[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: CertVerifyRevocation function
From: "Carucci, Giuseppe" <Giuseppe.Carucci () GETRONICS ! COM>
Date: 2002-09-13 9:41:46
[Download RAW message or body]
I'm using the CertVerifyRevocation function for testing a certificate issued by a \
UniCERT CA. In the certificate is the CDP extension, a string LDAP to an online \
directory to find the CRL. The function return FALSE, but the flag dwError of the \
CERT_REVOCATION_STATUS struct is always 8 (ERROR_NOT_ENOUGH_MEMORY). Where is the \
problem? The CRL is 132k in size, is this a problem?
When I have used the same CertVerifyRevocation function to testing other two \
certificates, one without CDP and one with a CDP to a offline directory, the dwError \
is CRYPT_E_NO_REVOCATION_CHECK, and this is correct in my opinion.
Can anyone to help me?
Thanks
Regards,
Giuseppe
Extract of my code is:
DWORD dwCertEncodingType = X509_ASN_ENCODING;
DWORD dwRevType = CERT_CONTEXT_REVOCATION_TYPE;
DWORD cContext =1;
PVOID rgpvContext[1];
DWORD dwFlags = NULL;
CERT_REVOCATION_PARA pRevPara;
PCERT_REVOCATION_STATUS pRevStatus;
CERT_REVOCATION_STATUS pRevStatus;
BOOL fResult = FALSE;
pRevStatus.cbSize= sizeof(CERT_REVOCATION_STATUS);
pRevPara.cbSize = sizeof(CERT_REVOCATION_PARA);
pRevPara.pIssuerCert = pSignerCertContext;
rgpvContext[0] = (VOID *) pSignerCertContext; 'MY CERTIFICATE TO TESTING
fResult= CertVerifyRevocation(
dwCertEncodingType,
dwRevType,
cContext,
rgpvContext,
dwFlags,
NULL,
&pRevStatus);
if (!fResult) {
cout<< "Error"<< endl
....
Testing of the pRevStatus struct
....
}
else {
cout<< "OK"<< endl;
}
Giuseppe Carucci
PKI Application Consultant
I.D.I. - Security Practice
Getronics S.p.A.
SS 271 - KM 8,3 - Contrada La Marchesa
70020 Bitritto (BA)
Italy
Tel. +39 80 3855370
Mob. +39 348 0719005
Fax +39 80 6352089
www.getronics.it
The information transmitted is intended only for use by the addressee and may \
contain confidential and/or privileged material. Any review, re-transmission, \
dissemination or other use of it, or the taking of any action in reliance upon this \
information by persons and/or entities other than the intended recipient is \
prohibited. If you received this in error, please inform the sender and/or addressee \
immediately and delete the material. Thank you.
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic