Provided by: gnutls-doc_3.6.9-5ubuntu1_all bug


       gnutls_pkcs7_verify_direct - API function


       #include <gnutls/pkcs7.h>

       int  gnutls_pkcs7_verify_direct(gnutls_pkcs7_t  pkcs7,  gnutls_x509_crt_t signer, unsigned
       idx, const gnutls_datum_t * data, unsigned flags);


       gnutls_pkcs7_t pkcs7
                   should contain a gnutls_pkcs7_t type

       gnutls_x509_crt_t signer
                   the certificate believed to have signed the structure

       unsigned idx
                   the index of the signature info to check

       const gnutls_datum_t * data
                   The data to be verified or NULL

       unsigned flags
                   Zero or an OR list of gnutls_certificate_verify_flags


       This function will  verify  the  provided  data  against  the  signature  present  in  the
       SignedData  of  the  PKCS  7 structure. If the data provided are NULL then the data in the
       encapsulatedContent field will be used instead.

       Note that, unlike gnutls_pkcs7_verify() this function does not verify the key  purpose  of
       the  signer.  It  is  expected for the caller to verify the intended purpose of the signer
       -e.g., via gnutls_x509_crt_get_key_purpose_oid(), or gnutls_x509_crt_check_key_purpose().

       Note also, that since GnuTLS 3.5.6 this function introduces checks in the end  certificate
       ( signer ), including time checks and key usage checks.


       On  success,  GNUTLS_E_SUCCESS  (0)  is  returned,  otherwise  a  negative  error value. A
       verification error results to a GNUTLS_E_PK_SIG_VERIFY_FAILED and the lack of encapsulated
       data to verify to a GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.




       Report bugs to <>.
       Home page:


       Copyright © 2001-2019 Free Software Foundation, Inc., and others.
       Copying  and distribution of this file, with or without modification, are permitted in any
       medium without royalty provided the copyright notice and this notice are preserved.


       The  full  documentation  for  gnutls  is  maintained  as  a  Texinfo  manual.    If   the
       /usr/share/doc/gnutls/ directory does not contain the HTML form visit