[thirdparty/openssl.git] / doc / man3 / X509_CRL_get0_by_serial.pod

=pod

=head1 NAME

X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED,
X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate,
X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate,
X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility
functions

=head1 SYNOPSIS

 #include <openssl/x509.h>

 int X509_CRL_get0_by_serial(X509_CRL *crl,
                             X509_REVOKED **ret, ASN1_INTEGER *serial);
 int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);

 STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);

 const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);
 const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);

 int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);
 int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);

 int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);

 int X509_CRL_sort(X509_CRL *crl);

=head1 DESCRIPTION

X509_CRL_get0_by_serial() attempts to find a revoked entry in B<crl> for
serial number B<serial>. If it is successful it sets B<*ret> to the internal
pointer of the matching entry, as a result B<*ret> must not be freed up
after the call.

X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it
looks for a revoked entry using the serial number of certificate B<x>.

X509_CRL_get_REVOKED() returns an internal pointer to a stack of all
revoked entries for B<crl>.

X509_REVOKED_get0_serialNumber() returns an internal pointer to the
serial number of B<r>.

X509_REVOKED_get0_revocationDate() returns an internal pointer to the
revocation date of B<r>.

X509_REVOKED_set_serialNumber() sets the serial number of B<r> to B<serial>.
The supplied B<serial> pointer is not used internally so it should be
freed up after use.

X509_REVOKED_set_revocationDate() sets the revocation date of B<r> to
B<tm>. The supplied B<tm> pointer is not used internally so it should be
freed up after use.

X509_CRL_add0_revoked() appends revoked entry B<rev> to CRL B<crl>. The
pointer B<rev> is used internally so it must not be freed up after the call:
it is freed when the parent CRL is freed.

X509_CRL_sort() sorts the revoked entries of B<crl> into ascending serial
number order.

=head1 NOTES

Applications can determine the number of revoked entries returned by
X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one
in turn using sk_X509_REVOKED_value().

=head1 RETURN VALUES

X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure,
1 on success except if the revoked entry has the reason C<removeFromCRL> (8),
in which case 2 is returned.

X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(),
X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for
failure.

X509_REVOKED_get0_serialNumber() returns an B<ASN1_INTEGER> pointer.

X509_REVOKED_get0_revocationDate() returns an B<ASN1_TIME> value.

X509_CRL_get_REVOKED() returns a STACK of revoked entries.

=head1 SEE ALSO

L<d2i_X509(3)>,
L<ERR_get_error(3)>,
L<X509_get0_signature(3)>,
L<X509_get_ext_d2i(3)>,
L<X509_get_extension_flags(3)>,
L<X509_get_pubkey(3)>,
L<X509_get_subject_name(3)>,
L<X509_get_version(3)>,
L<X509_NAME_add_entry_by_txt(3)>,
L<X509_NAME_ENTRY_get_object(3)>,
L<X509_NAME_get_index_by_NID(3)>,
L<X509_NAME_print_ex(3)>,
L<X509_new(3)>,
L<X509_sign(3)>,
L<X509V3_get_d2i(3)>,
L<X509_verify_cert(3)>

