RSA Security logo

RSA BSAFE Cert-C
API Reference

pkirvmsg.h File Reference

This file defines PKI revocation objects.

The Revoke Request object is used by the client to send a revocation request to the CA/RA to revoke a certificate. The Revoke Response object is used by the CA/RA to carry the respond back to the client.

#include "basetype.h"
#include "bsafe.h"
#include "certext.h"
#include "certapi.h"
#include "certalg.h"
#include "pkistinf.h"
#include "pkimsg.h"
#include "pkictmsg.h"

Go to the source code of this file.

Typedefs

typedef POINTER PKI_REVOKE_REQ_OBJ
 Represents a revocation request to a CA/RA to revoke one or more certificates. More...

typedef POINTER PKI_REVOKE_RESP_OBJ
 Represents a response back to the client when the client has sent a revoke certificate request. More...


Functions

int C_CreatePKIRevokeReqObject (CERTC_CTX ctx, PKI_REVOKE_REQ_OBJ *pPKIRevokeReqObj)
 Creates and initializes a PKI revocation request object. More...

void C_DestroyPKIRevokeReqObject (PKI_REVOKE_REQ_OBJ *pPKIRevokeReqObj)
 Destroys a PKI revocation request object. More...

int C_SetPKIRevokeReqRevokeCert (PKI_REVOKE_REQ_OBJ PKIRevokeReqObj, PKI_CERT_TEMPLATE_OBJ certTmplObj)
 Sets the details of the certificate (contained in PKI_CERT_TEMPLATE_OBJ) to be revoked, into the revocation request object. More...

int C_GetPKIRevokeReqRevokeCert (PKI_REVOKE_REQ_OBJ PKIRevokeReqObj, PKI_CERT_TEMPLATE_OBJ *pCertTmplObj)
 Gets the information (contained in PKI_CERT_TEMPLATE_OBJ) related to the certificate being revoked from the revocation request object. More...

int C_SetPKIRevokeReqExtensions (PKI_REVOKE_REQ_OBJ PKIRevokeReqObj, EXTENSIONS_OBJ extensObj)
 Sets the value of the CRL entry extensions in the revocation request object, if required. More...

int C_GetPKIRevokeReqExtensions (PKI_REVOKE_REQ_OBJ PKIRevokeReqObj, EXTENSIONS_OBJ *pExtensObj)
 Gets the crlEntry extensions from the revocation request object, provided it was previously set. More...

int C_SetPKIRevokeReqRevocationReason (PKI_REVOKE_REQ_OBJ PKIRevokeReqObj, UINT4 revocationReason)
 Sets the value of the revocation reason in the revocation request object, if required. More...

int C_GetPKIRevokeReqRevocationReason (PKI_REVOKE_REQ_OBJ PKIRevokeReqObj, UINT4 *pRevocationReason)
 Gets the value of the revocation reason from the revocation request object. More...

int C_SetPKIRevokeReqBadSinceDate (PKI_REVOKE_REQ_OBJ PKIRevokeReqObj, GENERALIZED_TIME *pBadSinceDate)
 Sets the date when the requested certificate was expired or compromised to the revocation request object. More...

int C_GetPKIRevokeReqBadSinceDate (PKI_REVOKE_REQ_OBJ PKIRevokeReqObj, GENERALIZED_TIME *pBadSinceDate)
 Sets the date when the requested certificate was expired or compromised from the revocation request object. More...

int C_CreatePKIRevokeRespObject (CERTC_CTX ctx, PKI_REVOKE_RESP_OBJ *pPKIRevokeRespObj)
 Creates and initializes the revocation response object. More...

void C_DestroyPKIRevokeRespObject (PKI_REVOKE_RESP_OBJ *pPKIRevokeRespObj)
 Destroys the revocation response object. More...

int C_SetPKIRevokeRespStatus (PKI_REVOKE_RESP_OBJ PKIRevokeRespObj, PKI_STATUS_INFO_OBJ PKIStatusobj)
 Sets the value of the PKI status information object into the revocation response object. More...

int C_GetPKIRevokeRespStatus (PKI_REVOKE_RESP_OBJ PKIRevokeRespObj, PKI_STATUS_INFO_OBJ *pPKIStatusObj)
 Gets the value of the PKI status information object from the revocation response object, provided that it was previously set. More...

