Функции API (API function)
Имя (Name)
gnutls_pkcs11_crt_is_known - API function
Синопсис (Synopsis)
#include <gnutls/pkcs11.h>
unsigned gnutls_pkcs11_crt_is_known(const char * url,
gnutls_x509_crt_t cert, unsigned int flags);
Аргументы (Arguments)
const char * url
A PKCS 11 url identifying a token
gnutls_x509_crt_t cert
is the certificate to find issuer for
unsigned int flags
Use zero or flags from GNUTLS_PKCS11_OBJ_FLAG.
Описание (Description)
This function will check whether the provided certificate is
stored in the specified token. This is useful in combination with
GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED or
GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED, to check whether a CA
is present or a certificate is blacklisted in a trust PKCS 11
module.
This function can be used with a url of "pkcs11:", and in that
case all modules will be searched. To restrict the modules to the
marked as trusted in p11-kit use the
GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE flag.
Note that the flag GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED is
specific to p11-kit trust modules.
Возвращаемое значение (Return value)
If the certificate exists non-zero is returned, otherwise zero.
Сообщение об ошибках (Reporting bugs)
Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org
Смотри также (See also)
The full documentation for gnutls is maintained as a Texinfo
manual. If the /usr/share/doc/gnutls/ directory does not contain
the HTML form visit
https://www.gnutls.org/manual/
