from small one page howto to huge articles all in one place

Other .linuxhowtos.org sites:toolsntoys.linuxhowtos.org
gentoo.linuxhowtos.org

poll results

Last additions:

words:

887

views:

20238

userrating:

average rating: 3.4 (205 votes) (1=very good 6=terrible)

May 25th. 2007:

Words

486

Views

36019

why adblockers are bad

Workaround and fixes for the current Core Dump Handling vulnerability affected kernels

words:

161

views:

20986

userrating:

average rating: 1.0 (50 votes) (1=very good 6=terrible)

April, 26th. 2006:

Words

Views

16053

New subdomain: toolsntoys.linuxhowtos.org

You are here: manpages

gnutls_x509_crt_list_verify

Section: gnutls (3)
Updated: 2.10.2
Index Return to Main Contents

NAME

gnutls_x509_crt_list_verify - API function

SYNOPSIS

#include <gnutls/x509.h>

int gnutls_x509_crt_list_verify(const gnutls_x509_crt_t * cert_list, int cert_list_length, const gnutls_x509_crt_t * CA_list, int CA_list_length, const gnutls_x509_crl_t * CRL_list, int CRL_list_length, unsigned int flags, unsigned int * verify);

ARGUMENTS

const gnutls_x509_crt_t * cert_list: is the certificate list to be verified
int cert_list_length: holds the number of certificate in cert_list
const gnutls_x509_crt_t * CA_list: is the CA list which will be used in verification
int CA_list_length: holds the number of CA certificate in CA_list
const gnutls_x509_crl_t * CRL_list: holds a list of CRLs.
int CRL_list_length: the length of CRL list.
unsigned int flags: Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.
unsigned int * verify: will hold the certificate verification output.

DESCRIPTION

This function will try to verify the given certificate list and return its status. If no flags are specified (0), this function will use the basicConstraints (2.5.29.19) PKIX extension. This means that only a certificate authority is allowed to sign a certificate.

You must also check the peer's name in order to check if the verified certificate belongs to the actual peer.

The certificate verification output will be put in verify and will be one or more of the gnutls_certificate_status_t enumerated elements bitwise or'd. For a more detailed verification status use gnutls_x509_crt_verify() per list element.

GNUTLS_CERT_INVALID

the certificate chain is not valid.

GNUTLS_CERT_REVOKED

a certificate in the chain has been revoked.

RETURNS

On success, GNUTLS_E_SUCCESS is returned, otherwise a negative error value.

REPORTING BUGS

Report bugs to <bug-gnutls@gnu.org>. GnuTLS home page: http://www.gnu.org/software/gnutls/ General help using GNU software: http://www.gnu.org/gethelp/

COPYRIGHT

Copyright © 2008 Free Software Foundation.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.

Please read "Why adblockers are bad

Other free services

www.LinuxHowtos.org howtos, tips&tricks and tutorials for linux