CertChain Event

Shows the certificate chain for the certificate (see the ShowCertificateChain method).

Syntax

ANSI (Cross Platform)
virtual int FireCertChain(CertMgrCertChainEventParams *e);
typedef struct {
const char *CertEncoded; int lenCertEncoded;
const char *CertSubject;
const char *CertIssuer;
const char *CertSerialNumber;
int TrustStatus;
int TrustInfo; int reserved; } CertMgrCertChainEventParams; Unicode (Windows) virtual INT FireCertChain(CertMgrCertChainEventParams *e);
typedef struct {
LPCSTR CertEncoded; INT lenCertEncoded;
LPCWSTR CertSubject;
LPCWSTR CertIssuer;
LPCWSTR CertSerialNumber;
INT TrustStatus;
INT TrustInfo; INT reserved; } CertMgrCertChainEventParams;
- (void)onCertChain:(NSData*)certEncoded :(NSString*)certSubject :(NSString*)certIssuer :(NSString*)certSerialNumber :(int)trustStatus :(int)trustInfo;
#define EID_CERTMGR_CERTCHAIN 1

virtual INT IPWORKSEDI_CALL FireCertChain(LPSTR &lpCertEncoded, INT &lenCertEncoded, LPSTR &lpszCertSubject, LPSTR &lpszCertIssuer, LPSTR &lpszCertSerialNumber, INT &iTrustStatus, INT &iTrustInfo);

Remarks

This event is fired for every certificate in the certificate chain of the certificate assigned to the class.

The TrustStatus parameter contains information about the trust status of the entire certificate chain. A value of 0 signifies that the security subsystem has verified the certificate. Other values are combinations of one or more of the following flags:

0x00000001This certificate or one of the certificates in the certificate chain is not time valid.
0x00000002Certificates in the chain are not properly time nested.
0x00000004Trust for this certificate or one of the certificates in the certificate chain has been revoked.
0x00000008The certificate or one of the certificates in the certificate chain does not have a valid signature.
0x00000010The certificate or certificate chain is not valid for its proposed usage.
0x00000020The certificate or certificate chain is based on an untrusted root.
0x00000040The revocation status of the certificate or one of the certificates in the certificate chain is unknown.
0x00000080One of the certificates in the chain was issued by a certification authority that the original certificate had certified.
0x00010000The certificate chain is not complete.
0x00020000A CTL used to create this chain was not time valid.
0x00040000A CTL used to create this chain did not have a valid signature.
0x00080000A CTL used to create this chain is not valid for this usage.

The TrustInfo parameter contains additional information about the status of the entire certificate chain. It is a combination of one or more of the following flags:

0x00000001An exact match issuer certificate has been found for this certificate.
0x00000002A key match issuer certificate has been found for this certificate.
0x00000004A name match issuer certificate has been found for this certificate.
0x00000008This certificate is self-signed.
0x00010000The certificate chain created is a complex chain.

The CertSubject and CertIssuer parameters contain the distinguished names of the certificate owner and issuer respectively.

Copyright (c) 2022 /n software inc. - All rights reserved.
IPWorks EDI 2020 C++ Edition - Version 20.0 [Build 8203]