*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> CSSM_CL_CertGroupFromVerifiedBundle (3)              




NAME    [Toc]    [Back]

       CL_CertGroupFromVerifiedBundle, CSSM_CL_CertGroupFromVerifiedBundle
 - Verify the signature of a bundle (CDSA)

SYNOPSIS    [Toc]    [Back]

       # include <cdsa/cssm.h>

       API: CSSM_RETURN CSSMAPI CSSM_CL_CertGroupFromVerifiedBundle
       const CSSM_CERT_BUNDLE *CertBundle, const CSSM_DATA *SignerCert,
       CSSMCLI   CL_CertGroupFromVerifiedBundle   (CSSM_CL_HANDLE
       CLHandle,  CSSM_CC_HANDLE CCHandle, const CSSM_CERT_BUNDLE
       *CertBundle,  const  CSSM_DATA   *SignerCert,   CSSM_CERTGROUP_PTR

LIBRARY    [Toc]    [Back]

       Common Security Services Manager library (libcssm.so)

PARAMETERS    [Toc]    [Back]

       The  handle  that describes the add-in certificate library
       module used to perform this function.  The handle  of  the
       cryptographic  context  to control the verification operation.
  A structure containing a  reference  to  a  signed,
       encoded  bundle  of certificates and to descriptors of the
       type and encoding of the bundle.  The bundled certificates
       are  to  be  separated  into  a certificate group (list of
       individual encoded certificates). If the bundle  type  and
       bundle encoding are not specified, the add-in module might
       either attempt to decode the  bundle  assuming  a  default
       type and encoding or might immediately fail.  The certificate
 to be used to verify the signature on the certificate
       bundle.   If  the  bundle  is signed but this field is not
       specified, then the module will assume a default  certificate
  for  verification.   A  pointer  to  the certificate
       group, represented as an array of individual, encoded certificates.
  The  certificate group and CSSM_CERTGROUP substructures
 are allocated by the serivce provider and  must
       be  deallocated by the application. The group contains all
       certificates contained in the certificate bundle.

DESCRIPTION    [Toc]    [Back]

       This function accepts as input  a  certificate  bundle  (a
       codified and signed aggregation of the certificates in the
       group), verifies the signature of the bundle (if a  signature
  is  present), and returns a certificate group (as an
       array of individual certificates) including every certificate
  contained  in  the bundle. The signature on the certificate
 aggregate is  verified  using  the  cryptographic
       context  and  possibly using the input signer certificate.
       The CL module embeds the  knowledge  of  the  verification
       scope for the bundle types that it supports. A CL module's
       supported bundle types  and  encodings  are  available  to
       applications  by  querying the CSSM registry. The type and
       encoding of the certificate bundle must be specified  with
       the  input  bundle.  If signature verification is successful,
 the certificate aggregate will be parsed into a  certificate
  group whose order corresponds to the certificate
       aggregate ordering. This certificate group  will  then  be
       returned to the calling application.

RETURN VALUE    [Toc]    [Back]

       A  CSSM_RETURN  value  indicating  success or specifying a
       particular error condition. The  value  CSSM_OK  indicates
       success. All other values represent an error condition.

ERRORS    [Toc]    [Back]

       Errors  are described in the CDSA technical standard.  See

SEE ALSO    [Toc]    [Back]


       Intel   CDSA   Application    Developer's    Guide    (see

       Reference Pages    [Toc]    [Back]

       Functions for the CSSM API:

[ Back ]
 Similar pages
Name OS Title
CL_CertGroupToSignedBundle Tru64 Convert a certificate group to a certificate bundle (CDSA)
CSSM_CL_CertGroupToSignedBundle Tru64 Convert a certificate group to a certificate bundle (CDSA)
CL_CertVerifyWithKey Tru64 Verify with a key (CDSA)
CSSM_CL_CertVerifyWithKey Tru64 Verify with a key (CDSA)
CL_CrlVerifyWithKey Tru64 Verify a CRL with a specific key (CDSA)
CSSM_CL_CrlVerifyWithKey Tru64 Verify a CRL with a specific key (CDSA)
CSSM_CL_CrlVerify Tru64 Verify a signed CRL has not been altered (CDSA)
CL_CrlVerify Tru64 Verify a signed CRL has not been altered (CDSA)
CSSM_CL_CertVerify Tru64 Verify a signed certificate (CDSA)
Initialize Tru64 Verify module version (CDSA)
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service