"></a><h3>gnutls_x509_crt_set_proxy ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_proxy (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><span class="type">int</span> pathLenConstraint</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *policyLanguage</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *policy</code></em>, + <em class="parameter"><code><span class="type">size_t</span> sizeof_policy</code></em>);</pre> +<p>This function will set the proxyCertInfo extension.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-proxy.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pathLenConstraint</p></td> +<td class="parameter_description"><p>non-negative error codes indicate maximum length of path, +and negative error codes indicate that the pathLenConstraints field should +not be present.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>policyLanguage</p></td> +<td class="parameter_description"><p>OID describing the language of <em class="parameter"><code>policy</code></em> +.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>policy</p></td> +<td class="parameter_description"><p>uint8_t byte array with policy language, can be <code class="literal">NULL</code></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_policy</p></td> +<td class="parameter_description"><p>size of <em class="parameter"><code>policy</code></em> +.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-proxy.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-print"></a><h3>gnutls_x509_crt_print ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_print (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-certificate-print-formats-t" title="enum gnutls_certificate_print_formats_t"><span class="type">gnutls_certificate_print_formats_t</span></a> format</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will pretty print a X.509 certificate, suitable for +display to a human.</p> +<p>If the format is <a class="link" href="gnutls-gnutls.html#GNUTLS-CRT-PRINT-FULL:CAPS"><code class="literal">GNUTLS_CRT_PRINT_FULL</code></a> then all fields of the +certificate will be output, on multiple lines. The +<a class="link" href="gnutls-gnutls.html#GNUTLS-CRT-PRINT-ONELINE:CAPS"><code class="literal">GNUTLS_CRT_PRINT_ONELINE</code></a> format will generate one line with some +selected fields, which is useful for logging purposes.</p> +<p>The output <em class="parameter"><code>out</code></em> + needs to be deallocated using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-print.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>The data to be printed</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>Indicate the format to use</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>Newly allocated datum with null terminated string.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-print.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-print"></a><h3>gnutls_x509_crl_print ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_print (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-certificate-print-formats-t" title="enum gnutls_certificate_print_formats_t"><span class="type">gnutls_certificate_print_formats_t</span></a> format</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will pretty print a X.509 certificate revocation +list, suitable for display to a human.</p> +<p>The output <em class="parameter"><code>out</code></em> + needs to be deallocated using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-print.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>The data to be printed</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>Indicate the format to use</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>Newly allocated datum with null terminated string.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-print.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-raw-issuer-dn"></a><h3>gnutls_x509_crt_get_raw_issuer_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_raw_issuer_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *start</code></em>);</pre> +<p>This function will return a pointer to the DER encoded DN structure +and the length. This points to allocated data that must be free'd using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-raw-issuer-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>will hold the starting point of the DN</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-raw-issuer-dn.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-raw-dn"></a><h3>gnutls_x509_crt_get_raw_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_raw_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *start</code></em>);</pre> +<p>This function will return a pointer to the DER encoded DN structure and +the length. This points to allocated data that must be free'd using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-raw-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>will hold the starting point of the DN</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-raw-dn.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value. or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-rdn-get"></a><h3>gnutls_x509_rdn_get ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_rdn_get (<em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *idn</code></em>, + <em class="parameter"><code><span class="type">char</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_buf</code></em>);</pre> +<p>This function will return the name of the given RDN sequence. The +name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in +RFC4514.</p> +<p>This function does not output a fully RFC4514 compliant string, if +that is required see <a class="link" href="gnutls-x509.html#gnutls-x509-rdn-get2" title="gnutls_x509_rdn_get2 ()"><code class="function">gnutls_x509_rdn_get2()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-rdn-get.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>idn</p></td> +<td class="parameter_description"><p>should contain a DER encoded RDN sequence</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the peer's name</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-rdn-get.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> is returned and *<em class="parameter"><code>buf_size</code></em> +is +updated if the provided buffer is not long enough, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-rdn-get2"></a><h3>gnutls_x509_rdn_get2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_rdn_get2 (<em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *idn</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *str</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function will return the name of the given RDN sequence. The +name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in +RFC4514.</p> +<p>When the flag <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a> is specified, the output +format will match the format output by previous to 3.5.6 versions of GnuTLS +which was not not fully RFC4514-compliant.</p> +<div class="refsect3"> +<a name="gnutls-x509-rdn-get2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>idn</p></td> +<td class="parameter_description"><p>should contain a DER encoded RDN sequence</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>str</p></td> +<td class="parameter_description"><p>a datum that will hold the name</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero of <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-rdn-get2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> is returned and *<em class="parameter"><code>buf_size</code></em> +is +updated if the provided buffer is not long enough, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-rdn-get-oid"></a><h3>gnutls_x509_rdn_get_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_rdn_get_oid (<em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *idn</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_buf</code></em>);</pre> +<p>This function will return the specified Object identifier, of the +RDN sequence.</p> +<div class="refsect3"> +<a name="gnutls-x509-rdn-get-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>idn</p></td> +<td class="parameter_description"><p>should contain a DER encoded RDN sequence</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Indicates which OID to return. Use 0 for the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the peer's name OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-rdn-get-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> is returned and *<em class="parameter"><code>buf_size</code></em> +is +updated if the provided buffer is not long enough, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-rdn-get-by-oid"></a><h3>gnutls_x509_rdn_get_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_rdn_get_by_oid (<em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *idn</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> raw_flag</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_buf</code></em>);</pre> +<p>This function will return the name of the given Object identifier, +of the RDN sequence. The name will be encoded using the rules +from RFC4514.</p> +<div class="refsect3"> +<a name="gnutls-x509-rdn-get-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>idn</p></td> +<td class="parameter_description"><p>should contain a DER encoded RDN sequence</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>an Object Identifier</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>In case multiple same OIDs exist in the RDN indicates which +to send. Use 0 for the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>raw_flag</p></td> +<td class="parameter_description"><p>If non-zero then the raw DER data are returned.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the peer's name</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-rdn-get-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> is returned and *<em class="parameter"><code>buf_size</code></em> +is +updated if the provided buffer is not long enough, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-subject"></a><h3>gnutls_x509_crt_get_subject ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_subject (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> *dn</code></em>);</pre> +<p>Return the Certificate's Subject DN as a <a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><code class="literal">gnutls_x509_dn_t</code></a> data type, +that can be decoded using <a class="link" href="gnutls-x509.html#gnutls-x509-dn-get-rdn-ava" title="gnutls_x509_dn_get_rdn_ava ()"><code class="function">gnutls_x509_dn_get_rdn_ava()</code></a>.</p> +<p>Note that <em class="parameter"><code>dn</code></em> + should be treated as constant. Because it points +into the <em class="parameter"><code>cert</code></em> + object, you should not use <em class="parameter"><code>dn</code></em> + after <em class="parameter"><code>cert</code></em> + is +deallocated.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>output variable with pointer to uint8_t DN.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-subject.returns"></a><h4>Returns</h4> +<p> Returns 0 on success, or an error code.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-issuer"></a><h3>gnutls_x509_crt_get_issuer ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_issuer (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> *dn</code></em>);</pre> +<p>Return the Certificate's Issuer DN as a <a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><code class="literal">gnutls_x509_dn_t</code></a> data type, +that can be decoded using <a class="link" href="gnutls-x509.html#gnutls-x509-dn-get-rdn-ava" title="gnutls_x509_dn_get_rdn_ava ()"><code class="function">gnutls_x509_dn_get_rdn_ava()</code></a>.</p> +<p>Note that <em class="parameter"><code>dn</code></em> + should be treated as constant. Because it points +into the <em class="parameter"><code>cert</code></em> + object, you should not use <em class="parameter"><code>dn</code></em> + after <em class="parameter"><code>cert</code></em> + is +deallocated.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>output variable with pointer to uint8_t DN</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-issuer.returns"></a><h4>Returns</h4> +<p> Returns 0 on success, or an error code.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-get-rdn-ava"></a><h3>gnutls_x509_dn_get_rdn_ava ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_dn_get_rdn_ava (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> dn</code></em>, + <em class="parameter"><code><span class="type">int</span> irdn</code></em>, + <em class="parameter"><code><span class="type">int</span> iava</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-ava-st" title="gnutls_x509_ava_st"><span class="type">gnutls_x509_ava_st</span></a> *ava</code></em>);</pre> +<p>Get pointers to data within the DN. The format of the <em class="parameter"><code>ava</code></em> + structure +is shown below.</p> +<p> struct gnutls_x509_ava_st { + gnutls_datum_t oid; + gnutls_datum_t value; + unsigned long value_tag; + };</p> +<p>The X.509 distinguished name is a sequence of sequences of strings +and this is what the <em class="parameter"><code>irdn</code></em> + and <em class="parameter"><code>iava</code></em> + indexes model.</p> +<p>Note that <em class="parameter"><code>ava</code></em> + will contain pointers into the <em class="parameter"><code>dn</code></em> + structure which +in turns points to the original certificate. Thus you should not +modify any data or deallocate any of those.</p> +<p>This is a low-level function that requires the caller to do the +value conversions when necessary (e.g. from UCS-2).</p> +<div class="refsect3"> +<a name="gnutls-x509-dn-get-rdn-ava.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to DN</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>irdn</p></td> +<td class="parameter_description"><p>index of RDN</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>iava</p></td> +<td class="parameter_description"><p>index of AVA.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ava</p></td> +<td class="parameter_description"><p>Pointer to structure which will hold output information.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-dn-get-rdn-ava.returns"></a><h4>Returns</h4> +<p> Returns 0 on success, or an error code.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-get-str"></a><h3>gnutls_x509_dn_get_str ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_dn_get_str (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> dn</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *str</code></em>);</pre> +<p>This function will allocate buffer and copy the name in the provided DN. +The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>When the flag <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a> is specified, the output +format will match the format output by previous to 3.5.6 versions of GnuTLS +which was not not fully RFC4514-compliant.</p> +<div class="refsect3"> +<a name="gnutls-x509-dn-get-str.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to DN</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>str</p></td> +<td class="parameter_description"><p>a datum that will hold the name</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-dn-get-str.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.5.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-get-str2"></a><h3>gnutls_x509_dn_get_str2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_dn_get_str2 (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> dn</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *str</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-set-str"></a><h3>gnutls_x509_dn_set_str ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_dn_set_str (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> dn</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *str</code></em>, + <em class="parameter"><code>const <span class="type">char</span> **err</code></em>);</pre> +<p>This function will set the DN on the provided DN structure. +The input string should be plain ASCII or UTF-8 encoded. On +DN parsing error <a class="link" href="gnutls-gnutls.html#GNUTLS-E-PARSING-ERROR:CAPS" title="GNUTLS_E_PARSING_ERROR"><code class="literal">GNUTLS_E_PARSING_ERROR</code></a> is returned.</p> +<div class="refsect3"> +<a name="gnutls-x509-dn-set-str.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to DN</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>str</p></td> +<td class="parameter_description"><p>a comma separated DN string (RFC4514)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>err</p></td> +<td class="parameter_description"><p>indicates the error position (if any)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-dn-set-str.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.5.3</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-init"></a><h3>gnutls_x509_dn_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_dn_init (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> *dn</code></em>);</pre> +<p>This function initializes a <a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> type.</p> +<p>The object returned must be deallocated using +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-deinit" title="gnutls_x509_dn_deinit ()"><code class="function">gnutls_x509_dn_deinit()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-dn-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>the object to be initialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-dn-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-import"></a><h3>gnutls_x509_dn_import ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_dn_import (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> dn</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>);</pre> +<p>This function parses an RDN sequence and stores the result to a +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> type. The data must have been initialized +with <a class="link" href="gnutls-x509.html#gnutls-x509-dn-init" title="gnutls_x509_dn_init ()"><code class="function">gnutls_x509_dn_init()</code></a>. You may use <a class="link" href="gnutls-x509.html#gnutls-x509-dn-get-rdn-ava" title="gnutls_x509_dn_get_rdn_ava ()"><code class="function">gnutls_x509_dn_get_rdn_ava()</code></a> to +decode the DN.</p> +<div class="refsect3"> +<a name="gnutls-x509-dn-import.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>the structure that will hold the imported DN</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>should contain a DER encoded RDN sequence</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-dn-import.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-export"></a><h3>gnutls_x509_dn_export ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_dn_export (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> dn</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code><span class="type">void</span> *output_data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre> +<p>This function will export the DN to DER or PEM format.</p> +<p>If the buffer provided is not long enough to hold the output, then +*<em class="parameter"><code>output_data_size</code></em> + is updated and <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> +will be returned.</p> +<p>If the structure is PEM encoded, it will have a header +of "BEGIN NAME".</p> +<div class="refsect3"> +<a name="gnutls-x509-dn-export.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>Holds the uint8_t DN object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data</p></td> +<td class="parameter_description"><p>will contain a DN PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data_size</p></td> +<td class="parameter_description"><p>holds the size of output_data (and will be +replaced by the actual size of parameters)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-dn-export.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-export2"></a><h3>gnutls_x509_dn_export2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_dn_export2 (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> dn</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will export the DN to DER or PEM format.</p> +<p>The output buffer is allocated using <code class="function">gnutls_malloc()</code>.</p> +<p>If the structure is PEM encoded, it will have a header +of "BEGIN NAME".</p> +<div class="refsect3"> +<a name="gnutls-x509-dn-export2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>Holds the uint8_t DN object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>will contain a DN PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-dn-export2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.1.3</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-deinit"></a><h3>gnutls_x509_dn_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_dn_deinit (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-dn-t" title="gnutls_x509_dn_t"><span class="type">gnutls_x509_dn_t</span></a> dn</code></em>);</pre> +<p>This function deallocates the DN object as returned by +<a class="link" href="gnutls-x509.html#gnutls-x509-dn-import" title="gnutls_x509_dn_import ()"><code class="function">gnutls_x509_dn_import()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-dn-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a DN uint8_t object pointer.</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<p class="since">Since: 2.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-init"></a><h3>gnutls_x509_crl_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_init (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> *crl</code></em>);</pre> +<p>This function will initialize a CRL structure. CRL stands for +Certificate Revocation List. A revocation list usually contains +lists of certificate serial numbers that have been revoked by an +Authority. The revocation lists are always signed with the +authority's private key.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>A pointer to the type to be initialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-deinit"></a><h3>gnutls_x509_crl_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_crl_deinit (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>);</pre> +<p>This function will deinitialize a CRL structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>The data to be deinitialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-import"></a><h3>gnutls_x509_crl_import ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_import (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>);</pre> +<p>This function will convert the given DER or PEM encoded CRL +to the native <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> format. The output will be stored in 'crl'.</p> +<p>If the CRL is PEM encoded it should have a header of "X509 CRL".</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-import.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>The data to store the parsed CRL.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The DER or PEM encoded CRL.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>One of DER or PEM</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-import.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-export"></a><h3>gnutls_x509_crl_export ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_export (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code><span class="type">void</span> *output_data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre> +<p>This function will export the revocation list to DER or PEM format.</p> +<p>If the buffer provided is not long enough to hold the output, then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> will be returned.</p> +<p>If the structure is PEM encoded, it will have a header +of "BEGIN X509 CRL".</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-export.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>Holds the revocation list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data</p></td> +<td class="parameter_description"><p>will contain a private key PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data_size</p></td> +<td class="parameter_description"><p>holds the size of output_data (and will +be replaced by the actual size of parameters)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-export.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-export2"></a><h3>gnutls_x509_crl_export2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_export2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will export the revocation list to DER or PEM format.</p> +<p>The output buffer is allocated using <code class="function">gnutls_malloc()</code>.</p> +<p>If the structure is PEM encoded, it will have a header +of "BEGIN X509 CRL".</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-export2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>Holds the revocation list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>will contain a private key PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-export2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +<p>Since 3.1.3</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-raw-issuer-dn"></a><h3>gnutls_x509_crl_get_raw_issuer_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_raw_issuer_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>);</pre> +<p>This function will return a pointer to the DER encoded DN structure +and the length.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-raw-issuer-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>will hold the starting point of the DN</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-raw-issuer-dn.returns"></a><h4>Returns</h4> +<p> a negative error code on error, and (0) on success.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-issuer-dn"></a><h3>gnutls_x509_crl_get_issuer_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_issuer_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">char</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_buf</code></em>);</pre> +<p>This function will copy the name of the CRL issuer in the provided +buffer. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>If buf is <code class="literal">NULL</code> then only the size will be filled.</p> +<p>This function does not output a fully RFC4514 compliant string, if +that is required see <a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-issuer-dn3" title="gnutls_x509_crl_get_issuer_dn3 ()"><code class="function">gnutls_x509_crl_get_issuer_dn3()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-issuer-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the peer's name (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_buf</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-issuer-dn.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is +not long enough, and in that case the sizeof_buf will be updated +with the required size, and 0 on success.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-issuer-dn2"></a><h3>gnutls_x509_crl_get_issuer_dn2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_issuer_dn2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>);</pre> +<p>This function will allocate buffer and copy the name of the CRL issuer. +The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>This function does not output a fully RFC4514 compliant string, if +that is required see <a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-issuer-dn3" title="gnutls_x509_crl_get_issuer_dn3 ()"><code class="function">gnutls_x509_crl_get_issuer_dn3()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-issuer-dn2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name; must be freed using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-issuer-dn2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.1.10</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-issuer-dn3"></a><h3>gnutls_x509_crl_get_issuer_dn3 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_issuer_dn3 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function will allocate buffer and copy the name of the CRL issuer. +The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>When the flag <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a> is specified, the output +format will match the format output by previous to 3.5.6 versions of GnuTLS +which was not not fully RFC4514-compliant.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-issuer-dn3.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name; must be freed using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-issuer-dn3.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.5.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-issuer-dn-by-oid"></a><h3>gnutls_x509_crl_get_issuer_dn_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_issuer_dn_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> raw_flag</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_buf</code></em>);</pre> +<p>This function will extract the part of the name of the CRL issuer +specified by the given OID. The output will be encoded as described +in RFC4514. The output string will be ASCII or UTF-8 encoded, +depending on the certificate data.</p> +<p>Some helper macros with popular OIDs can be found in gnutls/x509.h +If raw flag is (0), this function will only return known OIDs as +text. Other OIDs will be DER encoded, as described in RFC4514 -- in +hex format with a '#' prefix. You can check about known OIDs +using <a class="link" href="gnutls-x509.html#gnutls-x509-dn-oid-known" title="gnutls_x509_dn_oid_known ()"><code class="function">gnutls_x509_dn_oid_known()</code></a>.</p> +<p>If buf is null then only the size will be filled.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-issuer-dn-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identified in null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>In case multiple same OIDs exist in the RDN, this specifies which to send. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>raw_flag</p></td> +<td class="parameter_description"><p>If non-zero returns the raw DER data of the DN part.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the peer's name (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_buf</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-issuer-dn-by-oid.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is +not long enough, and in that case the sizeof_buf will be updated +with the required size, and 0 on success.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-dn-oid"></a><h3>gnutls_x509_crl_get_dn_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_dn_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_oid</code></em>);</pre> +<p>This function will extract the requested OID of the name of the CRL +issuer, specified by the given index.</p> +<p>If oid is null then only the size will be filled.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-dn-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which DN OID to send. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to store the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_oid</p></td> +<td class="parameter_description"><p>initially holds the size of 'oid'</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-dn-oid.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is +not long enough, and in that case the sizeof_oid will be updated +with the required size. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-signature-algorithm"></a><h3>gnutls_x509_crl_get_signature_algorithm ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_signature_algorithm + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>);</pre> +<p>This function will return a value of the <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> +enumeration that is the signature algorithm.</p> +<p>Since 3.6.0 this function never returns a negative error code. +Error cases and unknown/unsupported signature algorithms are +mapped to <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-UNKNOWN:CAPS"><code class="literal">GNUTLS_SIGN_UNKNOWN</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-signature-algorithm.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-signature-algorithm.returns"></a><h4>Returns</h4> +<p> a <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> value</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-signature"></a><h3>gnutls_x509_crl_get_signature ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_signature (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">char</span> *sig</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_sig</code></em>);</pre> +<p>This function will extract the signature field of a CRL.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-signature.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sig</p></td> +<td class="parameter_description"><p>a pointer where the signature part will be copied (may be null).</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_sig</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>sig</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-signature.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value. </p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-version"></a><h3>gnutls_x509_crl_get_version ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_version (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>);</pre> +<p>This function will return the version of the specified CRL.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-version.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-version.returns"></a><h4>Returns</h4> +<p> The version number, or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-signature-oid"></a><h3>gnutls_x509_crl_get_signature_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_signature_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>);</pre> +<p>This function will return the OID of the signature algorithm +that has been used to sign this CRL. This is function +is useful in the case <a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-signature-algorithm" title="gnutls_x509_crl_get_signature_algorithm ()"><code class="function">gnutls_x509_crl_get_signature_algorithm()</code></a> +returned <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-UNKNOWN:CAPS"><code class="literal">GNUTLS_SIGN_UNKNOWN</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-signature-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a buffer to hold the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-signature-oid.returns"></a><h4>Returns</h4> +<p> zero or a negative error code on error.</p> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-this-update"></a><h3>gnutls_x509_crl_get_this_update ()</h3> +<pre class="programlisting"><span class="returnvalue">time_t</span> +gnutls_x509_crl_get_this_update (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>);</pre> +<p>This function will return the time this CRL was issued.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-this-update.