CL_CertGroupToSignedBundle

If both a Table of Contents and Search form are not displayed in separate frames along with this one, you may wish to redisplay this book in a frameset, beginning with the first page.

HP Open Source Security for OpenVMS Volume 1:...

API Functions

CL_CertGroupFromVerifiedBundle

CL_CertSign

CL_CertGroupToSignedBundle

Library
Description
Errors

Parameters
Return Value
See Also

NAME

CL_CertGroupToSignedBundle: CSSM_CL_CertGroupToSignedBundle - Convert a certificate group to a certificate bundle (CDSA)

SYNOPSIS

# include <cssm.h>

API:
CSSM_RETURN CSSMAPI CSSM_CL_CertGroupToSignedBundle
(CSSM_CL_HANDLE CLHandle,
CSSM_CC_HANDLE CCHandle,
const CSSM_CERTGROUP *CertGroupToBundle,
const CSSM_CERT_BUNDLE_HEADER *BundleInfo,
CSSM_DATA_PTR SignedBundle)
SPI:
CSSM_RETURN CSSMCLI CL_CertGroupToSignedBundle
(CSSM_CL_HANDLE CLHandle,
CSSM_CC_HANDLE CCHandle,
const CSSM_CERTGROUP *CertGroupToBundle,
const CSSM_CERT_BUNDLE_HEADER *BundleInfo,
CSSM_DATA_PTR SignedBundle)

LIBRARY

Common Security Services Manager library (cdsa$incssm300_shr.exe)

PARAMETERS

`CLHandle` (input)
		The handle that describes the add-in certificate library module used to perform this function.
`CCHandle` (input/optional)
		The handle of the cryptographic context to control the signing operation. The operation will fail if a signature is required for this type of bundle and the cryptographic context is not valid.
`CertGroupToBundle` (input)
		An array of individual, encoded certificates. All certificates in this list will be included in the resulting certificate bundle.
`BundleInfo` (input/optional)
		A structure containing the type and encoding of the bundle to be created. If the type and the encoding are not specified, then the module will use a default bundle type and bundle encoding.
`SignedBundle` (output)
		The function returns a pointer to a signed certificate bundle containing all certificates in the certificate group. The bundle is of the type and encoding requested by the caller or is the default type defined by the library module if the `BundleInfo` was not specified by the caller. The `SignedBundle->Data` is allocated by the service provider and must be deallocated by the application.

DESCRIPTION

This function accepts as input a certificate group (as an array of individual certificates) and returns a certificate bundle (a codified and signed aggregation of the certificates in the group). The certificate group will first be encoded according to the BundleInfo input by the user. If BundleInfo is NULL, the library will perform a default encoding for its default bundle type. If possible, the certificate group ordering will be maintained in this certificate aggregate encoding. After encoding, the certificate aggregate will be signed using the input context. The CL module embeds knowledge of the signing scope for the bundle types it supports. The signature is then associated with the certificate aggregate according to the bundle type and encoding rules and is returned as a bundle to the calling application.

RETURN VALUE

A CSSM_RETURN value indicating success or specifying a particular error condition. The value CSSM_OK indicates success. All other values represent an error condition.

ERRORS

Errors are described in the CDSA Technical Standard.

CSSMERR_CL_INVALID_CONTEXT_HANDLE
CSSMERR_CL_INVALID_CERTGROUP_POINTER
CSSMERR_CL_INVALID_CERT_POINTER
CSSMERR_CL_UNKNOWN_FORMAT
CSSMERR_CL_INVALID_BUNDLE_POINTER
CSSMERR_CL_INVALID_BUNDLE_INFO