1gnutls_x509_crt_list_verify(3)      gnutls      gnutls_x509_crt_list_verify(3)
2
3
4

NAME

6       gnutls_x509_crt_list_verify - This function verifies the given certifi‐
7       cate list
8

SYNOPSIS

10       #include <gnutls/x509.h>
11
12       int gnutls_x509_crt_list_verify(const  gnutls_x509_crt_t  *  cert_list,
13       int   cert_list_length,   const   gnutls_x509_crt_t   *   CA_list,  int
14       CA_list_length,    const    gnutls_x509_crl_t    *    CRL_list,     int
15       CRL_list_length, unsigned int flags, unsigned int * verify);
16

ARGUMENTS

18       const gnutls_x509_crt_t * cert_list
19                   is the certificate list to be verified
20
21       int cert_list_length
22                   holds the number of certificate in cert_list
23
24       const gnutls_x509_crt_t * CA_list
25                   is the CA list which will be used in verification
26
27       int CA_list_length
28                   holds the number of CA certificate in CA_list
29
30       const gnutls_x509_crl_t * CRL_list
31                   holds a list of CRLs.
32
33       int CRL_list_length
34                   the length of CRL list.
35
36       unsigned int flags
37                   Flags  that  may  be  used to change the verification algo‐
38                   rithm. Use OR of the  gnutls_certificate_verify_flags  enu‐
39                   merations.
40
41       unsigned int * verify
42                   will hold the certificate verification output.
43

DESCRIPTION

45       This  function will try to verify the given certificate list and return
46       its status.  If no flags are specified (0), this function will use  the
47       basicConstraints  (2.5.29.19)  PKIX  extension.  This means that only a
48       certificate authority is allowed to sign a certificate.
49
50       You must also check the peer's name in order to check if  the  verified
51       certificate belongs to the actual peer.
52
53       The  certificate  verification output will be put in verify and will be
54       one or more of the gnutls_certificate_status_t enumerated elements bit‐
55       wise   or'd.    For   a   more   detailed   verification   status   use
56       gnutls_x509_crt_verify() per list element.
57

GNUTLS_CERT_INVALID

59       the certificate chain is not valid.
60

GNUTLS_CERT_REVOKED

62       a certificate in the chain has been revoked.
63

RETURNS

65       On success, GNUTLS_E_SUCCESS is returned, otherwise  a  negative  error
66       value.and a negative value in case of an error.
67

REPORTING BUGS

69       Report    bugs    to    <bug-gnutls@gnu.org>.     GnuTLS   home   page:
70       http://www.gnu.org/software/gnutls/ General help  using  GNU  software:
71       http://www.gnu.org/gethelp/
72

74       Copyright © 2008 Free Software Foundation.
75       Copying  and  distribution  of this file, with or without modification,
76       are permitted in any medium  without  royalty  provided  the  copyright
77       notice and this notice are preserved.
78

SEE ALSO

80       The  full  documentation  for gnutls is maintained as a Texinfo manual.
81       If the info and gnutls programs are properly installed  at  your  site,
82       the command
83
84              info gnutls
85
86       should give you access to the complete manual.
87
88
89
90gnutls                               2.8.6      gnutls_x509_crt_list_verify(3)
Impressum