summaryrefslogtreecommitdiffstats
path: root/doc/manpages/gnutls_ocsp_resp_verify.3
blob: 7b2a173f47de20016a870d937f968c418e831685 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
.\" DO NOT MODIFY THIS FILE!  It was generated by gdoc.
.TH "gnutls_ocsp_resp_verify" 3 "3.7.9" "gnutls" "gnutls"
.SH NAME
gnutls_ocsp_resp_verify \- API function
.SH SYNOPSIS
.B #include <gnutls/ocsp.h>
.sp
.BI "int gnutls_ocsp_resp_verify(gnutls_ocsp_resp_const_t " resp ", gnutls_x509_trust_list_t " trustlist ", unsigned int * " verify ", unsigned int " flags ");"
.SH ARGUMENTS
.IP "gnutls_ocsp_resp_const_t resp" 12
should contain a \fBgnutls_ocsp_resp_t\fP type
.IP "gnutls_x509_trust_list_t trustlist" 12
trust anchors as a \fBgnutls_x509_trust_list_t\fP type
.IP "unsigned int * verify" 12
output variable with verification status, an \fBgnutls_ocsp_verify_reason_t\fP
.IP "unsigned int flags" 12
verification flags from \fBgnutls_certificate_verify_flags\fP
.SH "DESCRIPTION"
Verify signature of the Basic OCSP Response against the public key
in the certificate of a trusted signer.  The  \fItrustlist\fP should be
populated with trust anchors.  The function will extract the signer
certificate from the Basic OCSP Response and will verify it against
the  \fItrustlist\fP .  A trusted signer is a certificate that is either
in  \fItrustlist\fP , or it is signed directly by a certificate in
 \fItrustlist\fP and has the id\-ad\-ocspSigning Extended Key Usage bit
set.

The output  \fIverify\fP variable will hold verification status codes
(e.g., \fBGNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND\fP,
\fBGNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM\fP) which are only valid if the
function returned \fBGNUTLS_E_SUCCESS\fP.

Note that the function returns \fBGNUTLS_E_SUCCESS\fP even when
verification failed.  The caller must always inspect the  \fIverify\fP variable to find out the verification status.

The  \fIflags\fP variable should be 0 for now.
.SH "RETURNS"
On success, \fBGNUTLS_E_SUCCESS\fP (0) is returned, otherwise a
negative error value.
.SH "REPORTING BUGS"
Report bugs to <bugs@gnutls.org>.
.br
Home page: https://www.gnutls.org

.SH COPYRIGHT
Copyright \(co 2001- Free Software Foundation, Inc., and others.
.br
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
.SH "SEE ALSO"
The full documentation for
.B gnutls
is maintained as a Texinfo manual.
If the /usr/share/doc/gnutls/
directory does not contain the HTML form visit
.B
.IP https://www.gnutls.org/manual/
.PP