gnutls_sign_set_secure - Man Page

API function

Synopsis

#include <gnutls/gnutls.h>

int gnutls_sign_set_secure(gnutls_sign_algorithm_t sign, unsigned int secure);

Arguments

gnutls_sign_algorithm_t sign

the sign algorithm

unsigned int secure

whether to mark the sign algorithm secure

Description

Modify the previous system wide setting that marked  sign as secure or insecure.  Calling this function is allowed only if allowlisting mode is set in the configuration file, and only if the system-wide TLS priority string has not been initialized yet. The intended usage is to provide applications with a way to expressly deviate from the distribution or site defaults inherited from the configuration file. The modification is composable with further modifications performed through the priority string mechanism.

This function is not thread-safe and is intended to be called in the main thread at the beginning of the process execution.

Even when  secure is true,  sign is not marked as secure for the use in certificates.  Use gnutls_sign_set_secure_for_certs() to mark it secure as well for certificates.

Returns

0 on success or negative error code otherwise.

Since

3.7.3

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

https://www.gnutls.org/manual/

Info

3.8.7 gnutls