CertVerifyCRLRevocation function (wincrypt.h)

The CertVerifyCRLRevocation function check a certificate revocation list (CRL) to determine whether a subject's certificate has or has not been revoked. The new Certificate Chain Verification Functions are recommended instead of the use of this function.

Syntax

BOOL CertVerifyCRLRevocation(
  [in] DWORD        dwCertEncodingType,
  [in] PCERT_INFO   pCertId,
  [in] DWORD        cCrlInfo,
  [in] PCRL_INFO [] rgpCrlInfo
);

Parameters

[in] dwCertEncodingType

Specifies the encoding type used. It is always acceptable to specify both the certificate and message encoding types by combining them with a bitwise-OR operation as shown in the following example:

X509_ASN_ENCODING | PKCS_7_ASN_ENCODING

Currently defined encoding types are:

  • X509_ASN_ENCODING
  • PKCS_7_ASN_ENCODING

[in] pCertId

A pointer to the CERT_INFO structure of the certificate to be checked against the CRL.

[in] cCrlInfo

Number of CRL_INFO pointers in the rgpCrlInfo array.

[in] rgpCrlInfo

Array of pointers to CRL_INFO structures.

Return value

Returns TRUE if the certificate is not on the CRL and therefore is valid.

It returns FALSE if the certificate is on the list and therefore has been revoked and is not valid.

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header wincrypt.h
Library Crypt32.lib
DLL Crypt32.dll

See also

CertVerifyCRLTimeValidity

CertVerifyTimeValidity

CertVerifyValidityNesting

Data Management Functions