CertVerifyValidityNesting

The CertVerifyValidityNesting function verifies that the subject's time validity nests within the issuer's time validity.

#include <wincrypt.h>
BOOL WINAPI CertVerifyValidityNesting(
  PCERT_INFO pSubjectInfo,     // in
  PCERT_INFO pIssuerInfo       // in
);
 

Parameters

pSubjectInfo

A pointer to the subject certificate.

pIssuerInfo

A pointer to the issuer certificate.

Return Values

Returns TRUE if it nests. Otherwise, returns FALSE.

Example

// EXAMPLE CODE FOR USING CertVerifyValidityNesting() to 
// verify that a subject's time validity nests within an issuer's time validity

// Assume that that pointers to the subject (pSubjectInfo) and 
// issuer (pIssuerInfo) that are being checked for time validity 
// nesting are already known.

// Set up the variables.
PCERT_INFO pSubjectInfo, pIssuerInfo;  // Initialized elsewhere
BOOL Return;

Return = CertVerifyValidityNesting(
            pSubjectInfo, pIssuerInfo);

if (Return == TRUE) {
    // The subject's time validity nests within the 
    // issuer's time validity. Continue as desired.
}
 

QuickInfo

  Windows NT: Requires version 4.0 SP3 or later. Available also in IE 3.02 and later.
  Windows: Requires Windows 98 (or Windows 95 with IE 3.02 or later).
  Windows CE: Unsupported.
  Header: Declared in wincrypt.h.
  Import Library: Use crypt32.lib.

See Also

CertVerifyCRLTimeValidity, CertVerifyCRLRevocation, CertVerifyTimeValidity