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-this-update.returns"></a><h4>Returns</h4> +<p> when the CRL was issued, or (time_t)-1 on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-next-update"></a><h3>gnutls_x509_crl_get_next_update ()</h3> +<pre class="programlisting"><span class="returnvalue">time_t</span> +gnutls_x509_crl_get_next_update (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>);</pre> +<p>This function will return the time the next CRL will be issued. +This field is optional in a CRL so it might be normal to get an +error instead.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-next-update.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-next-update.returns"></a><h4>Returns</h4> +<p> when the next CRL will be issued, or (time_t)-1 on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-crt-count"></a><h3>gnutls_x509_crl_get_crt_count ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_crt_count (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>);</pre> +<p>This function will return the number of revoked certificates in the +given CRL.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-crt-count.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-crt-count.returns"></a><h4>Returns</h4> +<p> number of certificates, a negative error code on failure.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-crt-serial"></a><h3>gnutls_x509_crl_get_crt_serial ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_crt_serial (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code>unsigned <span class="type">char</span> *serial</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *serial_size</code></em>, + <em class="parameter"><code><span class="type">time_t</span> *t</code></em>);</pre> +<p>This function will retrieve the serial number of the specified, by +the index, revoked certificate.</p> +<p>Note that this function will have performance issues in large sequences +of revoked certificates. In that case use <a class="link" href="gnutls-x509.html#gnutls-x509-crl-iter-crt-serial" title="gnutls_x509_crl_iter_crt_serial ()"><code class="function">gnutls_x509_crl_iter_crt_serial()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-crt-serial.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>the index of the certificate to extract (starting from 0)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial</p></td> +<td class="parameter_description"><p>where the serial number will be copied</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial_size</p></td> +<td class="parameter_description"><p>initially holds the size of serial</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>t</p></td> +<td class="parameter_description"><p>if non null, will hold the time this certificate was revoked</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-crt-serial.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-iter-crt-serial"></a><h3>gnutls_x509_crl_iter_crt_serial ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_iter_crt_serial (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-crl-iter-t" title="gnutls_x509_crl_iter_t"><span class="type">gnutls_x509_crl_iter_t</span></a> *Param2</code></em>, + <em class="parameter"><code>unsigned <span class="type">char</span> *serial</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *serial_size</code></em>, + <em class="parameter"><code><span class="type">time_t</span> *t</code></em>);</pre> +<p>This function performs the same as <a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-crt-serial" title="gnutls_x509_crl_get_crt_serial ()"><code class="function">gnutls_x509_crl_get_crt_serial()</code></a>, +but reads sequentially and keeps state in the iterator +between calls. That allows it to provide better performance in sequences +with many elements (50000+).</p> +<p>When past the last element is accessed <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +is returned and the iterator is reset.</p> +<p>After use, the iterator must be deinitialized using <a class="link" href="gnutls-x509.html#gnutls-x509-crl-iter-deinit" title="gnutls_x509_crl_iter_deinit ()"><code class="function">gnutls_x509_crl_iter_deinit()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-iter-crt-serial.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>iter</p></td> +<td class="parameter_description"><p>A pointer to an iterator (initially the iterator should be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial</p></td> +<td class="parameter_description"><p>where the serial number will be copied</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial_size</p></td> +<td class="parameter_description"><p>initially holds the size of serial</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>t</p></td> +<td class="parameter_description"><p>if non null, will hold the time this certificate was revoked</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-iter-crt-serial.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-iter-deinit"></a><h3>gnutls_x509_crl_iter_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_crl_iter_deinit (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-crl-iter-t" title="gnutls_x509_crl_iter_t"><span class="type">gnutls_x509_crl_iter_t</span></a> Param1</code></em>);</pre> +<p>This function will deinitialize an iterator type.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-iter-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>iter</p></td> +<td class="parameter_description"><p>The iterator to be deinitialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-check-issuer"></a><h3>gnutls_x509_crl_check_issuer ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_crl_check_issuer (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> issuer</code></em>);</pre> +<p>This function will check if the given CRL was issued by the given +issuer certificate.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-check-issuer.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>is the CRL to be checked</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>is the certificate of a possible issuer</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-check-issuer.returns"></a><h4>Returns</h4> +<p> true (1) if the given CRL was issued by the given issuer, +and false (0) if not.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-list-import2"></a><h3>gnutls_x509_crl_list_import2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_list_import2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> **crls</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *size</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will convert the given PEM encoded CRL list +to the native gnutls_x509_crl_t format. The output will be stored +in <em class="parameter"><code>crls</code></em> +. They will be automatically initialized.</p> +<p>If the Certificate is PEM encoded it should have a header of "X509 +CRL".</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-list-import2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crls</p></td> +<td class="parameter_description"><p>Will contain the parsed crl list.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>size</p></td> +<td class="parameter_description"><p>It will contain the size of the list.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The PEM encoded CRL.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>One of DER or PEM.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be (0) or an OR'd sequence of gnutls_certificate_import_flags.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-list-import2.returns"></a><h4>Returns</h4> +<p> the number of certificates read or a negative error value.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-list-import"></a><h3>gnutls_x509_crl_list_import ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_list_import (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> *crls</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *crl_max</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will convert the given PEM encoded CRL list +to the native gnutls_x509_crl_t format. The output will be stored +in <em class="parameter"><code>crls</code></em> +. They will be automatically initialized.</p> +<p>If the Certificate is PEM encoded it should have a header of "X509 CRL".</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-list-import.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crls</p></td> +<td class="parameter_description"><p>Indicates where the parsed CRLs will be copied to. Must not be initialized.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crl_max</p></td> +<td class="parameter_description"><p>Initially must hold the maximum number of crls. It will be updated with the number of crls available.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The PEM encoded CRLs</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>One of DER or PEM.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be (0) or an OR'd sequence of gnutls_certificate_import_flags.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-list-import.returns"></a><h4>Returns</h4> +<p> the number of certificates read or a negative error value.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-set-version"></a><h3>gnutls_x509_crl_set_version ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_set_version (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> version</code></em>);</pre> +<p>This function will set the version of the CRL. This +must be one for CRL version 1, and so on. The CRLs generated +by gnutls should have a version number of 2.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-version.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>version</p></td> +<td class="parameter_description"><p>holds the version number. For CRLv1 crls must be 1.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-version.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-set-this-update"></a><h3>gnutls_x509_crl_set_this_update ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_set_this_update (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">time_t</span> act_time</code></em>);</pre> +<p>This function will set the time this CRL was issued.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-this-update.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>act_time</p></td> +<td class="parameter_description"><p>The actual time</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-this-update.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-set-next-update"></a><h3>gnutls_x509_crl_set_next_update ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_set_next_update (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">time_t</span> exp_time</code></em>);</pre> +<p>This function will set the time this CRL will be updated. +This is an optional value to be set on a CRL and this call +can be omitted when generating a CRL.</p> +<p>Prior to GnuTLS 3.5.7, setting a nextUpdate field was required +in order to generate a CRL.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-next-update.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>exp_time</p></td> +<td class="parameter_description"><p>The actual time</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-next-update.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-set-crt-serial"></a><h3>gnutls_x509_crl_set_crt_serial ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_set_crt_serial (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *serial</code></em>, + <em class="parameter"><code><span class="type">size_t</span> serial_size</code></em>, + <em class="parameter"><code><span class="type">time_t</span> revocation_time</code></em>);</pre> +<p>This function will set a revoked certificate's serial number to the CRL.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-crt-serial.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial</p></td> +<td class="parameter_description"><p>The revoked certificate's serial number</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial_size</p></td> +<td class="parameter_description"><p>Holds the size of the serial field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>revocation_time</p></td> +<td class="parameter_description"><p>The time this certificate was revoked</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-crt-serial.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-set-crt"></a><h3>gnutls_x509_crl_set_crt ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_set_crt (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><span class="type">time_t</span> revocation_time</code></em>);</pre> +<p>This function will set a revoked certificate's serial number to the CRL.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-crt.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crl_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> with the revoked certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>revocation_time</p></td> +<td class="parameter_description"><p>The time this certificate was revoked</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-crt.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-authority-key-id"></a><h3>gnutls_x509_crl_get_authority_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_authority_key_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">void</span> *id</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *id_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the CRL authority's key identifier. This +is obtained by the X.509 Authority Key identifier extension field +(2.5.29.35). Note that this function +only returns the keyIdentifier field of the extension and +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-X509-UNSUPPORTED-EXTENSION:CAPS" title="GNUTLS_E_X509_UNSUPPORTED_EXTENSION"><code class="literal">GNUTLS_E_X509_UNSUPPORTED_EXTENSION</code></a>, if the extension contains +the name and serial number of the certificate. In that case +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-authority-key-gn-serial" title="gnutls_x509_crl_get_authority_key_gn_serial ()"><code class="function">gnutls_x509_crl_get_authority_key_gn_serial()</code></a> may be used.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-authority-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id</p></td> +<td class="parameter_description"><p>The place where the identifier will be copied</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id_size</p></td> +<td class="parameter_description"><p>Holds the size of the result field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical +(may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-authority-key-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-authority-key-gn-serial"></a><h3>gnutls_x509_crl_get_authority_key_gn_serial ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_authority_key_gn_serial + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *alt</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *alt_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *alt_type</code></em>, + <em class="parameter"><code><span class="type">void</span> *serial</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *serial_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the X.509 authority key +identifier when stored as a general name (authorityCertIssuer) +and serial number.</p> +<p>Because more than one general names might be stored +<em class="parameter"><code>seq</code></em> + can be used as a counter to request them all until +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-authority-key-gn-serial.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>alt</p></td> +<td class="parameter_description"><p>is the place where the alternative name will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>alt_size</p></td> +<td class="parameter_description"><p>holds the size of alt.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>alt_type</p></td> +<td class="parameter_description"><p>holds the type of the alternative name (one of gnutls_x509_subject_alt_name_t).</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial</p></td> +<td class="parameter_description"><p>buffer to store the serial number (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>serial_size</p></td> +<td class="parameter_description"><p>Holds the size of the serial field (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-authority-key-gn-serial.returns"></a><h4>Returns</h4> +<p> Returns 0 on success, or an error code.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-number"></a><h3>gnutls_x509_crl_get_number ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_number (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">void</span> *ret</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *ret_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the CRL number extension. This is +obtained by the CRL Number extension field (2.5.29.20).</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-number.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret</p></td> +<td class="parameter_description"><p>The place where the number will be copied</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret_size</p></td> +<td class="parameter_description"><p>Holds the size of the result field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical +(may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-number.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-extension-oid"></a><h3>gnutls_x509_crl_get_extension_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_extension_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_oid</code></em>);</pre> +<p>This function will return the requested extension OID in the CRL. +The extension OID will be stored as a string in the provided +buffer.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-extension-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension OID to send, use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to store the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_oid</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-extension-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error. If your have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-extension-info"></a><h3>gnutls_x509_crl_get_extension_info ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_extension_info (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_oid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the requested extension OID in the CRL, +and the critical flag for it. The extension OID will be stored as +a string in the provided buffer. Use +<a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-extension-data" title="gnutls_x509_crl_get_extension_data ()"><code class="function">gnutls_x509_crl_get_extension_data()</code></a> to extract the data.</p> +<p>If the buffer provided is not long enough to hold the output, then +*<em class="parameter"><code>sizeof_oid</code></em> + is updated and <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> will be +returned.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-extension-info.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension OID to send, use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to store the OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_oid</p></td> +<td class="parameter_description"><p>initially holds the maximum size of <em class="parameter"><code>oid</code></em> +, on return +holds actual size of <em class="parameter"><code>oid</code></em> +.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>output variable with critical flag, may be NULL.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-extension-info.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error. If your have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-extension-data"></a><h3>gnutls_x509_crl_get_extension_data ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_extension_data (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_data</code></em>);</pre> +<p>This function will return the requested extension data in the CRL. +The extension data will be stored as a string in the provided +buffer.</p> +<p>Use <a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-extension-info" title="gnutls_x509_crl_get_extension_info ()"><code class="function">gnutls_x509_crl_get_extension_info()</code></a> to extract the OID and +critical flag. Use <a class="link" href="gnutls-x509.html#gnutls-x509-crl-get-extension-info" title="gnutls_x509_crl_get_extension_info ()"><code class="function">gnutls_x509_crl_get_extension_info()</code></a> instead, +if you want to get data indexed by the extension OID rather than +sequence.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-extension-data.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension OID to send. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the data (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_data</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-extension-data.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error. If your have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-extension-data2"></a><h3>gnutls_x509_crl_get_extension_data2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_get_extension_data2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>);</pre> +<p>This function will return the requested by the index extension data in the +certificate revocation list. The extension data will be allocated using +<code class="function">gnutls_malloc()</code>.</p> +<p>Use <a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-extension-info" title="gnutls_x509_crt_get_extension_info ()"><code class="function">gnutls_x509_crt_get_extension_info()</code></a> to extract the OID.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-extension-data2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension OID to read. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>will contain the extension DER-encoded data</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-get-extension-data2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error code is returned. If you have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-set-authority-key-id"></a><h3>gnutls_x509_crl_set_authority_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_set_authority_key_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *id</code></em>, + <em class="parameter"><code><span class="type">size_t</span> id_size</code></em>);</pre> +<p>This function will set the CRL's authority key ID extension. Only +the keyIdentifier field can be set with this function. This may +be used by an authority that holds multiple private keys, to distinguish +the used key.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-authority-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>a CRL of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id</p></td> +<td class="parameter_description"><p>The key ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>id_size</p></td> +<td class="parameter_description"><p>Holds the size of the serial field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-authority-key-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-set-number"></a><h3>gnutls_x509_crl_set_number ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_set_number (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *nr</code></em>, + <em class="parameter"><code><span class="type">size_t</span> nr_size</code></em>);</pre> +<p>This function will set the CRL's number extension. This +is to be used as a unique and monotonic number assigned to +the CRL by the authority.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-number.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>a CRL of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>nr</p></td> +<td class="parameter_description"><p>The CRL number</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>nr_size</p></td> +<td class="parameter_description"><p>Holds the size of the nr field.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-set-number.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PROFILE-TO-VFLAGS:CAPS"></a><h3>GNUTLS_PROFILE_TO_VFLAGS()</h3> +<pre class="programlisting">#define GNUTLS_PROFILE_TO_VFLAGS(x)</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-VFLAGS-TO-PROFILE:CAPS"></a><h3>GNUTLS_VFLAGS_TO_PROFILE()</h3> +<pre class="programlisting">#define GNUTLS_VFLAGS_TO_PROFILE(x)</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-certificate-verification-profile-get-name"></a><h3>gnutls_certificate_verification_profile_get_name ()</h3> +<pre class="programlisting">const <span class="returnvalue">char</span> * +gnutls_certificate_verification_profile_get_name + ();</pre> +<p>Convert a <a class="link" href="gnutls-x509.html#gnutls-certificate-verification-profiles-t" title="enum gnutls_certificate_verification_profiles_t"><span class="type">gnutls_certificate_verification_profiles_t</span></a> value to a string.</p> +<div class="refsect3"> +<a name="gnutls-certificate-verification-profile-get-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>id</p></td> +<td class="parameter_description"><p>is a profile ID</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-certificate-verification-profile-get-name.returns"></a><h4>Returns</h4> +<p> a string that contains the name of the specified profile or <code class="literal">NULL</code>.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-list-verify"></a><h3>gnutls_x509_crt_list_verify ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_list_verify (<em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *cert_list</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> cert_list_length</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *CA_list</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> CA_list_length</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> *CRL_list</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> CRL_list_length</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *verify</code></em>);</pre> +<p>This function will try to verify the given certificate list and +return its status. The details of the verification are the same +as in <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-crt2" title="gnutls_x509_trust_list_verify_crt2 ()"><code class="function">gnutls_x509_trust_list_verify_crt2()</code></a>.</p> +<p>You must check the peer's name in order to check if the verified +certificate belongs to the actual peer.</p> +<p>The certificate verification output will be put in <em class="parameter"><code>verify</code></em> + and will +be one or more of the gnutls_certificate_status_t enumerated +elements bitwise or'd. For a more detailed verification status use +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-verify" title="gnutls_x509_crt_verify ()"><code class="function">gnutls_x509_crt_verify()</code></a> per list element.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-list-verify.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert_list</p></td> +<td class="parameter_description"><p>is the certificate list to be verified</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert_list_length</p></td> +<td class="parameter_description"><p>holds the number of certificate in cert_list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>CA_list</p></td> +<td class="parameter_description"><p>is the CA list which will be used in verification</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>CA_list_length</p></td> +<td class="parameter_description"><p>holds the number of CA certificate in CA_list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>CRL_list</p></td> +<td class="parameter_description"><p>holds a list of CRLs.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>CRL_list_length</p></td> +<td class="parameter_description"><p>the length of CRL list.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>verify</p></td> +<td class="parameter_description"><p>will hold the certificate verification output.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-list-verify.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-verify"></a><h3>gnutls_x509_crt_verify ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_verify (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *CA_list</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> CA_list_length</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *verify</code></em>);</pre> +<p>This function will try to verify the given certificate and return +its status. Note that a verification error does not imply a negative +return status. In that case the <em class="parameter"><code>verify</code></em> + status is set.</p> +<p>The details of the verification are the same +as in <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-crt2" title="gnutls_x509_trust_list_verify_crt2 ()"><code class="function">gnutls_x509_trust_list_verify_crt2()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-verify.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>is the certificate to be verified</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>CA_list</p></td> +<td class="parameter_description"><p>is one certificate that is considered to be trusted one</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>CA_list_length</p></td> +<td class="parameter_description"><p>holds the number of CA certificate in CA_list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>verify</p></td> +<td class="parameter_description"><p>will hold the certificate verification output.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-verify.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-verify"></a><h3>gnutls_x509_crl_verify ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crl_verify (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> crl</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *CA_list</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> CA_list_length</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *verify</code></em>);</pre> +<p>This function will try to verify the given crl and return its verification status. +See <a class="link" href="gnutls-x509.html#gnutls-x509-crt-list-verify" title="gnutls_x509_crt_list_verify ()"><code class="function">gnutls_x509_crt_list_verify()</code></a> for a detailed description of +return values. Note that since GnuTLS 3.1.4 this function includes +the time checks.</p> +<p>Note that value in <em class="parameter"><code>verify</code></em> + is set only when the return value of this +function is success (i.e, failure to trust a CRL a certificate does not imply +a negative return value).</p> +<p>Before GnuTLS 3.5.7 this function would return zero or a positive +number on success.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-verify.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crl</p></td> +<td class="parameter_description"><p>is the crl to be verified</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>trusted_cas</p></td> +<td class="parameter_description"><p>is a certificate list that is considered to be trusted one</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tcas_size</p></td> +<td class="parameter_description"><p>holds the number of CA certificates in CA_list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>verify</p></td> +<td class="parameter_description"><p>will hold the crl verification output.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crl-verify.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0), otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-verify-data2"></a><h3>gnutls_x509_crt_verify_data2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_verify_data2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> algo</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *signature</code></em>);</pre> +<p>This function will verify the given signed data, using the +parameters from the certificate.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-verify-data2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>Holds the certificate to verify with</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>algo</p></td> +<td class="parameter_description"><p>The signature algorithm used</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Zero or an OR list of <a class="link" href="gnutls-x509.html#gnutls-certificate-verify-flags" title="enum gnutls_certificate_verify_flags"><span class="type">gnutls_certificate_verify_flags</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>holds the signed data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>signature</p></td> +<td class="parameter_description"><p>contains the signature</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-verify-data2.returns"></a><h4>Returns</h4> +<p> In case of a verification failure <a class="link" href="gnutls-gnutls.html#GNUTLS-E-PK-SIG-VERIFY-FAILED:CAPS" title="GNUTLS_E_PK_SIG_VERIFY_FAILED"><code class="literal">GNUTLS_E_PK_SIG_VERIFY_FAILED</code></a> +is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-EXPIRED:CAPS" title="GNUTLS_E_EXPIRED"><code class="literal">GNUTLS_E_EXPIRED</code></a> or <a class="link" href="gnutls-gnutls.html#GNUTLS-E-NOT-YET-ACTIVATED:CAPS" title="GNUTLS_E_NOT_YET_ACTIVATED"><code class="literal">GNUTLS_E_NOT_YET_ACTIVATED</code></a> on expired +or not yet activated certificate and zero or positive code on success.</p> +<p>Note that since GnuTLS 3.5.6 this function introduces checks in the +end certificate (<em class="parameter"><code>crt</code></em> +), including time checks and key usage checks.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-check-revocation"></a><h3>gnutls_x509_crt_check_revocation ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_check_revocation (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> *crl_list</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> crl_list_length</code></em>);</pre> +<p>This function will check if the given certificate is +revoked. It is assumed that the CRLs have been verified before.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-revocation.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crl_list</p></td> +<td class="parameter_description"><p>should contain a list of gnutls_x509_crl_t types</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crl_list_length</p></td> +<td class="parameter_description"><p>the length of the crl_list</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-revocation.returns"></a><h4>Returns</h4> +<p> 0 if the certificate is NOT revoked, and 1 if it is. A +negative error code is returned on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-fingerprint"></a><h3>gnutls_x509_crt_get_fingerprint ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_fingerprint (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> algo</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *buf_size</code></em>);</pre> +<p>This function will calculate and copy the certificate's fingerprint +in the provided buffer. The fingerprint is a hash of the DER-encoded +data of the certificate.