gnutls_x509_trust_list_add_crls

Section: gnutls (3)
Updated: 3.7.1
Page Index

NAME

gnutls_x509_trust_list_add_crls - API function

SYNOPSIS

#include <gnutls/x509.h>

int gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list, const gnutls_x509_crl_t * crl_list, unsigned crl_size, unsigned int flags, unsigned int verification_flags);

ARGUMENTS

gnutls_x509_trust_list_t list: The list
const gnutls_x509_crl_t * crl_list: A list of CRLs
unsigned crl_size: The length of the CRL list
unsigned int flags: flags from gnutls_trust_list_flags_t
unsigned int verification_flags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL

DESCRIPTION

This function will add the given certificate revocation lists to the trusted list. The CRLs in crl_list must not be deinitialized during the lifetime of list .

This function must be called after gnutls_x509_trust_list_add_cas() to allow verifying the CRLs for validity. If the flag GNUTLS_TL_NO_DUPLICATES is given, then the final CRL list will not contain duplicate entries.

If the flag GNUTLS_TL_NO_DUPLICATES is given, gnutls_x509_trust_list_deinit() must be called with parameter all being 1.

If flag GNUTLS_TL_VERIFY_CRL is given the CRLs will be verified before being added, and if verification fails, they will be skipped.

RETURNS

The number of added elements is returned; that includes duplicate entries.

SINCE

3.0

REPORTING BUGS

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

COPYRIGHT

Copyright © 2001- Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.