gnutls_pkcs11_get_raw_issuer_by_subject_key_id

gnutls_pkcs11_get_raw_issuer_by_subject_key_id — API function

Synopsis

#include <gnutls/pkcs11.h>

int gnutls_pkcs11_get_raw_issuer_by_subject_key_id(const char * url, const gnutls_datum_t * dn, const gnutls_datum_t * spki, gnutls_datum_t * issuer, gnutls_x509_crt_fmt_t fmt, unsigned int flags);

Arguments

const char * url

A PKCS 11 url identifying a token

const gnutls_datum_t * dn

is the DN to search for (may be NULL)

const gnutls_datum_t * spki

is the subject key ID to search for

gnutls_datum_t * issuer

Will hold the issuer if any in an allocated buffer.

gnutls_x509_crt_fmt_t fmt

The format of the exported issuer.

unsigned int flags

Use zero or flags from GNUTLS_PKCS11_OBJ_FLAG.

Description

This function will return the certificate with the given DN and  spki , if it is stored in the token. By default only marked as trusted issuers are retuned. If any issuer should be returned specify GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY in  flags .

The name of the function includes issuer because it can be used to discover issuers of certificates.

Returns

On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

Since

3.4.2

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: http://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

http://www.gnutls.org/manual/

Info

3.6.1 gnutls