DragonFly On-Line Manual Pages
gnutls_x509_crl_privkey_sign(3) gnutls gnutls_x509_crl_privkey_sign(3)
NAME
gnutls_x509_crl_privkey_sign - API function
SYNOPSIS
#include <gnutls/abstract.h>
int gnutls_x509_crl_privkey_sign(gnutls_x509_crl_t crl,
gnutls_x509_crt_t issuer, gnutls_privkey_t issuer_key,
gnutls_digest_algorithm_t dig, unsigned int flags);
ARGUMENTS
gnutls_x509_crl_t crl
should contain a gnutls_x509_crl_t type
gnutls_x509_crt_t issuer
is the certificate of the certificate issuer
gnutls_privkey_t issuer_key
holds the issuer's private key
gnutls_digest_algorithm_t dig
The message digest to use. GNUTLS_DIG_SHA256 is the safe
choice unless you know what you're doing.
unsigned int flags
must be 0
DESCRIPTION
This function will sign the CRL with the issuer's private key, and will
copy the issuer's information into the CRL.
This must be the last step in a certificate CRL since all the
previously set parameters are now signed.
A known limitation of this function is, that a newly-signed CRL will
not be fully functional (e.g., for signature verification), until it is
exported an re-imported.
After GnuTLS 3.6.1 the value of dig may be GNUTLS_DIG_UNKNOWN, and in
that case, a suitable but reasonable for the key algorithm will be
selected.
RETURNS
On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative
error value.
Since 2.12.0
REPORTING BUGS
Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org
COPYRIGHT
Copyright (C) 2001- Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
SEE ALSO
The full documentation for gnutls is maintained as a Texinfo manual.
If the /usr/local/share/doc/gnutls/ directory does not contain the HTML
form visit
https://www.gnutls.org/manual/
gnutls 3.7.9 gnutls_x509_crl_privkey_sign(3)