SYNOPSIS
#include <gnutls/x509.h>int gnutls_x509_crt_list_verify(const gnutls_x509_crt_t * cert_list, int cert_list_length, const gnutls_x509_crt_t * CA_list, int CA_list_length, const gnutls_x509_crl_t * CRL_list, int CRL_list_length, unsigned int flags, unsigned int * verify);
ARGUMENTS
- const gnutls_x509_crt_t * cert_list
- is the certificate list to be verified
- int cert_list_length
- holds the number of certificate in cert_list
- const gnutls_x509_crt_t * CA_list
- is the CA list which will be used in verification
- int CA_list_length
- holds the number of CA certificate in CA_list
- const gnutls_x509_crl_t * CRL_list
- holds a list of CRLs.
- int CRL_list_length
- the length of CRL list.
- unsigned int flags
- Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.
- unsigned int * verify
- will hold the certificate verification output.
DESCRIPTION
This function will try to verify the given certificate list and return its status. The details of the verification are the same as in gnutls_x509_trust_list_verify_crt2().
You must check the peer's name in order to check if the verified certificate belongs to the actual peer.
The certificate verification output will be put in verify and will be one or more of the gnutls_certificate_status_t enumerated elements bitwise or'd. For a more detailed verification status use gnutls_x509_crt_verify() per list element.
RETURNS
On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.COPYRIGHT
Copyright © 2001-2016 Free Software Foundation, Inc., and others.Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.