Function

CertVerifyCertificateChainPolicy

Directives

External
Name
Stdcall

Module

wcrypt2

Last Modified

7/15/2014 3:26:44 PM

Comments

+-------------------------------------------------------------------------
  Verify that the certificate chain satisfies the specified policy
  requirements. If we were able to verify the chain policy, TRUE is returned
  and the dwError field of the pPolicyStatus is updated. A dwError of 0
  (ERROR_SUCCESS, S_OK) indicates the chain satisfies the specified policy.
  If dwError applies to the entire chain context, both lChainIndex and
  lElementIndex are set to -1. If dwError applies to a simple chain,
  lElementIndex is set to -1 and lChainIndex is set to the index of the
  first offending chain having the error. If dwError applies to a
  certificate element, lChainIndex and lElementIndex are updated to
  index the first offending certificate having the error, where, the
  the certificate element is at:
      pChainContext->rgpChain[lChainIndex]->rgpElement[lElementIndex].
  The dwFlags in pPolicyPara can be set to change the default policy checking
  behaviour. In addition, policy specific parameters can be passed in
  the pvExtraPolicyPara field of pPolicyPara.
  In addition to returning dwError, in pPolicyStatus, policy OID specific
  extra status may be returned via pvExtraPolicyStatus.
--------------------------------------------------------------------------

Scope

Interfaced

Declaration

function CertVerifyCertificateChainPolicy(
             pszPolicyOID:                LPCSTR;
             pChainContext:               PCCERT_CHAIN_CONTEXT;
             pPolicyPara:                 PCERT_CHAIN_POLICY_PARA;
         var pPolicyStatus:               PCERT_CHAIN_POLICY_STATUS): bool; stdcall;


Source