diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-01-31 20:43:14 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-01-31 21:06:59 +0100 |
| commit | 441eccc7be861374b9b4ef4aeca15a25655ef5c4 (patch) | |
| tree | 8a7fedd367154c90fd26ba92818a9a7554c1d9e0 /lib/includes/gnutls/x509.h | |
| parent | c9a64eae05818161f2a92cc9e2e76de3045a1ce5 (diff) | |
| download | gnutls-441eccc7be861374b9b4ef4aeca15a25655ef5c4.tar.gz | |
Added a new API to verify certificates. It is more efficient and
can be used to get details about the verification procedure.
Diffstat (limited to 'lib/includes/gnutls/x509.h')
| -rw-r--r-- | lib/includes/gnutls/x509.h | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index a85d9e5cc3..85ee4cc8f7 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -426,6 +426,11 @@ extern "C" int gnutls_x509_crl_check_issuer (gnutls_x509_crl_t crl, gnutls_x509_crt_t issuer); + int gnutls_x509_crl_list_import (gnutls_x509_crl_t * crls, + unsigned int *crl_max, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + unsigned int flags); /* CRL writing. */ int gnutls_x509_crl_set_version (gnutls_x509_crl_t crl, @@ -814,6 +819,44 @@ extern "C" void *buf, size_t * sizeof_buf, unsigned int *critical); + typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t; + + int + gnutls_x509_trust_list_init (gnutls_x509_trust_list_t * list); + + void + gnutls_x509_trust_list_deinit (gnutls_x509_trust_list_t list, unsigned int all); + + int + gnutls_x509_trust_list_add_cas (gnutls_x509_trust_list_t list, + const gnutls_x509_crt_t * clist, int clist_size, unsigned int flags); + +#define GNUTLS_TL_VERIFY_CRL 1 + int + gnutls_x509_trust_list_add_crls (gnutls_x509_trust_list_t list, + const gnutls_x509_crl_t * crl_list, int crl_size, unsigned int flags, + unsigned int verification_flags); + + typedef int gnutls_verify_output_function ( + gnutls_x509_crt_t cert, + gnutls_x509_crt_t issuer, /* The issuer if verification failed + * because of him. might be null. + */ + gnutls_x509_crl_t crl, /* The CRL that caused verification failure + * if any. Might be null. + */ + unsigned int verification_output); + + int + gnutls_x509_trust_list_verify_crt ( + gnutls_x509_trust_list_t list, + gnutls_x509_crt_t *cert_list, + unsigned int cert_list_size, + unsigned int flags, + unsigned int *verify, + gnutls_verify_output_function func); + + #ifdef __cplusplus } #endif |