CSSM_TP_CertGroupVerify

Description

This function verifies a certificate chain, based on the Certificate Authorities and SITE certificates that are contained within the key ring.

Format

CSSM_BOOL CSSMAPI CSSM_TP_CertGroupVerify
     (CSSM_TP_HANDLE TPHandle,
      CSSM_CL_HANDLE CLHandle,
      CSSM_DL_DB_LIST_PTR DBList,
      CSSM_CSP_HANDLE CSPHandle,
      const CSSM_FIELD_PTR PolicyIdentifiers,
      uint32 NumberofPolicyIdentifiers,
      CSSM_TP_STOP_ON VerificationAbortOn,
      const CSSM_CERTGROUP_PTR CertToBeVerified,
      const CSSM_DATA_PTR AnchorCerts,
      uint32 NumberofAnchorCerts,
      const CSSM_FIELD_PTR VerifyScope,
      uint32 ScopeSize,
      CSSM_TP_ACTION Action,
      const CSSM_DATA_PTR Data,
      CSSM_DATA_PTR *Evidence,
      uint32 *EvidenceSize)

Parameters

TPHandle (input)
the handle for this trust policy service provider module.
CLHandle (input)
specifies the handle to the required certificate library service provider module, IBM Certificate Library, Version 1. This service provider module is provided in OCSF and it must be attached by the calling application.
DBList (input)
identifies one DL and DB handle pair that represents a RACF key ring that was previously opened by a call to CSSM_DL_DbOpen. The DLHandle must be the handle that was returned by CSSM_ModuleAttach when the OCEP Data Storage Library service provider module was attached. This DLHandle is also specified on calls to the API CSSM_DL_DbOpen.
CSPHandle (input)
specifies the handle of one of the following cryptographic service provider modules. These service provider modules are provided in OCSF; the selected service provider module must also be attached by the calling application:
  • IBM Software Cryptographic Service Provider, Version 1
  • IBM Software Cryptographic Service Provider 2, Version 1
  • IBM Weak Software Cryptographic Service Provider, Version 1
  • IBM Weak Software Cryptographic Service Provider 2, Version 1
PolicyIdentifiers (input)
this parameter is ignored and may be specified as NULL.
NumberofPolicyIdentifiers (input)
this parameter is ignored and may be specified as 0.
VerificationAbortOn (input)
this parameter is ignored and may be specified as CSSM_TP_STOP_ON_POLICY.
CertToBeVerified (input)
a pointer to the CSSM_CERTGROUP structure containing a certificate that has at least one signed certificate for verification. An unsigned certificate template cannot be verified.
AnchorCerts (input)
this parameter is ignored and may be specified as NULL.
NumberofAnchorCerts (input)
this parameter is ignored and may be specified as 0.
VerifyScope (input)
this parameter is ignored and may be specified as NULL.
ScopeSize (input)
this parameter is ignored and may be specified as 0.
Action (input)
this parameter is ignored and may be specified as 0.
Data (input)
this parameter is ignored and may be specified as NULL.
Evidence (input)
this parameter is ignored and may be specified as NULL.
EvidenceSize (output)
this parameter is ignored and may be specified as 0.
Parent topic: Supported trust policy API