CERT_REVOCATION_STATUS

The CERT_REVOCATION_STATUS structure is returned by CertVerifyRevocation to specify the status of the revoked or unchecked context. See CertVerifyRevocation for details.

typedef struct _CERT_REVOCATION_STATUS {
    DWORD                   cbSize;
    DWORD                   dwIndex;
    DWORD                   dwError;
    DWORD                   dwReason;
} CERT_REVOCATION_STATUS, *PCERT_REVOCATION_STATUS;

Members

cbSize
The count of bytes in this data structure.

Upon input to CertVerifyRevocation, cbSize must be set to a size >= sizeof(CERT_REVOCATION_STATUS). Otherwise, CertVerifyRevocation returns FALSE and sets LastError to E_INVALIDARG.

dwIndex
Upon return from CertVerifyRevocation, dwIndex specifies the index of the first context that was revoked or unable to be checked for revocation. If the caller wants more information about the remaining contexts that have not been checked, CertVerifyRevocation will need to be called again, specifying a list in rgpvContext[] that contains the unchecked contexts from the original list.
dwError
Upon return from CertVerifyRevocation, dwError specifies the error status. LastError as reported from CertVerifyRevocation is also set to this error status. See the table in the "Return Values" section in CertVerifyRevocation for the list of error values.
dwReason
Upon return from CertVerifyRevocation, dwReason specifies the reason for the error. dwReason is currently only set when dwError equals CRYPT_E_REVOKED and contains the reason why the context was revoked. It may be one of the following:
CRL_REASON_UNSPECIFIED 0
No reason was specified for why the certificate was revoked.
CRL_REASON_KEY_COMPROMISE 1
Used in revocation of an end entity certificate. It indicates that it is known or suspected that the subject's private key, or other aspects of the subject validated in the certificate, have been compromised.
CRL_REASON_CA_COMPROMISE 2
Used in revocation of a CA-certificate. It indicates that it is known or suspected that the subject's private key, or other aspects of the subject validated in the certificate, have been compromised.
CRL_REASON_AFFILIATION_CHANGED 3
Indicates that the subject's name or other information in the certificate has been modified but there is no cause to suspect that the private key has been compromised.
CRL_REASON_SUPERSEDED 4
Indicates that the certificate has been superseded, but there is no cause to suspect that the private key has been compromised.
CRL_REASON_CESSATION_OF_OPERATION 5
Indicates that the certificate is no longer needed for the purpose of which it was issued, but there is no cause to suspect that the private key has been compromised.
CRL_REASON_CERTIFICATE_HOLD 6
Indicates that the certificate has been placed on hold.

See Also

CertVerifyRevocation