gnutls_pkcs11_get_raw_issuer_by_subject_key_id

#include <gnutls/pkcs11.h>

int gnutls_pkcs11_get_raw_issuer_by_subject_key_id(const char * url, const gnutls_datum_t * dn, const gnutls_datum_t * spki, gnutls_datum_t * issuer, gnutls_x509_crt_fmt_t fmt, unsigned int flags);

const char * url

A PKCS 11 url identifying a token

const gnutls_datum_t * dn

is the DN to search for (may be NULL)

const gnutls_datum_t * spki

is the subject key ID to search for

gnutls_datum_t * issuer

Will hold the issuer if any in an allocated buffer.

gnutls_x509_crt_fmt_t fmt

The format of the exported issuer.

unsigned int flags

Use zero or flags from GNUTLS_PKCS11_OBJ_FLAG.

This function will return the certificate with the given DN and  spki , if it is stored in the token. By default only marked as trusted issuers are returned. If any issuer should be returned specify GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY in  flags .

The name of the function includes issuer because it can be used to discover issuers of certificates.

On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

3.4.2

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

Copyright © 2001-2023 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

https://www.gnutls.org/manual/