gnutls_ocsp_req_add_cert_id(3) API function


#include <gnutls/ocsp.h>

int gnutls_ocsp_req_add_cert_id(gnutls_ocsp_req_t req, gnutls_digest_algorithm_t digest, const gnutls_datum_t * issuer_name_hash, const gnutls_datum_t * issuer_key_hash, const gnutls_datum_t * serial_number);


gnutls_ocsp_req_t req
should contain a gnutls_ocsp_req_t type
gnutls_digest_algorithm_t digest
hash algorithm, a gnutls_digest_algorithm_t value
const gnutls_datum_t * issuer_name_hash
hash of issuer's DN
const gnutls_datum_t * issuer_key_hash
hash of issuer's public key
const gnutls_datum_t * serial_number
serial number of certificate to check


This function will add another request to the OCSP request for a particular certificate having the issuer name hash of
 issuer_name_hash and issuer key hash of  issuer_key_hash (both hashed using digest ) and serial number serial_number .

The information needed corresponds to the CertID structure:

<informalexample><programlisting> CertID ::= SEQUENCE { hashAlgorithm AlgorithmIdentifier, issuerNameHash OCTET STRING, -- Hash of Issuer's DN issuerKeyHash OCTET STRING, -- Hash of Issuers public key serialNumber CertificateSerialNumber } </programlisting></informalexample>


On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error code is returned.


Report bugs to <[email protected]>.
Home page:


Copyright © 2001-2016 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.