dwww: tpablo.net

dwww Home | Manual pages | Find package
gnutls_ocsp_resp_verify(3)          gnutls          gnutls_ocsp_resp_verify(3)

NAME
       gnutls_ocsp_resp_verify - API function

SYNOPSIS
       #include <gnutls/ocsp.h>

       int        gnutls_ocsp_resp_verify(gnutls_ocsp_resp_const_t       resp,
       gnutls_x509_trust_list_t trustlist, unsigned int * verify, unsigned int
       flags);

ARGUMENTS
       gnutls_ocsp_resp_const_t resp
                   should contain a gnutls_ocsp_resp_t type

       gnutls_x509_trust_list_t trustlist
                   trust anchors as a gnutls_x509_trust_list_t type

       unsigned int * verify
                   output    variable    with    verification    status,    an
                   gnutls_ocsp_verify_reason_t

       unsigned int flags
                   verification flags from gnutls_certificate_verify_flags

DESCRIPTION
       Verify signature of the Basic OCSP Response against the public  key  in
       the  certificate  of  a trusted signer.  The  trustlist should be popu-
       lated with trust anchors.  The function will extract  the  signer  cer-
       tificate  from  the  Basic OCSP Response and will verify it against the
       trustlist .  A trusted signer  is  a  certificate  that  is  either  in
       trustlist , or it is signed directly by a certificate in
        trustlist and has the id-ad-ocspSigning Extended Key Usage bit set.

       The  output  verify variable will hold verification status codes (e.g.,
       GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND,  GNUTLS_OCSP_VERIFY_INSECURE_ALGO-
       RITHM) which are only valid if the function returned GNUTLS_E_SUCCESS.

       Note  that the function returns GNUTLS_E_SUCCESS even when verification
       failed.  The caller must always inspect the  verify  variable  to  find
       out the verification status.

       The  flags variable should be 0 for now.

RETURNS
       On  success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative er-
       ror value.

REPORTING BUGS
       Report bugs to <bugs@gnutls.org>.
       Home page: https://www.gnutls.org

COPYRIGHT
       Copyright © 2001- Free Software Foundation, Inc., and others.
       Copying and distribution of this file, with  or  without  modification,
       are  permitted in any medium without royalty provided the copyright no-
       tice and this notice are preserved.

SEE ALSO
       The full documentation for gnutls is maintained as  a  Texinfo  manual.
       If  the /usr/share/doc/gnutls/ directory does not contain the HTML form
       visit

       https://www.gnutls.org/manual/

gnutls                               3.7.3          gnutls_ocsp_resp_verify(3)
Generated by dwww version 1.14 on Sun Dec 29 18:28:33 CET 2024.