[gnutls-devel] gnutls_certificate_verify_peers* question

[Jaak Ristioja]

Hello!

If I use the gnutls_certificate_verify_peers2() or
gnutls_certificate_verify_peers3() functions in the callback set using
gnutls_certificate_set_verify_function(), do those functions also verify
that the peer has the private key corresponding to the public key in the
certificate, or is it done elsewhere outside of the callback?

The goal is to setup a connection, where both endpoints authenticate
only using their key pairs (i.e. give access iff peer has public key A;
ignoring any certification chain) and I'm wondering whether calling a
gnutls_certificate_verify_peers* function is needed at all.

Best regards,
Jaak