Provided by: gnutls-doc_3.8.9-2ubuntu3_all bug

NAME
       gnutls_ocsp_resp_verify - API function


SYNOPSIS
       #include <gnutls/ocsp.h>

       int  gnutls_ocsp_resp_verify(gnutls_ocsp_resp_const_t  resp, gnutls_x509_trust_list_t trustlist, unsigned
       int * verify, unsigned int flags);


ARGUMENTS
       gnutls_ocsp_resp_const_t resp
                   should contain a gnutls_ocsp_resp_t type

       gnutls_x509_trust_list_t trustlist
                   trust anchors as a gnutls_x509_trust_list_t type

       unsigned int * verify
                   output variable with verification status, an gnutls_ocsp_verify_reason_t

       unsigned int flags
                   verification flags from gnutls_certificate_verify_flags


DESCRIPTION
       Verify signature of the Basic OCSP Response against the public  key  in  the  certificate  of  a  trusted
       signer.   The   trustlist  should  be populated with trust anchors.  The function will extract the signer
       certificate from the Basic OCSP Response and will verify it against the  trustlist .  A trusted signer is
       a certificate that is either in  trustlist , or it is signed directly by a certificate in
        trustlist and has the id-ad-ocspSigning Extended Key Usage bit set.

       The    output      verify     variable     will     hold     verification     status     codes     (e.g.,
       GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND,  GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM)  which are only valid if the
       function returned GNUTLS_E_SUCCESS.

       Note that the function returns GNUTLS_E_SUCCESS even when verification failed.  The  caller  must  always
       inspect the  verify variable to find out the verification status.

       The  flags variable should be 0 for now.


RETURNS
       On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.


REPORTING BUGS
       Report bugs to <bugs@gnutls.org>.
       Home page: https://www.gnutls.org


COPYRIGHT
       Copyright © 2001-2023 Free Software Foundation, Inc., and others.
       Copying  and distribution of this file, with or without modification, are permitted in any medium without
       royalty provided the copyright notice and this notice are preserved.


SEE ALSO
       The full documentation for gnutls is maintained as  a  Texinfo  manual.   If  the  /usr/share/doc/gnutls/
       directory does not contain the HTML form visit

       https://www.gnutls.org/manual/

gnutls                                                3.8.9                           gnutls_ocsp_resp_verify(3)