Name

gnutls_x509_crt_get_key_usage — This function returns the certificate's key usage

Synopsis

#include <gnutls/x509.h>
int gnutls_x509_crt_get_key_usage( gnutls_x509_crt_t   cert,
  unsigned int *   key_usage,
  unsigned int *   critical);

ARGUMENTS

gnutls_x509_crt_t cert

should contain a gnutls_x509_crt_t structure

unsigned int * key_usage

where the key usage bits will be stored

unsigned int * critical

will be non zero if the extension is marked as critical

DESCRIPTION

This function will return certificate's key usage, by reading the keyUsage X.509 extension (2.5.29.15). The key usage value will ORed values of the: GNUTLS_KEY_DIGITAL_SIGNATURE, GNUTLS_KEY_NON_REPUDIATION, GNUTLS_KEY_KEY_ENCIPHERMENT, GNUTLS_KEY_DATA_ENCIPHERMENT, GNUTLS_KEY_KEY_AGREEMENT, GNUTLS_KEY_KEY_CERT_SIGN, GNUTLS_KEY_CRL_SIGN, GNUTLS_KEY_ENCIPHER_ONLY, GNUTLS_KEY_DECIPHER_ONLY.

A negative value may be returned in case of parsing error. If the certificate does not contain the keyUsage extension GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.

REPORTING BUGS

Report bugs to <bug-gnutls@gnu.org>.

SEE ALSO

The full documentation for gnutls is maintained as a Texinfo manual. If the info and gnutls programs are properly installed at your site, the command

info gnutls

should give you access to the complete manual.

COPYRIGHT

Copyright © 2008 Free Software Foundation.

Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies.