Путеводитель по Руководству Linux

  User  |  Syst  |  Libr  |  Device  |  Files  |  Other  |  Admin  |  Head  |



   gnutls_pkcs11_crt_is_known    ( 3 )

Функции API (API function)

Имя (Name)

gnutls_pkcs11_crt_is_known - API function

Синопсис (Synopsis)

#include <gnutls/pkcs11.h>

unsigned gnutls_pkcs11_crt_is_known(const char * url, gnutls_x509_crt_t cert, unsigned int flags);


Аргументы (Arguments)

const char * url
                   A PKCS 11 url identifying a token

gnutls_x509_crt_t cert is the certificate to find issuer for

unsigned int flags Use zero or flags from GNUTLS_PKCS11_OBJ_FLAG.


Описание (Description)

This function will check whether the provided certificate is
       stored in the specified token. This is useful in combination with
       GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED or
       GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED, to check whether a CA
       is present or a certificate is blacklisted in a trust PKCS 11
       module.

This function can be used with a url of "pkcs11:", and in that case all modules will be searched. To restrict the modules to the marked as trusted in p11-kit use the GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE flag.

Note that the flag GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED is specific to p11-kit trust modules.


Возвращаемое значение (Return value)

If the certificate exists non-zero is returned, otherwise zero.

Сообщение об ошибках (Reporting bugs)

Report bugs to <bugs@gnutls.org>.
       Home page: https://www.gnutls.org

Смотри также (See also)

The full documentation for gnutls is maintained as a Texinfo
       manual.  If the /usr/share/doc/gnutls/ directory does not contain
       the HTML form visit

https://www.gnutls.org/manual/