|
NAME | SYNOPSIS | ARGUMENTS | DESCRIPTION | RETURNS | SINCE | REPORTING BUGS | COPYRIGHT | SEE ALSO | COLOPHON |
|
gnutls_pkcs7_verify_direct(3) gnutls gnutls_pkcs7_verify_direct(3)
gnutls_pkcs7_verify_direct - API function
#include <gnutls/pkcs7.h>
int gnutls_pkcs7_verify_direct(gnutls_pkcs7_t pkcs7,
gnutls_x509_crt_t signer, unsigned idx, const gnutls_datum_t * data,
unsigned flags);
gnutls_pkcs7_t pkcs7
should contain a gnutls_pkcs7_t type
gnutls_x509_crt_t signer
the certificate believed to have signed the structure
unsigned idx
the index of the signature info to check
const gnutls_datum_t * data
The data to be verified or NULL
unsigned flags
Zero or an OR list of gnutls_certificate_verify_flags
This function will verify the provided data against the signature
present in the SignedData of the PKCS 7 structure. If the data
provided are NULL then the data in the encapsulatedContent field will
be used instead.
Note that, unlike gnutls_pkcs7_verify() this function does not verify
the key purpose of the signer. It is expected for the caller to
verify the intended purpose of the signer -e.g., via
gnutls_x509_crt_get_key_purpose_oid(), or
gnutls_x509_crt_check_key_purpose().
Note also, that since GnuTLS 3.5.6 this function introduces checks in
the end certificate ( signer ), including time checks and key usage
checks.
On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative
error value. A verification error results to a
GNUTLS_E_PK_SIG_VERIFY_FAILED and the lack of encapsulated data to
verify to a GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.
3.4.2
Report bugs to <bugs@gnutls.org>.
Home page: http://www.gnutls.org
Copyright © 2001-2017 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
The full documentation for gnutls is maintained as a Texinfo manual.
If the /usr/share/doc/gnutls/ directory does not contain the HTML
form visit
http://www.gnutls.org/manual/
This page is part of the GnuTLS (GnuTLS Transport Layer Security
Library) project. Information about the project can be found at
⟨http://www.gnutls.org/⟩. If you have a bug report for this manual
page, send it to bugs@gnutls.org.. This page was obtained from the
tarball gnutls-3.6.1.tar.xz fetched from
⟨http://www.gnutls.org/download.html⟩ on 2018-02-02. If you discover
any rendering problems in this HTML version of the page, or you
believe there is a better or more up-to-date source for the page, or
you have corrections or improvements to the information in this
COLOPHON (which is not part of the original manual page), send a mail
to man-pages@man7.org
gnutls 3.6.1 gnutls_pkcs7_verify_direct(3)
|
HTML rendering created 2018-02-02 by Michael Kerrisk, author of The Linux Programming Interface, maintainer of the Linux man-pages project. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH.
|
|