NAME

       gnutls_ocsp_resp_verify_direct - API function

SYNOPSIS

       #include <gnutls/ocsp.h>

       int   gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_t  resp,  gnutls_x509_crt_t  issuer,
       unsigned int * verify, unsigned int flags);

ARGUMENTS

       gnutls_ocsp_resp_t resp
                   should contain a gnutls_ocsp_resp_t type

       gnutls_x509_crt_t issuer
                   certificate believed to have signed the response

       unsigned int * verify
                   output variable with verification status, an gnutls_ocsp_verify_reason_t

       unsigned int flags
                   verification flags from gnutls_certificate_verify_flags

DESCRIPTION

       Verify signature of the Basic  OCSP  Response  against  the  public  key  in  the   issuer
       certificate.

       The    output     verify   variable   will   hold   verification   status   codes   (e.g.,
       GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND, GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM) which are only
       valid if the function returned GNUTLS_E_SUCCESS.

       Note that the function returns GNUTLS_E_SUCCESS even when verification failed.  The caller
       must always inspect the  verify variable to find out the verification status.

       The  flags variable should be 0 for now.

RETURNS

       On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

REPORTING BUGS

       Report bugs to <bugs@gnutls.org>.
       Home page: http://www.gnutls.org

COPYRIGHT

       Copyright © 2001-2021 Free Software Foundation, Inc., and others.
       Copying and distribution of this file, with or without modification, are permitted in  any
       medium without royalty provided the copyright notice and this notice are preserved.

SEE ALSO

       The   full   documentation  for  gnutls  is  maintained  as  a  Texinfo  manual.   If  the
       /usr/share/doc/gnutls/ directory does not contain the HTML form visit

       http://www.gnutls.org/manual/