</p> +<p>If the buffer is null then only the size will be filled.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-fingerprint.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>algo</p></td> +<td class="parameter_description"><p>is a digest algorithm</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the fingerprint (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-fingerprint.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is +not long enough, and in that case the *buf_size will be updated +with the required size. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-key-purpose-oid"></a><h3>gnutls_x509_crt_get_key_purpose_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_key_purpose_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will extract the key purpose OIDs of the Certificate +specified by the given index. These are stored in the Extended Key +Usage extension (2.5.29.37) See the GNUTLS_KP_* definitions for +human readable names.</p> +<p>If <em class="parameter"><code>oid</code></em> + is null then only the size will be filled. The <em class="parameter"><code>oid</code></em> + +returned will be null terminated, although <em class="parameter"><code>oid_size</code></em> + will not +account for the trailing null.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-key-purpose-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>This specifies which OID to return. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a buffer to hold the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>output flag to indicate criticality of extension</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-key-purpose-oid.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is +not long enough, and in that case the *oid_size will be updated +with the required size. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-key-purpose-oid"></a><h3>gnutls_x509_crt_set_key_purpose_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_key_purpose_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *oid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> critical</code></em>);</pre> +<p>This function will set the key purpose OIDs of the Certificate. +These are stored in the Extended Key Usage extension (2.5.29.37) +See the GNUTLS_KP_* definitions for human readable names.</p> +<p>Subsequent calls to this function will append OIDs to the OID list.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-key-purpose-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a null terminated string that holds the OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>Whether this extension will be critical or not</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-key-purpose-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error code is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-check-key-purpose"></a><h3>gnutls_x509_crt_check_key_purpose ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_x509_crt_check_key_purpose (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *purpose</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function will check whether the given certificate matches +the provided key purpose. If <em class="parameter"><code>flags</code></em> + contains <code class="literal">GNUTLS_KP_FLAG_ALLOW_ANY</code> then +it a certificate marked for any purpose will not match.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-key-purpose.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>purpose</p></td> +<td class="parameter_description"><p>a key purpose OID (e.g., <a class="link" href="gnutls-x509.html#GNUTLS-KP-CODE-SIGNING:CAPS" title="GNUTLS_KP_CODE_SIGNING"><code class="literal">GNUTLS_KP_CODE_SIGNING</code></a>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or <a class="link" href="gnutls-x509.html#GNUTLS-KP-FLAG-DISALLOW-ANY:CAPS" title="GNUTLS_KP_FLAG_DISALLOW_ANY"><code class="literal">GNUTLS_KP_FLAG_DISALLOW_ANY</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-check-key-purpose.returns"></a><h4>Returns</h4> +<p> zero if the key purpose doesn't match, and non-zero otherwise.</p> +</div> +<p class="since">Since: 3.5.6</p> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-CIPHER-MASK:CAPS"></a><h3>GNUTLS_PKCS_CIPHER_MASK()</h3> +<pre class="programlisting">#define GNUTLS_PKCS_CIPHER_MASK(x) ((x)&(~(GNUTLS_PKCS_NULL_PASSWORD))) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs-schema-get-name"></a><h3>gnutls_pkcs_schema_get_name ()</h3> +<pre class="programlisting">const <span class="returnvalue">char</span> * +gnutls_pkcs_schema_get_name (<em class="parameter"><code>unsigned <span class="type">int</span> schema</code></em>);</pre> +<p>This function will return a human readable description of the +PKCS12 or PBES2 schema.</p> +<div class="refsect3"> +<a name="gnutls-pkcs-schema-get-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>schema</p></td> +<td class="parameter_description"><p>Holds the PKCS <span class="type">12</span> or PBES2 schema (<a class="link" href="gnutls-x509.html#gnutls-pkcs-encrypt-flags-t" title="enum gnutls_pkcs_encrypt_flags_t"><code class="literal">gnutls_pkcs_encrypt_flags_t</code></a>)</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs-schema-get-name.returns"></a><h4>Returns</h4> +<p> a constraint string or <code class="literal">NULL</code> on error.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs-schema-get-oid"></a><h3>gnutls_pkcs_schema_get_oid ()</h3> +<pre class="programlisting">const <span class="returnvalue">char</span> * +gnutls_pkcs_schema_get_oid (<em class="parameter"><code>unsigned <span class="type">int</span> schema</code></em>);</pre> +<p>This function will return the object identifier of the +PKCS12 or PBES2 schema.</p> +<div class="refsect3"> +<a name="gnutls-pkcs-schema-get-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>schema</p></td> +<td class="parameter_description"><p>Holds the PKCS <span class="type">12</span> or PBES2 schema (<a class="link" href="gnutls-x509.html#gnutls-pkcs-encrypt-flags-t" title="enum gnutls_pkcs_encrypt_flags_t"><code class="literal">gnutls_pkcs_encrypt_flags_t</code></a>)</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs-schema-get-oid.returns"></a><h4>Returns</h4> +<p> a constraint string or <code class="literal">NULL</code> on error.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-init"></a><h3>gnutls_x509_privkey_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_init (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> *key</code></em>);</pre> +<p>This function will initialize a private key type.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>A pointer to the type to be initialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-deinit"></a><h3>gnutls_x509_privkey_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_privkey_deinit (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>);</pre> +<p>This function will deinitialize a private key structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The key to be deinitialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-sec-param"></a><h3>gnutls_x509_privkey_sec_param ()</h3> +<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-sec-param-t" title="enum gnutls_sec_param_t"><span class="returnvalue">gnutls_sec_param_t</span></a> +gnutls_x509_privkey_sec_param (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>);</pre> +<p>This function will return the security parameter appropriate with +this private key.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-sec-param.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-sec-param.returns"></a><h4>Returns</h4> +<p> On success, a valid security parameter is returned otherwise +<a class="link" href="gnutls-gnutls.html#GNUTLS-SEC-PARAM-UNKNOWN:CAPS"><code class="literal">GNUTLS_SEC_PARAM_UNKNOWN</code></a> is returned.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-set-pin-function"></a><h3>gnutls_x509_privkey_set_pin_function ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_privkey_set_pin_function (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pin-callback-t" title="gnutls_pin_callback_t ()"><span class="type">gnutls_pin_callback_t</span></a> fn</code></em>, + <em class="parameter"><code><span class="type">void</span> *userdata</code></em>);</pre> +<p>This function will set a callback function to be used when +it is required to access a protected object. This function overrides +the global function set using <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-pin-function" title="gnutls_pkcs11_set_pin_function ()"><code class="function">gnutls_pkcs11_set_pin_function()</code></a>.</p> +<p>Note that this callback is used when decrypting a key.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-set-pin-function.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>privkey</p></td> +<td class="parameter_description"><p>The certificate structure</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fn</p></td> +<td class="parameter_description"><p>the callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>userdata</p></td> +<td class="parameter_description"><p>data associated with the callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-cpy"></a><h3>gnutls_x509_privkey_cpy ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_cpy (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> dst</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> src</code></em>);</pre> +<p>This function will copy a private key from source to destination +key. Destination has to be initialized.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-cpy.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>dst</p></td> +<td class="parameter_description"><p>The destination key, which should be initialized.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>src</p></td> +<td class="parameter_description"><p>The source key</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-cpy.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-import"></a><h3>gnutls_x509_privkey_import ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_import (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>);</pre> +<p>This function will convert the given DER or PEM encoded key to the +native <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> format. The output will be stored in +<em class="parameter"><code>key</code></em> + .</p> +<p>If the key is PEM encoded it should have a header that contains "PRIVATE +KEY". Note that this function falls back to PKCS #8 decoding without +password, if the default format fails to import.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The data to store the parsed key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The DER or PEM encoded certificate.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>One of DER or PEM</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-import-pkcs8"></a><h3>gnutls_x509_privkey_import_pkcs8 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_import_pkcs8 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *password</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will convert the given DER or PEM encoded PKCS8 2.0 +encrypted key to the native gnutls_x509_privkey_t format. The +output will be stored in <em class="parameter"><code>key</code></em> +. Both RSA and DSA keys can be +imported, and flags can only be used to indicate an unencrypted +key.</p> +<p>The <em class="parameter"><code>password</code></em> + can be either ASCII or UTF-8 in the default PBES2 +encryption schemas, or ASCII for the PKCS12 schemas.</p> +<p>If the Certificate is PEM encoded it should have a header of +"ENCRYPTED PRIVATE KEY", or "PRIVATE KEY". You only need to +specify the flags if the key is DER encoded, since in that case +the encryption status cannot be auto-detected.</p> +<p>If the <a class="link" href="gnutls-x509.html#GNUTLS-PKCS-PLAIN:CAPS"><code class="literal">GNUTLS_PKCS_PLAIN</code></a> flag is specified and the supplied data +are encrypted then <a class="link" href="gnutls-gnutls.html#GNUTLS-E-DECRYPTION-FAILED:CAPS" title="GNUTLS_E_DECRYPTION_FAILED"><code class="literal">GNUTLS_E_DECRYPTION_FAILED</code></a> is returned.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-pkcs8.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The data to store the parsed key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The DER or PEM encoded key.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>One of DER or PEM</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>password</p></td> +<td class="parameter_description"><p>the password to decrypt the key (if it is encrypted).</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>0 if encrypted or GNUTLS_PKCS_PLAIN if not encrypted.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-pkcs8.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-import-openssl"></a><h3>gnutls_x509_privkey_import_openssl ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_import_openssl (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *password</code></em>);</pre> +<p>This function will convert the given PEM encrypted to +the native gnutls_x509_privkey_t format. The +output will be stored in <em class="parameter"><code>key</code></em> +. </p> +<p>The <em class="parameter"><code>password</code></em> + should be in ASCII. If the password is not provided +or wrong then <a class="link" href="gnutls-gnutls.html#GNUTLS-E-DECRYPTION-FAILED:CAPS" title="GNUTLS_E_DECRYPTION_FAILED"><code class="literal">GNUTLS_E_DECRYPTION_FAILED</code></a> will be returned.</p> +<p>If the Certificate is PEM encoded it should have a header of +"PRIVATE KEY" and the "DEK-Info" header.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-openssl.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The data to store the parsed key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The DER or PEM encoded key.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>password</p></td> +<td class="parameter_description"><p>the password to decrypt the key (if it is encrypted).</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-openssl.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs8-info"></a><h3>gnutls_pkcs8_info ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs8_info (<em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *schema</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *cipher</code></em>, + <em class="parameter"><code><span class="type">void</span> *salt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *salt_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *iter_count</code></em>, + <em class="parameter"><code><span class="type">char</span> **oid</code></em>);</pre> +<p>This function will provide information on the algorithms used +in a particular PKCS #8 structure. If the structure algorithms +are unknown the code <a class="link" href="gnutls-gnutls.html#GNUTLS-E-UNKNOWN-CIPHER-TYPE:CAPS" title="GNUTLS_E_UNKNOWN_CIPHER_TYPE"><code class="literal">GNUTLS_E_UNKNOWN_CIPHER_TYPE</code></a> will be returned, +and only <em class="parameter"><code>oid</code></em> +, will be set. That is, <em class="parameter"><code>oid</code></em> + will be set on encrypted PKCS #8 +structures whether supported or not. It must be deinitialized using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>. +The other variables are only set on supported structures.</p> +<div class="refsect3"> +<a name="gnutls-pkcs8-info.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>Holds the PKCS #8 data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of the PKCS #8 data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>schema</p></td> +<td class="parameter_description"><p>indicate the schema as one of <a class="link" href="gnutls-x509.html#gnutls-pkcs-encrypt-flags-t" title="enum gnutls_pkcs_encrypt_flags_t"><code class="literal">gnutls_pkcs_encrypt_flags_t</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cipher</p></td> +<td class="parameter_description"><p>the cipher used as <a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><code class="literal">gnutls_cipher_algorithm_t</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>salt</p></td> +<td class="parameter_description"><p>PBKDF2 salt (if non-NULL then <em class="parameter"><code>salt_size</code></em> +initially holds its size)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>salt_size</p></td> +<td class="parameter_description"><p>PBKDF2 salt size</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>iter_count</p></td> +<td class="parameter_description"><p>PBKDF2 iteration count</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>if non-NULL it will contain an allocated null-terminated variable with the OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs8-info.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INVALID-REQUEST:CAPS" title="GNUTLS_E_INVALID_REQUEST"><code class="literal">GNUTLS_E_INVALID_REQUEST</code></a> if the provided structure isn't an encrypted key, +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-UNKNOWN-CIPHER-TYPE:CAPS" title="GNUTLS_E_UNKNOWN_CIPHER_TYPE"><code class="literal">GNUTLS_E_UNKNOWN_CIPHER_TYPE</code></a> if the structure's encryption isn't supported, or +another negative error code in case of a failure. Zero on success.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-import2"></a><h3>gnutls_x509_privkey_import2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_import2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *password</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will import the given DER or PEM encoded key, to +the native <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> format, irrespective of the +input format. The input format is auto-detected.</p> +<p>The supported formats are basic unencrypted key, PKCS8, PKCS12, +and the openssl format.</p> +<p>If the provided key is encrypted but no password was given, then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-DECRYPTION-FAILED:CAPS" title="GNUTLS_E_DECRYPTION_FAILED"><code class="literal">GNUTLS_E_DECRYPTION_FAILED</code></a> is returned. Since GnuTLS 3.4.0 this +function will utilize the PIN callbacks if any.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The data to store the parsed key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The DER or PEM encoded key.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>One of DER or PEM</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>password</p></td> +<td class="parameter_description"><p>A password (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>an ORed sequence of gnutls_pkcs_encrypt_flags_t</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-import-rsa-raw"></a><h3>gnutls_x509_privkey_import_rsa_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_import_rsa_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *m</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *d</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *p</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *q</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *u</code></em>);</pre> +<p>This function will convert the given RSA raw parameters to the +native <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> format. The output will be stored in +<em class="parameter"><code>key</code></em> +.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-rsa-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The data to store the parsed key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>m</p></td> +<td class="parameter_description"><p>holds the modulus</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e</p></td> +<td class="parameter_description"><p>holds the public exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>d</p></td> +<td class="parameter_description"><p>holds the private exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>p</p></td> +<td class="parameter_description"><p>holds the first prime (p)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>q</p></td> +<td class="parameter_description"><p>holds the second prime (q)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>u</p></td> +<td class="parameter_description"><p>holds the coefficient</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-rsa-raw.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-import-rsa-raw2"></a><h3>gnutls_x509_privkey_import_rsa_raw2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_import_rsa_raw2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *m</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *d</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *p</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *q</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *u</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e1</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e2</code></em>);</pre> +<p>This function will convert the given RSA raw parameters to the +native <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> format. The output will be stored in +<em class="parameter"><code>key</code></em> +.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-rsa-raw2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The data to store the parsed key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>m</p></td> +<td class="parameter_description"><p>holds the modulus</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e</p></td> +<td class="parameter_description"><p>holds the public exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>d</p></td> +<td class="parameter_description"><p>holds the private exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>p</p></td> +<td class="parameter_description"><p>holds the first prime (p)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>q</p></td> +<td class="parameter_description"><p>holds the second prime (q)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>u</p></td> +<td class="parameter_description"><p>holds the coefficient (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e1</p></td> +<td class="parameter_description"><p>holds e1 = d mod (p-1) (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e2</p></td> +<td class="parameter_description"><p>holds e2 = d mod (q-1) (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-rsa-raw2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-import-ecc-raw"></a><h3>gnutls_x509_privkey_import_ecc_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_import_ecc_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-ecc-curve-t" title="enum gnutls_ecc_curve_t"><span class="type">gnutls_ecc_curve_t</span></a> curve</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *x</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *y</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *k</code></em>);</pre> +<p>This function will convert the given elliptic curve parameters to the +native <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> format. The output will be stored +in <em class="parameter"><code>key</code></em> +. For EdDSA keys, the <em class="parameter"><code>x</code></em> + and <em class="parameter"><code>k</code></em> + values must be in the +native to curve format.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-ecc-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The data to store the parsed key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>curve</p></td> +<td class="parameter_description"><p>holds the curve</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>x</p></td> +<td class="parameter_description"><p>holds the x-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>y</p></td> +<td class="parameter_description"><p>holds the y-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>k</p></td> +<td class="parameter_description"><p>holds the k</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-ecc-raw.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-import-gost-raw"></a><h3>gnutls_x509_privkey_import_gost_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_import_gost_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-ecc-curve-t" title="enum gnutls_ecc_curve_t"><span class="type">gnutls_ecc_curve_t</span></a> curve</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> digest</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-gost-paramset-t" title="enum gnutls_gost_paramset_t"><span class="type">gnutls_gost_paramset_t</span></a> paramset</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *x</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *y</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *k</code></em>);</pre> +<p>This function will convert the given GOST private key's parameters to the +native <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> format. The output will be stored +in <em class="parameter"><code>key</code></em> +. <em class="parameter"><code>digest</code></em> + should be one of GNUTLS_DIG_GOSR_94, +GNUTLS_DIG_STREEBOG_256 or GNUTLS_DIG_STREEBOG_512. If <em class="parameter"><code>paramset</code></em> + is set to +GNUTLS_GOST_PARAMSET_UNKNOWN default one will be selected depending on +<em class="parameter"><code>digest</code></em> +.</p> +<p>Note: parameters should be stored with least significant byte first. On +version 3.6.3 big-endian format was used incorrectly.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-gost-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The data to store the parsed key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>curve</p></td> +<td class="parameter_description"><p>holds the curve</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>digest</p></td> +<td class="parameter_description"><p>will hold the digest</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>paramset</p></td> +<td class="parameter_description"><p>will hold the GOST parameter set ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>x</p></td> +<td class="parameter_description"><p>holds the x-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>y</p></td> +<td class="parameter_description"><p>holds the y-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>k</p></td> +<td class="parameter_description"><p>holds the k (private key)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-gost-raw.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.6.3</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-fix"></a><h3>gnutls_x509_privkey_fix ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_fix (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>);</pre> +<p>This function will recalculate the secondary parameters in a key. +In RSA keys, this can be the coefficient and exponent1,2.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-fix.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-fix.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-export-dsa-raw"></a><h3>gnutls_x509_privkey_export_dsa_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_export_dsa_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *p</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *q</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *g</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *y</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *x</code></em>);</pre> +<p>This function will export the DSA private key's parameters found +in the given structure. The new parameters will be allocated using +<code class="function">gnutls_malloc()</code> and will be stored in the appropriate datum.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-dsa-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>p</p></td> +<td class="parameter_description"><p>will hold the p</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>q</p></td> +<td class="parameter_description"><p>will hold the q</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>g</p></td> +<td class="parameter_description"><p>will hold the g</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>y</p></td> +<td class="parameter_description"><p>will hold the y</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>x</p></td> +<td class="parameter_description"><p>will hold the x</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-dsa-raw.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-import-dsa-raw"></a><h3>gnutls_x509_privkey_import_dsa_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_import_dsa_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *p</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *q</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *g</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *y</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *x</code></em>);</pre> +<p>This function will convert the given DSA raw parameters to the +native <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> format. The output will be stored +in <em class="parameter"><code>key</code></em> +.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-dsa-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The data to store the parsed key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>p</p></td> +<td class="parameter_description"><p>holds the p</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>q</p></td> +<td class="parameter_description"><p>holds the q</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>g</p></td> +<td class="parameter_description"><p>holds the g</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>y</p></td> +<td class="parameter_description"><p>holds the y (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>x</p></td> +<td class="parameter_description"><p>holds the x</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-import-dsa-raw.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-get-pk-algorithm"></a><h3>gnutls_x509_privkey_get_pk_algorithm ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_get_pk_algorithm (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>);</pre> +<p>This function will return the public key algorithm of a private +key.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-get-pk-algorithm.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-get-pk-algorithm.returns"></a><h4>Returns</h4> +<p> a member of the <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> enumeration on +success, or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-get-pk-algorithm2"></a><h3>gnutls_x509_privkey_get_pk_algorithm2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_get_pk_algorithm2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *bits</code></em>);</pre> +<p>This function will return the public key algorithm of a private +key.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-get-pk-algorithm2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>bits</p></td> +<td class="parameter_description"><p>The number of bits in the public key algorithm</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-get-pk-algorithm2.returns"></a><h4>Returns</h4> +<p> a member of the <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> enumeration on +success, or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-get-spki"></a><h3>gnutls_x509_privkey_get_spki ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_get_spki (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a> spki</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will return the public key information of a private +key. The provided <em class="parameter"><code>spki</code></em> + must be initialized.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-get-spki.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>a SubjectPublicKeyInfo structure of type <a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-get-spki.returns"></a><h4>Returns</h4> +<p> Zero on success, or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-set-spki"></a><h3>gnutls_x509_privkey_set_spki ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_set_spki (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a> spki</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will return the public key information of a private +key. The provided <em class="parameter"><code>spki</code></em> + must be initialized.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-set-spki.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>a SubjectPublicKeyInfo structure of type <a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-set-spki.returns"></a><h4>Returns</h4> +<p> Zero on success, or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-get-key-id"></a><h3>gnutls_x509_privkey_get_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_get_key_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">char</span> *output_data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre> +<p>This function will return a unique ID that depends on the public key +parameters. This ID can be used in checking whether a certificate +corresponds to the given key.</p> +<p>If the buffer provided is not long enough to hold the output, then +*<em class="parameter"><code>output_data_size</code></em> + is updated and <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> will +be returned. The output will normally be a SHA-1 hash output, +which is 20 bytes.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-get-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be one of the flags from <a class="link" href="gnutls-x509.html#gnutls-keyid-flags-t" title="enum gnutls_keyid_flags_t"><code class="literal">gnutls_keyid_flags_t</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data</p></td> +<td class="parameter_description"><p>will contain the key ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data_size</p></td> +<td class="parameter_description"><p>holds the size of output_data (and will be +replaced by the actual size of parameters)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-get-key-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-generate"></a><h3>gnutls_x509_privkey_generate ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_generate (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> algo</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> bits</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will generate a random private key. Note that this +function must be called on an initialized private key.</p> +<p>The flag <a class="link" href="gnutls-abstract.html#GNUTLS-PRIVKEY-FLAG-PROVABLE:CAPS"><code class="literal">GNUTLS_PRIVKEY_FLAG_PROVABLE</code></a> +instructs the key generation process to use algorithms like Shawe-Taylor +(from FIPS PUB186-4) which generate provable parameters out of a seed +for RSA and DSA keys. See <a class="link" href="gnutls-x509.html#gnutls-x509-privkey-generate2" title="gnutls_x509_privkey_generate2 ()"><code class="function">gnutls_x509_privkey_generate2()</code></a> for more +information.</p> +<p>Note that when generating an elliptic curve key, the curve +can be substituted in the place of the bits parameter using the +<a class="link" href="gnutls-gnutls.html#GNUTLS-CURVE-TO-BITS:CAPS" title="GNUTLS_CURVE_TO_BITS()"><code class="function">GNUTLS_CURVE_TO_BITS()</code></a> macro. The input to the macro is any curve from +<a class="link" href="gnutls-gnutls.html#gnutls-ecc-curve-t" title="enum gnutls_ecc_curve_t"><code class="literal">gnutls_ecc_curve_t</code></a>.