Provided by: gnutls-doc_3.6.9-5ubuntu1_all bug

NAME

       gnutls_pkcs7_verify_direct - API function

SYNOPSIS

       #include <gnutls/pkcs7.h>

       int  gnutls_pkcs7_verify_direct(gnutls_pkcs7_t  pkcs7,  gnutls_x509_crt_t signer, unsigned
       idx, const gnutls_datum_t * data, unsigned flags);

ARGUMENTS

       gnutls_pkcs7_t pkcs7
                   should contain a gnutls_pkcs7_t type

       gnutls_x509_crt_t signer
                   the certificate believed to have signed the structure

       unsigned idx
                   the index of the signature info to check

       const gnutls_datum_t * data
                   The data to be verified or NULL

       unsigned flags
                   Zero or an OR list of gnutls_certificate_verify_flags

DESCRIPTION

       This function will  verify  the  provided  data  against  the  signature  present  in  the
       SignedData  of  the  PKCS  7 structure. If the data provided are NULL then the data in the
       encapsulatedContent field will be used instead.

       Note that, unlike gnutls_pkcs7_verify() this function does not verify the key  purpose  of
       the  signer.  It  is  expected for the caller to verify the intended purpose of the signer
       -e.g., via gnutls_x509_crt_get_key_purpose_oid(), or gnutls_x509_crt_check_key_purpose().

       Note also, that since GnuTLS 3.5.6 this function introduces checks in the end  certificate
       ( signer ), including time checks and key usage checks.

RETURNS

       On  success,  GNUTLS_E_SUCCESS  (0)  is  returned,  otherwise  a  negative  error value. A
       verification error results to a GNUTLS_E_PK_SIG_VERIFY_FAILED and the lack of encapsulated
       data to verify to a GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.

SINCE

       3.4.2

REPORTING BUGS

       Report bugs to <bugs@gnutls.org>.
       Home page: https://www.gnutls.org

COPYRIGHT

       Copyright © 2001-2019 Free Software Foundation, Inc., and others.
       Copying  and distribution of this file, with or without modification, are permitted in any
       medium without royalty provided the copyright notice and this notice are preserved.

SEE ALSO

       The  full  documentation  for  gnutls  is  maintained  as  a  Texinfo  manual.    If   the
       /usr/share/doc/gnutls/ directory does not contain the HTML form visit

       https://www.gnutls.org/manual/