Provided by: gnutls-doc_3.0.11+really2.12.14-5ubuntu3_all bug


       gnutls_x509_crt_list_verify - API function


       #include <gnutls/x509.h>

       int gnutls_x509_crt_list_verify(const gnutls_x509_crt_t * cert_list, int cert_list_length,
       const gnutls_x509_crt_t * CA_list, int CA_list_length, const gnutls_x509_crl_t * CRL_list,
       int CRL_list_length, unsigned int flags, unsigned int * verify);


       const gnutls_x509_crt_t * cert_list
                   is the certificate list to be verified

       int cert_list_length
                   holds the number of certificate in cert_list

       const gnutls_x509_crt_t * CA_list
                   is the CA list which will be used in verification

       int CA_list_length
                   holds the number of CA certificate in CA_list

       const gnutls_x509_crl_t * CRL_list
                   holds a list of CRLs.

       int CRL_list_length
                   the length of CRL list.

       unsigned int flags
                   Flags  that  may  be  used to change the verification algorithm. Use OR of the
                   gnutls_certificate_verify_flags enumerations.

       unsigned int * verify
                   will hold the certificate verification output.


       This function will try to verify the given certificate list and return its status.  If  no
       flags  are  specified  (0),  this  function will use the basicConstraints ( PKIX
       extension. This means that only a certificate authority is allowed to sign a certificate.

       You must also check the peer's name in order to check if the verified certificate  belongs
       to the actual peer.

       The  certificate  verification output will be put in verify and will be one or more of the
       gnutls_certificate_status_t  enumerated  elements  bitwise  or'd.   For  a  more  detailed
       verification status use gnutls_x509_crt_verify() per list element.


       the certificate chain is not valid.


       a certificate in the chain has been revoked.


       On success, GNUTLS_E_SUCCESS is returned, otherwise a negative error value.


       Report       bugs       to       <>.        GnuTLS       home      page:     General     help     using      GNU      software:


       Copyright © 2008 Free Software Foundation.
       Copying  and distribution of this file, with or without modification, are permitted in any
       medium without royalty provided the copyright notice and this notice are preserved.


       The full documentation for gnutls is maintained as a Texinfo  manual.   If  the  info  and
       gnutls programs are properly installed at your site, the command

              info gnutls

       should give you access to the complete manual.