CERT_REVOCATION_CHAIN_PARA structure (wincrypt.h)

The CERT_REVOCATION_CHAIN_PARA structure contains parameters used for building a chain for an independent online certificate status protocol (OCSP) response signer certificate. The CERT_REVOCATION_PARA and CRYPT_GET_TIME_VALID_OBJECT_EXTRA_INFO structure definitions include optional pointers to this structure.

Syntax

typedef struct _CERT_REVOCATION_CHAIN_PARA {
  DWORD            cbSize;
  HCERTCHAINENGINE hChainEngine;
  HCERTSTORE       hAdditionalStore;
  DWORD            dwChainFlags;
  DWORD            dwUrlRetrievalTimeout;
  LPFILETIME       pftCurrentTime;
  LPFILETIME       pftCacheResync;
  DWORD            cbMaxUrlRetrievalByteCount;
} CERT_REVOCATION_CHAIN_PARA, *PCERT_REVOCATION_CHAIN_PARA;

Members

cbSize

The size, in bytes, of this structure.

hChainEngine

A handle to the chain engine used by the caller.

hAdditionalStore

A handle to a store that contains the certificates used to build the original chain. The handle can be NULL.

dwChainFlags

A value for the dwFlags parameter passed to the CertGetCertificateChain function.

Value Meaning
CERT_CHAIN_REVOCATION_CHECK_OCSP_CERT
0x04000000
This flag will be set by the CertVerifyRevocation provider when it calls CertGetCertificateChain with an independent OCSP signer certificate. When set, CertGetCertificateChain will call CertVerifyRevocation without setting the pointer to the above CERT_REVOCATION_CHAIN_PARA data structure; this helps to prevent circular revocation checking.

dwUrlRetrievalTimeout

A value that contains the time-out limit, in milliseconds. If zero, the revocation handler's default time-out is used.

pftCurrentTime

A pointer to a FILETIME structure used in the freshness time check. If this pointer is NULL, the revocation handler uses the current time.

pftCacheResync

A pointer to a FILETIME structure that governs the use of cached information. Any information cached before this time is considered invalid and new information is retrieved. When set, this value overrides the registry configuration CacheResync time.

cbMaxUrlRetrievalByteCount

A DWORD value that specifies the maximum number of bytes to download from the URL object. A value of 0 specifies no limit.

Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This member is not supported.

Requirements

Requirement Value
Minimum supported client Windows Vista with SP1 [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Header wincrypt.h