gnutls_ocsp_resp_verify_direct — API function
#include <gnutls/ocsp.h>
int
gnutls_ocsp_resp_verify_direct( |
gnutls_ocsp_resp_t resp, |
gnutls_x509_crt_t signercert, | |
unsigned * verify, | |
int flags) ; |
should contain a gnutls_ocsp_resp_t structure
certificate believed to have signed the response
output variable with verification status, an gnutls_ocsp_cert_status_t
verification flags, 0 for now.
Verify signature of the Basic OCSP Response against the
public key in the signercert
certificate.
The output verify
variable will hold
verification status codes (e.g., GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND
,
GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM
)
which are only valid if the function returned GNUTLS_E_SUCCESS.
Note that the function returns GNUTLS_E_SUCCESS even when verification
failed. The caller must always inspect the verify
variable to find out the
verification status.
The flags
variable
should be 0 for now.
Report bugs to <bug-gnutls@gnu.org>. GnuTLS home page: http://www.gnu.org/software/gnutls/ General help using GNU software: http://www.gnu.org/gethelp/
The full documentation for gnutls is maintained as a Texinfo manual. If the info and gnutls programs are properly installed at your site, the command
info gnutls
should give you access to the complete manual.
COPYRIGHT |
---|
Copyright © 2012 Free Software Foundation. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. |