int C_SetPKIRevokeRespCertID (PKI_REVOKE_RESP_OBJ PKIRevokeRespObj, PKI_CERT_IDENTIFIER *pCertID)
 Sets the values of the PKI_CERT_IDENTIFIER structure into the revocation response object. More...

int C_GetPKIRevokeRespCertID (PKI_REVOKE_RESP_OBJ PKIRevokeRespObj, PKI_CERT_IDENTIFIER *pCertID)
 Gets the value of the PKI_CERT_IDENTIFIER structure field or fields into the revocation response object, provided it was previously set. More...

int C_SetPKIRevokeRespCRLs (PKI_REVOKE_RESP_OBJ PKIRevokeRespObj, LIST_OBJ crlList)
 Sets the value of the list of CRLs into the revocation response object. More...

int C_GetPKIRevokeRespCRLs (PKI_REVOKE_RESP_OBJ PKIRevokeRespObj, LIST_OBJ *pCrlList)
 Gets the LIST_OBJ of CRLs from the revocation response object, provided it was previously set. More...

Typedef Documentation

typedef POINTER PKI_REVOKE_REQ_OBJ
 

Represents a revocation request to a CA/RA to revoke one or more certificates. Use a Cert-C function to view or modify information in this object. Do not assume that this object points to any specific information. Some examples of the functions that Cert-C provides to work with a PKI certificate-revocation request object are listed in the following table.

Function Description
C_CreatePKIRevokeReqObject() Creates and initializes a PKI certificate-revocation request object.
C_DestroyPKIRevokeReqObject() Destroys the PKI certificate-revocation request object and frees any memory associated with it.
C_SetPKIRevokeReqBadSinceDate() Sets the date when the requested certificate is invalid to the PKI certificate-revocation request object.
C_SetPKIRevokeReqExtensions() Sets the value of the CRL entry extensions in the PKI certificate-revocation request object.
C_SetPKIRevokeReqRevocationReason() Sets the revocation reason in the PKI certificate-revocation request object.
C_SetPKIRevokeReqRevokeCert() Sets the details of the certificate to revoke in the PKI certificate-revocation request object.
C_GetPKIRevokeReqBadSinceDate() Gets the date when the requested certificate is invalid from the PKI certificate-revocation request object.
C_GetPKIRevokeReqExtensions() Gets the crlEntry extensions from the PKI certificate-revocation request object. This is a read-only value.
C_GetPKIRevokeReqRevocationReason() Gets the value of the revocation reason in the PKI certificate-revocation request object.
C_GetPKIRevokeReqRevokeCert() Gets the information related to the certificate that is being revoked from the PKI certificate-revocation request object into a certificate object.

typedef POINTER PKI_REVOKE_RESP_OBJ
 

Represents a response back to the client when the client has sent a revoke certificate request. Use it to parse the certificate-revocation response received from the certificate server. Use a Cert-C function to view or modify information in this object. Do not assume that this object points to any specific information. Some examples of the functions that Cert-C provides to work with a PKI certificate-revocation response object are listed in the following table.

Function Description
C_CreatePKIRevokeRespObject() Creates and initializes the PKI certificate-revocation response object.
C_DestroyPKIRevokeRespObject() Destroys the PKI certificate-revocation response object and frees any memory associated with it.
C_SetPKIRevokeRespCertID() Sets the values of the PKI_CERT_IDENTIFIER structure in the PKI certificate-revocation response object.
C_SetPKIRevokeRespCRLs() Sets the value of the list of CRLs into the PKI certificate-revocation response object.
C_SetPKIRevokeRespStatus() Sets the value of the PKI_STATUS_INFO_OBJ in the PKI certificate-revocation response object.
C_GetPKIRevokeRespCertID() Gets the value of the PKI_CERT_IDENTIFIER structure field(s) in the PKI certificate-revocation response object.
C_GetPKIRevokeRespCRLs() Gets the LIST_OBJ of crls from the PKI certificate-revocation response object.
C_GetPKIRevokeRespStatus() Gets the value of the PKI_STATUS_INFO_OBJ object from the PKI certificate-revocation response object.

Function Documentation

int C_CreatePKIRevokeReqObject CERTC_CTX    ctx,
PKI_REVOKE_REQ_OBJ   pPKIRevokeReqObj
;
 

Creates and initializes a PKI revocation request object.

