Returns
information related to a certificate request.
Format
#include <gskssl.h>
gsk_status gsk_attribute_get_data (
gsk_handle soc_handle,
GSK_DATA_ID data_id,
void ** data_ptr)
Parameters
- soc_handle
- Specifies the connection handle returned by the gsk_secure_socket_open() routine.
- data_id
- Specifies the data identifier.
- data_ptr
- Returns the address of the requested data. The address will be
NULL if the requested data is not available.
Results
The function return value will be
0 (
GSK_OK) if no error is detected. Otherwise, it will be one
of the return codes listed in the
gskssl.h include file. These
are some possible errors:
- [GSK_ATTRIBUTE_INVALID_ID]
- The data identifier is not valid.
- [GSK_ERR_ASN]
- Unable to decode certification authority name.
- [GSK_ERR_ECURVE_NOT_SUPPORTED]
- Elliptic Curve is not supported.
- [GSK_ERR_ICSF_FIPS_DISABLED]
- ICSF PKCS #11 services are disabled.
- [GSK_ERR_ICSF_NOT_AVAILABLE]
- ICSF services are not available.
- [GSK_ERR_ICSF_SERVICE_FAILURE]
- ICSF callable service returned an error.
- [GSK_INSUFFICIENT_STORAGE]
- Insufficient storage is available.
- [GSK_INVALID_HANDLE]
- The connection handle is not valid.
- [GSK_INVALID_STATE]
- The connection is not initialized.
Usage
The gsk_attribute_get_data() routine
returns information related to a certificate request. The server sends
a certificate request to the client as part of the client authentication
portion of the SSL handshake. The connection must be in the initialized
state.
These data identifiers are supported:
- GSK_DATA_ID_SUPPORTED_KEYS
- Returns a list of labels in the key database for certificates
signed by a certification authority that is in the list provided by
the server. A database entry is included in the list only if it has
both a certificate and a private key. If executing in FIPS mode, the
list only includes labels that can be used in FIPS mode. If using
the TLS V1.2 protocol, the list includes only those certificates that
use the key and signature algorithms supported by the server. The gsk_list_free() routine
should be called to release the list when it is no longer needed.
- GSK_DATA_ID_SERVER_ISSUERS
- Returns a list of distinguished names of certification authorities
provided by the server in the certificate request. The gsk_list_free() routine
should be called to release the list when it is no longer needed.