FreeBSD manual

download PDF document: gnutls_x509_crl_sign2.3.pdf

gnutls_x509_crl_sign2(3) gnutls gnutls_x509_crl_sign2(3)
NAME gnutls_x509_crl_sign2 - API function
SYNOPSIS #include <gnutls/x509.h>
int gnutls_x509_crl_sign2(gnutls_x509_crl_t crl, gnutls_x509_crt_t issuer, gnutls_x509_privkey_t issuer_key, gnutls_digest_algorithm_t dig, unsigned int flags);
ARGUMENTS gnutls_x509_crl_t crl should contain a gnutls_x509_crl_t type
gnutls_x509_crt_t issuer is the certificate of the certificate issuer
gnutls_x509_privkey_t issuer_key holds the issuer's private key
gnutls_digest_algorithm_t dig The message digest to use. GNUTLS_DIG_SHA256 is the safe choice unless you know what you're doing.
unsigned int flags must be 0
DESCRIPTION This function will sign the CRL with the issuer's private key, and will copy the issuer's information into the CRL.
This must be the last step in a certificate CRL since all the previously set parameters are now signed.
A known limitation of this function is, that a newly-signed CRL will not be fully functional (e.g., for signature verification), until it is exported an re-imported.
After GnuTLS 3.6.1 the value of dig may be GNUTLS_DIG_UNKNOWN, and in that case, a suitable but reasonable for the key algorithm will be selected.
RETURNS On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
REPORTING BUGS Report bugs to <bugs@gnutls.org>. Home page: https://www.gnutls.org

COPYRIGHT Copyright (C) 2001- Free Software Foundation, Inc., and others. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.
gnutls 3.7.9 gnutls_x509_crl_sign2(3)