Parameters:
ctx This input parameter is the Cert-C context.
pPKIRevokeReqObj This input/output parameter specifies the revocation request object.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_CreatePKIRevokeRespObject CERTC_CTX    ctx,
PKI_REVOKE_RESP_OBJ   pPKIRevokeRespObj
;
 

Creates and initializes the revocation response object.

Parameters:
ctx This input parameter is the Cert-C context.
pPKIRevokeRespObj This input/output parameter specifies the PKI revocation response object to be created.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

void C_DestroyPKIRevokeReqObject PKI_REVOKE_REQ_OBJ   pPKIRevokeReqObj ;
 

Destroys a PKI revocation request object.

Parameters:
pPKIRevokeReqObj This input/output parameter specifies the revocation request object.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

void C_DestroyPKIRevokeRespObject PKI_REVOKE_RESP_OBJ   pPKIRevokeRespObj ;
 

Destroys the revocation response object.

Parameters:
pPKIRevokeRespObj This input/output parameter specifies the PKI revocation response object to be destroyed.
Returns:
None.

int C_GetPKIRevokeReqBadSinceDate PKI_REVOKE_REQ_OBJ    PKIRevokeReqObj,
GENERALIZED_TIME   pBadSinceDate
;
 

Sets the date when the requested certificate was expired or compromised from the revocation request object.

Parameters:
PKIRevokeReqObj This input parameter specifies the revocation request object.
pBadSinceDate This output parameter indicates the date the certificate was compromised, according to the best knowledge of the sender.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_GetPKIRevokeReqExtensions PKI_REVOKE_REQ_OBJ    PKIRevokeReqObj,
EXTENSIONS_OBJ   pExtensObj
;
 

Gets the crlEntry extensions from the revocation request object, provided it was previously set. If not, it returns E_VALUE_NOT_SET.

Parameters:
PKIRevokeReqObj This input parameter specifies the revocation request object.
pExtensObj This output parameter is a pointer to the EXTENSIONS_OBJ, owned by pkiRevokeReqObj. This object must not be destroyed.
Returns:
If successful, returns 0. If the response object was not previously set, returns E_VALUE_NOT_SET. Any other errors return a Cert-C error code.

int C_GetPKIRevokeReqRevocationReason PKI_REVOKE_REQ_OBJ    PKIRevokeReqObj,
UINT4 *    pRevocationReason
;
 

Gets the value of the revocation reason from the revocation request object.

Parameters:
PKIRevokeReqObj This input parameter specifies the revocation request object.
pRevocationReason This output parameter specifies the revocation reason.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_GetPKIRevokeReqRevokeCert PKI_REVOKE_REQ_OBJ    PKIRevokeReqObj,
PKI_CERT_TEMPLATE_OBJ   pCertTmplObj
;
 

Gets the information (contained in PKI_CERT_TEMPLATE_OBJ) related to the certificate being revoked from the revocation request object.

Parameters:
PKIRevokeReqObj This input parameter specifies the revocation request object.
pCertTmplObj This output parameter is the pointer to the certificate template object containing all information related to the certificate being revoked. The parameter is owned by pkiRevokeReqObj. This object must not be destroyed.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_GetPKIRevokeRespCertID PKI_REVOKE_RESP_OBJ    PKIRevokeRespObj,
PKI_CERT_IDENTIFIER   pCertID
;
 

Gets the value of the PKI_CERT_IDENTIFIER structure field or fields into the revocation response object, provided it was previously set. If not, it returns E_VALUE_NOT_SET.

Parameters:
PKIRevokeRespObj This input parameter specifies the PKI revocation response object.
pCertID This output parameter is a pointer to the PKI_CERT_IDENTIFIER structure whose value is to be retrieved. The memory used is managed by pkiPrevokeRespObj. This object must not be destroyed.
Returns:
If successful, returns 0. If the response object was not previously set, returns E_VALUE_NOT_SET. Any other errors return a Cert-C error code.

int C_GetPKIRevokeRespCRLs PKI_REVOKE_RESP_OBJ    PKIRevokeRespObj,
LIST_OBJ   pCrlList
;
 

Gets the LIST_OBJ of CRLs from the revocation response object, provided it was previously set. If not, it returns E_VALUE_NOT_SET.

