• Start
• Documentation
  • PostgreSQL
  • mnoGoSearch
  • Apache 2.4
  • FreeBSD handbook
  • FreeBSD Manual
  • FreeBSD Source
• Tools
• Search
• Protected Area

plain

FreeBSD manual

keyword 1 2 3 4 5 6 7 8 9 n l

download PDF document: gnutls_pkcs7_verify_direct.3.pdf

gnutls_pkcs7_verify_direct(3) gnutls gnutls_pkcs7_verify_direct(3)
NAME gnutls_pkcs7_verify_direct - API function
SYNOPSIS #include <gnutls/pkcs7.h>
int gnutls_pkcs7_verify_direct(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t signer, unsigned idx, const gnutls_datum_t * data, unsigned flags);
ARGUMENTS gnutls_pkcs7_t pkcs7 should contain a gnutls_pkcs7_t type
gnutls_x509_crt_t signer the certificate believed to have signed the structure
unsigned idx the index of the signature info to check
const gnutls_datum_t * data The data to be verified or NULL
unsigned flags Zero or an OR list of gnutls_certificate_verify_flags
DESCRIPTION This function will verify the provided data against the signature present in the SignedData of the PKCS 7 structure. If the data provided are NULL then the data in the encapsulatedContent field will be used instead.
Note that, unlike gnutls_pkcs7_verify() this function does not verify the key purpose of the signer. It is expected for the caller to verify the intended purpose of the signer -e.g., via gnutls_x509_crt_get_key_purpose_oid(), or gnutls_x509_crt_check_key_purpose().
Note also, that since GnuTLS 3.5.6 this function introduces checks in the end certificate ( signer ), including time checks and key usage checks.
RETURNS On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value. A verification error results to a GNUTLS_E_PK_SIG_VERIFY_FAILED and the lack of encapsulated data to verify to a GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.
SINCE 3.4.2
REPORTING BUGS Report bugs to <bugs@gnutls.org>. Home page: https://www.gnutls.org

COPYRIGHT Copyright (C) 2001- Free Software Foundation, Inc., and others. form visit
https://www.gnutls.org/manual/
gnutls 3.7.9 gnutls_pkcs7_verify_direct(3)