gnutls_x509_trust_list_verify_named_crt — API function

Synopsis

#include <gnutls/x509.h>

int gnutls_x509_trust_list_verify_named_crt(gnutls_x509_trust_list_t list, gnutls_x509_crt_t cert, const void * name, size_t name_size, unsigned int flags, unsigned int * voutput, gnutls_verify_output_function func);

Arguments

gnutls_x509_trust_list_t list

The list

gnutls_x509_crt_t cert

is the certificate to be verified

const void * name

is the certificate's name

size_t name_size

is the certificate's name size

unsigned int flags

Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.

unsigned int * voutput

will hold the certificate verification output.

gnutls_verify_output_function func

If non-null will be called on each chain element verification with the output.

Description

This function will try to find a certificate that is associated with the provided name --see gnutls_x509_trust_list_add_named_crt(). If a match is found the certificate is considered valid. In addition to that this function will also  check CRLs. The  voutput parameter will hold an OR'ed sequence of  gnutls_certificate_status_t flags.

Additionally a certificate verification profile can be specified from the ones in gnutls_certificate_verification_profiles_t by ORing the result of GNUTLS_PROFILE_TO_VFLAGS() to the verification flags.

Returns

On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

Since

3.0.0

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

https://www.gnutls.org/manual/

Info

3.6.9 gnutls