CSSM_CL_CrlSign man page on DigitalUNIX

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version]

CL_CrlSign(3)							 CL_CrlSign(3)

NAME
       CL_CrlSign, CSSM_CL_CrlSign, CL_CrlSign - Sign a CRL (CDSA)

SYNOPSIS
       # include <cdsa/cssm.h>

       API:  CSSM_RETURN  CSSMAPI  CSSM_CL_CrlSign  (CSSM_CL_HANDLE  CLHandle,
       CSSM_CC_HANDLE CCHandle, const CSSM_DATA *UnsignedCrl, const CSSM_FIELD
       *SignScope, uint32 ScopeSize, CSSM_DATA_PTR SignedCrl) SPI: CSSM_RETURN
       CSSMCLI CL_CrlSign (CSSM_CL_HANDLE CLHandle,  CSSM_CC_HANDLE  CCHandle,
       const  CSSM_DATA	 *UnsignedCrl,	const  CSSM_FIELD  *SignScope,	uint32
       ScopeSize, CSSM_DATA_PTR SignedCrl)

LIBRARY
       Common Security Services Manager library (libcssm.so)

PARAMETERS
       The handle that describes the add-in Certificate Library module used to
       perform	this  function.	 The handle that describes the context of this
       cryptographic operation.	 A pointer to the CSSM_DATA structure contain‐
       ing the CRL to be signed.  A pointer to the CSSM_FIELD array containing
       the tag/value pairs of the fields to be signed. If the signing scope is
       null,  the  Certificate	Library	 module	 includes a default set of CRL
       fields in the signing process.  The number of entries in the sign scope
       list.  If the signing scope is not specified, the input scope size must
       be zero.	 A pointer to the CSSM_DATA structure  containing  the	signed
       CRL.  The SignedCrl->Data is allocated by the service provider and must
       be deallocated by the application.

DESCRIPTION
       This function signs a CRL using the private key and  signing  algorithm
       specified  in  the  CCHandle parameter. The result is a signed, encoded
       certificate revocation list in SignedCrl. The unsigned CRL is specified
       in  the	input  UnsignedCrl.  The  UnsignedCrl is constructed using the
       CSSM_CL_CrlCreateTemplate(),  CSSM_CL_CrlSetFields(),   CSSM_CL_CrlAdd‐
       Cert(),	and  CSSM_CL_CrlRemoveCert()  functions (for the CSSM API), or
       their CL SPI equivalents.

       The CCHandle must be context created using the  function	 CSSM_CSP_Cre‐
       ateSignatureContext()   (CSSM   API),  or  CSP_CreateSignatureContext()
       (SPI). The context must specify	the  Cryptographic  Services  Provider
       module, the signing algorithm, and the signing key that must be used to
       perform this operation. The context must also provide the passphrase or
       a callback function to obtain the passphrase required to access and use
       the private key.

       The fields included in the signing operation are identified by the OIDs
       in the optional SignScope array.

       Once  the  CRL  has  been signed it cannot be modified. This means that
       entries cannot be added or removed from the CRL through application  of
       the   CSSM_CL_CrlAddCert()  or  CSSM_CL_CrlRemoveCertCSSM_CL_CrlRemove‐
       Cert() (or their CL SPI equivalent operations. A signed CRL can be ver‐
       ified, applied to a data store, and searched for values.

       The  memory  for the SignedCrl->Data output is allocated by the service
       provider using the calling application's	 memory	 management  routines.
       The application must deallocate the memory.

RETURN VALUE
       A CSSM_RETURN value indicating success or specifying a particular error
       condition. The value CSSM_OK indicates success. All other values repre‐
       sent an error condition.

ERRORS
       Errors	are   described	  in   the   CDSA   technical  standard.   See
       CDSA_intro(3).	       CSSMERR_CL_INVALID_CONTEXT_HANDLE	  CSS‐
       MERR_CL_INVALID_CRL_POINTER	  CSSMERR_CL_UNKNOWN_FORMAT	  CSS‐
       MERR_CL_INVALID_FIELD_POINTER	    CSSMERR_CL_UNKNOWN_TAG	  CSS‐
       MERR_CL_INVALID_SCOPE	    CSSMERR_CL_SCOPE_NOT_SUPPORTED	  CSS‐
       MERR_CL_INVALID_NUMBER_OF_FIELDS CSSMERR_CL_CRL_ALREADY_SIGNED

SEE ALSO
       Books

       Intel CDSA Application Developer's Guide (see CDSA_intro(3))

       Reference Pages

       Functions for the CSSM API:

       Functions: CSSM_CL_CrlVerify(3), CSSM_CL_CrlVerifyWithKey(3)

       Functions for the CLI SPI:

       CL_CrlVerify(3), CL_CrlVerifyWithKey(3)

								 CL_CrlSign(3)
[top]

List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net