Parameters:
PKIRevokeRespObj This input parameter specifies the PKI revocation response object.
pCrlList This output parameter specifies the list of CRLs.
Returns:
If successful, returns 0. If the response object was not previously set, returns E_VALUE_NOT_SET. Any other errors return a Cert-C error code.

int C_GetPKIRevokeRespStatus PKI_REVOKE_RESP_OBJ    PKIRevokeRespObj,
PKI_STATUS_INFO_OBJ   pPKIStatusObj
;
 

Gets the value of the PKI status information object from the revocation response object, provided that it was previously set. If not, it returns E_VALUE_NOT_SET.

Parameters:
PKIRevokeRespObj This input parameter specifies the PKI revocation response object.
pPKIStatusObj This output parameter is a pointer to the PKI status information object, which is owned by pkiRevokeReqObj. This object must not be destroyed.
Returns:
If successful, returns 0. If the response object was not previously set, returns E_VALUE_NOT_SET. Any other errors return a Cert-C error code.

int C_SetPKIRevokeReqBadSinceDate PKI_REVOKE_REQ_OBJ    PKIRevokeReqObj,
GENERALIZED_TIME   pBadSinceDate
;
 

Sets the date when the requested certificate was expired or compromised to the revocation request object.

Parameters:
PKIRevokeReqObj This input/output parameter specifies the revocation request object.
pBadSinceDate This input parameter indicates the date the certificate was compromised, according to the best knowledge of the sender.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_SetPKIRevokeReqExtensions PKI_REVOKE_REQ_OBJ    PKIRevokeReqObj,
EXTENSIONS_OBJ    extensObj
;
 

Sets the value of the CRL entry extensions in the revocation request object, if required.

Parameters:
PKIRevokeReqObj This input/output parameter specifies the revocation request object to be modified.
extensObj This input parameter specifies the EXTENSIONS_OBJ in which crlEntryDetails extensions can be set.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_SetPKIRevokeReqRevocationReason PKI_REVOKE_REQ_OBJ    PKIRevokeReqObj,
UINT4    revocationReason
;
 

Sets the value of the revocation reason in the revocation request object, if required.

Parameters:
PKIRevokeReqObj This input/output parameter specifies the revocation request object to be modified.
revocationReason This input parameter specifies the revocation reason to be set.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_SetPKIRevokeReqRevokeCert PKI_REVOKE_REQ_OBJ    PKIRevokeReqObj,
PKI_CERT_TEMPLATE_OBJ    certTmplObj
;
 

Sets the details of the certificate (contained in PKI_CERT_TEMPLATE_OBJ) to be revoked, into the revocation request object.

Parameters:
PKIRevokeReqObj This input/output parameter specifies the revocation request object to be modified.
certTmplObj This input parameter specifies the certificate template object, used if the application contains only details of the certificate to be revoked. If the application contains the certificate itself, first call C_GetPKICertTemplateFromCertObject() to convert the CERT_OBJ into a PKI_CERT_TEMPLATE_OBJ. Then call C_SetPKIRevokeReqRevokeCert().
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_SetPKIRevokeRespCertID PKI_REVOKE_RESP_OBJ    PKIRevokeRespObj,
PKI_CERT_IDENTIFIER   pCertID
;
 

Sets the values of the PKI_CERT_IDENTIFIER structure into the revocation response object.

Parameters:
PKIRevokeRespObj This input/output parameter specifies the PKI revocation response object to be modified.
pCertID This input parameter is a pointer to the PKI_CERT_IDENTIFIER structure whose value is to be set.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_SetPKIRevokeRespCRLs PKI_REVOKE_RESP_OBJ    PKIRevokeRespObj,
LIST_OBJ    crlList
;
 

Sets the value of the list of CRLs into the revocation response object.

Parameters:
PKIRevokeRespObj This input/output parameter specifies the PKI revocation response object.
crlList This input parameter is a LIST_OBJ containing CRL objects.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.

int C_SetPKIRevokeRespStatus PKI_REVOKE_RESP_OBJ    PKIRevokeRespObj,
PKI_STATUS_INFO_OBJ    PKIStatusobj
;
 

Sets the value of the PKI status information object into the revocation response object.

Parameters:
PKIRevokeRespObj This input/output parameter specifies the PKI revocation response object to be modified.
PKIStatusobj This input parameter specifies the PKI status information object whose value is to be set.
Returns:
If successful, returns 0. If not, returns a Cert-C error code.


RSA BSAFE® Cert-C 2.7 API Reference