</p> +<p>For DSA keys, if the subgroup size needs to be specified check +the <a class="link" href="gnutls-abstract.html#GNUTLS-SUBGROUP-TO-BITS:CAPS" title="GNUTLS_SUBGROUP_TO_BITS()"><code class="function">GNUTLS_SUBGROUP_TO_BITS()</code></a> macro.</p> +<p>It is recommended to do not set the number of <em class="parameter"><code>bits</code></em> + directly, use <a class="link" href="gnutls-gnutls.html#gnutls-sec-param-to-pk-bits" title="gnutls_sec_param_to_pk_bits ()"><code class="function">gnutls_sec_param_to_pk_bits()</code></a> instead .</p> +<p>See also <a class="link" href="gnutls-abstract.html#gnutls-privkey-generate" title="gnutls_privkey_generate ()"><code class="function">gnutls_privkey_generate()</code></a>, <a class="link" href="gnutls-x509.html#gnutls-x509-privkey-generate2" title="gnutls_x509_privkey_generate2 ()"><code class="function">gnutls_x509_privkey_generate2()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-generate.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>an initialized key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>algo</p></td> +<td class="parameter_description"><p>is one of the algorithms in <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>bits</p></td> +<td class="parameter_description"><p>the size of the parameters to generate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Must be zero or flags from <a class="link" href="gnutls-abstract.html#gnutls-privkey-flags-t" title="enum gnutls_privkey_flags_t"><span class="type">gnutls_privkey_flags_t</span></a>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-generate.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-set-flags"></a><h3>gnutls_x509_privkey_set_flags ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_privkey_set_flags (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will set flags for the specified private key, after +it is generated. Currently this is useful for the <a class="link" href="gnutls-abstract.html#GNUTLS-PRIVKEY-FLAG-EXPORT-COMPAT:CAPS"><code class="literal">GNUTLS_PRIVKEY_FLAG_EXPORT_COMPAT</code></a> +to allow exporting a "provable" private key in backwards compatible way.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-set-flags.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>A key of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>flags from the <code class="literal">gnutls_privkey_flags</code></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-generate2"></a><h3>gnutls_x509_privkey_generate2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_generate2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> algo</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> bits</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-x509.html#gnutls-keygen-data-st" title="gnutls_keygen_data_st"><span class="type">gnutls_keygen_data_st</span></a> *data</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> data_size</code></em>);</pre> +<p>This function will generate a random private key. Note that this +function must be called on an initialized private key.</p> +<p>The flag <a class="link" href="gnutls-abstract.html#GNUTLS-PRIVKEY-FLAG-PROVABLE:CAPS"><code class="literal">GNUTLS_PRIVKEY_FLAG_PROVABLE</code></a> +instructs the key generation process to use algorithms like Shawe-Taylor +(from FIPS PUB186-4) which generate provable parameters out of a seed +for RSA and DSA keys. On DSA keys the PQG parameters are generated using the +seed, while on RSA the two primes. To specify an explicit seed +(by default a random seed is used), use the <em class="parameter"><code>data</code></em> + with a <a class="link" href="gnutls-x509.html#GNUTLS-KEYGEN-SEED:CAPS"><code class="literal">GNUTLS_KEYGEN_SEED</code></a> +type.</p> +<p>Note that when generating an elliptic curve key, the curve +can be substituted in the place of the bits parameter using the +<a class="link" href="gnutls-gnutls.html#GNUTLS-CURVE-TO-BITS:CAPS" title="GNUTLS_CURVE_TO_BITS()"><code class="function">GNUTLS_CURVE_TO_BITS()</code></a> macro.</p> +<p>To export the generated keys in memory or in files it is recommended to use the +PKCS#8 form as it can handle all key types, and can store additional parameters +such as the seed, in case of provable RSA or DSA keys. +Generated keys can be exported in memory using <a class="link" href="gnutls-abstract.html#gnutls-privkey-export-x509" title="gnutls_privkey_export_x509 ()"><code class="function">gnutls_privkey_export_x509()</code></a>, +and then with <a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export2-pkcs8" title="gnutls_x509_privkey_export2_pkcs8 ()"><code class="function">gnutls_x509_privkey_export2_pkcs8()</code></a>.</p> +<p>If key generation is part of your application, avoid setting the number +of bits directly, and instead use <a class="link" href="gnutls-gnutls.html#gnutls-sec-param-to-pk-bits" title="gnutls_sec_param_to_pk_bits ()"><code class="function">gnutls_sec_param_to_pk_bits()</code></a>. +That way the generated keys will adapt to the security levels +of the underlying GnuTLS library.</p> +<p>See also <a class="link" href="gnutls-abstract.html#gnutls-privkey-generate2" title="gnutls_privkey_generate2 ()"><code class="function">gnutls_privkey_generate2()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-generate2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>algo</p></td> +<td class="parameter_description"><p>is one of the algorithms in <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>bits</p></td> +<td class="parameter_description"><p>the size of the modulus</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Must be zero or flags from <a class="link" href="gnutls-abstract.html#gnutls-privkey-flags-t" title="enum gnutls_privkey_flags_t"><span class="type">gnutls_privkey_flags_t</span></a>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>Allow specifying <a class="link" href="gnutls-x509.html#gnutls-keygen-data-st" title="gnutls_keygen_data_st"><code class="literal">gnutls_keygen_data_st</code></a> types such as the seed to be used.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_size</p></td> +<td class="parameter_description"><p>The number of <em class="parameter"><code>data</code></em> +available.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-generate2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-verify-seed"></a><h3>gnutls_x509_privkey_verify_seed ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_verify_seed (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> Param2</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *seed</code></em>, + <em class="parameter"><code><span class="type">size_t</span> seed_size</code></em>);</pre> +<p>This function will verify that the given private key was generated from +the provided seed. If <em class="parameter"><code>seed</code></em> + is <code class="literal">NULL</code> then the seed stored in the <em class="parameter"><code>key</code></em> +'s structure +will be used for verification.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-verify-seed.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>digest</p></td> +<td class="parameter_description"><p>it contains the digest algorithm used for key generation (if applicable)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seed</p></td> +<td class="parameter_description"><p>the seed of the key to be checked with</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seed_size</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>seed</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-verify-seed.returns"></a><h4>Returns</h4> +<p> In case of a verification failure <a class="link" href="gnutls-gnutls.html#GNUTLS-E-PRIVKEY-VERIFICATION-ERROR:CAPS" title="GNUTLS_E_PRIVKEY_VERIFICATION_ERROR"><code class="literal">GNUTLS_E_PRIVKEY_VERIFICATION_ERROR</code></a> +is returned, and zero or positive code on success.</p> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-get-seed"></a><h3>gnutls_x509_privkey_get_seed ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_get_seed (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> *Param2</code></em>, + <em class="parameter"><code><span class="type">void</span> *seed</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *seed_size</code></em>);</pre> +<p>This function will return the seed that was used to generate the +given private key. That function will succeed only if the key was generated +as a provable key.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-get-seed.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>digest</p></td> +<td class="parameter_description"><p>if non-NULL it will contain the digest algorithm used for key generation (if applicable)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seed</p></td> +<td class="parameter_description"><p>where seed will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seed_size</p></td> +<td class="parameter_description"><p>originally holds the size of <em class="parameter"><code>seed</code></em> +, will be updated with actual size</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-get-seed.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-verify-params"></a><h3>gnutls_x509_privkey_verify_params ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_verify_params (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>);</pre> +<p>This function will verify the private key parameters.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-verify-params.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-verify-params.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-export"></a><h3>gnutls_x509_privkey_export ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_export (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code><span class="type">void</span> *output_data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre> +<p>This function will export the private key to a PKCS#1 structure for +RSA or RSA-PSS keys, and integer sequence for DSA keys. Other keys types +will be exported in PKCS#8 form.</p> +<p>If the structure is PEM encoded, it will have a header +of "BEGIN RSA PRIVATE KEY".</p> +<p>It is recommended to use <a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export-pkcs8" title="gnutls_x509_privkey_export_pkcs8 ()"><code class="function">gnutls_x509_privkey_export_pkcs8()</code></a> instead +of this function, when a consistent output format is required.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>Holds the key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data</p></td> +<td class="parameter_description"><p>will contain a private key PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data_size</p></td> +<td class="parameter_description"><p>holds the size of output_data (and will be +replaced by the actual size of parameters)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-export2"></a><h3>gnutls_x509_privkey_export2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_export2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will export the private key to a PKCS#1 structure for +RSA or RSA-PSS keys, and integer sequence for DSA keys. Other keys types +will be exported in PKCS#8 form.</p> +<p>The output buffer is allocated using <code class="function">gnutls_malloc()</code>.</p> +<p>It is recommended to use <a class="link" href="gnutls-x509.html#gnutls-x509-privkey-export2-pkcs8" title="gnutls_x509_privkey_export2_pkcs8 ()"><code class="function">gnutls_x509_privkey_export2_pkcs8()</code></a> instead +of this function, when a consistent output format is required.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>Holds the key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>will contain a private key PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +<p>Since 3.1.3</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-export-pkcs8"></a><h3>gnutls_x509_privkey_export_pkcs8 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_export_pkcs8 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *password</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code><span class="type">void</span> *output_data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre> +<p>This function will export the private key to a PKCS8 structure. +Both RSA and DSA keys can be exported. For DSA keys we use +PKCS <span class="type">11</span> definitions. If the flags do not specify the encryption +cipher, then the default 3DES (PBES2) will be used.</p> +<p>The <em class="parameter"><code>password</code></em> + can be either ASCII or UTF-8 in the default PBES2 +encryption schemas, or ASCII for the PKCS12 schemas.</p> +<p>If the buffer provided is not long enough to hold the output, then +*output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will +be returned.</p> +<p>If the structure is PEM encoded, it will have a header +of "BEGIN ENCRYPTED PRIVATE KEY" or "BEGIN PRIVATE KEY" if +encryption is not used.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-pkcs8.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>Holds the key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>password</p></td> +<td class="parameter_description"><p>the password that will be used to encrypt the key.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>an ORed sequence of gnutls_pkcs_encrypt_flags_t</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data</p></td> +<td class="parameter_description"><p>will contain a private key PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data_size</p></td> +<td class="parameter_description"><p>holds the size of output_data (and will be +replaced by the actual size of parameters)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-pkcs8.returns"></a><h4>Returns</h4> +<p> In case of failure a negative error code will be +returned, and 0 on success.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-export2-pkcs8"></a><h3>gnutls_x509_privkey_export2_pkcs8 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_export2_pkcs8 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *password</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will export the private key to a PKCS8 structure. +Both RSA and DSA keys can be exported. For DSA keys we use +PKCS <span class="type">11</span> definitions. If the flags do not specify the encryption +cipher, then the default 3DES (PBES2) will be used.</p> +<p>The <em class="parameter"><code>password</code></em> + can be either ASCII or UTF-8 in the default PBES2 +encryption schemas, or ASCII for the PKCS12 schemas.</p> +<p>The output buffer is allocated using <code class="function">gnutls_malloc()</code>.</p> +<p>If the structure is PEM encoded, it will have a header +of "BEGIN ENCRYPTED PRIVATE KEY" or "BEGIN PRIVATE KEY" if +encryption is not used.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export2-pkcs8.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>Holds the key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>password</p></td> +<td class="parameter_description"><p>the password that will be used to encrypt the key.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>an ORed sequence of gnutls_pkcs_encrypt_flags_t</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>will contain a private key PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export2-pkcs8.returns"></a><h4>Returns</h4> +<p> In case of failure a negative error code will be +returned, and 0 on success.</p> +<p>Since 3.1.3</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-export-rsa-raw2"></a><h3>gnutls_x509_privkey_export_rsa_raw2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_export_rsa_raw2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *m</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *d</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *p</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *q</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *u</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e1</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e2</code></em>);</pre> +<p>This function will export the RSA private key's parameters found +in the given structure. The new parameters will be allocated using +<code class="function">gnutls_malloc()</code> and will be stored in the appropriate datum.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-rsa-raw2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>m</p></td> +<td class="parameter_description"><p>will hold the modulus</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e</p></td> +<td class="parameter_description"><p>will hold the public exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>d</p></td> +<td class="parameter_description"><p>will hold the private exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>p</p></td> +<td class="parameter_description"><p>will hold the first prime (p)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>q</p></td> +<td class="parameter_description"><p>will hold the second prime (q)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>u</p></td> +<td class="parameter_description"><p>will hold the coefficient</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e1</p></td> +<td class="parameter_description"><p>will hold e1 = d mod (p-1)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e2</p></td> +<td class="parameter_description"><p>will hold e2 = d mod (q-1)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-rsa-raw2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-export-rsa-raw"></a><h3>gnutls_x509_privkey_export_rsa_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_export_rsa_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *m</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *d</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *p</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *q</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *u</code></em>);</pre> +<p>This function will export the RSA private key's parameters found +in the given structure. The new parameters will be allocated using +<code class="function">gnutls_malloc()</code> and will be stored in the appropriate datum.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-rsa-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>m</p></td> +<td class="parameter_description"><p>will hold the modulus</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e</p></td> +<td class="parameter_description"><p>will hold the public exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>d</p></td> +<td class="parameter_description"><p>will hold the private exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>p</p></td> +<td class="parameter_description"><p>will hold the first prime (p)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>q</p></td> +<td class="parameter_description"><p>will hold the second prime (q)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>u</p></td> +<td class="parameter_description"><p>will hold the coefficient</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-rsa-raw.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-export-ecc-raw"></a><h3>gnutls_x509_privkey_export_ecc_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_export_ecc_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-ecc-curve-t" title="enum gnutls_ecc_curve_t"><span class="type">gnutls_ecc_curve_t</span></a> *curve</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *x</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *y</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *k</code></em>);</pre> +<p>This function will export the ECC private key's parameters found +in the given structure. The new parameters will be allocated using +<code class="function">gnutls_malloc()</code> and will be stored in the appropriate datum.</p> +<p>In EdDSA curves the <em class="parameter"><code>y</code></em> + parameter will be <code class="literal">NULL</code> and the other parameters +will be in the native format for the curve.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-ecc-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>curve</p></td> +<td class="parameter_description"><p>will hold the curve</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>x</p></td> +<td class="parameter_description"><p>will hold the x-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>y</p></td> +<td class="parameter_description"><p>will hold the y-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>k</p></td> +<td class="parameter_description"><p>will hold the private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-ecc-raw.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-export-gost-raw"></a><h3>gnutls_x509_privkey_export_gost_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_export_gost_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-ecc-curve-t" title="enum gnutls_ecc_curve_t"><span class="type">gnutls_ecc_curve_t</span></a> *curve</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> *digest</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-gost-paramset-t" title="enum gnutls_gost_paramset_t"><span class="type">gnutls_gost_paramset_t</span></a> *paramset</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *x</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *y</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *k</code></em>);</pre> +<p>This function will export the GOST private key's parameters found +in the given structure. The new parameters will be allocated using +<code class="function">gnutls_malloc()</code> and will be stored in the appropriate datum.</p> +<p>Note: parameters will be stored with least significant byte first. On +version 3.6.3 this was incorrectly returned in big-endian format.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-gost-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>curve</p></td> +<td class="parameter_description"><p>will hold the curve</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>digest</p></td> +<td class="parameter_description"><p>will hold the digest</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>paramset</p></td> +<td class="parameter_description"><p>will hold the GOST parameter set ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>x</p></td> +<td class="parameter_description"><p>will hold the x-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>y</p></td> +<td class="parameter_description"><p>will hold the y-coordinate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>k</p></td> +<td class="parameter_description"><p>will hold the private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-export-gost-raw.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.6.3</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-privkey-sign-data"></a><h3>gnutls_x509_privkey_sign_data ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_privkey_sign_data (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> digest</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><span class="type">void</span> *signature</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *signature_size</code></em>);</pre> +<p>This function will sign the given data using a signature algorithm +supported by the private key. Signature algorithms are always used +together with a hash functions. Different hash functions may be +used for the RSA algorithm, but only SHA-1 for the DSA keys.</p> +<p>If the buffer provided is not long enough to hold the output, then +*<em class="parameter"><code>signature_size</code></em> + is updated and <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> will +be returned.</p> +<p>Use <code class="function">gnutls_x509_crt_get_preferred_hash_algorithm()</code> to determine +the hash algorithm.</p> +<div class="refsect3"> +<a name="gnutls-x509-privkey-sign-data.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>a key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>digest</p></td> +<td class="parameter_description"><p>should be a digest algorithm</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be 0 for now</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>holds the data to be signed</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>signature</p></td> +<td class="parameter_description"><p>will contain the signature</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>signature_size</p></td> +<td class="parameter_description"><p>holds the size of signature (and will be replaced +by the new size)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-privkey-sign-data.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-sign"></a><h3>gnutls_x509_crq_sign ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_sign (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>);</pre> +<p>This function is the same a <a class="link" href="gnutls-x509.html#gnutls-x509-crq-sign2" title="gnutls_x509_crq_sign2 ()"><code class="function">gnutls_x509_crq_sign2()</code></a> with no flags, +and an appropriate hash algorithm. The hash algorithm used may +vary between versions of GnuTLS, and it is tied to the security +level of the issuer's public key.</p> +<p>A known limitation of this function is, that a newly-signed request will not +be fully functional (e.g., for signature verification), until it +is exported an re-imported.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-sign.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>holds a private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-sign.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-sign2"></a><h3>gnutls_x509_crq_sign2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_sign2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t"><span class="type">gnutls_digest_algorithm_t</span></a> dig</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will sign the certificate request with a private key. +This must be the same key as the one used in +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-set-key" title="gnutls_x509_crt_set_key ()"><code class="function">gnutls_x509_crt_set_key()</code></a> since a certificate request is self +signed.</p> +<p>This must be the last step in a certificate request generation +since all the previously set parameters are now signed.</p> +<p>A known limitation of this function is, that a newly-signed request will not +be fully functional (e.g., for signature verification), until it +is exported an re-imported.</p> +<p>After GnuTLS 3.6.1 the value of <em class="parameter"><code>dig</code></em> + may be <a class="link" href="gnutls-gnutls.html#GNUTLS-DIG-UNKNOWN:CAPS"><code class="literal">GNUTLS_DIG_UNKNOWN</code></a>, +and in that case, a suitable but reasonable for the key algorithm will be selected.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-sign2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>holds a private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dig</p></td> +<td class="parameter_description"><p>The message digest to use, i.e., <a class="link" href="gnutls-gnutls.html#GNUTLS-DIG-SHA256:CAPS"><code class="literal">GNUTLS_DIG_SHA256</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be 0</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-sign2.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise a negative error code. +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-ASN1-VALUE-NOT-FOUND:CAPS" title="GNUTLS_E_ASN1_VALUE_NOT_FOUND"><code class="literal">GNUTLS_E_ASN1_VALUE_NOT_FOUND</code></a> is returned if you didn't set all +information in the certificate request (e.g., the version using +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-set-version" title="gnutls_x509_crq_set_version ()"><code class="function">gnutls_x509_crq_set_version()</code></a>).</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-print"></a><h3>gnutls_x509_crq_print ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_print (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-certificate-print-formats-t" title="enum gnutls_certificate_print_formats_t"><span class="type">gnutls_certificate_print_formats_t</span></a> format</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will pretty print a certificate request, suitable for +display to a human.</p> +<p>The output <em class="parameter"><code>out</code></em> + needs to be deallocated using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-print.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>The data to be printed</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>Indicate the format to use</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>Newly allocated datum with null terminated string.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-print.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-verify"></a><h3>gnutls_x509_crq_verify ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_verify (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will verify self signature in the certificate +request and return its status.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-verify.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>is the crq to be verified</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-verify.returns"></a><h4>Returns</h4> +<p> In case of a verification failure <a class="link" href="gnutls-gnutls.html#GNUTLS-E-PK-SIG-VERIFY-FAILED:CAPS" title="GNUTLS_E_PK_SIG_VERIFY_FAILED"><code class="literal">GNUTLS_E_PK_SIG_VERIFY_FAILED</code></a> +is returned, and zero or positive code on success.</p> +<p>Since 2.12.0</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-init"></a><h3>gnutls_x509_crq_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_init (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> *crq</code></em>);</pre> +<p>This function will initialize a PKCS<span class="type">10</span> certificate request +structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>A pointer to the type to be initialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-deinit"></a><h3>gnutls_x509_crq_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_crq_deinit (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>);</pre> +<p>This function will deinitialize a PKCS<span class="type">10</span> certificate request +structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>the type to be deinitialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-import"></a><h3>gnutls_x509_crq_import ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_import (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>);</pre> +<p>This function will convert the given DER or PEM encoded certificate +request to a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type. The output will be +stored in <em class="parameter"><code>crq</code></em> +.</p> +<p>If the Certificate is PEM encoded it should have a header of "NEW +CERTIFICATE REQUEST".</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-import.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>The data to store the parsed certificate request.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The DER or PEM encoded certificate.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>One of DER or PEM</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-import.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-private-key-usage-period"></a><h3>gnutls_x509_crq_get_private_key_usage_period ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_private_key_usage_period + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> cert</code></em>, + <em class="parameter"><code><span class="type">time_t</span> *activation</code></em>, + <em class="parameter"><code><span class="type">time_t</span> *expiration</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the expiration and activation +times of the private key of the certificate.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-private-key-usage-period.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>activation</p></td> +<td class="parameter_description"><p>The activation time</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>expiration</p></td> +<td class="parameter_description"><p>The expiration time</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>the extension status</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-private-key-usage-period.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +if the extension is not present, otherwise a negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-dn"></a><h3>gnutls_x509_crq_get_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">char</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_buf</code></em>);</pre> +<p>This function will copy the name of the Certificate request subject +to the provided buffer. The name will be in the form +"C=xxxx,O=yyyy,CN=zzzz" as described in RFC 2253. The output string +<em class="parameter"><code>buf</code></em> + will be ASCII or UTF-8 encoded, depending on the certificate +data.</p> +<p>This function does not output a fully RFC4514 compliant string, if +that is required see <a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-dn3" title="gnutls_x509_crq_get_dn3 ()"><code class="function">gnutls_x509_crq_get_dn3()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-dn.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is not +long enough, and in that case the *<em class="parameter"><code>buf_size</code></em> +will be updated with +the required size. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-dn2"></a><h3>gnutls_x509_crq_get_dn2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_dn2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>);</pre> +<p>This function will allocate buffer and copy the name of the Certificate +request. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>This function does not output a fully RFC4514 compliant string, if +that is required see <a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-dn3" title="gnutls_x509_crq_get_dn3 ()"><code class="function">gnutls_x509_crq_get_dn3()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-dn2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name; must be freed using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-dn2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value. and a negative error code on error.</p> +</div> +<p class="since">Since: 3.1.10</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-dn3"></a><h3>gnutls_x509_crq_get_dn3 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_dn3 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function will allocate buffer and copy the name of the Certificate +request. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as +described in RFC4514. The output string will be ASCII or UTF-8 +encoded, depending on the certificate data.</p> +<p>When the flag <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a> is specified, the output +format will match the format output by previous to 3.5.6 versions of GnuTLS +which was not not fully RFC4514-compliant.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-dn3.