pkc_check_cert_against_trustlist(3sec)

Synopsis

#include <pkc_certs.h>

unsigned32 pkc_check_cert_against_trustlist(

pkc_trust_list_t * trust_list,

const Certificate * cert,

int revoked_certs_permitted);

Parameters

Input

trust_list
Specifies list of trusted keys to check certificate against.

cert
Specifies certificate to check.

revoked_certs_permitted
Specifies whether revoked certificates should still be trusted for dates prior to their revocation date.

Description

pkc_check_cert_against_trustlist(3sec) checks the specified certificate against the specified list of trusted keys. If the certificate is valid and can be verified from the trust list, its content is added to the trust list. revoked_certs_permitted is a flag that specifies whether revoked certificates should still be trusted for dates prior to their revocation date.

This routine is a C++ interface. C++ must be used to perform direct certificate manipulation.

See also the contents of the asn.h and x509.h header files, which define some of the basic types used by the low-level certificate manipulation routines.

Return Values

pkc_s_success
Operation successfully completed.

Errors

Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.

Related Information

Functions:
pkc_add_trusted_key(3sec)
pkc_lookup_key_in_trustlist(3sec)
pkc_lookup_keys_in_trustlist(3sec)
pkc_revoke_certificate(3sec)
pkc_revoke_certificates(3sec)

Classes:
pkc_ca_key_usage.class(3sec)
pkc_constraints.class(3sec)
pkc_generic_key_usage.class(3sec)
pkc_key_policies.class(3sec)
pkc_key_policy.class(3sec)
pkc_key_usage.class(3sec)
pkc_name_subord_constraint.class(3sec)
pkc_name_subord_constraints.class(3sec)
pkc_name_subtree_constraint.class(3sec)
pkc_name_subtree_constraints.class(3sec)
pkc_pending_revocation.class(3sec)
pkc_revocation.class(3sec)
pkc_revocation_list.class(3sec)
pkc_trust_list.class(3sec)
pkc_trust_list_element.class(3sec)
pkc_trusted_key.class(3sec)