|
|
Library Description Errors | Parameters Return Value See Also |
API:CSSM_RETURN CSSMAPI CSSM_TP_ApplyCrlToDb(CSSM_TP_HANDLE TPHandle,CSSM_CL_HANDLE CLHandle,CSSM_CSP_HANDLE CSPHandle,const CSSM_ENCODED_CRL *CrlToBeApplied,const CSSM_CERTGROUP *SignerCertGroup,const CSSM_TP_VERIFY_CONTEXT *ApplyCrlVerifyContext,CSSM_TP_VERIFY_CONTEXT_RESULT_PTR ApplyCrlVerifyResult)SPI:CSSM_RETURN CSSMTPI TP_ApplyCrlToDb(CSSM_TP_HANDLE TPHandle,CSSM_CL_HANDLE CLHandle,CSSM_CSP_HANDLE CSPHandle,const CSSM_ENCODED_CRL *CrlToBeApplied,const CSSM_CERTGROUP *SignerCertGroup,const CSSM_TP_VERIFY_CONTEXT *ApplyCrlVerifyContext,CSSM_TP_VERIFY_CONTEXT_RESULT_PTR ApplyCrlVerifyResult)
cdsa$incssm300_shr.exe
)TPHandle (input) | ||||||
The handle that describes the add-in trust policymodule used to perform this function. | ||||||
CLHandle (input/optional) | ||||||
The handle that describes the add-in certificatelibrary module that can be used to manipulate the CRL as it is appliedto the data store and to manipulate the certificates effected bythe CRL, if required. If no certificate library module is specified,the TP module uses an assumed CL module, if required. | ||||||
CSPHandle (input/optional) | ||||||
The handle referencing a Cryptographic Service Providerto be used to verify signatures on the CRL determining whether totrust the CRL and apply it to the data store. The TP module is responsiblefor creating the cryptographic context structures required to perform theverification operation. If no CSP is specified, the TP module usesan assumed CSP to perform these operations. If optional, the callerwill set this value to 0. | ||||||
CrlToBeApplied (input) | ||||||
A pointer to a structure containing the encodedcertificate revocation list to be applied to the data store. TheCRL type and encoding are included in this structure. | ||||||
SignerCertGroup (input) | ||||||
A pointer to the CSSM_CERTGROUP structure containingone or more related certificates that partially or fully representthe signer of the certificate revocation list. The first certificatein the group is the target certificate representing the CRL signer.Use of subsequent certificates is specific to the trust domain.For example, in a hierarchical trust model, subsequent members areintermediate certificates of a certificate chain. | ||||||
ApplyCrlVerifyContext (input/optional) | ||||||
A structure containing credentials, policy information,and contextual information to be used in the verification process.All of the input values in the context are optional. The serviceprovider can define default values or can attempt to operate withoutinput for all the other fields of this input structure. The operationcan fail if a necessary input value is omitted and the service modulecan not define an appropriate default value. | ||||||
ApplyCrlVerifyResult (output/optional) | ||||||
A pointer to a structure containing informationgenerated during the verification process. The information can include:
|
CSSMERR_TP_INVALID_CL_HANDLECSSMERR_TP_INVALID_CSP_HANDLECSSMERR_TP_INVALID_CRL_TYPECSSMERR_TP_INVALID_CRL_ENCODINGCSSMERR_TP_INVALID_CRL_POINTERCSSMERR_TP_INVALID_CRLCSSMERR_TP_INVALID_CERTGROUP_POINTERCSSMERR_TP_INVALID_CERTGROUPCSSMERR_TP_INVALID_CERTIFICATECSSMERR_TP_INVALID_ACTIONCSSMERR_TP_INVALID_ACTION_DATACSSMERR_TP_VERIFY_ACTION_FAILEDCSSMERR_TP_INVALID_CRLGROUP_POINTERCSSMERR_TP_INVALID_CRLGROUPCSSMERR_TP_INVALID_CRL_AUTHORITYCSSMERR_TP_INVALID_CALLERAUTH_CONTEXT_POINTERCSSMERR_TP_INVALID_POLICY_IDENTIFIERSCSSMERR_TP_INVALID_TIMESTRINGCSSMERR_TP_INVALID_STOP_ON_POLICYCSSMERR_TP_INVALID_CALLBACKCSSMERR_TP_INVALID_ANCHOR_CERTCSSMERR_TP_CERTGROUP_INCOMPLETECSSMERR_TP_INVALID_DL_HANDLECSSMERR_TP_INVALID_DB_HANDLECSSMERR_TP_INVALID_DB_LIST_POINTERCSSMERR_TP_INVALID_DB_LISTCSSMERR_TP_AUTHENTICATION_FAILEDCSSMERR_TP_INSUFFICIENT_CREDENTIALSCSSMERR_TP_NOT_TRUSTEDCSSMERR_TP_CERT_REVOKEDCSSMERR_TP_CERT_SUSPENDEDCSSMERR_TP_CERT_EXPIREDCSSMERR_TP_CERT_NOT_VALID_YETCSSMERR_TP_INVALID_CERT_AUTHORITYCSSMERR_TP_INVALID_SIGNATURECSSMERR_TP_INVALID_NAMECSSMERR_TP_CERTIFICATE_CANT_OPERATE
Intel CDSA Application Developer's Guide
Functions for the CSSM API:
CSSM_CL_CrlGetFirstItem, CSSM_CL_CrlGetNextItem, CSSM_DL_CertRevoke
Functions for the TP SPI:
CL_CrlGetFirstItem, CL_CrlGetNextItem, DL_CertRevoke
|
|