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name; must be freed using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or <a class="link" href="gnutls-x509.html#GNUTLS-X509-DN-FLAG-COMPAT:CAPS" title="GNUTLS_X509_DN_FLAG_COMPAT"><code class="literal">GNUTLS_X509_DN_FLAG_COMPAT</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-dn3.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value. and a negative error code on error.</p> +</div> +<p class="since">Since: 3.5.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-dn-oid"></a><h3>gnutls_x509_crq_get_dn_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_dn_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_oid</code></em>);</pre> +<p>This function will extract the requested OID of the name of the +certificate request subject, specified by the given index.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-dn-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crq_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which DN OID to get. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_oid</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-dn-oid.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is +not long enough, and in that case the *<em class="parameter"><code>sizeof_oid</code></em> +will be +updated with the required size. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-dn-by-oid"></a><h3>gnutls_x509_crq_get_dn_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_dn_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> raw_flag</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_buf</code></em>);</pre> +<p>This function will extract the part of the name of the Certificate +request subject, specified by the given OID. The output will be +encoded as described in RFC2253. The output string will be ASCII +or UTF-8 encoded, depending on the certificate data.</p> +<p>Some helper macros with popular OIDs can be found in gnutls/x509.h +If raw flag is (0), this function will only return known OIDs as +text. Other OIDs will be DER encoded, as described in RFC2253 -- +in hex format with a '#' prefix. You can check about known OIDs +using <a class="link" href="gnutls-x509.html#gnutls-x509-dn-oid-known" title="gnutls_x509_dn_oid_known ()"><code class="function">gnutls_x509_dn_oid_known()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-dn-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a gnutls_x509_crq_t type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in a null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>In case multiple same OIDs exist in the RDN, this specifies +which to get. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>raw_flag</p></td> +<td class="parameter_description"><p>If non-zero returns the raw DER data of the DN part.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-dn-by-oid.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is +not long enough, and in that case the *<em class="parameter"><code>buf_size</code></em> +will be +updated with the required size. On success 0 is returned.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-dn"></a><h3>gnutls_x509_crq_set_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_dn (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *dn</code></em>, + <em class="parameter"><code>const <span class="type">char</span> **err</code></em>);</pre> +<p>This function will set the DN on the provided certificate. +The input string should be plain ASCII or UTF-8 encoded. On +DN parsing error <a class="link" href="gnutls-gnutls.html#GNUTLS-E-PARSING-ERROR:CAPS" title="GNUTLS_E_PARSING_ERROR"><code class="literal">GNUTLS_E_PARSING_ERROR</code></a> is returned.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>a comma separated DN string (RFC4514)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>err</p></td> +<td class="parameter_description"><p>indicates the error position (if any)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-dn.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-dn-by-oid"></a><h3>gnutls_x509_crq_set_dn_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_dn_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> raw_flag</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *data</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> sizeof_data</code></em>);</pre> +<p>This function will set the part of the name of the Certificate +request subject, specified by the given OID. The input string +should be ASCII or UTF-8 encoded.</p> +<p>Some helper macros with popular OIDs can be found in gnutls/x509.h +With this function you can only set the known OIDs. You can test +for known OIDs using <a class="link" href="gnutls-x509.html#gnutls-x509-dn-oid-known" title="gnutls_x509_dn_oid_known ()"><code class="function">gnutls_x509_dn_oid_known()</code></a>. For OIDs that are +not known (by gnutls) you should properly DER encode your data, and +call this function with raw_flag set.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-dn-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in a (0)-terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>raw_flag</p></td> +<td class="parameter_description"><p>must be 0, or 1 if the data are DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>a pointer to the input data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_data</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>data</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-dn-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-version"></a><h3>gnutls_x509_crq_set_version ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_version (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> version</code></em>);</pre> +<p>This function will set the version of the certificate request. For +version 1 requests this must be one.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-version.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>version</p></td> +<td class="parameter_description"><p>holds the version number, for v1 Requests must be 1</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-version.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-version"></a><h3>gnutls_x509_crq_get_version ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_version (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>);</pre> +<p>This function will return the version of the specified Certificate +request.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-version.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-version.returns"></a><h4>Returns</h4> +<p> version of certificate request, or a negative error code on +error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-key"></a><h3>gnutls_x509_crq_set_key ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_key (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>);</pre> +<p>This function will set the public parameters from the given private +key to the request.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-key.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>holds a private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-key.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-extension-by-oid"></a><h3>gnutls_x509_crq_set_extension_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_extension_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> sizeof_buf</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> critical</code></em>);</pre> +<p>This function will set an the extension, by the specified OID, in +the certificate request. The extension data should be binary data DER +encoded.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-extension-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a DER encoded data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_buf</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>should be non-zero if the extension is to be marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-extension-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-challenge-password"></a><h3>gnutls_x509_crq_set_challenge_password ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_challenge_password + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *pass</code></em>);</pre> +<p>This function will set a challenge password to be used when +revoking the request.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-challenge-password.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pass</p></td> +<td class="parameter_description"><p>holds a (0)-terminated password</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-challenge-password.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-challenge-password"></a><h3>gnutls_x509_crq_get_challenge_password ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_challenge_password + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">char</span> *pass</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_pass</code></em>);</pre> +<p>This function will return the challenge password in the request. +The challenge password is intended to be used for requesting a +revocation of the certificate.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-challenge-password.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pass</p></td> +<td class="parameter_description"><p>will hold a (0)-terminated password string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pass_size</p></td> +<td class="parameter_description"><p>Initially holds the size of <em class="parameter"><code>pass</code></em> +.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-challenge-password.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-attribute-by-oid"></a><h3>gnutls_x509_crq_set_attribute_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_attribute_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> sizeof_buf</code></em>);</pre> +<p>This function will set the attribute in the certificate request +specified by the given Object ID. The provided attribute must be be DER +encoded.</p> +<p>Attributes in a certificate request is an optional set of data +appended to the request. Their interpretation depends on the CA policy.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-attribute-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in a null-terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure that holds the attribute data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-attribute-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-attribute-by-oid"></a><h3>gnutls_x509_crq_get_attribute_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_attribute_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_buf</code></em>);</pre> +<p>This function will return the attribute in the certificate request +specified by the given Object ID. The attribute will be DER +encoded.</p> +<p>Attributes in a certificate request is an optional set of data +appended to the request. Their interpretation depends on the CA policy.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-attribute-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in null-terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>In case multiple same OIDs exist in the attribute list, this +specifies which to get, use (0) to get the first one</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the attribute data (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-attribute-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-export"></a><h3>gnutls_x509_crq_export ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_export (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code><span class="type">void</span> *output_data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre> +<p>This function will export the certificate request to a PEM or DER +encoded PKCS10 structure.</p> +<p>If the buffer provided is not long enough to hold the output, then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> will be returned and +*<em class="parameter"><code>output_data_size</code></em> + will be updated.</p> +<p>If the structure is PEM encoded, it will have a header of "BEGIN +NEW CERTIFICATE REQUEST".</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-export.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data</p></td> +<td class="parameter_description"><p>will contain a certificate request PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data_size</p></td> +<td class="parameter_description"><p>holds the size of output_data (and will be +replaced by the actual size of parameters)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-export.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-export2"></a><h3>gnutls_x509_crq_export2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_export2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will export the certificate request to a PEM or DER +encoded PKCS10 structure.</p> +<p>The output buffer is allocated using <code class="function">gnutls_malloc()</code>.</p> +<p>If the structure is PEM encoded, it will have a header of "BEGIN +NEW CERTIFICATE REQUEST".</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-export2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>the format of output params. One of PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>will contain a certificate request PEM or DER encoded</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-export2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +<p>Since 3.1.3</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-crq"></a><h3>gnutls_x509_crt_set_crq ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_crq (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>);</pre> +<p>This function will set the name and public parameters as well as +the extensions from the given certificate request to the certificate. +Only RSA keys are currently supported.</p> +<p>Note that this function will only set the <em class="parameter"><code>crq</code></em> + if it is self +signed and the signature is correct. See <a class="link" href="gnutls-x509.html#gnutls-x509-crq-sign2" title="gnutls_x509_crq_sign2 ()"><code class="function">gnutls_x509_crq_sign2()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-crq.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>holds a certificate request</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-crq.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-crq-extensions"></a><h3>gnutls_x509_crt_set_crq_extensions ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_crq_extensions (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>);</pre> +<p>This function will set the extensions from the given request to the +certificate.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-crq-extensions.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>holds a certificate request</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-crq-extensions.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-set-crq-extension-by-oid"></a><h3>gnutls_x509_crt_set_crq_extension_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_set_crq_extension_by_oid + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function will set the extension specify by <em class="parameter"><code>oid</code></em> + from the given request to the +certificate.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-crq-extension-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>holds a certificate request</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>the object identifier of the OID to copy</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-set-crq-extension-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.5.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-private-key-usage-period"></a><h3>gnutls_x509_crq_set_private_key_usage_period ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_private_key_usage_period + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">time_t</span> activation</code></em>, + <em class="parameter"><code><span class="type">time_t</span> expiration</code></em>);</pre> +<p>This function will set the private key usage period extension (2.5.29.16).</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-private-key-usage-period.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>activation</p></td> +<td class="parameter_description"><p>The activation time</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>expiration</p></td> +<td class="parameter_description"><p>The expiration time</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-private-key-usage-period.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-key-rsa-raw"></a><h3>gnutls_x509_crq_set_key_rsa_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_key_rsa_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *m</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e</code></em>);</pre> +<p>This function will set the public parameters from the given private +key to the request. Only RSA keys are currently supported.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-key-rsa-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>m</p></td> +<td class="parameter_description"><p>holds the modulus</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e</p></td> +<td class="parameter_description"><p>holds the public exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-key-rsa-raw.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-subject-alt-name"></a><h3>gnutls_x509_crq_set_subject_alt_name ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_subject_alt_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> nt</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *data</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> data_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will set the subject alternative name certificate +extension. It can set the following types:</p> +<p><a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DNSNAME:CAPS"><code class="literal">GNUTLS_SAN_DNSNAME</code></a>: as a text string</p> +<p><a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-RFC822NAME:CAPS"><code class="literal">GNUTLS_SAN_RFC822NAME</code></a>: as a text string</p> +<p><a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-URI:CAPS"><code class="literal">GNUTLS_SAN_URI</code></a>: as a text string</p> +<p><a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-IPADDRESS:CAPS"><code class="literal">GNUTLS_SAN_IPADDRESS</code></a>: as a binary IP address (4 or 16 bytes)</p> +<p><a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME-XMPP:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></a>: as a UTF8 string</p> +<p>Since version 3.5.7 the <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-RFC822NAME:CAPS"><code class="literal">GNUTLS_SAN_RFC822NAME</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-DNSNAME:CAPS"><code class="literal">GNUTLS_SAN_DNSNAME</code></a>, and +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME-XMPP:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></a> are converted to ACE format when necessary.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-subject-alt-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>a certificate request of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>nt</p></td> +<td class="parameter_description"><p>is one of the <a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> enumerations</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_size</p></td> +<td class="parameter_description"><p>The size of data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p><a class="link" href="gnutls-x509.html#GNUTLS-FSAN-SET:CAPS" title="GNUTLS_FSAN_SET"><code class="literal">GNUTLS_FSAN_SET</code></a> to clear previous data or +<a class="link" href="gnutls-x509.html#GNUTLS-FSAN-APPEND:CAPS" title="GNUTLS_FSAN_APPEND"><code class="literal">GNUTLS_FSAN_APPEND</code></a> to append.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-subject-alt-name.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-subject-alt-othername"></a><h3>gnutls_x509_crq_set_subject_alt_othername ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_subject_alt_othername + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *data</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> data_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will set the subject alternative name certificate +extension. It can set the following types:</p> +<p>The values set must be binary values and must be properly DER encoded.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-subject-alt-othername.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>a certificate request of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>is the othername OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>The data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_size</p></td> +<td class="parameter_description"><p>The size of data to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p><a class="link" href="gnutls-x509.html#GNUTLS-FSAN-SET:CAPS" title="GNUTLS_FSAN_SET"><code class="literal">GNUTLS_FSAN_SET</code></a> to clear previous data or +<a class="link" href="gnutls-x509.html#GNUTLS-FSAN-APPEND:CAPS" title="GNUTLS_FSAN_APPEND"><code class="literal">GNUTLS_FSAN_APPEND</code></a> to append.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-subject-alt-othername.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-key-usage"></a><h3>gnutls_x509_crq_set_key_usage ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_key_usage (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> usage</code></em>);</pre> +<p>This function will set the keyUsage certificate extension.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-key-usage.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>a certificate request of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>usage</p></td> +<td class="parameter_description"><p>an ORed sequence of the GNUTLS_KEY_* elements.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-key-usage.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-basic-constraints"></a><h3>gnutls_x509_crq_set_basic_constraints ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_basic_constraints (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> ca</code></em>, + <em class="parameter"><code><span class="type">int</span> pathLenConstraint</code></em>);</pre> +<p>This function will set the basicConstraints certificate extension.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-basic-constraints.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>a certificate request of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ca</p></td> +<td class="parameter_description"><p>true(1) or false(0) depending on the Certificate authority status.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pathLenConstraint</p></td> +<td class="parameter_description"><p>non-negative error codes indicate maximum length of path, +and negative error codes indicate that the pathLenConstraints field should +not be present.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-basic-constraints.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-key-purpose-oid"></a><h3>gnutls_x509_crq_set_key_purpose_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_key_purpose_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *oid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> critical</code></em>);</pre> +<p>This function will set the key purpose OIDs of the Certificate. +These are stored in the Extended Key Usage extension (2.5.29.37) +See the GNUTLS_KP_* definitions for human readable names.</p> +<p>Subsequent calls to this function will append OIDs to the OID list.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-key-purpose-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a null-terminated string that holds the OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>Whether this extension will be critical or not</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-key-purpose-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-key-purpose-oid"></a><h3>gnutls_x509_crq_get_key_purpose_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_key_purpose_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_oid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will extract the key purpose OIDs of the Certificate +specified by the given index. These are stored in the Extended Key +Usage extension (2.5.29.37). See the GNUTLS_KP_* definitions for +human readable names.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-key-purpose-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>This specifies which OID to return, use (0) to get the first one</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to store the OID (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_oid</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>output variable with critical flag, may be <code class="literal">NULL</code>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-key-purpose-oid.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the provided buffer is +not long enough, and in that case the *<em class="parameter"><code>sizeof_oid</code></em> +will be +updated with the required size. On success 0 is returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-extension-data"></a><h3>gnutls_x509_crq_get_extension_data ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_extension_data (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_data</code></em>);</pre> +<p>This function will return the requested extension data in the +certificate. The extension data will be stored as a string in the +provided buffer.</p> +<p>Use <a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-extension-info" title="gnutls_x509_crq_get_extension_info ()"><code class="function">gnutls_x509_crq_get_extension_info()</code></a> to extract the OID and +critical flag. Use <a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-extension-by-oid" title="gnutls_x509_crq_get_extension_by_oid ()"><code class="function">gnutls_x509_crq_get_extension_by_oid()</code></a> instead, +if you want to get data indexed by the extension OID rather than +sequence.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-extension-data.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension number to get. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the data (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_data</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-extension-data.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error. If your have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-extension-data2"></a><h3>gnutls_x509_crq_get_extension_data2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_extension_data2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>);</pre> +<p>This function will return the requested extension data in the +certificate request. The extension data will be allocated using +<code class="function">gnutls_malloc()</code>.</p> +<p>Use <a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-extension-info" title="gnutls_x509_crq_get_extension_info ()"><code class="function">gnutls_x509_crq_get_extension_info()</code></a> to extract the OID.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-extension-data2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>extension_id</p></td> +<td class="parameter_description"><p>An X.509 extension OID.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension OID to read. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>will contain the extension DER-encoded data</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-extension-data2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error code is returned. If you have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-extension-info"></a><h3>gnutls_x509_crq_get_extension_info ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_extension_info (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_oid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the requested extension OID in the +certificate, and the critical flag for it. The extension OID will +be stored as a string in the provided buffer. Use +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-extension-data" title="gnutls_x509_crq_get_extension_data ()"><code class="function">gnutls_x509_crq_get_extension_data()</code></a> to extract the data.</p> +<p>If the buffer provided is not long enough to hold the output, then +*<em class="parameter"><code>sizeof_oid</code></em> + is updated and <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> will be +returned.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-extension-info.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which extension number to get. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to store the OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_oid</p></td> +<td class="parameter_description"><p>initially holds the maximum size of <em class="parameter"><code>oid</code></em> +, on return +holds actual size of <em class="parameter"><code>oid</code></em> +.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>output variable with critical flag, may be NULL.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-extension-info.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error. If your have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-attribute-data"></a><h3>gnutls_x509_crq_get_attribute_data ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_attribute_data (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_data</code></em>);</pre> +<p>This function will return the requested attribute data in the +certificate request. The attribute data will be stored as a string in the +provided buffer.</p> +<p>Use <a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-attribute-info" title="gnutls_x509_crq_get_attribute_info ()"><code class="function">gnutls_x509_crq_get_attribute_info()</code></a> to extract the OID. +Use <a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-attribute-by-oid" title="gnutls_x509_crq_get_attribute_by_oid ()"><code class="function">gnutls_x509_crq_get_attribute_by_oid()</code></a> instead, +if you want to get data indexed by the attribute OID rather than +sequence.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-attribute-data.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which attribute number to get. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the data (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_data</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-attribute-data.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error. If your have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-attribute-info"></a><h3>gnutls_x509_crq_get_attribute_info ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_attribute_info (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_oid</code></em>);</pre> +<p>This function will return the requested attribute OID in the +certificate, and the critical flag for it. The attribute OID will +be stored as a string in the provided buffer. Use +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-attribute-data" title="gnutls_x509_crq_get_attribute_data ()"><code class="function">gnutls_x509_crq_get_attribute_data()</code></a> to extract the data.</p> +<p>If the buffer provided is not long enough to hold the output, then +*<em class="parameter"><code>sizeof_oid</code></em> + is updated and <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> will be +returned.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-attribute-info.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>Specifies which attribute number to get. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the OID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>sizeof_oid</p></td> +<td class="parameter_description"><p>initially holds the maximum size of <em class="parameter"><code>oid</code></em> +, on return +holds actual size of <em class="parameter"><code>oid</code></em> +.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-attribute-info.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error. If your have reached the +last extension available <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +will be returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-pk-algorithm"></a><h3>gnutls_x509_crq_get_pk_algorithm ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_pk_algorithm (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *bits</code></em>);</pre> +<p>This function will return the public key algorithm of a PKCS<span class="type">10</span> +certificate request.</p> +<p>If bits is non-<code class="literal">NULL</code>, it should have enough size to hold the +parameters size in bits. For RSA the bits returned is the modulus. +For DSA the bits returned are of the public exponent.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-pk-algorithm.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>bits</p></td> +<td class="parameter_description"><p>if bits is non-<code class="literal">NULL</code> it will hold the size of the parameters' in bits</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-pk-algorithm.returns"></a><h4>Returns</h4> +<p> a member of the <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> enumeration on +success, or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-spki"></a><h3>gnutls_x509_crq_get_spki ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_spki (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a> spki</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-spki"></a><h3>gnutls_x509_crq_set_spki ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_spki (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a> spki</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will set the certificate request's subject public key +information explicitly. This is intended to be used in the cases +where a single public key (e.g., RSA) can be used for multiple +signature algorithms (RSA PKCS1-1.5, and RSA-PSS).</p> +<p>To export the public key (i.e., the SubjectPublicKeyInfo part), check +<a class="link" href="gnutls-abstract.html#gnutls-pubkey-import-x509" title="gnutls_pubkey_import_x509 ()"><code class="function">gnutls_pubkey_import_x509()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-spki.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>a certificate request of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>a SubjectPublicKeyInfo structure of type <a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><span class="type">gnutls_x509_spki_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-spki.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-signature-oid"></a><h3>gnutls_x509_crq_get_signature_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_signature_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>);</pre> +<p>This function will return the OID of the signature algorithm +that has been used to sign this certificate request. This function +is useful in the case <a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-signature-algorithm" title="gnutls_x509_crq_get_signature_algorithm ()"><code class="function">gnutls_x509_crq_get_signature_algorithm()</code></a> +returned <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-UNKNOWN:CAPS"><code class="literal">GNUTLS_SIGN_UNKNOWN</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-signature-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a buffer to hold the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-signature-oid.returns"></a><h4>Returns</h4> +<p> zero or a negative error code on error.