=head1 COPYRIGHT

Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
73a7e8de DSH	1	=pod
	2
	3	=head1 NAME
	4
	5	X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED,
	6	X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate,
	7	X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate,
	8	X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility
bb9ad09e	9	functions
73a7e8de DSH	10
	11	=head1 SYNOPSIS
	12
	13	#include <openssl/x509.h>
	14
	15	int X509_CRL_get0_by_serial(X509_CRL *crl,
	16	X509_REVOKED *ret, ASN1_INTEGER serial);
	17	int X509_CRL_get0_by_cert(X509_CRL crl, X509_REVOKED ret, X509 x);
	18
	19	STACK_OF(X509_REVOKED) X509_CRL_get_REVOKED(X509_CRL crl);
	20
604f6eff MC	21	const ASN1_INTEGER X509_REVOKED_get0_serialNumber(const X509_REVOKED r);
604f6eff MC	22	const ASN1_TIME X509_REVOKED_get0_revocationDate(const X509_REVOKED r);
73a7e8de DSH	23
	24	int X509_REVOKED_set_serialNumber(X509_REVOKED r, ASN1_INTEGER serial);
	25	int X509_REVOKED_set_revocationDate(X509_REVOKED r, ASN1_TIME tm);
	26
	27	int X509_CRL_add0_revoked(X509_CRL crl, X509_REVOKED rev);
	28
	29	int X509_CRL_sort(X509_CRL *crl);
	30
	31	=head1 DESCRIPTION
	32
	33	X509_CRL_get0_by_serial() attempts to find a revoked entry in B<crl> for
	34	serial number B<serial>. If it is successful it sets B<*ret> to the internal
	35	pointer of the matching entry, as a result B<*ret> must not be freed up
	36	after the call.
	37
	38	X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it
	39	looks for a revoked entry using the serial number of certificate B<x>.
	40
	41	X509_CRL_get_REVOKED() returns an internal pointer to a stack of all
	42	revoked entries for B<crl>.
	43
	44	X509_REVOKED_get0_serialNumber() returns an internal pointer to the
	45	serial number of B<r>.
	46
	47	X509_REVOKED_get0_revocationDate() returns an internal pointer to the
	48	revocation date of B<r>.
	49
	50	X509_REVOKED_set_serialNumber() sets the serial number of B<r> to B<serial>.
	51	The supplied B<serial> pointer is not used internally so it should be
	52	freed up after use.
	53
	54	X509_REVOKED_set_revocationDate() sets the revocation date of B<r> to
	55	B<tm>. The supplied B<tm> pointer is not used internally so it should be
	56	freed up after use.
	57
	58	X509_CRL_add0_revoked() appends revoked entry B<rev> to CRL B<crl>. The
	59	pointer B<rev> is used internally so it must not be freed up after the call:
	60	it is freed when the parent CRL is freed.
	61
	62	X509_CRL_sort() sorts the revoked entries of B<crl> into ascending serial
	63	number order.
	64
	65	=head1 NOTES
	66
	67	Applications can determine the number of revoked entries returned by
	68	X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one
	69	in turn using sk_X509_REVOKED_value().
	70
	71	=head1 RETURN VALUES
	72
cdd6c8c5 RL	73	X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure,
	74	1 on success except if the revoked entry has the reason C<removeFromCRL> (8),
	75	in which case 2 is returned.
	76
73a7e8de DSH	77	X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(),
	78	X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for
	79	failure.
	80
	81	X509_REVOKED_get0_serialNumber() returns an B<ASN1_INTEGER> pointer.
	82
	83	X509_REVOKED_get0_revocationDate() returns an B<ASN1_TIME> value.
	84
	85	X509_CRL_get_REVOKED() returns a STACK of revoked entries.
	86
	87	=head1 SEE ALSO
	88
	89	L<d2i_X509(3)>,
	90	L<ERR_get_error(3)>,
	91	L<X509_get0_signature(3)>,
	92	L<X509_get_ext_d2i(3)>,
	93	L<X509_get_extension_flags(3)>,
	94	L<X509_get_pubkey(3)>,
	95	L<X509_get_subject_name(3)>,
	96	L<X509_get_version(3)>,
	97	L<X509_NAME_add_entry_by_txt(3)>,
	98	L<X509_NAME_ENTRY_get_object(3)>,
	99	L<X509_NAME_get_index_by_NID(3)>,
	100	L<X509_NAME_print_ex(3)>,
	101	L<X509_new(3)>,
	102	L<X509_sign(3)>,
	103	L<X509V3_get_d2i(3)>,
	104	L<X509_verify_cert(3)>
	105
e2f92610 RS	106	=head1 COPYRIGHT
	107
	108	Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
	109
4746f25a	110	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	111	this file except in compliance with the License. You can obtain a copy
	112	in the file LICENSE in the source distribution or at
	113	L<https://www.openssl.org/source/license.html>.
	114
	115	=cut