*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> CSSM_TP_CertRemoveFromCrlTemplate (3)              
Title
Content
Arch
Section
 

TP_CertRemoveFromCrlTemplate(3)

Contents


NAME    [Toc]    [Back]

       TP_CertRemoveFromCrlTemplate,   CSSM_TP_CertRemoveFromCrlTemplate
 - Determine if the revoking certificate group can
       remove the subject certificate group from the CRL template
       (CDSA)

SYNOPSIS    [Toc]    [Back]

       # include <cdsa/cssm.h>

       API: CSSM_RETURN CSSMAPI CSSM_TP_CertRemoveFromCrlTemplate
       (CSSM_TP_HANDLE    TPHandle,    CSSM_CL_HANDLE   CLHandle,
       CSSM_CSP_HANDLE  CSPHandle,  const  CSSM_DATA  *OldCrlTemplate,
  const  CSSM_CERTGROUP *CertGroupToBeRemoved, const
       CSSM_CERTGROUP   *RevokerCertGroup,   const   CSSM_TP_VERIFY_CONTEXT
   *RevokerVerifyContext,   CSSM_TP_VERIFY_CONTEXT_RESULT_PTR
 RevokerVerifyResult, CSSM_DATA_PTR NewCrlTemplate)
  SPI:  CSSM_RETURN CSSMTPI TP_CertRemoveFromCrlTemplate
 (CSSM_TP_HANDLE TPHandle,  CSSM_CL_HANDLE  CLHandle,
  CSSM_CSP_HANDLE  CSPHandle, const CSSM_DATA *OldCrlTemplate,
  const   CSSM_CERTGROUP   *CertGroupToBeRemoved,
       const CSSM_CERTGROUP *RevokerCertGroup, const CSSM_TP_VERIFY_CONTEXT
   *RevokerVerifyContext,   CSSM_TP_VERIFY_CONTEXT_RESULT_PTR
 RevokerVerifyResult, CSSM_DATA_PTR NewCrlTemplate)


LIBRARY    [Toc]    [Back]

       Common Security Services Manager library (libcssm.so)

PARAMETERS    [Toc]    [Back]

       The handle that describes the add-in trust  policy  module
       used  to perform this function.  The handle that describes
       the add-in certificate library module used to perform this
       function.   The  handle  that describes the add-in cryptographic
 service provider module used to perform this function.
   A pointer to the CSSM_DATA structure containing an
       existing certificate revocation list.  If  this  input  is
       NULL,  a  new  list  is created or the operation fails.  A
       group of one or more certificates to be removed  from  the
       the  CRL  template.   A  group of one or more certificates
       that partially or fully represent the revoking entity  for
       this  operation. The first certificate in the group is the
       target certificate representing the revoker.  The  use  of
       subsequent  certificates  is specific to the trust domain.
       A structure containing policy elements useful in verifying
       certificates and their use with respect to a security policy.
 Optional elements in the verify context left unspecified
  will  cause  the internal default values to be used.
       Default values are  specified  in  the  TP  module  vendor
       release  documents.   This  context  is used to verify the
       revoker certificate group.  A pointer to a structure  containing
 information generated during the verification process.
 The information can include:









              Evidence            .PP (output/optional)
              NumberOfEvidences   .PP (output/optional)
              A pointer to the CSSM_DATA structure containing the
              updated certificate revocation list. If the pointer
              is NULL, an error has occurred.

DESCRIPTION    [Toc]    [Back]

       The TP module determines whether the revoking  certificate
       group  can  remove  the subject certificate group from the
       CRL template.  The  revoker  certificate  group  is  first
       authenticated and its applicability to perform this operation
 is determined. Once the trust is established, the  TP
       removes the certificates from the CRL template.

RETURN VALUE    [Toc]    [Back]

       A  CSSM_RETURN  value  indicating  success or specifying a
       particular error condition. The  value  CSSM_OK  indicates
       success. All other values represent an error condition.

