RSA BSAFE Cert-C

Certificate Components for C

Crypto-C 6.2.1 Developer's Guide
Search

OCSP_EVIDENCE Struct Reference

Contains information returned in an OCSP response.

It is one type of evidence that can be returned in the evidence field of a CERT_REVOCATION structure. Call C_DestroyOCSPEvidence() to deallocate memory associated with this structure and its components.

Samples:

ocsp.c, and validate.c.

#include <certpath.h> 

typedef struct {

  unsigned int          flags;

  GENERALIZED_TIME      producedAt;

  GENERALIZED_TIME      thisUpdate;

  GENERALIZED_TIME     *pNextUpdate;

  EXTENSIONS_OBJ        singleExtensions;

  OCSP_REVOCATION_INFO *revocationInfo;
} OCSP_EVIDENCE;

Data Fields

unsigned int flags
 An unsigned int value that contains a flag indicating whether additional evidence or query information is available. More...

GENERALIZED_TIME producedAt
 A GENERALIZED_TIME structure that indicates the time when the OCSP response was signed.

GENERALIZED_TIME thisUpdate
 A GENERALIZED_TIME structure that indicates the time when the revocation status information is known to be correct.

GENERALIZED_TIMEpNextUpdate
 A pointer to a GENERALIZED_TIME structure that indicates the time when the next revocation status information will be available. More...

EXTENSIONS_OBJ singleExtensions
 An EXTENSIONS_OBJ object of type OCSP_SINGLE_EXTENSIONS_OBJ that contains additional information about the certificate that has been checked. More...

OCSP_REVOCATION_INFOrevocationInfo
 A pointer to an OCSP_REVOCATION_INFO structure that contains additional revocation information if it is not set to (OCSP_REVOCATION_INFO*)0.

Field Documentation

unsigned int flags
 

An unsigned int value that contains a flag indicating whether additional evidence or query information is available. Currently, the only possible value is as follows:




 
Flag Description 


OCSP_EVIFLAG_NONCE_IGNORED The client provided the optional nonce extension in the request, however, no nonce was returned by the OCSP Responder. 

     

  







  

    
      

        

           GENERALIZED_TIME* pNextUpdate
      

    		
  





  

    
       
    
    



A pointer to a GENERALIZED_TIME structure that indicates the time when the next revocation status information will be available. This member is optional. If this value is (GENERALIZED_TIME *)0, then the value was not specified by the OCSP Responder.     

  







  

    
      

        

           EXTENSIONS_OBJ singleExtensions
      

    		
  





  

    
       
    
    



An EXTENSIONS_OBJ object of type OCSP_SINGLE_EXTENSIONS_OBJ that contains additional information about the certificate that has been checked. For example, it can indicate the CRL from which the status information was taken.     

  







Copyright (c) 1999-2005 RSA Security Inc. All rights reserved.
067-001001-2720-001-000 - 2.7.2