catalog Info Catalog previous gnupg: Dirmngr ISVALID up gnupg: Dirmngr Protocol next gnupg: Dirmngr CHECKOCSP

gnupg: Dirmngr CHECKCRL

 
 3.6.3 Validate a certificate using a CRL
 ----------------------------------------
 
 Check whether the certificate with FINGERPRINT (SHA-1 hash of the entire
 X.509 certificate blob) is valid or not by consulting the CRL
 responsible for this certificate.  If the fingerprint has not been given
 or the certificate is not known, the function inquires the certificate
 using:
 
        S: INQUIRE TARGETCERT
        C: D <DER encoded certificate>
        C: END
 
    Thus the caller is expected to return the certificate for the request
 (which should match FINGERPRINT) as a binary blob.  Processing then
 takes place without further interaction; in particular dirmngr tries to
 locate other required certificate by its own mechanism which includes a
 local certificate store as well as a list of trusted root certificates.
 
 The return code is 0 for success; i.e.  the certificate has not been
 revoked or one of the usual error codes from libgpg-error.
catalog Info Catalog previous gnupg: Dirmngr ISVALID up gnupg: Dirmngr Protocol next gnupg: Dirmngr CHECKOCSP