|
Input
- TPHandle
- The handle that describes the TP module used to perform this
function.
- CSPHandle
- The handle referencing a CSP to be used to verify signatures
on the signer's certificate and on the CRL. The TP module is responsible
for creating the cryptographic context structure required to perform
the &tab;verification operation. If no CSP is specified, the TP module
uses an&tab;assumed CSP to perform the operations.
- DBList
- A list of handle pairs specifying a DL module and a data store
managed by that module. These data stores can be used to store or
retrieve objects (such as certificate and CRLs) related to the signer's
certificate. &tab;If no DL and database (DB) handle pairs are specified,
the TP module &tab;can use an assumed DL module and an assumed data
store, if required.
- CrlToBeVerified
- A pointer to the CSSM_DATA structure containing a signed CRL
to be verified.
- SignerCertGroup
- A group of one or more certificates that partially or fully
represent the signer of the CRL. The first certificate in the group
is the target certificate representing the CRL signer. Use of subsequent
certificates is specific to the trust domain. For example, in a hierarchical
trust model subsequent &tab;members are intermediate certificates
of a certificate chain.
- VerifyScope
- A pointer to the CSSM_FIELD array indicating the CRL fields
to be included in the CRL signature verification process. A NULL input
verifies &tab;the signature assuming the module's default set of fields
was used in the &tab;signaturing process (this can include all fields
in the CRL).
- ScopeSize
- The number of entries in the verify scope list. If the verification
scope is not specified, the input parameter value for scope size must
be zero.
Input/optional
- CLHandle
- The handle that describes the CL module that can be used to
manipulate &tab;the certificates to be verified. If no CL module is
specified, the TP module uses an assumed CL module, if required.
|