Certificate Revocation
- From: jaslong@xxxxxxxxxxx
- Date: Sat, 07 Jul 2007 08:10:50 -0700
I have been posting questions about revocation checking over the last
3 weeks or so...
and it appears im the only person on gods earth trying to work out if
PKCS#7 message encoded types
containing X509 certificates can be passed DIRECTLY to
certverifyrevocation.
Now..the API states that X509 & P7 message encoding types are
supported.
So in theory you can pass a P7 (with 2 or more X509 certificates in)
to the API in a the CERT_CONTEXT.
so...
BOOL WINAPI CertVerifyRevocation(
DWORD dwEncodingType, <-----PKCS7_ASN_ENCODING
flag here....
DWORD dwRevType,
DWORD cContext,
PVOID rgpvContext[], <----
CERT_CONTEXT (message encoding would be P7)
DWORD dwFlags,
PCERT_REVOCATION_PARA pRevPara,
PCERT_REVOCATION_STATUS pRevStatus
);
therefore:
CERT_CONTEXT would be
CERT_CONTEXT {
DWORD dwCertEncodingType;
BYTE* pbCertEncoded;
DWORD cbCertEncoded; PCERT_INFO pCertInfo; HCERTSTORE hCertStore;
} CERT_CONTEXT,
.
- Prev by Date: Cant get SACL
- Next by Date: Re: acquiring access token for "LocalService" from application started by the admin for SHGetFolderPath()
- Previous by thread: Cant get SACL
- Next by thread: Problems with AppData on Vista.
- Index(es):