</p> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-pk-oid"></a><h3>gnutls_x509_crq_get_pk_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_pk_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *oid_size</code></em>);</pre> +<p>This function will return the OID of the public key algorithm +on that certificate request. This function +is useful in the case <a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-pk-algorithm" title="gnutls_x509_crq_get_pk_algorithm ()"><code class="function">gnutls_x509_crq_get_pk_algorithm()</code></a> +returned <a class="link" href="gnutls-gnutls.html#GNUTLS-PK-UNKNOWN:CAPS"><code class="literal">GNUTLS_PK_UNKNOWN</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-pk-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>a pointer to a buffer to hold the OID (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>oid</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-pk-oid.returns"></a><h4>Returns</h4> +<p> zero or a negative error code on error.</p> +</div> +<p class="since">Since: 3.5.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-key-id"></a><h3>gnutls_x509_crq_get_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_key_id (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">char</span> *output_data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre> +<p>This function will return a unique ID that depends on the public key +parameters. This ID can be used in checking whether a certificate +corresponds to the given private key.</p> +<p>If the buffer provided is not long enough to hold the output, then +*<em class="parameter"><code>output_data_size</code></em> + is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will +be returned. The output will normally be a SHA-1 hash output, +which is 20 bytes.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>a certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be one of the flags from <a class="link" href="gnutls-x509.html#gnutls-keyid-flags-t" title="enum gnutls_keyid_flags_t"><code class="literal">gnutls_keyid_flags_t</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data</p></td> +<td class="parameter_description"><p>will contain the key ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data_size</p></td> +<td class="parameter_description"><p>holds the size of output_data (and will be +replaced by the actual size of parameters)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-key-id.returns"></a><h4>Returns</h4> +<p> In case of failure a negative error code will be +returned, and 0 on success.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-key-rsa-raw"></a><h3>gnutls_x509_crq_get_key_rsa_raw ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_key_rsa_raw (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *m</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *e</code></em>);</pre> +<p>This function will export the RSA public key's parameters found in +the given structure. The new parameters will be allocated using +<code class="function">gnutls_malloc()</code> and will be stored in the appropriate datum.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-key-rsa-raw.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>Holds the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>m</p></td> +<td class="parameter_description"><p>will hold the modulus</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>e</p></td> +<td class="parameter_description"><p>will hold the public exponent</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-key-rsa-raw.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-key-usage"></a><h3>gnutls_x509_crq_get_key_usage ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_key_usage (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *key_usage</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return certificate's key usage, by reading the +keyUsage X.509 extension (2.5.29.15). The key usage value will +ORed values of the: <a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-DIGITAL-SIGNATURE:CAPS" title="GNUTLS_KEY_DIGITAL_SIGNATURE"><code class="literal">GNUTLS_KEY_DIGITAL_SIGNATURE</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-NON-REPUDIATION:CAPS" title="GNUTLS_KEY_NON_REPUDIATION"><code class="literal">GNUTLS_KEY_NON_REPUDIATION</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-KEY-ENCIPHERMENT:CAPS" title="GNUTLS_KEY_KEY_ENCIPHERMENT"><code class="literal">GNUTLS_KEY_KEY_ENCIPHERMENT</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-DATA-ENCIPHERMENT:CAPS" title="GNUTLS_KEY_DATA_ENCIPHERMENT"><code class="literal">GNUTLS_KEY_DATA_ENCIPHERMENT</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-KEY-AGREEMENT:CAPS" title="GNUTLS_KEY_KEY_AGREEMENT"><code class="literal">GNUTLS_KEY_KEY_AGREEMENT</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-KEY-CERT-SIGN:CAPS" title="GNUTLS_KEY_KEY_CERT_SIGN"><code class="literal">GNUTLS_KEY_KEY_CERT_SIGN</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-CRL-SIGN:CAPS" title="GNUTLS_KEY_CRL_SIGN"><code class="literal">GNUTLS_KEY_CRL_SIGN</code></a>, +<a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-ENCIPHER-ONLY:CAPS" title="GNUTLS_KEY_ENCIPHER_ONLY"><code class="literal">GNUTLS_KEY_ENCIPHER_ONLY</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-KEY-DECIPHER-ONLY:CAPS" title="GNUTLS_KEY_DECIPHER_ONLY"><code class="literal">GNUTLS_KEY_DECIPHER_ONLY</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-key-usage.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key_usage</p></td> +<td class="parameter_description"><p>where the key usage bits will be stored</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-key-usage.returns"></a><h4>Returns</h4> +<p> the certificate key usage, or a negative error code in case of +parsing error. If the certificate does not contain the keyUsage +extension <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> will be +returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-basic-constraints"></a><h3>gnutls_x509_crq_get_basic_constraints ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_basic_constraints (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *ca</code></em>, + <em class="parameter"><code><span class="type">int</span> *pathlen</code></em>);</pre> +<p>This function will read the certificate's basic constraints, and +return the certificates CA status. It reads the basicConstraints +X.509 extension (2.5.29.19).</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-basic-constraints.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ca</p></td> +<td class="parameter_description"><p>pointer to output integer indicating CA status, may be NULL, +value is 1 if the certificate CA flag is set, 0 otherwise.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pathlen</p></td> +<td class="parameter_description"><p>pointer to output integer indicating path length (may be +NULL), non-negative error codes indicate a present pathLenConstraint +field and the actual value, -1 indicate that the field is absent.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-basic-constraints.returns"></a><h4>Returns</h4> +<p> If the certificate is a CA a positive value will be +returned, or (0) if the certificate does not have CA flag set. +A negative error code may be returned in case of errors. If the +certificate does not contain the basicConstraints extension +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> will be returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-subject-alt-name"></a><h3>gnutls_x509_crq_get_subject_alt_name ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_subject_alt_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *ret</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *ret_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *ret_type</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the alternative names, contained in the +given certificate. It is the same as +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-subject-alt-name" title="gnutls_x509_crq_get_subject_alt_name ()"><code class="function">gnutls_x509_crq_get_subject_alt_name()</code></a> except for the fact that it +will return the type of the alternative name in <em class="parameter"><code>ret_type</code></em> + even if +the function fails for some reason (i.e. the buffer provided is +not enough).</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-subject-alt-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the alt name, 0 for the +first one, 1 for the second etc.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret</p></td> +<td class="parameter_description"><p>is the place where the alternative name will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret_size</p></td> +<td class="parameter_description"><p>holds the size of ret.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret_type</p></td> +<td class="parameter_description"><p>holds the <a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a> name type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical +(may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-subject-alt-name.returns"></a><h4>Returns</h4> +<p> the alternative subject name type on success, one of the +enumerated <a class="link" href="gnutls-gnutls.html#gnutls-x509-subject-alt-name-t" title="enum gnutls_x509_subject_alt_name_t"><span class="type">gnutls_x509_subject_alt_name_t</span></a>. It will return +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if <em class="parameter"><code>ret_size</code></em> +is not large enough to +hold the value. In that case <em class="parameter"><code>ret_size</code></em> +will be updated with the +required size. If the certificate request does not have an +Alternative name with the specified sequence number then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-subject-alt-othername-oid"></a><h3>gnutls_x509_crq_get_subject_alt_othername_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_subject_alt_othername_oid + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><span class="type">void</span> *ret</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *ret_size</code></em>);</pre> +<p>This function will extract the type OID of an otherName Subject +Alternative Name, contained in the given certificate, and return +the type as an enumerated element.</p> +<p>This function is only useful if +<a class="link" href="gnutls-x509.html#gnutls-x509-crq-get-subject-alt-name" title="gnutls_x509_crq_get_subject_alt_name ()"><code class="function">gnutls_x509_crq_get_subject_alt_name()</code></a> returned +<a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-subject-alt-othername-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>specifies the sequence number of the alt name (0 for the first one, 1 for the second etc.)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret</p></td> +<td class="parameter_description"><p>is the place where the otherName OID will be copied to</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ret_size</p></td> +<td class="parameter_description"><p>holds the size of ret.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-subject-alt-othername-oid.returns"></a><h4>Returns</h4> +<p> the alternative subject name type on success, one of the +enumerated gnutls_x509_subject_alt_name_t. For supported OIDs, +it will return one of the virtual (GNUTLS_SAN_OTHERNAME_*) types, +e.g. <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME-XMPP:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></a>, and <a class="link" href="gnutls-gnutls.html#GNUTLS-SAN-OTHERNAME:CAPS"><code class="literal">GNUTLS_SAN_OTHERNAME</code></a> for +unknown OIDs. It will return <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if +<em class="parameter"><code>ret_size</code></em> +is not large enough to hold the value. In that case +<em class="parameter"><code>ret_size</code></em> +will be updated with the required size. If the +certificate does not have an Alternative name with the specified +sequence number and with the otherName type then +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-extension-by-oid"></a><h3>gnutls_x509_crq_get_extension_by_oid ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_extension_by_oid (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><span class="type">void</span> *buf</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *sizeof_buf</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the extension specified by the OID in +the certificate. The extensions will be returned as binary data +DER encoded, in the provided buffer.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-extension-by-oid.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identifier in a null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>In case multiple same OIDs exist in the extensions, this +specifies which to get. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf</p></td> +<td class="parameter_description"><p>a pointer to a structure to hold the name (may be null)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>buf_size</p></td> +<td class="parameter_description"><p>initially holds the size of <em class="parameter"><code>buf</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-extension-by-oid.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error code in case of an error. If the certificate does not +contain the specified extension +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> will be returned.</p> +</div> +<p class="since">Since: 2.8.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-get-tlsfeatures"></a><h3>gnutls_x509_crq_get_tlsfeatures ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_get_tlsfeatures (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-t" title="gnutls_x509_tlsfeatures_t"><span class="type">gnutls_x509_tlsfeatures_t</span></a> features</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will get the X.509 TLS features +extension structure from the certificate request. +The returned structure needs to be freed using +<a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-deinit" title="gnutls_x509_tlsfeatures_deinit ()"><code class="function">gnutls_x509_tlsfeatures_deinit()</code></a>.</p> +<p>When the <em class="parameter"><code>flags</code></em> + is set to <a class="link" href="gnutls-x509.html#GNUTLS-EXT-FLAG-APPEND:CAPS" title="GNUTLS_EXT_FLAG_APPEND"><code class="literal">GNUTLS_EXT_FLAG_APPEND</code></a>, +then if the <em class="parameter"><code>features</code></em> + structure is empty this function will behave +identically as if the flag was not set. Otherwise if there are elements +in the <em class="parameter"><code>features</code></em> + structure then they will be merged with.</p> +<p>Note that <em class="parameter"><code>features</code></em> + must be initialized prior to calling this function.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-tlsfeatures.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>An X.509 certificate request</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>features</p></td> +<td class="parameter_description"><p>If the function succeeds, the +features will be stored in this variable.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or <a class="link" href="gnutls-x509.html#GNUTLS-EXT-FLAG-APPEND:CAPS" title="GNUTLS_EXT_FLAG_APPEND"><code class="literal">GNUTLS_EXT_FLAG_APPEND</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>the extension status</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-get-tlsfeatures.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.5.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crq-set-tlsfeatures"></a><h3>gnutls_x509_crq_set_tlsfeatures ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crq_set_tlsfeatures (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crq-t" title="gnutls_x509_crq_t"><span class="type">gnutls_x509_crq_t</span></a> crq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-tlsfeatures-t" title="gnutls_x509_tlsfeatures_t"><span class="type">gnutls_x509_tlsfeatures_t</span></a> features</code></em>);</pre> +<p>This function will set the certificate request's +X.509 TLS extension from the given structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-tlsfeatures.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crq</p></td> +<td class="parameter_description"><p>An X.509 certificate request</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>features</p></td> +<td class="parameter_description"><p>If the function succeeds, the +features will be added to the certificate +request.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crq-set-tlsfeatures.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error value.</p> +</div> +<p class="since">Since: 3.5.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-get-extension-by-oid2"></a><h3>gnutls_x509_crt_get_extension_by_oid2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_get_extension_by_oid2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oid</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> indx</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *output</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *critical</code></em>);</pre> +<p>This function will return the extension specified by the OID in the +certificate. The extensions will be returned as binary data DER +encoded, in the provided buffer.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-by-oid2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oid</p></td> +<td class="parameter_description"><p>holds an Object Identified in null terminated string</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>indx</p></td> +<td class="parameter_description"><p>In case multiple same OIDs exist in the extensions, this specifies which to send. Use (0) to get the first one.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output</p></td> +<td class="parameter_description"><p>will hold the allocated extension data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>critical</p></td> +<td class="parameter_description"><p>will be non-zero if the extension is marked as critical</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-get-extension-by-oid2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +otherwise a negative error code is returned. If the certificate does not +contain the specified extension +GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.</p> +</div> +<p class="since">Since: 3.3.8</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-init"></a><h3>gnutls_x509_trust_list_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_init (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> *list</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> size</code></em>);</pre> +<p>This function will initialize an X.509 trust list structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>A pointer to the type to be initialized</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>size</p></td> +<td class="parameter_description"><p>The size of the internal hash table. Use (0) for default size.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.0.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-deinit"></a><h3>gnutls_x509_trust_list_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_trust_list_deinit (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> all</code></em>);</pre> +<p>This function will deinitialize a trust list. Note that the +<em class="parameter"><code>all</code></em> + flag should be typically non-zero unless you have specified +your certificates using <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-cas" title="gnutls_x509_trust_list_add_cas ()"><code class="function">gnutls_x509_trust_list_add_cas()</code></a> and you +want to prevent them from being deinitialized by this function.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list to be deinitialized</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>all</p></td> +<td class="parameter_description"><p>if non-zero it will deinitialize all the certificates and CRLs contained in the structure.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.0.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-get-issuer"></a><h3>gnutls_x509_trust_list_get_issuer ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_get_issuer (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *issuer</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will find the issuer of the given certificate. +If the flag <a class="link" href="gnutls-x509.html#GNUTLS-TL-GET-COPY:CAPS"><code class="literal">GNUTLS_TL_GET_COPY</code></a> is specified a copy of the issuer +will be returned which must be freed using <a class="link" href="gnutls-x509.html#gnutls-x509-crt-deinit" title="gnutls_x509_crt_deinit ()"><code class="function">gnutls_x509_crt_deinit()</code></a>. +In that case the provided <em class="parameter"><code>issuer</code></em> + must not be initialized.</p> +<p>Note that the flag <a class="link" href="gnutls-x509.html#GNUTLS-TL-GET-COPY:CAPS"><code class="literal">GNUTLS_TL_GET_COPY</code></a> is required for this function +to work with PKCS<span class="type">11</span> trust lists in a thread-safe way.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-get-issuer.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>is the certificate to find issuer for</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>Will hold the issuer if any. Should be treated as constant +unless <a class="link" href="gnutls-x509.html#GNUTLS-TL-GET-COPY:CAPS"><code class="literal">GNUTLS_TL_GET_COPY</code></a> is set in <em class="parameter"><code>flags</code></em> +.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>flags from <a class="link" href="gnutls-x509.html#gnutls-trust-list-flags-t" title="enum gnutls_trust_list_flags_t"><code class="literal">gnutls_trust_list_flags_t</code></a> (<a class="link" href="gnutls-x509.html#GNUTLS-TL-GET-COPY:CAPS"><code class="literal">GNUTLS_TL_GET_COPY</code></a> is applicable)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-get-issuer.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-get-issuer-by-dn"></a><h3>gnutls_x509_trust_list_get_issuer_by_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_get_issuer_by_dn + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *issuer</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will find the issuer with the given name, and +return a copy of the issuer, which must be freed using <a class="link" href="gnutls-x509.html#gnutls-x509-crt-deinit" title="gnutls_x509_crt_deinit ()"><code class="function">gnutls_x509_crt_deinit()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-get-issuer-by-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>is the issuer's DN</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>Will hold the issuer if any. Should be deallocated after use.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Use zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-get-issuer-by-dn.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-get-issuer-by-subject-key-id"></a><h3>gnutls_x509_trust_list_get_issuer_by_subject_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_get_issuer_by_subject_key_id + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *spki</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *issuer</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will find the issuer with the given name and subject key ID, and +return a copy of the issuer, which must be freed using <a class="link" href="gnutls-x509.html#gnutls-x509-crt-deinit" title="gnutls_x509_crt_deinit ()"><code class="function">gnutls_x509_crt_deinit()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-get-issuer-by-subject-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>is the issuer's DN (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>is the subject key ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>Will hold the issuer if any. Should be deallocated after use.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Use zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-get-issuer-by-subject-key-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.2</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-add-cas"></a><h3>gnutls_x509_trust_list_add_cas ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_add_cas (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *clist</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> clist_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will add the given certificate authorities +to the trusted list. The CAs in <em class="parameter"><code>clist</code></em> + must not be deinitialized +during the lifetime of <em class="parameter"><code>list</code></em> +.</p> +<p>If the flag <a class="link" href="gnutls-x509.html#GNUTLS-TL-NO-DUPLICATES:CAPS"><code class="literal">GNUTLS_TL_NO_DUPLICATES</code></a> is specified, then +this function will ensure that no duplicates will be +present in the final trust list.</p> +<p>If the flag <a class="link" href="gnutls-x509.html#GNUTLS-TL-NO-DUPLICATE-KEY:CAPS"><code class="literal">GNUTLS_TL_NO_DUPLICATE_KEY</code></a> is specified, then +this function will ensure that no certificates with the +same key are present in the final trust list.</p> +<p>If either <a class="link" href="gnutls-x509.html#GNUTLS-TL-NO-DUPLICATE-KEY:CAPS"><code class="literal">GNUTLS_TL_NO_DUPLICATE_KEY</code></a> or <a class="link" href="gnutls-x509.html#GNUTLS-TL-NO-DUPLICATES:CAPS"><code class="literal">GNUTLS_TL_NO_DUPLICATES</code></a> +are given, <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-deinit" title="gnutls_x509_trust_list_deinit ()"><code class="function">gnutls_x509_trust_list_deinit()</code></a> must be called with parameter +<em class="parameter"><code>all</code></em> + being 1.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-cas.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>clist</p></td> +<td class="parameter_description"><p>A list of CAs</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>clist_size</p></td> +<td class="parameter_description"><p>The length of the CA list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>flags from <a class="link" href="gnutls-x509.html#gnutls-trust-list-flags-t" title="enum gnutls_trust_list_flags_t"><code class="literal">gnutls_trust_list_flags_t</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-cas.returns"></a><h4>Returns</h4> +<p> The number of added elements is returned; that includes +duplicate entries.</p> +</div> +<p class="since">Since: 3.0.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-remove-cas"></a><h3>gnutls_x509_trust_list_remove_cas ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_remove_cas (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *clist</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> clist_size</code></em>);</pre> +<p>This function will remove the given certificate authorities +from the trusted list.</p> +<p>Note that this function can accept certificates and authorities +not yet known. In that case they will be kept in a separate +black list that will be used during certificate verification. +Unlike <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-cas" title="gnutls_x509_trust_list_add_cas ()"><code class="function">gnutls_x509_trust_list_add_cas()</code></a> there is no deinitialization +restriction for certificate list provided in this function.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-remove-cas.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>clist</p></td> +<td class="parameter_description"><p>A list of CAs</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>clist_size</p></td> +<td class="parameter_description"><p>The length of the CA list</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-remove-cas.returns"></a><h4>Returns</h4> +<p> The number of removed elements is returned.</p> +</div> +<p class="since">Since: 3.1.10</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-add-named-crt"></a><h3>gnutls_x509_trust_list_add_named_crt ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_add_named_crt (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *name</code></em>, + <em class="parameter"><code><span class="type">size_t</span> name_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will add the given certificate to the trusted +list and associate it with a name. The certificate will not be +be used for verification with <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-crt" title="gnutls_x509_trust_list_verify_crt ()"><code class="function">gnutls_x509_trust_list_verify_crt()</code></a> +but with <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-named-crt" title="gnutls_x509_trust_list_verify_named_crt ()"><code class="function">gnutls_x509_trust_list_verify_named_crt()</code></a> or +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-crt2" title="gnutls_x509_trust_list_verify_crt2 ()"><code class="function">gnutls_x509_trust_list_verify_crt2()</code></a> - the latter only since +GnuTLS 3.4.0 and if a hostname is provided.</p> +<p>In principle this function can be used to set individual "server" +certificates that are trusted by the user for that specific server +but for no other purposes.</p> +<p>The certificate <em class="parameter"><code>cert</code></em> + must not be deinitialized during the lifetime +of the <em class="parameter"><code>list</code></em> +.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-named-crt.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>A certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>An identifier for the certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name_size</p></td> +<td class="parameter_description"><p>The size of the identifier</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be 0.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-named-crt.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.0.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-add-crls"></a><h3>gnutls_x509_trust_list_add_crls ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_add_crls (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> *crl_list</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> crl_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> verification_flags</code></em>);</pre> +<p>This function will add the given certificate revocation lists +to the trusted list. The CRLs in <em class="parameter"><code>crl_list</code></em> + must not be deinitialized +during the lifetime of <em class="parameter"><code>list</code></em> +.</p> +<p>This function must be called after <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-cas" title="gnutls_x509_trust_list_add_cas ()"><code class="function">gnutls_x509_trust_list_add_cas()</code></a> +to allow verifying the CRLs for validity. If the flag <a class="link" href="gnutls-x509.html#GNUTLS-TL-NO-DUPLICATES:CAPS"><code class="literal">GNUTLS_TL_NO_DUPLICATES</code></a> +is given, then the final CRL list will not contain duplicate entries.</p> +<p>If the flag <a class="link" href="gnutls-x509.html#GNUTLS-TL-NO-DUPLICATES:CAPS"><code class="literal">GNUTLS_TL_NO_DUPLICATES</code></a> is given, <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-deinit" title="gnutls_x509_trust_list_deinit ()"><code class="function">gnutls_x509_trust_list_deinit()</code></a> must be +called with parameter <em class="parameter"><code>all</code></em> + being 1.</p> +<p>If flag <a class="link" href="gnutls-x509.html#GNUTLS-TL-VERIFY-CRL:CAPS"><code class="literal">GNUTLS_TL_VERIFY_CRL</code></a> is given the CRLs will be verified before being added, +and if verification fails, they will be skipped.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-crls.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crl_list</p></td> +<td class="parameter_description"><p>A list of CRLs</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crl_size</p></td> +<td class="parameter_description"><p>The length of the CRL list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>flags from <a class="link" href="gnutls-x509.html#gnutls-trust-list-flags-t" title="enum gnutls_trust_list_flags_t"><code class="literal">gnutls_trust_list_flags_t</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>verification_flags</p></td> +<td class="parameter_description"><p>gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-crls.returns"></a><h4>Returns</h4> +<p> The number of added elements is returned; that includes +duplicate entries.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-iter-get-ca"></a><h3>gnutls_x509_trust_list_iter_get_ca ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_iter_get_ca (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-iter-t" title="gnutls_x509_trust_list_iter_t"><span class="type">gnutls_x509_trust_list_iter_t</span></a> *iter</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *crt</code></em>);</pre> +<p>This function obtains a certificate in the trust list and advances the +iterator to the next certificate. The certificate returned in <em class="parameter"><code>crt</code></em> + must be +deallocated with <a class="link" href="gnutls-x509.html#gnutls-x509-crt-deinit" title="gnutls_x509_crt_deinit ()"><code class="function">gnutls_x509_crt_deinit()</code></a>.</p> +<p>When past the last element is accessed <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> +is returned and the iterator is reset.</p> +<p>The iterator is deinitialized and reset to <code class="literal">NULL</code> automatically by this +function after iterating through all elements until +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> is returned. If the iteration is +aborted early, it must be manually deinitialized using +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-iter-deinit" title="gnutls_x509_trust_list_iter_deinit ()"><code class="function">gnutls_x509_trust_list_iter_deinit()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-iter-get-ca.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>iter</p></td> +<td class="parameter_description"><p>A pointer to an iterator (initially the iterator should be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>where the certificate will be copied</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-iter-get-ca.