*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> TP_CertGroupPrune (3)              



NAME    [Toc]    [Back]

       TP_CertGroupPrune, CSSM_TP_CertGroupPrune - Remove locally
       issued anchor certificates (CDSA)

SYNOPSIS    [Toc]    [Back]

       # include <cdsa/cssm.h>

       API:    CSSM_RETURN     CSSMAPI     CSSM_TP_CertGroupPrune
       (CSSM_TP_HANDLE  TPHandle,  CSSM_CL_HANDLE CLHandle, const
       CSSM_DL_DB_LIST *DBList,  const  CSSM_CERTGROUP  *OrderedCertGroup,
   CSSM_CERTGROUP_PTR   *PrunedCertGroup)   SPI:
       TPHandle,  CSSM_CL_HANDLE  CLHandle, const CSSM_DL_DB_LIST
       *DBList,    const    CSSM_CERTGROUP     *OrderedCertGroup,
       CSSM_CERTGROUP_PTR *PrunedCertGroup)

LIBRARY    [Toc]    [Back]

       Common Security Services Manager library (libcssm.so)

PARAMETERS    [Toc]    [Back]

       The  handle  to  the  trust  policy module to perform this
       operation.  The handle to the certificate  library  module
       that  can  be  used  to manipulate and parse the certgroup
       certificates and the certificates in  the  specified  data
       stores. If no certificate library module is specified, the
       TP module uses an assumed CL module.   A  list  of  handle
       pairs  specifying a data storage library module and a data
       store, identifying certificate databases  containing  certificates
  (and  possibly other security objects) that are
       managed by that module. The data stores are  searched  for
       anchor  certificates restricted to have local scope. These
       certificates are candidates for removal from  the  subject
       certificate  group.   The initial complete set of semantically-related
 certificates - for example, the result of  a
       CSSM_TP_CertGroupConstruct()  (CSSM API), or TP_CertGroupConstruct()
 (TP SPI), call - from which certificates  will
       be  selectively removed.  A pointer to a certificate group
       containing those certificates which are verifiable credentials
  outside of the local system. The CSSM_CERTGROUP and
       its substructure is allocated by the service provider  and
       must be deallocated by the application.

DESCRIPTION    [Toc]    [Back]

       This  function  removes any locally issued anchor certificates
 from a  constructed  certificate  group.  The  prune
       operation  can  remove  those  certificates that have been
       signed by any local certificate authority, as it is possible
  that  these  certificates  will  not be meaningful on
       other systems.

       This operation can  also  remove  additional  certificates
       that can be added to the certificate group again using the
       CSSM_TP_CertGroupConstruct() (CSSM API), or  TP_CertGroupConstruct()
  (TP  SPI),  operation. The pruned certificate
       group  should  be  suitable   for   export   to   external
       hosts/entities,  which  can in turn reconstruct and verify
       the certificate group.

       The DBList parameter specifies a set of data  stores  containing
 certificates that should be pruned from the group.

RETURN VALUE    [Toc]    [Back]

       A CSSM_RETURN value indicating  success  or  specifying  a
       particular  error  condition.  The value CSSM_OK indicates
       success. All other values represent an error condition.

ERRORS    [Toc]    [Back]

       Errors are described in the CDSA technical standard.   See

SEE ALSO    [Toc]    [Back]


       Intel    CDSA    Application    Developer's   Guide   (see

       Reference Pages    [Toc]    [Back]

       Functions for the CSSM API:

       CSSM_TP_CertGroupConstruct(3), CSSM_TP_CertGroupVerify(3)

       Functions for the TP SPI:

       TP_CertGroupConstruct(3), TP_CertGroupVerify(3)

[ Back ]
 Similar pages
Name OS Title
CSSM_TP_CertReclaimAbort Tru64 Terminate the process of reclaiming certificates (CDSA)
TP_CertReclaimAbort Tru64 Terminate the process of reclaiming certificates (CDSA)
CSSM_Unintroduce Tru64 Remove module (CDSA)
DL_DataDelete Tru64 Remove data record (CDSA)
CSSM_DL_DataDelete Tru64 Remove data record (CDSA)
getanchor IRIX translate between strings and anchor positions
set_cdscp_confidence HP-UX Sets the confidence level of clerk calls issued as a result of CDS control program commands
certpatch OpenBSD add subjectAltName identities to X.509 certificates
SSL_CTX_load_verify_locations NetBSD set default locations for trusted CA certificates
SSL_CTX_load_verify_locations Tru64 Set default locations for trusted CA certificates
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service