pkc_revoke_certificate(3sec)

Synopsis

#include <pkc_certs.h>

unsigned32 pkc_revoke_certificate(

pkc_trust_list_t * trust_list,

const x500name & issued_by,

const asn_integer & serial_no,

utc_t * invalidate_from );

Parameters

Input

trust_list
Specifies trust list from which to revoke keys.

issued_by
Specifies issuer whose keys are to be revoked.

serial_no
Specifies serial number of key to revoke.

invalidate_from
Specifies time after which keys will be invalid.

Description

pkc_revoke_certificate(3sec) applies the specified revocation to the specified trust list (i.e. revokes a key and all dependent keys). If invalidate_from is NULL, the key is completely revoked; if a valid UTC time is provided, the key is revoked from that time on. The revocation is stored within the trust list, and any subsequent attempts to add the certificate will be rejected.

This routine is a C++ interface. C++ must be used to perform direct certificate manipulation.

See also the contents of the asn.h and x509.h header files, which define some of the basic types used by the low-level certificate manipulation routines.

Return Values

pkc_s_success
Operation successfully completed.

Errors

Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.

Related Information

Functions:
pkc_add_trusted_key(3sec)
pkc_check_cert_against_trustlist(3sec)
pkc_lookup_key_in_trustlist(3sec)
pkc_lookup_keys_in_trustlist(3sec)
pkc_revoke_certificates(3sec)

Classes:
pkc_ca_key_usage.class(3sec)
pkc_constraints.class(3sec)
pkc_generic_key_usage.class(3sec)
pkc_key_policies.class(3sec)
pkc_key_policy.class(3sec)
pkc_key_usage.class(3sec)
pkc_name_subord_constraint.class(3sec)
pkc_name_subord_constraints.class(3sec)
pkc_name_subtree_constraint.class(3sec)
pkc_name_subtree_constraints.class(3sec)
pkc_pending_revocation.class(3sec)
pkc_revocation.class(3sec)
pkc_revocation_list.class(3sec)
pkc_trust_list.class(3sec)
pkc_trust_list_element.class(3sec)
pkc_trusted_key.class(3sec)