CL_IsCertInCachedCrl(3)CL_IsCertInCachedCrl(3)NAME
CL_IsCertInCachedCrl, CSSM_CL_IsCertInCachedCrl - Search cached CRL for
a record (CDSA)
SYNOPSIS
# include <cdsa/cssm.h>
API: CSSM_RETURN CSSMAPI CSSM_CL_IsCertInCachedCrl (CSSM_CL_HANDLE
CLHandle, const CSSM_DATA *Cert, CSSM_HANDLE CrlHandle, CSSM_BOOL
*CertFound, CSSM_DATA_PTR CrlRecordIndex) SPI: CSSM_RETURN CSSMCLI
CL_IsCertInCachedCrl (CSSM_CL_HANDLE CLHandle, const CSSM_DATA *Cert,
CSSM_HANDLE CrlHandle, CSSM_BOOL *CertFound, CSSM_DATA_PTR Crl‐
RecordIndex)
LIBRARY
Common Security Services Manager library (libcssm.so)
PARAMETERS
The handle that describes the add-in Certificate Library module used to
perform this function. A pointer to the CSSM_DATA structure containing
an encoded, packed certificate. A handle identifying a CRL that the
application has temporarily cached with the Certificate Library module.
The referenced CRL is searched for a revocation record matching the
specified Cert. A pointer to a CSSM_BOOL indicating success or failure
in finding the specified certificate in the CRL. CSSM_TRUE signifies
that the certificate was found in the CRL. CSSM_FALSE indicates that
the certificate was not found in the CRL. A pointer to a CSSM_DATA
structure containing an index descriptor for direct access to the
located CRL record. CrlRecordIndex->Data is allocated by the service
provider and must be deallocated by the application.
DESCRIPTION
This function searches the cached CRL for a record corresponding to the
certificate. The result of the search is returned in CertFound. The CRL
and the records within the CRL must be digitally signed. This function
does not verify either signature. The caller should use CSSM_TP_CrlVer‐
ify() or CSSM_CL_CrlVerify() (or their SPI equivalents) before invoking
this function. Once the CRL has been verified, the caller can invoke
this function repeatedly without repeating the verification process.
If the certificate is found in the CRL, the CL module returns an index
descriptor CrlRecordIndex for use with other Certificate Library CRL
functions. The index provides more direct access to the selected CRL
record.
RETURN VALUE
A CSSM_RETURN value indicating success or specifying a particular error
condition. The value CSSM_OK indicates success. All other values repre‐
sent an error condition.
ERRORS
Errors are described in the CDSA technical standard. See
CDSA_intro(3). CSSMERR_CL_INVALID_CERT_POINTER CSSMERR_CL_UNKNOWN_FOR‐
MAT CSSMERR_CL_INVALID_CACHE_HANDLE
SEE ALSO
Books
Intel CDSA Application Developer's Guide (see CDSA_intro(3))
Reference Pages
Functions for the CSSM API:
CSSM_CL_CrlGetFirstCachedFieldValue(3), CSSM_CL_CrlGetNextCachedField‐
Value(3), CSSM_CL_CrlGetAllCachedRecordField(3), CSSM_CL_CrlCache(3),
CSSM_CL_CrlAbortCache(3)
Functions for the CLI SPI:
CL_CrlGetFirstCachedFieldValue(3), CL_CrlGetNextCachedFieldValue(3),
CL_CrlGetAllCachedRecordField(3), CL_CrlCache(3), CL_CrlAbortCache(3)CL_IsCertInCachedCrl(3)