|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@deftypefun {int} {gnutls_verify_stored_pubkey} (const char * @var{db_name}, gnutls_tdb_t @var{tdb}, const char * @var{host}, const char * @var{service}, gnutls_certificate_type_t @var{cert_type}, const gnutls_datum_t * @var{cert}, unsigned int @var{flags})
|
|
Packit Service |
4684c1 |
@var{db_name}: A file specifying the stored keys (use NULL for the default)
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{tdb}: A storage structure or NULL to use the default
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{host}: The peer's name
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{service}: non-NULL if this key is specific to a service (e.g. http)
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{cert_type}: The type of the certificate
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{cert}: The raw (der) data of the certificate
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{flags}: should be 0.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function will try to verify a raw public-key or a public-key provided via
|
|
Packit Service |
4684c1 |
a raw (DER-encoded) certificate using a list of stored public keys.
|
|
Packit Service |
4684c1 |
The @code{service} field if non-NULL should be a port number.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
The @code{db_name} variable if non-null specifies a custom backend for
|
|
Packit Service |
4684c1 |
the retrieval of entries. If it is NULL then the
|
|
Packit Service |
4684c1 |
default file backend will be used. In POSIX-like systems the
|
|
Packit Service |
4684c1 |
file backend uses the $HOME/.gnutls/known_hosts file.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
Note that if the custom storage backend is provided the
|
|
Packit Service |
4684c1 |
retrieval function should return @code{GNUTLS_E_CERTIFICATE_KEY_MISMATCH}
|
|
Packit Service |
4684c1 |
if the host/service pair is found but key doesn't match,
|
|
Packit Service |
4684c1 |
@code{GNUTLS_E_NO_CERTIFICATE_FOUND} if no such host/service with
|
|
Packit Service |
4684c1 |
the given key is found, and 0 if it was found. The storage
|
|
Packit Service |
4684c1 |
function should return 0 on success.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
As of GnuTLS 3.6.6 this function also verifies raw public keys.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Returns:} If no associated public key is found
|
|
Packit Service |
4684c1 |
then @code{GNUTLS_E_NO_CERTIFICATE_FOUND} will be returned. If a key
|
|
Packit Service |
4684c1 |
is found but does not match @code{GNUTLS_E_CERTIFICATE_KEY_MISMATCH}
|
|
Packit Service |
4684c1 |
is returned. On success, @code{GNUTLS_E_SUCCESS} (0) is returned,
|
|
Packit Service |
4684c1 |
or a negative error value on other errors.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Since:} 3.0.13
|
|
Packit Service |
4684c1 |
@end deftypefun
|