ERRORS    [Toc]    [Back]

       Errors  are described in the CDSA technical standard.  See
       CDSA_intro(3).      CSSMERR_TP_INVALID_CL_HANDLE      CSSMERR_TP_INVALID_CSP_HANDLE
  CSSMERR_TP_INVALID_CRL_POINTER
       CSSMERR_TP_INVALID_CRL   CSSMERR_TP_UNKNOWN_FORMAT    CSSMERR_TP_CRL_ALREADY_SIGNED
        CSSMERR_TP_INVALID_CERTGROUP_POINTER
      CSSMERR_TP_INVALID_CERTGROUP       CSSMERR_TP_INVALID_CERTIFICATE
 CSSMERR_TP_INVALID_ACTION CSSMERR_TP_INVALID_ACTION_DATA
                CSSMERR_TP_VERIFY_ACTION_FAILED
 CSSMERR_TP_INVALID_CRLGROUP_POINTER CSSMERR_TP_INVALID_CRLGROUP
  CSSMERR_TP_INVALID_CRL_AUTHORITY
       CSSMERR_TP_INVALID_CALLERAUTH_CONTEXT_POINTER         CSSMERR_TP_INVALID_POLICY_IDENTIFIERS
                    CSSMERR_TP_INVALID_TIMESTRING
 CSSMERR_TP_INVALID_STOP_ON_POLICY
            CSSMERR_TP_INVALID_CALLBACK            CSSMERR_TP_INVALID_ANCHOR_CERT
    CSSMERR_TP_CERTGROUP_INCOMPLETE
          CSSMERR_TP_INVALID_DL_HANDLE           CSSMERR_TP_INVALID_DB_HANDLE
                             CSSMERR_TP_INVALID_DB_LIST_POINTER
 CSSMERR_TP_INVALID_DB_LIST
       CSSMERR_TP_AUTHENTICATION_FAILED       CSSMERR_TP_INSUFFICIENT_CREDENTIALS
       CSSMERR_TP_NOT_TRUSTED        CSSMERR_TP_CERT_REVOKED
     CSSMERR_TP_CERT_SUSPENDED    CSSMERR_TP_CERT_EXPIRED
  CSSMERR_TP_CERT_NOT_VALID_YET   CSSMERR_TP_INVALID_CERT_AUTHORITY
   CSSMERR_TP_INVALID_SIGNATURE
      CSSMERR_TP_INVALID_NAME      CSSMERR_TP_CERTIFICATE_CANT_OPERATE


SEE ALSO    [Toc]    [Back]

      
      
       Books

       Intel    CDSA    Application    Developer's   Guide   (see
       CDSA_intro(3))

       Reference Pages    [Toc]    [Back]

       Functions for the CSSM API:

       CSSM_CL_CrlAddCert(3)

       Functions for the TP SPI:

       CL_CrlAddCert(3)



                                  TP_CertRemoveFromCrlTemplate(3)
[ Back ]
 Similar pages
Name OS Title
CSSM_TP_CertRevoke Tru64 Determine if the revoking certificate group can revoke the subject certificate group (CDSA)
TP_CertRevoke Tru64 Determine if the revoking certificate group can revoke the subject certificate group (CDSA)
CL_CertGroupToSignedBundle Tru64 Convert a certificate group to a certificate bundle (CDSA)
CSSM_CL_CertGroupToSignedBundle Tru64 Convert a certificate group to a certificate bundle (CDSA)
TP_CertGroupVerify Tru64 Determine if a certificate is trusted (CDSA)
CSSM_TP_CertGroupVerify Tru64 Determine if a certificate is trusted (CDSA)
CSSM_TP_CrlSign Tru64 Determine if signer certificate is trusted (CDSA)
CSSM_TP_CertSign Tru64 Determine if signer certificate is trusted (CDSA)
TP_CertSign Tru64 Determine if signer certificate is trusted (CDSA)
TP_CrlSign Tru64 Determine if signer certificate is trusted (CDSA)
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service