const char * db_name
A file specifying the stored keys (use NULL for the
A storage structure or NULL to use the default
const char * host
The peer's name
const char * service
non-NULL if this key is specific to a service (e.g.
The type of the certificate
const gnutls_datum_t * cert
The raw (der) data of the certificate
unsigned int flags
should be 0.
This function will try to verify a raw public-key or a public-key
provided via a raw (DER-encoded) certificate using a list of
stored public keys. The service field if non-NULL should be a
The db_name variable if non-null specifies a custom backend for
the retrieval of entries. If it is NULL then the default file
backend will be used. In POSIX-like systems the file backend uses
the $HOME/.gnutls/known_hosts file.
Note that if the custom storage backend is provided the retrieval
function should return GNUTLS_E_CERTIFICATE_KEY_MISMATCH if the
host/service pair is found but key doesn't match,
GNUTLS_E_NO_CERTIFICATE_FOUND if no such host/service with the
given key is found, and 0 if it was found. The storage function
should return 0 on success.
As of GnuTLS 3.6.6 this function also verifies raw public keys.
If no associated public key is found then
GNUTLS_E_NO_CERTIFICATE_FOUND will be returned. If a key is found
but does not match GNUTLS_E_CERTIFICATE_KEY_MISMATCH is returned.
On success, GNUTLS_E_SUCCESS (0) is returned, or a negative error
value on other errors.
This page is part of the GnuTLS (GnuTLS Transport Layer Security
Library) project. Information about the project can be found at
⟨http://www.gnutls.org/⟩. If you have a bug report for this
manual page, send it to email@example.com. This page was obtained
from the tarball gnutls-3.8.0.tar.xz fetched from
⟨http://www.gnutls.org/download.html⟩ on 2023-06-23. If you
discover any rendering problems in this HTML version of the page,
or you believe there is a better or more up-to-date source for
the page, or you have corrections or improvements to the
information in this COLOPHON (which is not part of the original
manual page), send a mail to firstname.lastname@example.org
gnutls 3.8.0 gnutls_verify_stored_pubkey(3)