CSSM_CL_CrlSign
CSSM_DATA_PTR CSSMAPI CSSM_CL_CrlSign
(CSSM_CL_HANDLE CLHandle,
CSSM_CC_HANDLE CCHandle,
const CSSM_DATA_PTR UnsignedCrl,
const CSSM_DATA_PTR SignerCert,
const CSSM_FIELD_PTR SignScope,
uint32 ScopeSize)
This function signs, in accordance with the specified cryptographic context, the fields of the CRL indicated in the SignScope parameter. Once the CRL has been signed it may not be modified. This means that entries cannot be added or removed from the CRL through application of the CSSM_CL_CrlAddCert or CSSM_CL_CrlRemoveCert operations. A signed CRL can be verified, applied to a data store, and searched for values.
- CLHandle (input)
The handle that describes the add-in certificate library module used to perform this function.
- CCHandle (input)
The handle that describes the context of this cryptographic operation.
- UnsignedCrl (input)
A pointer to the CSSM_DATA structure containing the CRL to be signed.
- SignerCert (input)
A pointer to the CSSM_DATA structure containing the certificate to be used to sign the CRL.
- SignScope (input/optional)
A pointer to the CSSM_FIELD array containing the tag/value pairs of the fields to be signed. If the signing scope is null, the certificate library module includes a default set of CRL fields in the signing process.
- ScopeSize (input)
The number of entries in the sign scope list. If the signing scope is not specified, the input scope size must be zero.
A pointer to the CSSM_DATA structure containing the signed CRL. If the pointer is NULL, an error has occurred. Use CSSM_GetError to obtain the error code.
- CSSM_CL_INVALID_CL_HANDLE
Invalid CL handle.
- CSSM_CL_INVALID_CC_HANDLE
Invalid Context Handle.
- CSSM_CL_INVALID_CERTIFICATE_PTR
Invalid Certificate.
- CSSM_CL_INVALID_CRL_PTR
Invalid CRL pointer.
- CSSM_CL_INVALID_SCOPE
Signing scope is invalid.
- CSSM_CL_MEMORY_ERROR
Not enough memory to allocate the CRL.
- CSSM_CL_CRL_SIGN_FAIL
Unable to sign CRL.
CSSM_CL_CrlVerify
Contents | Next section | Index |