table of contents
other versions
- wheezy-backports 3.3.8-6~bpo70+1
- jessie 3.3.8-6+deb8u5
- testing 3.5.8-5
- unstable 3.5.8-6
- experimental 3.5.13-1
gnutls_ocsp_resp_verify(3) | gnutls | gnutls_ocsp_resp_verify(3) |
NAME¶
gnutls_ocsp_resp_verify - API functionSYNOPSIS¶
#include <gnutls/ocsp.h>ARGUMENTS¶
- gnutls_ocsp_resp_t resp
- should contain a gnutls_ocsp_resp_t structure
- gnutls_x509_trust_list_t trustlist
- trust anchors as a gnutls_x509_trust_list_t structure
- unsigned int * verify
- output variable with verification status, an gnutls_ocsp_cert_status_t
- unsigned int flags
- verification flags, 0 for now.
DESCRIPTION¶
Verify signature of the Basic OCSP Response against the public key in the certificate of a trusted signer. The trustlist should be populated with trust anchors. The function will extract the signer certificate from the Basic OCSP Response and will verify it against the trustlist . A trusted signer is a certificate that is either in trustlist , or it is signed directly by a certificate intrustlist and has the id-ad-ocspSigning Extended Key Usage bit set.
RETURNS¶
On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.REPORTING BUGS¶
Report bugs to <bugs@gnutls.org>.COPYRIGHT¶
Copyright © 2001-2014 Free Software Foundation, Inc..SEE ALSO¶
The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit3.3.8 | gnutls |