CL_CrlVerify
CSSM_BOOL CSSMCLI CL_CrlVerify
(CSSM_CL_HANDLE CLHandle,
CSSM_CC_HANDLE CCHandle,
const CSSM_DATA_PTR CrlToBeVerified,
const CSSM_DATA_PTR SignerCert,
const CSSM_FIELD_PTR VerifyScope,
uint32 ScopeSize)
This function verifies that the signed CRL has not been altered since it was signed by the designated signer. It does this by verifying the digital signature over the fields specified by the VerifyScope parameter.
- CLHandle (input)
The handle that describes the add-in certificate library module used to perform this function.
- CCHandle (input)
The handle that describes the context of this cryptographic operation.
- CrlToBeVerified (input)
A pointer to the CSSM_DATA structure containing the CRL to be verified.
- SignerCert (input)
A pointer to the CSSM_DATA structure containing the certificate used to sign the CRL.
- VerifyScope (input)
A pointer to the CSSM_FIELD array containing the tag/value pairs of the fields to be verified. A null input verifies all the fields in the CRL.
- ScopeSize (input)
The number of entries in the verify scope list.
A CSSM_TRUE return value signifies that the certificate revocation list verifies successfully. When CSSM_FALSE is returned, either the CRL verified unsuccessfully or an error has occurred. Use CSSM_GetError to obtain the error code.
- CSSM_CL_INVALID_CL_HANDLE
Invalid CL handle.
- CSSM_CL_INVALID_CC_HANDLE
Invalid Context Handle.
- CSSM_CL_INVALID_CERTIFICATE_PTR
Invalid Certificate.
- CSSM_CL_INVALID_CRL_PTR
Invalid CRL pointer.
- CSSM_CL_INVALID_SCOPE_PTR
VerifyScope pointer is invalid.
- CSSM_CL_MEMORY_ERROR
Not enough memory to allocate the CRL.
- CSSM_CL_CRL_VERIFY_FAIL
Unable to verify CRL.
CL_CrlSign
| Contents | Next section | Index |