Library /sys$common/syshlp/helplib.hlb  —  CDSA  CDSA_API, CL CrlVerify
 NAME

   CL_CrlVerify,
   CSSM_CL_CrlVerify - Verify a signed CRL has not been altered (CDSA)

 SYNOPSIS

   # include <cssm.h>

    API:
        CSSM_RETURN CSSMAPI CSSM_CL_CrlVerify
        (CSSM_CL_HANDLE CLHandle,
        CSSM_CC_HANDLE CCHandle,
        const CSSM_DATA *CrlToBeVerified,
        const CSSM_DATA *SignerCert,
        const CSSM_FIELD *VerifyScope,
        uint32 ScopeSize)

    SPI:
        CSSM_RETURN CSSMCLI CL_CrlVerify
        (CSSM_CL_HANDLE CLHandle,
        CSSM_CC_HANDLE CCHandle,
        const CSSM_DATA *CrlToBeVerified,
        const CSSM_DATA *SignerCert,
        const CSSM_FIELD *VerifyScope,
        uint32 ScopeSize)

 LIBRARY

   Common Security Services Manager library (CDSA$INCSSM300_SHR.EXE)

 PARAMETERS

   CLHandle (input)
           The handle that describes the add-in Certificate Library module
           used to perform this function.

   CCHandle (input/optional)
           The handle that describes the context of this cryptographic
           operation.

   CrlToBeVerified (input)
           A pointer to the CSSM_DATA structure containing the CRL to be
           verified.

   SignerCert (input/optional)
           A pointer to the CSSM_DATA structure containing the certificate
           used to sign the CRL.

   VerifyScope (input/optional)
           A pointer to the CSSM_FIELD array containing the tag/value pairs
           of the fields to be verified. If the verification scope is null,
           the Certificate Library module assumes that a default set of
           fields were used in the signing process and those same fields
           are used in the verification process.

   ScopeSize (input)
           The number of entries in the verify scope list. If the
           verification scope is not specified, the input value for
           scope size must be zero.

 DESCRIPTION

   This function verifies that the signed CRL has not been altered since
   it was signed by the designated signer. It does this by verifying the
   digital signature over the fields specified by the VerifyScope
   parameter.

 RETURN VALUE

   A CSSM_RETURN value indicating success or specifying a particular
   error condition. The value CSSM_OK indicates success. All other values
   represent an error condition.

 ERRORS

   Errors are described in the CDSA technical standard.  See CDSA.

        CSSMERR_CL_INVALID_CONTEXT_HANDLE
        CSSMERR_CL_INVALID_CERT_POINTER
        CSSMERR_CL_INVALID_CRL_POINTER
        CSSMERR_CL_UNKNOWN_FORMAT
        CSSMERR_CL_INVALID_FIELD_POINTER
        CSSMERR_CL_UNKNOWN_TAG
        CSSMERR_CL_INVALID_SCOPE
        CSSMERR_CL_INVALID_NUMBER_OF_FIELDS
        CSSMERR_CL_SCOPE_NOT_SUPPORTED
        CSSMERR_CL_VERIFICATION_FAILURE

 SEE ALSO

   Books

   Intel CDSA Application Developer's Guide (see CDSA)

   Other Help Topics

   Functions for the CSSM API:

       CSSM_CL_CrlSign

   Functions for the CLI SPI:

       CL_CrlSign
Close Help