Adding dane_verify_crt_raw to allow direct verification of a certificate chain against a dane_query_t (for example, as provided by the new dane_raw_tlsa).

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
author: Christian Grothoff <christian@grothoff.org> 2013-10-21 18:15:57 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2013-10-21 19:48:01 +0200
commit: 4c45e35790f50818d1179ee4443e77e16424f5dc (patch)
tree: 6b2783debb34d6e37fc8548022aa85bf3ea3cf53 /libdane/includes
parent: b4ece0d57c1a41bf059b1c822b8c23030145ecd7 (diff)
download: gnutls-4c45e35790f50818d1179ee4443e77e16424f5dc.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/libdane/includes/gnutls/dane.h b/libdane/includes/gnutls/dane.h
index 3b0bbf63b9..21413ea14c 100644
--- a/libdane/includes/gnutls/dane.h
+++ b/libdane/includes/gnutls/dane.h
@@ -161,6 +161,13 @@ int
 dane_verification_status_print (unsigned int status,
                        gnutls_datum_t * out, unsigned int flags);
 
+int dane_verify_crt_raw (dane_state_t s,
+	const gnutls_datum_t *chain, unsigned chain_size,
+	gnutls_certificate_type_t chain_type,
+        dane_query_t r,
+	unsigned int sflags, unsigned int vflags,
+        unsigned int *verify);
+
 int dane_verify_crt (dane_state_t s,
 	const gnutls_datum_t *chain, unsigned chain_size,
 	gnutls_certificate_type_t chain_type,
author	Christian Grothoff <christian@grothoff.org>	2013-10-21 18:15:57 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2013-10-21 19:48:01 +0200
commit	4c45e35790f50818d1179ee4443e77e16424f5dc (patch)
tree	6b2783debb34d6e37fc8548022aa85bf3ea3cf53 /libdane/includes
parent	b4ece0d57c1a41bf059b1c822b8c23030145ecd7 (diff)
download	gnutls-4c45e35790f50818d1179ee4443e77e16424f5dc.tar.gz