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-iter-deinit"></a><h3>gnutls_x509_trust_list_iter_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_trust_list_iter_deinit (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-iter-t" title="gnutls_x509_trust_list_iter_t"><span class="type">gnutls_x509_trust_list_iter_t</span></a> iter</code></em>);</pre> +<p>This function will deinitialize an iterator structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-iter-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>iter</p></td> +<td class="parameter_description"><p>The iterator structure to be deinitialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-session-set-verify-output-function"></a><h3>gnutls_session_set_verify_output_function ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_session_set_verify_output_function + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>, + <em class="parameter"><code><span class="type">gnutls_verify_output_function</span> *func</code></em>);</pre> +<p>This function sets a callback to be called when the peer's certificate +chain has to be verified and full path to the trusted root has to be +printed.</p> +<p>The callback's function prototype is defined in `x509.h': +int (*callback)( +gnutls_x509_crt_t cert, +gnutls_x509_crt_t issuer, +gnutls_x509_crl_t crl, +unsigned int verification_output);</p> +<p>If the callback function is provided then gnutls will call it, in the +certificate verification procedure. +To verify the certificate chain and print its path uptp the trusted root, +functions such as <a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers" title="gnutls_certificate_verify_peers ()"><code class="function">gnutls_certificate_verify_peers()</code></a>, +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-crt" title="gnutls_x509_trust_list_verify_crt ()"><code class="function">gnutls_x509_trust_list_verify_crt()</code></a>, and <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-crt2" title="gnutls_x509_trust_list_verify_crt2 ()"><code class="function">gnutls_x509_trust_list_verify_crt2()</code></a> +can be used. The callback is set in <code class="function">_gnutls_verify_crt_status()</code> and +<code class="function">_gnutls_pkcs11_verify_crt_status()</code>.</p> +<div class="refsect3"> +<a name="gnutls-session-set-verify-output-function.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>session</p></td> +<td class="parameter_description"><p>is a <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> type.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>func</p></td> +<td class="parameter_description"><p>is the callback function</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.7.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-verify-named-crt"></a><h3>gnutls_x509_trust_list_verify_named_crt ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_verify_named_crt + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *name</code></em>, + <em class="parameter"><code><span class="type">size_t</span> name_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *verify</code></em>, + <em class="parameter"><code><span class="type">gnutls_verify_output_function</span> func</code></em>);</pre> +<p>This function will try to find a certificate that is associated with the provided +name --see <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-named-crt" title="gnutls_x509_trust_list_add_named_crt ()"><code class="function">gnutls_x509_trust_list_add_named_crt()</code></a>. If a match is found the +certificate is considered valid. In addition to that this function will also +check CRLs. The <em class="parameter"><code>voutput</code></em> + parameter will hold an OR'ed sequence of +<a class="link" href="gnutls-gnutls.html#gnutls-certificate-status-t" title="enum gnutls_certificate_status_t"><code class="literal">gnutls_certificate_status_t</code></a> flags.</p> +<p>Additionally a certificate verification profile can be specified +from the ones in <a class="link" href="gnutls-x509.html#gnutls-certificate-verification-profiles-t" title="enum gnutls_certificate_verification_profiles_t"><code class="literal">gnutls_certificate_verification_profiles_t</code></a> by +ORing the result of <a class="link" href="gnutls-x509.html#GNUTLS-PROFILE-TO-VFLAGS:CAPS" title="GNUTLS_PROFILE_TO_VFLAGS()"><code class="function">GNUTLS_PROFILE_TO_VFLAGS()</code></a> to the verification +flags.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-verify-named-crt.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>is the certificate to be verified</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>is the certificate's name</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>name_size</p></td> +<td class="parameter_description"><p>is the certificate's name size</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>voutput</p></td> +<td class="parameter_description"><p>will hold the certificate verification output.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>func</p></td> +<td class="parameter_description"><p>If non-null will be called on each chain element verification with the output.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-verify-named-crt.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.0.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-verify-crt2"></a><h3>gnutls_x509_trust_list_verify_crt2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_verify_crt2 (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *cert_list</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> cert_list_size</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-typed-vdata-st" title="gnutls_typed_vdata_st"><span class="type">gnutls_typed_vdata_st</span></a> *data</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> elements</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *voutput</code></em>, + <em class="parameter"><code><span class="type">gnutls_verify_output_function</span> func</code></em>);</pre> +<p>This function will attempt to verify the given certificate chain and return +its status. The <em class="parameter"><code>voutput</code></em> + parameter will hold an OR'ed sequence of +<a class="link" href="gnutls-gnutls.html#gnutls-certificate-status-t" title="enum gnutls_certificate_status_t"><code class="literal">gnutls_certificate_status_t</code></a> flags.</p> +<p>When a certificate chain of <em class="parameter"><code>cert_list_size</code></em> + with more than one certificates is +provided, the verification status will apply to the first certificate in the chain +that failed verification. The verification process starts from the end of the chain +(from CA to end certificate). The first certificate in the chain must be the end-certificate +while the rest of the members may be sorted or not.</p> +<p>Additionally a certificate verification profile can be specified +from the ones in <a class="link" href="gnutls-x509.html#gnutls-certificate-verification-profiles-t" title="enum gnutls_certificate_verification_profiles_t"><code class="literal">gnutls_certificate_verification_profiles_t</code></a> by +ORing the result of <a class="link" href="gnutls-x509.html#GNUTLS-PROFILE-TO-VFLAGS:CAPS" title="GNUTLS_PROFILE_TO_VFLAGS()"><code class="function">GNUTLS_PROFILE_TO_VFLAGS()</code></a> to the verification +flags.</p> +<p>Additional verification parameters are possible via the <em class="parameter"><code>data</code></em> + types; the +acceptable types are <a class="link" href="gnutls-gnutls.html#GNUTLS-DT-DNS-HOSTNAME:CAPS"><code class="literal">GNUTLS_DT_DNS_HOSTNAME</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-DT-IP-ADDRESS:CAPS"><code class="literal">GNUTLS_DT_IP_ADDRESS</code></a> and <a class="link" href="gnutls-gnutls.html#GNUTLS-DT-KEY-PURPOSE-OID:CAPS"><code class="literal">GNUTLS_DT_KEY_PURPOSE_OID</code></a>. +The former accepts as data a null-terminated hostname, and the latter a null-terminated +object identifier (e.g., <a class="link" href="gnutls-x509.html#GNUTLS-KP-TLS-WWW-SERVER:CAPS" title="GNUTLS_KP_TLS_WWW_SERVER"><code class="literal">GNUTLS_KP_TLS_WWW_SERVER</code></a>). +If a DNS hostname is provided then this function will compare +the hostname in the end certificate against the given. If names do not match the +<a class="link" href="gnutls-gnutls.html#GNUTLS-CERT-UNEXPECTED-OWNER:CAPS"><code class="literal">GNUTLS_CERT_UNEXPECTED_OWNER</code></a> status flag will be set. In addition it +will consider certificates provided with <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-add-named-crt" title="gnutls_x509_trust_list_add_named_crt ()"><code class="function">gnutls_x509_trust_list_add_named_crt()</code></a>.</p> +<p>If a key purpose OID is provided and the end-certificate contains the extended key +usage PKIX extension, it will be required to match the provided OID +or be marked for any purpose, otherwise verification will fail with +<a class="link" href="gnutls-gnutls.html#GNUTLS-CERT-PURPOSE-MISMATCH:CAPS"><code class="literal">GNUTLS_CERT_PURPOSE_MISMATCH</code></a> status.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-verify-crt2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert_list</p></td> +<td class="parameter_description"><p>is the certificate list to be verified</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert_list_size</p></td> +<td class="parameter_description"><p>is the certificate list size</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>an array of typed data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>elements</p></td> +<td class="parameter_description"><p>the number of data elements</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>voutput</p></td> +<td class="parameter_description"><p>will hold the certificate verification output.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>func</p></td> +<td class="parameter_description"><p>If non-null will be called on each chain element verification with the output.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-verify-crt2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value. Note that verification failure will not result to an +error code, only <em class="parameter"><code>voutput</code></em> +will be updated.</p> +</div> +<p class="since">Since: 3.3.8</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-verify-crt"></a><h3>gnutls_x509_trust_list_verify_crt ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_verify_crt (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *cert_list</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> cert_list_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *verify</code></em>, + <em class="parameter"><code><span class="type">gnutls_verify_output_function</span> func</code></em>);</pre> +<p>This function will try to verify the given certificate and return +its status. The <em class="parameter"><code>voutput</code></em> + parameter will hold an OR'ed sequence of +<a class="link" href="gnutls-gnutls.html#gnutls-certificate-status-t" title="enum gnutls_certificate_status_t"><code class="literal">gnutls_certificate_status_t</code></a> flags.</p> +<p>The details of the verification are the same as in <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-verify-crt2" title="gnutls_x509_trust_list_verify_crt2 ()"><code class="function">gnutls_x509_trust_list_verify_crt2()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-verify-crt.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert_list</p></td> +<td class="parameter_description"><p>is the certificate list to be verified</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert_list_size</p></td> +<td class="parameter_description"><p>is the certificate list size</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>voutput</p></td> +<td class="parameter_description"><p>will hold the certificate verification output.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>func</p></td> +<td class="parameter_description"><p>If non-null will be called on each chain element verification with the output.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-verify-crt.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-add-trust-mem"></a><h3>gnutls_x509_trust_list_add_trust_mem ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_add_trust_mem (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *cas</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *crls</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> tl_flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> tl_vflags</code></em>);</pre> +<p>This function will add the given certificate authorities +to the trusted list. </p> +<p>If this function is used <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-deinit" title="gnutls_x509_trust_list_deinit ()"><code class="function">gnutls_x509_trust_list_deinit()</code></a> must be called +with parameter <em class="parameter"><code>all</code></em> + being 1.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-trust-mem.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cas</p></td> +<td class="parameter_description"><p>A buffer containing a list of CAs (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crls</p></td> +<td class="parameter_description"><p>A buffer containing a list of CRLs (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>The format of the certificates</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tl_flags</p></td> +<td class="parameter_description"><p>flags from <a class="link" href="gnutls-x509.html#gnutls-trust-list-flags-t" title="enum gnutls_trust_list_flags_t"><code class="literal">gnutls_trust_list_flags_t</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tl_vflags</p></td> +<td class="parameter_description"><p>gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-trust-mem.returns"></a><h4>Returns</h4> +<p> The number of added elements is returned.</p> +</div> +<p class="since">Since: 3.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-add-trust-file"></a><h3>gnutls_x509_trust_list_add_trust_file ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_add_trust_file (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *ca_file</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *crl_file</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> tl_flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> tl_vflags</code></em>);</pre> +<p>This function will add the given certificate authorities +to the trusted list. PKCS <span class="type">11</span> URLs are also accepted, instead +of files, by this function. A PKCS <span class="type">11</span> URL implies a trust +database (a specially marked module in p11-kit); the URL "pkcs11:" +implies all trust databases in the system. Only a single URL specifying +trust databases can be set; they cannot be stacked with multiple calls.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-trust-file.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ca_file</p></td> +<td class="parameter_description"><p>A file containing a list of CAs (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crl_file</p></td> +<td class="parameter_description"><p>A file containing a list of CRLs (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>The format of the certificates</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tl_flags</p></td> +<td class="parameter_description"><p>flags from <a class="link" href="gnutls-x509.html#gnutls-trust-list-flags-t" title="enum gnutls_trust_list_flags_t"><code class="literal">gnutls_trust_list_flags_t</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tl_vflags</p></td> +<td class="parameter_description"><p>gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-trust-file.returns"></a><h4>Returns</h4> +<p> The number of added elements is returned.</p> +</div> +<p class="since">Since: 3.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-add-trust-dir"></a><h3>gnutls_x509_trust_list_add_trust_dir ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_add_trust_dir (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *ca_dir</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *crl_dir</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> tl_flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> tl_vflags</code></em>);</pre> +<p>This function will add the given certificate authorities +to the trusted list. Only directories are accepted by +this function.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-trust-dir.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ca_dir</p></td> +<td class="parameter_description"><p>A directory containing the CAs (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crl_dir</p></td> +<td class="parameter_description"><p>A directory containing a list of CRLs (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>The format of the certificates</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tl_flags</p></td> +<td class="parameter_description"><p>flags from <a class="link" href="gnutls-x509.html#gnutls-trust-list-flags-t" title="enum gnutls_trust_list_flags_t"><code class="literal">gnutls_trust_list_flags_t</code></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tl_vflags</p></td> +<td class="parameter_description"><p>gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-trust-dir.returns"></a><h4>Returns</h4> +<p> The number of added elements is returned.</p> +</div> +<p class="since">Since: 3.3.6</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-remove-trust-file"></a><h3>gnutls_x509_trust_list_remove_trust_file ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_remove_trust_file + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *ca_file</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>);</pre> +<p>This function will remove the given certificate authorities +from the trusted list, and add them into a black list when needed. +PKCS 11 URLs are also accepted, instead +of files, by this function.</p> +<p>See also <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-remove-cas" title="gnutls_x509_trust_list_remove_cas ()"><code class="function">gnutls_x509_trust_list_remove_cas()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-remove-trust-file.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ca_file</p></td> +<td class="parameter_description"><p>A file containing a list of CAs</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>The format of the certificates</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-remove-trust-file.returns"></a><h4>Returns</h4> +<p> The number of added elements is returned.</p> +</div> +<p class="since">Since: 3.1.10</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-remove-trust-mem"></a><h3>gnutls_x509_trust_list_remove_trust_mem ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_remove_trust_mem + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *cas</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>);</pre> +<p>This function will remove the provided certificate authorities +from the trusted list, and add them into a black list when needed. </p> +<p>See also <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-remove-cas" title="gnutls_x509_trust_list_remove_cas ()"><code class="function">gnutls_x509_trust_list_remove_cas()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-remove-trust-mem.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cas</p></td> +<td class="parameter_description"><p>A buffer containing a list of CAs (optional)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>The format of the certificates</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-remove-trust-mem.returns"></a><h4>Returns</h4> +<p> The number of removed elements is returned.</p> +</div> +<p class="since">Since: 3.1.10</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-add-system-trust"></a><h3>gnutls_x509_trust_list_add_system_trust ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_trust_list_add_system_trust + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> list</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> tl_flags</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> tl_vflags</code></em>);</pre> +<p>This function adds the system's default trusted certificate +authorities to the trusted list. Note that on unsupported systems +this function returns <a class="link" href="gnutls-gnutls.html#GNUTLS-E-UNIMPLEMENTED-FEATURE:CAPS" title="GNUTLS_E_UNIMPLEMENTED_FEATURE"><code class="literal">GNUTLS_E_UNIMPLEMENTED_FEATURE</code></a>.</p> +<p>This function implies the flag <a class="link" href="gnutls-x509.html#GNUTLS-TL-NO-DUPLICATES:CAPS"><code class="literal">GNUTLS_TL_NO_DUPLICATES</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-system-trust.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>list</p></td> +<td class="parameter_description"><p>The structure of the list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tl_flags</p></td> +<td class="parameter_description"><p>GNUTLS_TL_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tl_vflags</p></td> +<td class="parameter_description"><p>gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-add-system-trust.returns"></a><h4>Returns</h4> +<p> The number of added elements or a negative error code on error.</p> +</div> +<p class="since">Since: 3.1</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-set-getissuer-function"></a><h3>gnutls_x509_trust_list_set_getissuer_function ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_trust_list_set_getissuer_function + (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> tlist</code></em>, + <em class="parameter"><code><span class="type">gnutls_x509_trust_list_getissuer_function</span> *func</code></em>);</pre> +<p>This function sets a callback to be called when the peer's certificate +chain is incomplete due a missing intermediate certificate. The callback +may provide the missing certificate for use during verification.</p> +<p>The callback's function prototype is defined in gnutls/x509.h as:</p> +<p> int (*callback)(gnutls_x509_trust_list_t list, + const gnutls_x509_crt_t cert, + gnutls_x509_crt_t **issuers, + unsigned int *issuers_size);</p> +<p>If the callback function is provided then gnutls will call it during the +certificate verification procedure. The callback may wish to use +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-authority-info-access" title="gnutls_x509_crt_get_authority_info_access ()"><code class="function">gnutls_x509_crt_get_authority_info_access()</code></a> to get a URI from which +to attempt to download the missing issuer certificate, if available.</p> +<p>On a successful call, the callback shall allocate the 'issuers' array with +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-list-import2" title="gnutls_x509_crt_list_import2 ()"><code class="function">gnutls_x509_crt_list_import2()</code></a>. The ownership of both the array and the +elements is transferred to the caller and thus the application does not need +to maintain the memory after the call.</p> +<p>The callback function should return 0 if the missing issuer certificate +for 'crt' was properly populated and added to the 'issuers', or non-zero +to continue the certificate list verification but with issuer as <code class="literal">NULL</code>.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-set-getissuer-function.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>tlist</p></td> +<td class="parameter_description"><p>is a <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> type.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>func</p></td> +<td class="parameter_description"><p>is the callback function</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.7.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-set-ptr"></a><h3>gnutls_x509_trust_list_set_ptr ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_trust_list_set_ptr (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> tlist</code></em>, + <em class="parameter"><code><span class="type">void</span> *ptr</code></em>);</pre> +<p>This function will set (associate) the user given pointer <em class="parameter"><code>ptr</code></em> + to +the tlist structure. This pointer can be accessed with +<a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-get-ptr" title="gnutls_x509_trust_list_get_ptr ()"><code class="function">gnutls_x509_trust_list_get_ptr()</code></a>. Useful in the callback function +gnutls_x509_trust_list_set_getissuer_function.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-set-ptr.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>tlist</p></td> +<td class="parameter_description"><p>is a <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> type.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ptr</p></td> +<td class="parameter_description"><p>is the user pointer</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.7.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-get-ptr"></a><h3>gnutls_x509_trust_list_get_ptr ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> * +gnutls_x509_trust_list_get_ptr (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> tlist</code></em>);</pre> +<p>Get user pointer for tlist. Useful in callback function +gnutls_x509_trust_list_set_getissuer_function. +This is the pointer set with <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-set-ptr" title="gnutls_x509_trust_list_set_ptr ()"><code class="function">gnutls_x509_trust_list_set_ptr()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-get-ptr.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>tlist</p></td> +<td class="parameter_description"><p>is a <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> type.</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-trust-list-get-ptr.returns"></a><h4>Returns</h4> +<p> the user given pointer from the tlist structure, or +<code class="literal">NULL</code> if it was never set.</p> +</div> +<p class="since">Since: 3.7.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-certificate-set-trust-list"></a><h3>gnutls_certificate_set_trust_list ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_certificate_set_trust_list (<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> res</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> tlist</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function sets a trust list in the gnutls_certificate_credentials_t type.</p> +<p>Note that the <em class="parameter"><code>tlist</code></em> + will become part of the credentials +structure and must not be deallocated. It will be automatically deallocated +when the <em class="parameter"><code>res</code></em> + structure is deinitialized.</p> +<div class="refsect3"> +<a name="gnutls-certificate-set-trust-list.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>res</p></td> +<td class="parameter_description"><p>is a <span class="type">gnutls_certificate_credentials_t</span> type.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tlist</p></td> +<td class="parameter_description"><p>is a <a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.2.2</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-certificate-get-trust-list"></a><h3>gnutls_certificate_get_trust_list ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_certificate_get_trust_list (<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> res</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-trust-list-t" title="gnutls_x509_trust_list_t"><span class="type">gnutls_x509_trust_list_t</span></a> *tlist</code></em>);</pre> +<p>Obtains the list of trusted certificates stored in <em class="parameter"><code>res</code></em> + and writes a +pointer to it to the location <em class="parameter"><code>tlist</code></em> +. The pointer will point to memory +internal to <em class="parameter"><code>res</code></em> +, and must not be deinitialized. It will be automatically +deallocated when the <em class="parameter"><code>res</code></em> + structure is deinitialized.</p> +<div class="refsect3"> +<a name="gnutls-certificate-get-trust-list.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>res</p></td> +<td class="parameter_description"><p>is a <span class="type">gnutls_certificate_credentials_t</span> type.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>tlist</p></td> +<td class="parameter_description"><p>Location where to store the trust list.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-ext-deinit"></a><h3>gnutls_x509_ext_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_x509_ext_deinit (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-ext-st" title="gnutls_x509_ext_st"><span class="type">gnutls_x509_ext_st</span></a> *ext</code></em>);</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-ext-print"></a><h3>gnutls_x509_ext_print ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_ext_print (<em class="parameter"><code><a class="link" href="gnutls-x509.html#gnutls-x509-ext-st" title="gnutls_x509_ext_st"><span class="type">gnutls_x509_ext_st</span></a> *exts</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> exts_size</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-certificate-print-formats-t" title="enum gnutls_certificate_print_formats_t"><span class="type">gnutls_certificate_print_formats_t</span></a> format</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will pretty print X.509 certificate extensions, +suitable for display to a human.</p> +<p>The output <em class="parameter"><code>out</code></em> + needs to be deallocated using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-x509-ext-print.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>exts</p></td> +<td class="parameter_description"><p>The data to be printed</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>exts_size</p></td> +<td class="parameter_description"><p>the number of available structures</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>format</p></td> +<td class="parameter_description"><p>Indicate the format to use</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>Newly allocated datum with null terminated string.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-ext-print.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +</div> +<div class="refsect1"> +<a name="gnutls-x509.other_details"></a><h2>Types and Values</h2> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-COUNTRY-NAME:CAPS"></a><h3>GNUTLS_OID_X520_COUNTRY_NAME</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_COUNTRY_NAME "2.5.4.6" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-ORGANIZATION-NAME:CAPS"></a><h3>GNUTLS_OID_X520_ORGANIZATION_NAME</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_ORGANIZATION_NAME "2.5.4.10" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-ORGANIZATIONAL-UNIT-NAME:CAPS"></a><h3>GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME "2.5.4.11" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-COMMON-NAME:CAPS"></a><h3>GNUTLS_OID_X520_COMMON_NAME</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_COMMON_NAME "2.5.4.3" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-LOCALITY-NAME:CAPS"></a><h3>GNUTLS_OID_X520_LOCALITY_NAME</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_LOCALITY_NAME "2.5.4.7" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-STATE-OR-PROVINCE-NAME:CAPS"></a><h3>GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME "2.5.4.8" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-INITIALS:CAPS"></a><h3>GNUTLS_OID_X520_INITIALS</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_INITIALS "2.5.4.43" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-GENERATION-QUALIFIER:CAPS"></a><h3>GNUTLS_OID_X520_GENERATION_QUALIFIER</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_GENERATION_QUALIFIER "2.5.4.44" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-SURNAME:CAPS"></a><h3>GNUTLS_OID_X520_SURNAME</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_SURNAME "2.5.4.4" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-GIVEN-NAME:CAPS"></a><h3>GNUTLS_OID_X520_GIVEN_NAME</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_GIVEN_NAME "2.5.4.42" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-TITLE:CAPS"></a><h3>GNUTLS_OID_X520_TITLE</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_TITLE "2.5.4.12" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-DN-QUALIFIER:CAPS"></a><h3>GNUTLS_OID_X520_DN_QUALIFIER</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_DN_QUALIFIER "2.5.4.46" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-PSEUDONYM:CAPS"></a><h3>GNUTLS_OID_X520_PSEUDONYM</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_PSEUDONYM "2.5.4.65" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-POSTALCODE:CAPS"></a><h3>GNUTLS_OID_X520_POSTALCODE</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_POSTALCODE "2.5.4.17" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-X520-NAME:CAPS"></a><h3>GNUTLS_OID_X520_NAME</h3> +<pre class="programlisting">#define GNUTLS_OID_X520_NAME "2.5.4.41" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-LDAP-DC:CAPS"></a><h3>GNUTLS_OID_LDAP_DC</h3> +<pre class="programlisting">#define GNUTLS_OID_LDAP_DC "0.9.2342.19200300.100.1.25" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-LDAP-UID:CAPS"></a><h3>GNUTLS_OID_LDAP_UID</h3> +<pre class="programlisting">#define GNUTLS_OID_LDAP_UID "0.9.2342.19200300.100.1.1" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-PKCS9-EMAIL:CAPS"></a><h3>GNUTLS_OID_PKCS9_EMAIL</h3> +<pre class="programlisting">#define GNUTLS_OID_PKCS9_EMAIL "1.2.840.113549.1.9.1" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-PKIX-DATE-OF-BIRTH:CAPS"></a><h3>GNUTLS_OID_PKIX_DATE_OF_BIRTH</h3> +<pre class="programlisting">#define GNUTLS_OID_PKIX_DATE_OF_BIRTH "1.3.6.1.5.5.7.9.1" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-PKIX-PLACE-OF-BIRTH:CAPS"></a><h3>GNUTLS_OID_PKIX_PLACE_OF_BIRTH</h3> +<pre class="programlisting">#define GNUTLS_OID_PKIX_PLACE_OF_BIRTH "1.3.6.1.5.5.7.9.2" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-PKIX-GENDER:CAPS"></a><h3>GNUTLS_OID_PKIX_GENDER</h3> +<pre class="programlisting">#define GNUTLS_OID_PKIX_GENDER "1.3.6.1.5.5.7.9.3" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-PKIX-COUNTRY-OF-CITIZENSHIP:CAPS"></a><h3>GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP</h3> +<pre class="programlisting">#define GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP "1.3.6.1.5.5.7.9.4" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-PKIX-COUNTRY-OF-RESIDENCE:CAPS"></a><h3>GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE</h3> +<pre class="programlisting">#define GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE "1.3.6.1.5.5.7.9.5" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-KP-TLS-WWW-SERVER:CAPS"></a><h3>GNUTLS_KP_TLS_WWW_SERVER</h3> +<pre class="programlisting">#define GNUTLS_KP_TLS_WWW_SERVER "1.3.6.1.5.5.7.3.1" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-KP-TLS-WWW-CLIENT:CAPS"></a><h3>GNUTLS_KP_TLS_WWW_CLIENT</h3> +<pre class="programlisting">#define GNUTLS_KP_TLS_WWW_CLIENT "1.3.6.1.5.5.7.3.2" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-KP-CODE-SIGNING:CAPS"></a><h3>GNUTLS_KP_CODE_SIGNING</h3> +<pre class="programlisting">#define GNUTLS_KP_CODE_SIGNING "1.3.6.1.5.5.7.3.3" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-KP-MS-SMART-CARD-LOGON:CAPS"></a><h3>GNUTLS_KP_MS_SMART_CARD_LOGON</h3> +<pre class="programlisting">#define GNUTLS_KP_MS_SMART_CARD_LOGON "1.3.6.1.4.1.311.20.2.2" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-KP-EMAIL-PROTECTION:CAPS"></a><h3>GNUTLS_KP_EMAIL_PROTECTION</h3> +<pre