gnutls_pkcs11_crt_is_known - API function

const char * url A PKCS 11 url identifying a token gnutls_x509_crt_t cert is the certificate to find issuer for unsigned int flags Use zero or flags from GNUTLS_PKCS11_OBJ_FLAG.

Copyright © 2001-2023 Free Software Foundation, Inc., and others. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.

This function will check whether the provided certificate is stored in the specified token. This is useful in combination with GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED or GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED, to check whether a CA is present or a certificate is distrusted in a trust PKCS 11 module. This function can be used with a url of "pkcs11:", and in that case all modules will be searched. To restrict the modules to the marked as trusted in p11-kit use the GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE flag. Note that the flag GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED is specific to p11-kit trust modules.

gnutls_pkcs11_crt_is_known - API function

Report bugs to <bugs@gnutls.org>. Home page: https://www.gnutls.org

If the certificate exists non-zero is returned, otherwise zero.

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit https://www.gnutls.org/manual/ gnutls 3.8.9 gnutls_pkcs11_crt_is_known(3)

3.3.0