@deftypefun {int} {gnutls_x509_crt_get_basic_constraints} (gnutls_x509_crt_t @var{cert}, unsigned int * @var{critical}, unsigned int * @var{ca}, int * @var{pathlen})
@var{cert}: should contain a @code{gnutls_x509_crt_t}  type

@var{critical}: will be non-zero if the extension is marked as critical

@var{ca}: pointer to output integer indicating CA status, may be NULL,
value is 1 if the certificate CA flag is set, 0 otherwise.

@var{pathlen}: pointer to output integer indicating path length (may be
NULL), non-negative error codes indicate a present pathLenConstraint
field and the actual value, -1 indicate that the field is absent.

This function will read the certificate's basic constraints, and
return the certificates CA status.  It reads the basicConstraints
X.509 extension (2.5.29.19).

@strong{Returns:} If the certificate is a CA a positive value will be
returned, or (0) if the certificate does not have CA flag set.  A
negative error code may be returned in case of errors.  If the
certificate does not contain the basicConstraints extension
GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
@end deftypefun