NAME

   CL_IsCertInCachedCrl,
   CSSM_CL_IsCertInCachedCrl - Search cached CRL for a record (CDSA)

 SYNOPSIS

   # include <cssm.h>

    API:
        CSSM_RETURN CSSMAPI CSSM_CL_IsCertInCachedCrl
        (CSSM_CL_HANDLE CLHandle,
        const CSSM_DATA *Cert,
        CSSM_HANDLE CrlHandle,
        CSSM_BOOL *CertFound,
        CSSM_DATA_PTR CrlRecordIndex)

    SPI:
        CSSM_RETURN CSSMCLI CL_IsCertInCachedCrl
        (CSSM_CL_HANDLE CLHandle,
        const CSSM_DATA *Cert,
        CSSM_HANDLE CrlHandle,
        CSSM_BOOL *CertFound,
        CSSM_DATA_PTR CrlRecordIndex)

 LIBRARY

   Common Security Services Manager library (CDSA$INCSSM300_SHR.EXE)

 PARAMETERS

   CLHandle (input)
           The handle that describes the add-in Certificate Library module
           used to perform this function.

   Cert (input)
           A pointer to the CSSM_DATA structure containing an encoded,
           packed certificate.

   CrlHandle (input)
           A handle identifying a CRL that the application has temporarily
           cached with the Certificate Library module. The referenced CRL
           is searched for a revocation record matching the specified Cert.

   CertFound (output)
           A pointer to a CSSM_BOOL indicating success or failure in
           finding the specified certificate in the CRL. CSSM_TRUE
           signifies that the certificate was found in the CRL. CSSM_FALSE
           indicates that the certificate was not found in the CRL.

   CrlRecordIndex (output)
           A pointer to a CSSM_DATA structure containing an index
           descriptor for direct access to the located CRL record.
           CrlRecordIndex->Data is allocated by the service provider
           and must be deallocated by the application.

 DESCRIPTION

   This function searches the cached CRL for a record corresponding to
   the certificate. The result of the search is returned in CertFound.
   The CRL and the records within the CRL must be digitally signed.
   This function does not verify either signature. The caller should use
   CSSM_TP_CrlVerify() or CSSM_CL_CrlVerify() (or their SPI equivalents)
   before invoking this function. Once the CRL has been verified, the
   caller can invoke this function repeatedly without repeating the
   verification process.

   If the certificate is found in the CRL, the CL module returns an index
   descriptor CrlRecordIndex for use with other Certificate Library CRL
   functions. The index provides more direct access to the selected CRL
   record.

 RETURN VALUE

   A CSSM_RETURN value indicating success or specifying a particular
   error condition. The value CSSM_OK indicates success. All other values
   represent an error condition.

 ERRORS

   Errors are described in the CDSA technical standard.  See CDSA.

        CSSMERR_CL_INVALID_CERT_POINTER
        CSSMERR_CL_UNKNOWN_FORMAT
        CSSMERR_CL_INVALID_CACHE_HANDLE

 SEE ALSO

   Books

   Intel CDSA Application Developer's Guide (see CDSA)

   Other Help Topics

   Functions for the CSSM API:

       CSSM_CL_CrlGetFirstCachedFieldValue
       CSSM_CL_CrlGetNextCachedFieldValue
       CSSM_CL_CrlGetAllCachedRecordField
       CSSM_CL_CrlCache
       CSSM_CL_CrlAbortCache

   Functions for the CLI SPI:

       CL_CrlGetFirstCachedFieldValue
       CL_CrlGetNextCachedFieldValue
       CL_CrlGetAllCachedRecordField
       CL_CrlCache
       CL_CrlAbortCache