@deftypefun {unsigned} {gnutls_pkcs11_crt_is_known} (const char * @var{url}, gnutls_x509_crt_t @var{cert}, unsigned int @var{flags})
@var{url}: A PKCS 11 url identifying a token

@var{cert}: is the certificate to find issuer for

@var{flags}: Use zero or flags from @code{GNUTLS_PKCS11_OBJ_FLAG} .

This function will check whether the provided certificate is stored
in the specified token. This is useful in combination with 
@code{GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED}  or
@code{GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED} ,
to check whether a CA is present or a certificate is blacklisted in
a trust PKCS @code{11}  module.

This function can be used with a  @code{url} of "pkcs11:", and in that case all modules
will be searched. To restrict the modules to the marked as trusted in p11-kit
use the @code{GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE}  flag.

Note that the flag @code{GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED}  is
specific to p11-kit trust modules.

@strong{Returns:} If the certificate exists non-zero is returned, otherwise zero.

@strong{Since:} 3.3.0
@end deftypefun