gsk_get_certificate_info()
Returns requested certificate information for an X.509 certificate.
Format
#include <gskcms.h>
gsk_status gsk_get_certificate_info(
gsk_buffer * cert_stream,
x509_cert_info_id cert_info_id,
gsk_buffer * cert_info)Parameters
- cert_stream
- Specifies either a DER-encoded X.509 certificate or a non-decoded TBSCertificate ASN.1 sequence.
- cert_info_id
- The X.509 certificate information identifier specifying the certificate information to be returned.
- cert_info
- Returns the requested certificate information. The application should call the gsk_free_buffer() routine to release the certificate information when it is no longer needed.
Results
The function return value will be 0 if no error is detected. Otherwise, it will be one of the
return codes listed in the gskcms.h include file. These are some possible errors:
- [ASN_NO_MEMORY]
- Insufficient storage is available.
- [ASN_ELEMENTS_MISSING]
- Required data element is missing.
- [ASN_UNSUPPORTED_VERSION]
- Version is not supported.
- [CMSERR_BAD_ISSUER_NAME]
- Issuer name is not valid.
- [CMSERR_BAD_SUBJECT_NAME]
- Subject name is not valid.
- [CMSERR_ATTRIBUTE_INVALID_ENUMERATION]
- The enumeration value is not valid.
Usage
The gsk_get_certificate_info() routine returns information about an X.509 certificate. The
certificate stream may be either:
- An X.509 certificate encoded as described in RFC 5280.
- The derCertificate field of the x509_certificate structure, which contains the non-decoded TBSCertificate ASN.1 sequence.
The application may request certificate information by using one of the following enumeration identifiers.
- x509_cert_info_subject_dn_der
- The subject distinguished name for the X.509 certificate in binary ASN.1 DER-encoded format.
- x509_cert_info_issuer_dn_der
- The issuer distinguished name for the X.509 certificate in binary ASN.1 DER-encoded format.