class="programlisting">#define GNUTLS_KP_EMAIL_PROTECTION "1.3.6.1.5.5.7.3.4" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-KP-TIME-STAMPING:CAPS"></a><h3>GNUTLS_KP_TIME_STAMPING</h3> +<pre class="programlisting">#define GNUTLS_KP_TIME_STAMPING "1.3.6.1.5.5.7.3.8" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-KP-OCSP-SIGNING:CAPS"></a><h3>GNUTLS_KP_OCSP_SIGNING</h3> +<pre class="programlisting">#define GNUTLS_KP_OCSP_SIGNING "1.3.6.1.5.5.7.3.9" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-KP-IPSEC-IKE:CAPS"></a><h3>GNUTLS_KP_IPSEC_IKE</h3> +<pre class="programlisting">#define GNUTLS_KP_IPSEC_IKE "1.3.6.1.5.5.7.3.17" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-KP-ANY:CAPS"></a><h3>GNUTLS_KP_ANY</h3> +<pre class="programlisting">#define GNUTLS_KP_ANY "2.5.29.37.0" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-KP-FLAG-DISALLOW-ANY:CAPS"></a><h3>GNUTLS_KP_FLAG_DISALLOW_ANY</h3> +<pre class="programlisting">#define GNUTLS_KP_FLAG_DISALLOW_ANY 1 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-AIA:CAPS"></a><h3>GNUTLS_OID_AIA</h3> +<pre class="programlisting">#define GNUTLS_OID_AIA "1.3.6.1.5.5.7.1.1" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-AD-OCSP:CAPS"></a><h3>GNUTLS_OID_AD_OCSP</h3> +<pre class="programlisting">#define GNUTLS_OID_AD_OCSP "1.3.6.1.5.5.7.48.1" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-OID-AD-CAISSUERS:CAPS"></a><h3>GNUTLS_OID_AD_CAISSUERS</h3> +<pre class="programlisting">#define GNUTLS_OID_AD_CAISSUERS "1.3.6.1.5.5.7.48.2" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-FSAN-SET:CAPS"></a><h3>GNUTLS_FSAN_SET</h3> +<pre class="programlisting">#define GNUTLS_FSAN_SET 0 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-FSAN-APPEND:CAPS"></a><h3>GNUTLS_FSAN_APPEND</h3> +<pre class="programlisting">#define GNUTLS_FSAN_APPEND 1 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-FSAN-ENCODE-OCTET-STRING:CAPS"></a><h3>GNUTLS_FSAN_ENCODE_OCTET_STRING</h3> +<pre class="programlisting">#define GNUTLS_FSAN_ENCODE_OCTET_STRING (1<<1) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-FSAN-ENCODE-UTF8-STRING:CAPS"></a><h3>GNUTLS_FSAN_ENCODE_UTF8_STRING</h3> +<pre class="programlisting">#define GNUTLS_FSAN_ENCODE_UTF8_STRING (1<<2) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-SUBJECT-KEY-ID:CAPS"></a><h3>GNUTLS_X509EXT_OID_SUBJECT_KEY_ID</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_SUBJECT_KEY_ID "2.5.29.14" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-KEY-USAGE:CAPS"></a><h3>GNUTLS_X509EXT_OID_KEY_USAGE</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_KEY_USAGE "2.5.29.15" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-PRIVATE-KEY-USAGE-PERIOD:CAPS"></a><h3>GNUTLS_X509EXT_OID_PRIVATE_KEY_USAGE_PERIOD</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_PRIVATE_KEY_USAGE_PERIOD "2.5.29.16" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-SAN:CAPS"></a><h3>GNUTLS_X509EXT_OID_SAN</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_SAN "2.5.29.17" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-IAN:CAPS"></a><h3>GNUTLS_X509EXT_OID_IAN</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_IAN "2.5.29.18" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-BASIC-CONSTRAINTS:CAPS"></a><h3>GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS "2.5.29.19" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-NAME-CONSTRAINTS:CAPS"></a><h3>GNUTLS_X509EXT_OID_NAME_CONSTRAINTS</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_NAME_CONSTRAINTS "2.5.29.30" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-CRL-DIST-POINTS:CAPS"></a><h3>GNUTLS_X509EXT_OID_CRL_DIST_POINTS</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_CRL_DIST_POINTS "2.5.29.31" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-CRT-POLICY:CAPS"></a><h3>GNUTLS_X509EXT_OID_CRT_POLICY</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_CRT_POLICY "2.5.29.32" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-AUTHORITY-KEY-ID:CAPS"></a><h3>GNUTLS_X509EXT_OID_AUTHORITY_KEY_ID</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_AUTHORITY_KEY_ID "2.5.29.35" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-EXTENDED-KEY-USAGE:CAPS"></a><h3>GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE "2.5.29.37" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-INHIBIT-ANYPOLICY:CAPS"></a><h3>GNUTLS_X509EXT_OID_INHIBIT_ANYPOLICY</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_INHIBIT_ANYPOLICY "2.5.29.52" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-AUTHORITY-INFO-ACCESS:CAPS"></a><h3>GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS "1.3.6.1.5.5.7.1.1" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-PROXY-CRT-INFO:CAPS"></a><h3>GNUTLS_X509EXT_OID_PROXY_CRT_INFO</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_PROXY_CRT_INFO "1.3.6.1.5.5.7.1.14" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-TLSFEATURES:CAPS"></a><h3>GNUTLS_X509EXT_OID_TLSFEATURES</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_TLSFEATURES "1.3.6.1.5.5.7.1.24" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509EXT-OID-CT-SCT-V1:CAPS"></a><h3>GNUTLS_X509EXT_OID_CT_SCT_V1</h3> +<pre class="programlisting">#define GNUTLS_X509EXT_OID_CT_SCT_V1 "1.3.6.1.4.1.11129.2.4.2" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509-OID-POLICY-ANY:CAPS"></a><h3>GNUTLS_X509_OID_POLICY_ANY</h3> +<pre class="programlisting">#define GNUTLS_X509_OID_POLICY_ANY "2.5.29.54" +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-certificate-import-flags"></a><h3>enum gnutls_certificate_import_flags</h3> +<p>Enumeration of different certificate flags.</p> +<div class="refsect3"> +<a name="gnutls-certificate-import-flags.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-X509-CRT-LIST-IMPORT-FAIL-IF-EXCEED:CAPS"></a>GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED</p></td> +<td> </td> +<td> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-X509-CRT-LIST-FAIL-IF-UNSORTED:CAPS"></a>GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED</p></td> +<td> </td> +<td> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-X509-CRT-LIST-SORT:CAPS"></a>GNUTLS_X509_CRT_LIST_SORT</p></td> +<td> </td> +<td> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-flags"></a><h3>enum gnutls_x509_crt_flags</h3> +<div class="refsect3"> +<a name="gnutls-x509-crt-flags.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody><tr> +<td class="enum_member_name"><p><a name="GNUTLS-X509-CRT-FLAG-IGNORE-SANITY:CAPS"></a>GNUTLS_X509_CRT_FLAG_IGNORE_SANITY</p></td> +<td> </td> +<td> </td> +</tr></tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-keyid-flags-t"></a><h3>enum gnutls_keyid_flags_t</h3> +<p>Enumeration of different flags for the key ID functions.</p> +<div class="refsect3"> +<a name="gnutls-keyid-flags-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-KEYID-USE-SHA1:CAPS"></a>GNUTLS_KEYID_USE_SHA1</p></td> +<td class="enum_member_description"> +<p>Use SHA1 as the key ID algorithm (default).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-KEYID-USE-SHA256:CAPS"></a>GNUTLS_KEYID_USE_SHA256</p></td> +<td class="enum_member_description"> +<p>Use SHA256 as the key ID algorithm.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-KEYID-USE-SHA512:CAPS"></a>GNUTLS_KEYID_USE_SHA512</p></td> +<td class="enum_member_description"> +<p>Use SHA512 as the key ID algorithm.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-KEYID-USE-BEST-KNOWN:CAPS"></a>GNUTLS_KEYID_USE_BEST_KNOWN</p></td> +<td class="enum_member_description"> +<p>Use the best known algorithm to calculate key ID. Using that option will make your program behavior depend on the version of gnutls linked with. That option has a cap of 64-bytes key IDs.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-info-access-what-t"></a><h3>enum gnutls_info_access_what_t</h3> +<p>Enumeration of types for the <em class="parameter"><code>what</code></em> + parameter of +<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-authority-info-access" title="gnutls_x509_crt_get_authority_info_access ()"><code class="function">gnutls_x509_crt_get_authority_info_access()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-info-access-what-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-IA-ACCESSMETHOD-OID:CAPS"></a>GNUTLS_IA_ACCESSMETHOD_OID</p></td> +<td class="enum_member_description"> +<p>Get accessMethod OID.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-IA-ACCESSLOCATION-GENERALNAME-TYPE:CAPS"></a>GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE</p></td> +<td class="enum_member_description"> +<p>Get accessLocation name type.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-IA-URI:CAPS"></a>GNUTLS_IA_URI</p></td> +<td class="enum_member_description"> +<p>Get accessLocation URI value.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-IA-UNKNOWN:CAPS"></a>GNUTLS_IA_UNKNOWN</p></td> +<td> </td> +<td> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-IA-OCSP-URI:CAPS"></a>GNUTLS_IA_OCSP_URI</p></td> +<td class="enum_member_description"> +<p>get accessLocation URI value for OCSP.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-IA-CAISSUERS-URI:CAPS"></a>GNUTLS_IA_CAISSUERS_URI</p></td> +<td class="enum_member_description"> +<p>get accessLocation URI value for caIssuers.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-name-constraints-t"></a><h3>gnutls_x509_name_constraints_t</h3> +<pre class="programlisting">typedef struct gnutls_name_constraints_st *gnutls_x509_name_constraints_t; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-EXT-FLAG-APPEND:CAPS"></a><h3>GNUTLS_EXT_FLAG_APPEND</h3> +<pre class="programlisting">#define GNUTLS_EXT_FLAG_APPEND 1 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-NAME-CONSTRAINTS-FLAG-APPEND:CAPS"></a><h3>GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND</h3> +<pre class="programlisting">#define GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND GNUTLS_EXT_FLAG_APPEND +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-CRL-REASON-SUPERSEEDED:CAPS"></a><h3>GNUTLS_CRL_REASON_SUPERSEEDED</h3> +<pre class="programlisting">#define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED, +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-reason-flags-t"></a><h3>enum gnutls_x509_crl_reason_flags_t</h3> +<p>Enumeration of types for the CRL revocation reasons.</p> +<div class="refsect3"> +<a name="gnutls-x509-crl-reason-flags-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-CRL-REASON-UNSPECIFIED:CAPS"></a>GNUTLS_CRL_REASON_UNSPECIFIED</p></td> +<td> </td> +<td> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-CRL-REASON-PRIVILEGE-WITHDRAWN:CAPS"></a>GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN</p></td> +<td class="enum_member_description"> +<p>The privileges were withdrawn from the owner.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-CRL-REASON-CERTIFICATE-HOLD:CAPS"></a>GNUTLS_CRL_REASON_CERTIFICATE_HOLD</p></td> +<td class="enum_member_description"> +<p>The certificate is on hold.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-CRL-REASON-CESSATION-OF-OPERATION:CAPS"></a>GNUTLS_CRL_REASON_CESSATION_OF_OPERATION</p></td> +<td class="enum_member_description"> +<p>The end-entity is no longer operating.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-CRL-REASON-SUPERSEDED:CAPS"></a>GNUTLS_CRL_REASON_SUPERSEDED</p></td> +<td class="enum_member_description"> +<p>There is a newer certificate of the owner.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-CRL-REASON-AFFILIATION-CHANGED:CAPS"></a>GNUTLS_CRL_REASON_AFFILIATION_CHANGED</p></td> +<td class="enum_member_description"> +<p>The end-entity affiliation has changed.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-CRL-REASON-CA-COMPROMISE:CAPS"></a>GNUTLS_CRL_REASON_CA_COMPROMISE</p></td> +<td class="enum_member_description"> +<p>The CA was compromised.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-CRL-REASON-KEY-COMPROMISE:CAPS"></a>GNUTLS_CRL_REASON_KEY_COMPROMISE</p></td> +<td class="enum_member_description"> +<p>The certificate's key was compromised.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-CRL-REASON-UNUSED:CAPS"></a>GNUTLS_CRL_REASON_UNUSED</p></td> +<td class="enum_member_description"> +<p>The key was never used.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-CRL-REASON-AA-COMPROMISE:CAPS"></a>GNUTLS_CRL_REASON_AA_COMPROMISE</p></td> +<td class="enum_member_description"> +<p>AA compromised.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509-NO-WELL-DEFINED-EXPIRATION:CAPS"></a><h3>GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION</h3> +<pre class="programlisting">#define GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION ((time_t)4294197631) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-spki-t"></a><h3>gnutls_x509_spki_t</h3> +<pre class="programlisting">typedef struct gnutls_x509_spki_st *gnutls_x509_spki_t; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-tlsfeatures-t"></a><h3>gnutls_x509_tlsfeatures_t</h3> +<pre class="programlisting">typedef struct gnutls_x509_tlsfeatures_st *gnutls_x509_tlsfeatures_t; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-MAX-QUALIFIERS:CAPS"></a><h3>GNUTLS_MAX_QUALIFIERS</h3> +<pre class="programlisting">#define GNUTLS_MAX_QUALIFIERS 8 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-qualifier-t"></a><h3>enum gnutls_x509_qualifier_t</h3> +<p>Enumeration of types for the X.509 qualifiers, of the certificate policy extension.</p> +<div class="refsect3"> +<a name="gnutls-x509-qualifier-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-X509-QUALIFIER-UNKNOWN:CAPS"></a>GNUTLS_X509_QUALIFIER_UNKNOWN</p></td> +<td class="enum_member_description"> +<p>Unknown qualifier.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-X509-QUALIFIER-URI:CAPS"></a>GNUTLS_X509_QUALIFIER_URI</p></td> +<td class="enum_member_description"> +<p>A URL</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-X509-QUALIFIER-NOTICE:CAPS"></a>GNUTLS_X509_QUALIFIER_NOTICE</p></td> +<td> </td> +<td> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-policy-st"></a><h3>gnutls_x509_policy_st</h3> +<pre class="programlisting">typedef struct { + char *oid; + unsigned int qualifiers; + struct { + gnutls_x509_qualifier_t type; + char *data; + unsigned int size; + } qualifier[GNUTLS_MAX_QUALIFIERS]; +} gnutls_x509_policy_st; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509-DN-OID-RETURN-OID:CAPS"></a><h3>GNUTLS_X509_DN_OID_RETURN_OID</h3> +<pre class="programlisting">#define GNUTLS_X509_DN_OID_RETURN_OID 1 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-dn-t"></a><h3>gnutls_x509_dn_t</h3> +<pre class="programlisting">typedef struct gnutls_x509_dn_st *gnutls_x509_dn_t; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-ava-st"></a><h3>gnutls_x509_ava_st</h3> +<pre class="programlisting">typedef struct { + gnutls_datum_t oid; + gnutls_datum_t value; + unsigned long value_tag; +} gnutls_x509_ava_st; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-X509-DN-FLAG-COMPAT:CAPS"></a><h3>GNUTLS_X509_DN_FLAG_COMPAT</h3> +<pre class="programlisting">#define GNUTLS_X509_DN_FLAG_COMPAT 1 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-iter-t"></a><h3>gnutls_x509_crl_iter_t</h3> +<pre class="programlisting">typedef struct gnutls_x509_crl_iter * gnutls_x509_crl_iter_t; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-certificate-count"></a><h3>gnutls_x509_crl_get_certificate_count</h3> +<pre class="programlisting">#define gnutls_x509_crl_get_certificate_count gnutls_x509_crl_get_crt_count +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crl-get-certificate"></a><h3>gnutls_x509_crl_get_certificate</h3> +<pre class="programlisting">#define gnutls_x509_crl_get_certificate gnutls_x509_crl_get_crt_serial +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-certificate-verify-flags"></a><h3>enum gnutls_certificate_verify_flags</h3> +<p>Enumeration of different certificate verify flags. Additional +verification profiles can be set using <a class="link" href="gnutls-x509.html#GNUTLS-PROFILE-TO-VFLAGS:CAPS" title="GNUTLS_PROFILE_TO_VFLAGS()"><code class="function">GNUTLS_PROFILE_TO_VFLAGS()</code></a> +and <a class="link" href="gnutls-x509.html#gnutls-certificate-verification-profiles-t" title="enum gnutls_certificate_verification_profiles_t"><code class="literal">gnutls_certificate_verification_profiles_t</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-certificate-verify-flags.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-DISABLE-CA-SIGN:CAPS"></a>GNUTLS_VERIFY_DISABLE_CA_SIGN</p></td> +<td class="enum_member_description"> +<p>If set a signer does not have to be +a certificate authority. This flag should normally be disabled, +unless you know what this means.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-DO-NOT-ALLOW-IP-MATCHES:CAPS"></a>GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES</p></td> +<td class="enum_member_description"> +<p>When verifying a hostname +prevent textual IP addresses from matching IP addresses in the +certificate. Treat the input only as a DNS name.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-DO-NOT-ALLOW-SAME:CAPS"></a>GNUTLS_VERIFY_DO_NOT_ALLOW_SAME</p></td> +<td class="enum_member_description"> +<p>If a certificate is not signed by +anyone trusted but exists in the trusted CA list do not treat it +as trusted.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-ALLOW-ANY-X509-V1-CA-CRT:CAPS"></a>GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT</p></td> +<td class="enum_member_description"> +<p>Allow CA certificates that +have version 1 (both root and intermediate). This might be +dangerous since those haven't the basicConstraints +extension. </p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-ALLOW-SIGN-RSA-MD2:CAPS"></a>GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2</p></td> +<td class="enum_member_description"> +<p>Allow certificates to be signed +using the broken MD2 algorithm.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-ALLOW-SIGN-RSA-MD5:CAPS"></a>GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5</p></td> +<td class="enum_member_description"> +<p>Allow certificates to be signed +using the broken MD5 algorithm.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-DISABLE-TIME-CHECKS:CAPS"></a>GNUTLS_VERIFY_DISABLE_TIME_CHECKS</p></td> +<td class="enum_member_description"> +<p>Disable checking of activation +and expiration validity periods of certificate chains. Don't set +this unless you understand the security implications.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-DISABLE-TRUSTED-TIME-CHECKS:CAPS"></a>GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS</p></td> +<td class="enum_member_description"> +<p>If set a signer in the trusted +list is never checked for expiration or activation.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-DO-NOT-ALLOW-X509-V1-CA-CRT:CAPS"></a>GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT</p></td> +<td class="enum_member_description"> +<p>Do not allow trusted CA +certificates that have version 1. This option is to be used +to deprecate all certificates of version 1.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-DISABLE-CRL-CHECKS:CAPS"></a>GNUTLS_VERIFY_DISABLE_CRL_CHECKS</p></td> +<td class="enum_member_description"> +<p>Disable checking for validity +using certificate revocation lists or the available OCSP data.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-ALLOW-UNSORTED-CHAIN:CAPS"></a>GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN</p></td> +<td class="enum_member_description"> +<p>A certificate chain is tolerated +if unsorted (the case with many TLS servers out there). This is the +default since GnuTLS 3.1.4.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-DO-NOT-ALLOW-UNSORTED-CHAIN:CAPS"></a>GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN</p></td> +<td class="enum_member_description"> +<p>Do not tolerate an unsorted +certificate chain.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-DO-NOT-ALLOW-WILDCARDS:CAPS"></a>GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS</p></td> +<td class="enum_member_description"> +<p>When including a hostname +check in the verification, do not consider any wildcards.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-USE-TLS1-RSA:CAPS"></a>GNUTLS_VERIFY_USE_TLS1_RSA</p></td> +<td class="enum_member_description"> +<p>This indicates that a (raw) RSA signature is provided +as in the TLS 1.0 protocol. Not all functions accept this flag.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-IGNORE-UNKNOWN-CRIT-EXTENSIONS:CAPS"></a>GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS</p></td> +<td class="enum_member_description"> +<p>This signals the verification +process, not to fail on unknown critical extensions.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-ALLOW-SIGN-WITH-SHA1:CAPS"></a>GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1</p></td> +<td class="enum_member_description"> +<p>Allow certificates to be signed +using the broken SHA1 hash algorithm.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-VERIFY-RSA-PSS-FIXED-SALT-LENGTH:CAPS"></a>GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH</p></td> +<td class="enum_member_description"> +<p>Disallow RSA-PSS signatures made +with mismatching salt length with digest length, as mandated in RFC 8446 +4.2.3.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-VERIFY-ALLOW-BROKEN:CAPS"></a><h3>GNUTLS_VERIFY_ALLOW_BROKEN</h3> +<pre class="programlisting">#define GNUTLS_VERIFY_ALLOW_BROKEN (GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2|GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-certificate-verification-profiles-t"></a><h3>enum gnutls_certificate_verification_profiles_t</h3> +<p>Enumeration of different certificate verification profiles.</p> +<div class="refsect3"> +<a name="gnutls-certificate-verification-profiles-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PROFILE-UNKNOWN:CAPS"></a>GNUTLS_PROFILE_UNKNOWN</p></td> +<td class="enum_member_description"> +<p>An invalid/unknown profile.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PROFILE-VERY-WEAK:CAPS"></a>GNUTLS_PROFILE_VERY_WEAK</p></td> +<td class="enum_member_description"> +<p>A verification profile that +corresponds to <em class="parameter"><code>GNUTLS_SEC_PARAM_VERY_WEAK</code></em> + (64 bits)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PROFILE-LOW:CAPS"></a>GNUTLS_PROFILE_LOW</p></td> +<td class="enum_member_description"> +<p>A verification profile that +corresponds to <em class="parameter"><code>GNUTLS_SEC_PARAM_LOW</code></em> + (80 bits)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PROFILE-LEGACY:CAPS"></a>GNUTLS_PROFILE_LEGACY</p></td> +<td class="enum_member_description"> +<p>A verification profile that +corresponds to <em class="parameter"><code>GNUTLS_SEC_PARAM_LEGACY</code></em> + (96 bits)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PROFILE-MEDIUM:CAPS"></a>GNUTLS_PROFILE_MEDIUM</p></td> +<td class="enum_member_description"> +<p>A verification profile that +corresponds to <em class="parameter"><code>GNUTLS_SEC_PARAM_MEDIUM</code></em> + (112 bits)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PROFILE-HIGH:CAPS"></a>GNUTLS_PROFILE_HIGH</p></td> +<td class="enum_member_description"> +<p>A verification profile that +corresponds to <em class="parameter"><code>GNUTLS_SEC_PARAM_HIGH</code></em> + (128 bits)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PROFILE-ULTRA:CAPS"></a>GNUTLS_PROFILE_ULTRA</p></td> +<td class="enum_member_description"> +<p>A verification profile that +corresponds to <em class="parameter"><code>GNUTLS_SEC_PARAM_ULTRA</code></em> + (192 bits)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PROFILE-FUTURE:CAPS"></a>GNUTLS_PROFILE_FUTURE</p></td> +<td class="enum_member_description"> +<p>A verification profile that +corresponds to <em class="parameter"><code>GNUTLS_SEC_PARAM_FUTURE</code></em> + (256 bits)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PROFILE-SUITEB128:CAPS"></a>GNUTLS_PROFILE_SUITEB128</p></td> +<td class="enum_member_description"> +<p>A verification profile that +applies the SUITEB128 rules</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PROFILE-SUITEB192:CAPS"></a>GNUTLS_PROFILE_SUITEB192</p></td> +<td class="enum_member_description"> +<p>A verification profile that +applies the SUITEB192 rules</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-VFLAGS-PROFILE-MASK:CAPS"></a><h3>GNUTLS_VFLAGS_PROFILE_MASK</h3> +<pre class="programlisting">#define GNUTLS_VFLAGS_PROFILE_MASK (0xff000000) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS8-PLAIN:CAPS"></a><h3>GNUTLS_PKCS8_PLAIN</h3> +<pre class="programlisting">#define GNUTLS_PKCS8_PLAIN GNUTLS_PKCS_PLAIN +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS8-USE-PKCS12-3DES:CAPS"></a><h3>GNUTLS_PKCS8_USE_PKCS12_3DES</h3> +<pre class="programlisting">#define GNUTLS_PKCS8_USE_PKCS12_3DES GNUTLS_PKCS_PKCS12_3DES +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS8-USE-PKCS12-ARCFOUR:CAPS"></a><h3>GNUTLS_PKCS8_USE_PKCS12_ARCFOUR</h3> +<pre class="programlisting">#define GNUTLS_PKCS8_USE_PKCS12_ARCFOUR GNUTLS_PKCS_PKCS12_ARCFOUR +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS8-USE-PKCS12-RC2-40:CAPS"></a><h3>GNUTLS_PKCS8_USE_PKCS12_RC2_40</h3> +<pre class="programlisting">#define GNUTLS_PKCS8_USE_PKCS12_RC2_40 GNUTLS_PKCS_PKCS12_RC2_40 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs-encrypt-flags-t"></a><h3>enum gnutls_pkcs_encrypt_flags_t</h3> +<p>Enumeration of different PKCS encryption flags.</p> +<div class="refsect3"> +<a name="gnutls-pkcs-encrypt-flags-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PLAIN:CAPS"></a>GNUTLS_PKCS_PLAIN</p></td> +<td class="enum_member_description"> +<p>Unencrypted private key.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PKCS12-3DES:CAPS"></a>GNUTLS_PKCS_PKCS12_3DES</p></td> +<td class="enum_member_description"> +<p>PKCS-12 3DES.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PKCS12-ARCFOUR:CAPS"></a>GNUTLS_PKCS_PKCS12_ARCFOUR</p></td> +<td class="enum_member_description"> +<p>PKCS-12 ARCFOUR.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PKCS12-RC2-40:CAPS"></a>GNUTLS_PKCS_PKCS12_RC2_40</p></td> +<td class="enum_member_description"> +<p>PKCS-12 RC2-40.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES2-3DES:CAPS"></a>GNUTLS_PKCS_PBES2_3DES</p></td> +<td class="enum_member_description"> +<p>PBES2 3DES.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES2-AES-128:CAPS"></a>GNUTLS_PKCS_PBES2_AES_128</p></td> +<td class="enum_member_description"> +<p>PBES2 AES-128.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES2-AES-192:CAPS"></a>GNUTLS_PKCS_PBES2_AES_192</p></td> +<td class="enum_member_description"> +<p>PBES2 AES-192.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES2-AES-256:CAPS"></a>GNUTLS_PKCS_PBES2_AES_256</p></td> +<td class="enum_member_description"> +<p>PBES2 AES-256.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-NULL-PASSWORD:CAPS"></a>GNUTLS_PKCS_NULL_PASSWORD</p></td> +<td class="enum_member_description"> +<p>Some schemas distinguish between an empty and a NULL password.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES2-DES:CAPS"></a>GNUTLS_PKCS_PBES2_DES</p></td> +<td class="enum_member_description"> +<p>PBES2 single DES.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES1-DES-MD5:CAPS"></a>GNUTLS_PKCS_PBES1_DES_MD5</p></td> +<td class="enum_member_description"> +<p>PBES1 with single DES; for compatibility with openssl only.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES2-GOST-TC26Z:CAPS"></a>GNUTLS_PKCS_PBES2_GOST_TC26Z</p></td> +<td class="enum_member_description"> +<p>PBES2 GOST 28147-89 CFB with TC26-Z S-box.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES2-GOST-CPA:CAPS"></a>GNUTLS_PKCS_PBES2_GOST_CPA</p></td> +<td class="enum_member_description"> +<p>PBES2 GOST 28147-89 CFB with CryptoPro-A S-box.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES2-GOST-CPB:CAPS"></a>GNUTLS_PKCS_PBES2_GOST_CPB</p></td> +<td class="enum_member_description"> +<p>PBES2 GOST 28147-89 CFB with CryptoPro-B S-box.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES2-GOST-CPC:CAPS"></a>GNUTLS_PKCS_PBES2_GOST_CPC</p></td> +<td class="enum_member_description"> +<p>PBES2 GOST 28147-89 CFB with CryptoPro-C S-box.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS-PBES2-GOST-CPD:CAPS"></a>GNUTLS_PKCS_PBES2_GOST_CPD</p></td> +<td class="enum_member_description"> +<p>PBES2 GOST 28147-89 CFB with CryptoPro-D S-box.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PKCS12-3DES:CAPS"></a><h3>GNUTLS_PKCS_USE_PKCS12_3DES</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PKCS12_3DES GNUTLS_PKCS_PKCS12_3DES +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PKCS12-ARCFOUR:CAPS"></a><h3>GNUTLS_PKCS_USE_PKCS12_ARCFOUR</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PKCS12_ARCFOUR GNUTLS_PKCS_PKCS12_ARCFOUR +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PKCS12-RC2-40:CAPS"></a><h3>GNUTLS_PKCS_USE_PKCS12_RC2_40</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PKCS12_RC2_40 GNUTLS_PKCS_PKCS12_RC2_40 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PBES2-3DES:CAPS"></a><h3>GNUTLS_PKCS_USE_PBES2_3DES</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PBES2_3DES GNUTLS_PKCS_PBES2_3DES +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PBES2-AES-128:CAPS"></a><h3>GNUTLS_PKCS_USE_PBES2_AES_128</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PBES2_AES_128 GNUTLS_PKCS_PBES2_AES_128 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PBES2-AES-192:CAPS"></a><h3>GNUTLS_PKCS_USE_PBES2_AES_192</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PBES2_AES_192 GNUTLS_PKCS_PBES2_AES_192 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PBES2-AES-256:CAPS"></a><h3>GNUTLS_PKCS_USE_PBES2_AES_256</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PBES2_AES_256 GNUTLS_PKCS_PBES2_AES_256 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PBES2-GOST-TC26Z:CAPS"></a><h3>GNUTLS_PKCS_USE_PBES2_GOST_TC26Z</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PBES2_GOST_TC26Z GNUTLS_PKCS_PBES2_GOST_TC26Z +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PBES2-GOST-CPA:CAPS"></a><h3>GNUTLS_PKCS_USE_PBES2_GOST_CPA</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PBES2_GOST_CPA GNUTLS_PKCS_PBES2_GOST_CPA +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PBES2-GOST-CPB:CAPS"></a><h3>GNUTLS_PKCS_USE_PBES2_GOST_CPB</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PBES2_GOST_CPB GNUTLS_PKCS_PBES2_GOST_CPB +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PBES2-GOST-CPC:CAPS"></a><h3>GNUTLS_PKCS_USE_PBES2_GOST_CPC</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PBES2_GOST_CPC GNUTLS_PKCS_PBES2_GOST_CPC +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS-USE-PBES2-GOST-CPD:CAPS"></a><h3>GNUTLS_PKCS_USE_PBES2_GOST_CPD</h3> +<pre class="programlisting">#define GNUTLS_PKCS_USE_PBES2_GOST_CPD GNUTLS_PKCS_PBES2_GOST_CPD +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-keygen-types-t"></a><h3>enum gnutls_keygen_types_t</h3> +<p>Enumeration of different key generation data options.</p> +<div class="refsect3"> +<a name="gnutls-keygen-types-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-KEYGEN-SEED:CAPS"></a>GNUTLS_KEYGEN_SEED</p></td> +<td class="enum_member_description"> +<p>Specifies the seed to be used in key generation.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-KEYGEN-DIGEST:CAPS"></a>GNUTLS_KEYGEN_DIGEST</p></td> +<td class="enum_member_description"> +<p>The size field specifies the hash algorithm to be used in key generation.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-KEYGEN-SPKI:CAPS"></a>GNUTLS_KEYGEN_SPKI</p></td> +<td class="enum_member_description"> +<p>data points to a <a class="link" href="gnutls-x509.html#gnutls-x509-spki-t" title="gnutls_x509_spki_t"><code class="literal">gnutls_x509_spki_t</code></a> structure; it is not used after the key generation call.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-keygen-data-st"></a><h3>gnutls_keygen_data_st</h3> +<pre class="programlisting">typedef struct { + gnutls_keygen_types_t type; + unsigned char *data; + unsigned int size; +} gnutls_keygen_data_st; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-t"></a><h3>gnutls_x509_trust_list_t</h3> +<pre class="programlisting">typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-trust-list-iter-t"></a><h3>gnutls_x509_trust_list_iter_t</h3> +<pre class="programlisting">typedef struct gnutls_x509_trust_list_iter *gnutls_x509_trust_list_iter_t; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-trust-list-flags-t"></a><h3>enum gnutls_trust_list_flags_t</h3> +<p>Enumeration of different certificate trust list flags.</p> +<div class="refsect3"> +<a name="gnutls-trust-list-flags-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-TL-VERIFY-CRL:CAPS"></a>GNUTLS_TL_VERIFY_CRL</p></td> +<td class="enum_member_description"> +<p>If any CRLs are provided they will be verified for validity +prior to be added. The CA certificates that will be used for verification are the +ones already added in the trusted list.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-TL-USE-IN-TLS:CAPS"></a>GNUTLS_TL_USE_IN_TLS</p></td> +<td class="enum_member_description"> +<p>Internal flag used by GnuTLS. If provided the trust list +structure will cache a copy of CA DNs to be used in the certificate request +TLS message.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-TL-NO-DUPLICATES:CAPS"></a>GNUTLS_TL_NO_DUPLICATES</p></td> +<td class="enum_member_description"> +<p>If this flag is specified, a function adding certificates +will check and eliminate any duplicates.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-TL-NO-DUPLICATE-KEY:CAPS"></a>GNUTLS_TL_NO_DUPLICATE_KEY</p></td> +<td class="enum_member_description"> +<p>If this flag is specified, a certificate sharing the +same key as a previously added on will not be added.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-TL-GET-COPY:CAPS"></a>GNUTLS_TL_GET_COPY</p></td> +<td class="enum_member_description"> +<p>The semantics of this flag are documented to the functions which +are applicable. In general, on returned value, the function will provide a copy +if this flag is provided, rather than a pointer to internal data.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-TL-FAIL-ON-INVALID-CRL:CAPS"></a>GNUTLS_TL_FAIL_ON_INVALID_CRL</p></td> +<td class="enum_member_description"> +<p>If an CRL is added which cannot be validated return +an error instead of ignoring (must be used with <a class="link" href="gnutls-x509.html#GNUTLS-TL-VERIFY-CRL:CAPS"><code class="literal">GNUTLS_TL_VERIFY_CRL</code></a>).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-ext-st"></a><h3>gnutls_x509_ext_st</h3> +<pre class="programlisting">typedef struct { + char *oid; + unsigned int critical; + gnutls_datum_t data; +} gnutls_x509_ext_st; +</pre> +</div> +</div> +</div> +<div class="footer"> +<hr>Generated by GTK-Doc V1.33.1</div> +</body> +</html>
\ No newline at end of file |