DragonFly On-Line Manual Pages
gnutls_pkcs11_crt_is_known(3) gnutls gnutls_pkcs11_crt_is_known(3)
NAME
gnutls_pkcs11_crt_is_known - API function
SYNOPSIS
#include <gnutls/pkcs11.h>
unsigned gnutls_pkcs11_crt_is_known(const char * url, gnutls_x509_crt_t
cert, unsigned int flags);
ARGUMENTS
const char * url
A PKCS 11 url identifying a token
gnutls_x509_crt_t cert
is the certificate to find issuer for
unsigned int flags
Use zero or flags from GNUTLS_PKCS11_OBJ_FLAG.
DESCRIPTION
This function will check whether the provided certificate is stored in
the specified token. This is useful in combination with
GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED or
GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED, to check whether a CA is
present or a certificate is blacklisted in a trust PKCS 11 module.
This function can be used with a url of "pkcs11:", and in that case
all modules will be searched. To restrict the modules to the marked as
trusted in p11-kit use the
GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE flag.
Note that the flag GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED is
specific to p11-kit trust modules.
RETURNS
If the certificate exists non-zero is returned, otherwise zero.
SINCE
3.3.0
REPORTING BUGS
Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org
COPYRIGHT
Copyright (C) 2001- Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
SEE ALSO
The full documentation for gnutls is maintained as a Texinfo manual.
If the /usr/local/share/doc/gnutls/ directory does not contain the HTML
form visit
https://www.gnutls.org/manual/
gnutls 3.7.9 gnutls_pkcs11_crt_is_known(3)