gnutls_ocsp_resp_verify_direct(3) gnutls gnutls_ocsp_resp_verify_direct(3)
NAME
gnutls_ocsp_resp_verify_direct - API function
SYNOPSIS
#include <gnutls/ocsp.h>
int gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_t resp, gnutls_x509_crt_t issuer, unsigned int * verify, unsigned int flags);
ARGUMENTS
gnutls_ocsp_resp_t resp
should contain a gnutls_ocsp_resp_t structure
gnutls_x509_crt_t issuer
certificate believed to have signed the response
unsigned int * verify
output variable with verification status, an gnutls_ocsp_cert_status_t
unsigned int flags
verification flags, 0 for now.
DESCRIPTION
Verify signature of the Basic OCSP Response against the public key in the issuer certificate.
The output verify variable will hold verification status codes (e.g., GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND, GNUTLS_OCSP_VERIFY_INSE-
CURE_ALGORITHM) which are only valid if the function returned GNUTLS_E_SUCCESS.
Note that the function returns GNUTLS_E_SUCCESS even when verification failed. The caller must always inspect the verify variable to find
out the verification status.
The flags variable should be 0 for now.
RETURNS
On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
REPORTING BUGS
Report bugs to <bug-gnutls@gnu.org>.
General guidelines for reporting bugs: http://www.gnu.org/gethelp/
GnuTLS home page: http://www.gnu.org/software/gnutls/
COPYRIGHT
Copyright (C) 2012 Free Software Foundation, Inc..
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
SEE ALSO
The full documentation for gnutls is maintained as a Texinfo manual. If the info and gnutls programs are properly installed at your site,
the command
info gnutls
should give you access to the complete manual. As an alternative you may obtain the manual from:
http://www.gnu.org/software/gnutls/manual/
gnutls 3.1.15 gnutls_ocsp_resp_verify_direct(3)