Index Index for
Section 3
Index Alphabetical
listing for C
Bottom of page Bottom of
page		 

CL_IsCertInCachedCrl(3)


NAME

  CL_IsCertInCachedCrl, CSSM_CL_IsCertInCachedCrl - Search cached CRL for a
  record (CDSA)


SYNOPSIS

  # include <cdsa/cssm.h>

       API:
       CSSM_RETURN CSSMAPI CSSM_CL_IsCertInCachedCrl
       (CSSM_CL_HANDLE CLHandle,
       const CSSM_DATA *Cert,
       CSSM_HANDLE CrlHandle,
       CSSM_BOOL *CertFound,
       CSSM_DATA_PTR CrlRecordIndex)
       SPI:
       CSSM_RETURN CSSMCLI CL_IsCertInCachedCrl
       (CSSM_CL_HANDLE CLHandle,
       const CSSM_DATA *Cert,
       CSSM_HANDLE CrlHandle,
       CSSM_BOOL *CertFound,
       CSSM_DATA_PTR CrlRecordIndex)


LIBRARY

  Common Security Services Manager library (libcssm.so)


PARAMETERS

  CLHandle (input)
	  The handle that describes the add-in Certificate Library module
	  used to perform this function.

  Cert (input)
	  A pointer to the CSSM_DATA structure containing an encoded, packed
	  certificate.

  CrlHandle (input)
	  A handle identifying a CRL that the application has temporarily
	  cached with the Certificate Library module. The referenced CRL is
	  searched for a revocation record matching the specified Cert.

  CertFound (output)
	  A pointer to a CSSM_BOOL indicating success or failure in finding
	  the specified certificate in the CRL. CSSM_TRUE signifies that the
	  certificate was found in the CRL. CSSM_FALSE indicates that the
	  certificate was not found in the CRL.

  CrlRecordIndex (output)
	  A pointer to a CSSM_DATA structure containing an index descriptor
	  for direct access to the located CRL record.	CrlRecordIndex->Data
	  is allocated by the service provider and must be deallocated by the
	  application.


DESCRIPTION

  This function searches the cached CRL for a record corresponding to the
  certificate. The result of the search is returned in CertFound. The CRL and
  the records within the CRL must be digitally signed.	This function does
  not verify either signature. The caller should use CSSM_TP_CrlVerify() or
  CSSM_CL_CrlVerify() (or their SPI equivalents) before invoking this
  function. Once the CRL has been verified, the caller can invoke this
  function repeatedly without repeating the verification process.

  If the certificate is found in the CRL, the CL module returns an index
  descriptor CrlRecordIndex for use with other Certificate Library CRL
  functions. The index provides more direct access to the selected CRL
  record.


RETURN VALUE

  A CSSM_RETURN value indicating success or specifying a particular error
  condition. The value CSSM_OK indicates success. All other values represent
  an error condition.


ERRORS

  Errors are described in the CDSA technical standard.	See CDSA_intro(3).

       CSSMERR_CL_INVALID_CERT_POINTER
       CSSMERR_CL_UNKNOWN_FORMAT
       CSSMERR_CL_INVALID_CACHE_HANDLE


SEE ALSO

  Books

  Intel CDSA Application Developer's Guide (see CDSA_intro(3))

  Reference Pages

  Functions for the CSSM API:

  CSSM_CL_CrlGetFirstCachedFieldValue(3),
  CSSM_CL_CrlGetNextCachedFieldValue(3),
  CSSM_CL_CrlGetAllCachedRecordField(3), CSSM_CL_CrlCache(3),
  CSSM_CL_CrlAbortCache(3)

  Functions for the CLI SPI:

  CL_CrlGetFirstCachedFieldValue(3), CL_CrlGetNextCachedFieldValue(3),
  CL_CrlGetAllCachedRecordField(3), CL_CrlCache(3), CL_CrlAbortCache(3)

Index Index for
Section 3
Index Alphabetical
listing for C
Top of page Top of
page