Holds the certificate
unsigned int seq
specifies the sequence number of the access descriptor (0
for the first one, 1 for the second etc.)
int what what data to get, a gnutls_info_access_what_t type.
gnutls_datum_t * data
output data to be freed with gnutls_free().
unsigned int * critical
pointer to output integer that is set to non-zero if the
extension is marked as critical (may be NULL)
Note that a simpler API to access the authority info data is provided
by gnutls_x509_aia_get() and gnutls_x509_ext_import_aia().
This function extracts the Authority Information Access (AIA)
extension, see RFC 5280 section 18.104.22.168 for more information. The
AIA extension holds a sequence of AccessDescription (AD) data.
The seq input parameter is used to indicate which member of the
sequence the caller is interested in. The first member is 0, the
second member 1 and so on. When the seq value is out of bounds,
GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
The type of data returned in data is specified via what which
should be gnutls_info_access_what_t values.
If what is GNUTLS_IA_ACCESSMETHOD_OID then data will hold the
accessMethod OID (e.g., "22.214.171.124.126.96.36.199.1").
If what is GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE, data will
hold the accessLocation GeneralName type (e.g.,
If what is GNUTLS_IA_URI, data will hold the accessLocation URI
data. Requesting this what value leads to an error if the
accessLocation is not of the "uniformResourceIdentifier" type.
If what is GNUTLS_IA_OCSP_URI, data will hold the OCSP URI.
Requesting this what value leads to an error if the accessMethod is
not 188.8.131.52.184.108.40.206.1 aka OCSP, or if accessLocation is not of the
"uniformResourceIdentifier" type. In that case
GNUTLS_E_UNKNOWN_ALGORITHM will be returned, and seq should be
increased and this function called again.
If what is GNUTLS_IA_CAISSUERS_URI, data will hold the caIssuers
URI. Requesting this what value leads to an error if the
accessMethod is not 220.127.116.11.18.104.22.168.2 aka caIssuers, or if
accessLocation is not of the "uniformResourceIdentifier" type. In
that case handle as in GNUTLS_IA_OCSP_URI.
More what values may be allocated in the future as needed.
If data is NULL, the function does the same without storing the
output data, that is, it will set critical and do error checking as
The value of the critical flag is returned in * critical . Supply a
NULL critical if you want the function to make sure the extension is
non-critical, as required by RFC 5280.
GNUTLS_E_SUCCESS on success, GNUTLS_E_INVALID_REQUEST on invalid crt
, GNUTLS_E_CONSTRAINT_ERROR if the extension is incorrectly marked as
critical (use a non-NULL critical to override),
GNUTLS_E_UNKNOWN_ALGORITHM if the requested OID does not match (e.g.,
when using GNUTLS_IA_OCSP_URI), otherwise a negative error code.
This page is part of the GnuTLS (GnuTLS Transport Layer Security
Library) project. Information about the project can be found at
⟨http://www.gnutls.org/⟩. If you have a bug report for this manual
page, send it to firstname.lastname@example.org.. This page was obtained from the
tarball gnutls-3.5.9.tar.xz fetched from
⟨http://www.gnutls.org/download.html⟩ on 2017-03-13. If you discover
any rendering problems in this HTML version of the page, or you
believe there is a better or more up-to-date source for the page, or
you have corrections or improvements to the information in this
COLOPHON (which is not part of the original manual page), send a mail