gnutls_verify_stored_pubkey(3) — Linux manual page


gnutls_verify_stored_pubkey(3)   gnutls   gnutls_verify_stored_pubkey(3)

NAME         top

       gnutls_verify_stored_pubkey - API function

SYNOPSIS         top

       #include <gnutls/gnutls.h>

       int gnutls_verify_stored_pubkey(const char * db_name,
       gnutls_tdb_t tdb, const char * host, const char * service,
       gnutls_certificate_type_t cert_type, const gnutls_datum_t * cert,
       unsigned int flags);

ARGUMENTS         top

       const char * db_name
                   A file specifying the stored keys (use NULL for the

       gnutls_tdb_t tdb
                   A storage structure or NULL to use the default

       const char * host
                   The peer's name

       const char * service
                   non-NULL if this key is specific to a service (e.g.

       gnutls_certificate_type_t cert_type
                   The type of the certificate

       const gnutls_datum_t * cert
                   The raw (der) data of the certificate

       unsigned int flags
                   should be 0.

DESCRIPTION         top

       This function will try to verify a raw public-key or a public-key
       provided via a raw (DER-encoded) certificate using a list of
       stored public keys.  The  service field if non-NULL should be a
       port number.

       The  db_name variable if non-null specifies a custom backend for
       the retrieval of entries. If it is NULL then the default file
       backend will be used. In POSIX-like systems the file backend uses
       the $HOME/.gnutls/known_hosts file.

       Note that if the custom storage backend is provided the retrieval
       function should return GNUTLS_E_CERTIFICATE_KEY_MISMATCH if the
       host/service pair is found but key doesn't match,
       GNUTLS_E_NO_CERTIFICATE_FOUND if no such host/service with the
       given key is found, and 0 if it was found. The storage function
       should return 0 on success.

       As of GnuTLS 3.6.6 this function also verifies raw public keys.

RETURNS         top

       If no associated public key is found then
       GNUTLS_E_NO_CERTIFICATE_FOUND will be returned. If a key is found
       but does not match GNUTLS_E_CERTIFICATE_KEY_MISMATCH is returned.
       On success, GNUTLS_E_SUCCESS (0) is returned, or a negative error
       value on other errors.

SINCE         top


REPORTING BUGS         top

       Report bugs to <>.
       Home page:

COPYRIGHT         top

       Copyright © 2001- Free Software Foundation, Inc., and others.
       Copying and distribution of this file, with or without
       modification, are permitted in any medium without royalty
       provided the copyright notice and this notice are preserved.

SEE ALSO         top

       The full documentation for gnutls is maintained as a Texinfo
       manual.  If the /usr/share/doc/gnutls/ directory does not contain
       the HTML form visit 

COLOPHON         top

       This page is part of the GnuTLS (GnuTLS Transport Layer Security
       Library) project.  Information about the project can be found at
       ⟨⟩.  If you have a bug report for this
       manual page, send it to  This page was obtained
       from the tarball gnutls-3.8.0.tar.xz fetched from
       ⟨⟩ on 2023-06-23.  If you
       discover any rendering problems in this HTML version of the page,
       or you believe there is a better or more up-to-date source for
       the page, or you have corrections or improvements to the
       information in this COLOPHON (which is not part of the original
       manual page), send a mail to

gnutls                            3.8.0   gnutls_verify_stored_pubkey(3)