Функции API (API function)
Имя (Name)
gnutls_pkcs7_verify_direct - API function
Синопсис (Synopsis)
#include <gnutls/pkcs7.h>
int gnutls_pkcs7_verify_direct(gnutls_pkcs7_t pkcs7,
gnutls_x509_crt_t signer, unsigned idx, const gnutls_datum_t *
data, unsigned flags);
Аргументы (Arguments)
gnutls_pkcs7_t pkcs7
should contain a gnutls_pkcs7_t type
gnutls_x509_crt_t signer
the certificate believed to have signed the structure
unsigned idx
the index of the signature info to check
const gnutls_datum_t * data
The data to be verified or NULL
unsigned flags
Zero or an OR list of gnutls_certificate_verify_flags
Описание (Description)
This function will verify the provided data against the signature
present in the SignedData of the PKCS 7 structure. If the data
provided are NULL then the data in the encapsulatedContent field
will be used instead.
Note that, unlike gnutls_pkcs7_verify() this function does not
verify the key purpose of the signer. It is expected for the
caller to verify the intended purpose of the signer -e.g., via
gnutls_x509_crt_get_key_purpose_oid(), or
gnutls_x509_crt_check_key_purpose().
Note also, that since GnuTLS 3.5.6 this function introduces
checks in the end certificate ( signer ), including time checks
and key usage checks.
Возвращаемое значение (Return value)
On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a
negative error value. A verification error results to a
GNUTLS_E_PK_SIG_VERIFY_FAILED and the lack of encapsulated data
to verify to a GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.
Сообщение об ошибках (Reporting bugs)
Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org
Смотри также (See also)
The full documentation for gnutls is maintained as a Texinfo
manual. If the /usr/share/doc/gnutls/ directory does not contain
the HTML form visit
https://www.gnutls.org/manual/
