Certificate Components for C
|
| RSA BSAFE Cert-C |
Certificate Components for C |
| Crypto-C 6.2.1 Developer's Guide | ||
| Search |
This extension is used only in CA certificates. It describes the name space where all subject names of subsequent certificates in a certification path must be located. The name constraints can apply to a subject's DN or to a subject's alternative names. The default criticality for this extension is CRITICAL. A certificate can have only one Name Constraints extension at a time. This structure is used with C_AddExtensionValue() and C_GetExtensionValue().
permittedSubtrees and excludedSubtrees are present and the name spaces overlap, the exclusion statement takes precedence.
#include <certext.h>
typedef struct NAME_CONSTRAINTS { unsigned int permittedSubtreeCount; GENERAL_SUBTREE *permittedSubtrees; unsigned int excludedSubtreeCount; GENERAL_SUBTREE *excludedSubtrees; } NAME_CONSTRAINTS;
Data Fields | |
| unsigned int | permittedSubtreeCount |
An int value that specifies the number of elements in the permittedSubtrees array. | |
| GENERAL_SUBTREE* | permittedSubtrees |
A pointer to a GENERAL_SUBTREE array that contains the subtrees that are to be permitted in the certification path. More... | |
| unsigned int | excludedSubtreeCount |
An int value that specifies the number of elements in the excludedSubtrees array. | |
| GENERAL_SUBTREE* | excludedSubtrees |
A pointer to a GENERAL_SUBTREE array that contains the subtrees to exclude from the certification path. More... | |
|
|
A pointer to a |
|
|
A pointer to a |