gnutls_x509_crt_verify_data2 man page

gnutls_x509_crt_verify_data2 — API function

Synopsis

#include <gnutls/x509.h>

int gnutls_x509_crt_verify_data2(gnutls_x509_crt_t crt, gnutls_sign_algorithm_t algo, unsigned int flags, const gnutls_datum_t * data, const gnutls_datum_t * signature);

Arguments

gnutls_x509_crt_t crt
Holds the certificate to verify with
gnutls_sign_algorithm_t algo
The signature algorithm used
unsigned int flags
Zero or an OR list of gnutls_certificate_verify_flags
const gnutls_datum_t * data
holds the signed data
const gnutls_datum_t * signature
contains the signature

Description

This function will verify the given signed data, using the parameters from the certificate.

Returns

In case of a verification failure GNUTLS_E_PK_SIG_VERIFY_FAILED is returned, GNUTLS_E_EXPIRED or GNUTLS_E_NOT_YET_ACTIVATED on expired or not yet activated certificate and zero or positive code on success.

Note that since GnuTLS 3.5.6 this function introduces checks in the end certificate ( crt ), including time checks and key usage checks.

Since

3.4.0

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: http://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

http://www.gnutls.org/manual/

Info

3.5.5 gnutls gnutls