gnutls_ocsp_resp_verify_direct
Section: gnutls (3)
Updated: 3.7.1
Page Index
NAME
gnutls_ocsp_resp_verify_direct - API function
SYNOPSIS
#include <gnutls/ocsp.h>
int gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_const_t resp, gnutls_x509_crt_t issuer, unsigned int * verify, unsigned int flags);
ARGUMENTS
- gnutls_ocsp_resp_const_t resp
-
should contain a gnutls_ocsp_resp_t type
- gnutls_x509_crt_t issuer
-
certificate believed to have signed the response
- unsigned int * verify
-
output variable with verification status, an gnutls_ocsp_verify_reason_t
- unsigned int flags
-
verification flags from gnutls_certificate_verify_flags
DESCRIPTION
Verify signature of the Basic OCSP Response against the public key
in the
issuer certificate.
The output verify variable will hold verification status codes
(e.g., GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND,
GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM) which are only valid if the
function returned GNUTLS_E_SUCCESS.
Note that the function returns GNUTLS_E_SUCCESS even when
verification failed. The caller must always inspect the verify variable to find out the verification status.
The flags variable should be 0 for now.
RETURNS
On success,
GNUTLS_E_SUCCESS (0) is returned, otherwise a
negative error value.
REPORTING BUGS
Report bugs to <
bugs@gnutls.org>.
Home page:
https://www.gnutls.org
COPYRIGHT
Copyright © 2001- Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
SEE ALSO
The full documentation for
gnutls
is maintained as a Texinfo manual.
If the /usr/share/doc/gnutls/
directory does not contain the HTML form visit
- https://www.gnutls.org/manual/
-