CSSM_TP_CertRevoke man page on OSF1

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
OSF1 logo
[printable version]

TP_CertRevoke(3)					      TP_CertRevoke(3)

NAME
       TP_CertRevoke,  CSSM_TP_CertRevoke - Determine if the revoking certifi‐
       cate group can revoke the subject certificate group (CDSA)

SYNOPSIS
       # include <cdsa/cssm.h>

       API: CSSM_RETURN CSSMAPI CSSM_TP_CertRevoke  (CSSM_TP_HANDLE  TPHandle,
       CSSM_CL_HANDLE  CLHandle,  CSSM_CSP_HANDLE  CSPHandle,  const CSSM_DATA
       *OldCrlTemplate,	 const	CSSM_CERTGROUP	*CertGroupToBeRevoked,	 const
       CSSM_CERTGROUP  *RevokerCertGroup, const CSSM_TP_VERIFY_CONTEXT *Revok‐
       erVerifyContext, CSSM_TP_VERIFY_CONTEXT_RESULT_PTR RevokerVerifyResult,
       CSSM_TP_CERTCHANGE_REASON  Reason,  CSSM_DATA_PTR  NewCrlTemplate) SPI:
       CSSM_RETURN    CSSMTPI	 TP_CertRevoke	  (CSSM_TP_HANDLE    TPHandle,
       CSSM_CL_HANDLE  CLHandle,  CSSM_CSP_HANDLE  CSPHandle,  const CSSM_DATA
       *OldCrlTemplate,	 const	CSSM_CERTGROUP	*CertGroupToBeRevoked,	 const
       CSSM_CERTGROUP  *RevokerCertGroup, const CSSM_TP_VERIFY_CONTEXT *Revok‐
       erVerifyContext, CSSM_TP_VERIFY_CONTEXT_RESULT_PTR RevokerVerifyResult,
       CSSM_TP_CERTCHANGE_REASON Reason, CSSM_DATA_PTR NewCrlTemplate)

LIBRARY
       Common Security Services Manager library (libcssm.so)

PARAMETERS
       The  handle  that describes the add-in trust policy module used to per‐
       form this function.  The handle that describes the  add-in  certificate
       library	module	used  to  perform  this	 function.   The  handle  that
       describes the add-in cryptographic service provider module used to per‐
       form this function.  A pointer to the CSSM_DATA structure containing an
       existing certificate revocation list. If this input is NULL, a new list
       is created or the operation fails.  A group of one or more certificates
       that partially or fully represent the certificate to be revoked by this
       operation.  The	first  certificate in the group is the target certifi‐
       cate. The use of subsequent  certificates  is  specific	to  the	 trust
       domain.	For  example, in a hierarchical trust model subsequent members
       are intermediate certificates of a certificate chain.  A group  of  one
       or  more	 certificates  that  partially or fully represent the revoking
       entity for this operation. The first certificate in the	group  is  the
       target certificate representing the revoker. The use of subsequent cer‐
       tificates is specific to the trust domain.  A structure containing pol‐
       icy  elements  useful  in  verifying  certificates  and	their use with
       respect to a security policy. Optional elements in the  verify  context
       left  unspecified  will	cause  the internal default values to be used.
       Default values are specified in the TP module vendor release documents.
       This  context  is  used	to  verify  the	 revoker certificate group.  A
       pointer to a structure containing information generated during the ver‐
       ification process. The information can include:

	      Evidence		  .PP (output/optional)
	      NumberOfEvidences	  .PP (output/optional)
	      The  reason  for revoking the subject certificate.  A pointer to
	      the CSSM_DATA structure containing the updated certificate revo‐
	      cation list. If the pointer is NULL, an error has occurred.

DESCRIPTION
       The  TP	module	determines  whether the revoking certificate group can
       revoke the subject certificate group. The revoker certificate group  is
       first  authenticated and its applicability to perform this operation is
       determined.  Once the trust is established, the TP revokes the  subject
       certificate by adding it to the certificate revocation list.

RETURN VALUE
       A CSSM_RETURN value indicating success or specifying a particular error
       condition. The value CSSM_OK indicates success. All other values repre‐
       sent an error condition.

ERRORS
       Errors	are   described	  in   the   CDSA   technical  standard.   See
       CDSA_intro(3).		  CSSMERR_TP_INVALID_CL_HANDLE		  CSS‐
       MERR_TP_INVALID_CSP_HANDLE      CSSMERR_TP_INVALID_CRL_POINTER	  CSS‐
       MERR_TP_INVALID_CRL	     CSSMERR_TP_UNKNOWN_FORMAT		  CSS‐
       MERR_TP_CRL_ALREADY_SIGNED   CSSMERR_TP_INVALID_CERTGROUP_POINTER  CSS‐
       MERR_TP_INVALID_CERTGROUP      CSSMERR_TP_INVALID_CERTIFICATE	  CSS‐
       MERR_TP_INVALID_ACTION  CSSMERR_TP_INVALID_ACTION_DATA  CSSMERR_TP_VER‐
       IFY_ACTION_FAILED       CSSMERR_TP_INVALID_CRLGROUP_POINTER	  CSS‐
       MERR_TP_INVALID_CRLGROUP	     CSSMERR_TP_INVALID_CRL_AUTHORITY	  CSS‐
       MERR_TP_INVALID_CALLERAUTH_CONTEXT_POINTER      CSSMERR_TP_INVALID_POL‐
       ICY_IDENTIFIERS		  CSSMERR_TP_INVALID_TIMESTRING		  CSS‐
       MERR_TP_INVALID_STOP_ON_POLICY	  CSSMERR_TP_INVALID_CALLBACK	  CSS‐
       MERR_TP_INVALID_ANCHOR_CERT     CSSMERR_TP_CERTGROUP_INCOMPLETE	  CSS‐
       MERR_TP_INVALID_DL_HANDLE       CSSMERR_TP_INVALID_DB_HANDLE	  CSS‐
       MERR_TP_INVALID_DB_LIST_POINTER	   CSSMERR_TP_INVALID_DB_LIST	  CSS‐
       MERR_TP_AUTHENTICATION_FAILED CSSMERR_TP_INSUFFICIENT_CREDENTIALS  CSS‐
       MERR_TP_NOT_TRUSTED  CSSMERR_TP_CERT_REVOKED  CSSMERR_TP_CERT_SUSPENDED
       CSSMERR_TP_CERT_EXPIRED	     CSSMERR_TP_CERT_NOT_VALID_YET	  CSS‐
       MERR_TP_INVALID_CERT_AUTHORITY	  CSSMERR_TP_INVALID_SIGNATURE	  CSS‐
       MERR_TP_INVALID_NAME	 CSSMERR_TP_CERTIFICATE_CANT_OPERATE	  CSS‐
       MERR_TP_INVALID_REASON

SEE ALSO
       Books

       Intel CDSA Application Developer's Guide (see CDSA_intro(3))

       Reference Pages

       Functions for the CSSM API:

       CSSM_CL_CrlAddCert(3)

       Functions for the TP SPI:

       CL_CrlAddCert(3)

							      TP_CertRevoke(3)
[top]
                             _         _         _ 
                            | |       | |       | |     
                            | |       | |       | |     
                         __ | | __ __ | | __ __ | | __  
                         \ \| |/ / \ \| |/ / \ \| |/ /  
                          \ \ / /   \ \ / /   \ \ / /   
                           \   /     \   /     \   /    
                            \_/       \_/       \_/ 
More information is available in HTML format for server OSF1

List of man pages available for OSF1

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net