]>
Commit | Line | Data |
---|---|---|
73a7e8de DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, | |
6 | X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, | |
7 | X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDate, | |
8 | X509_CRL_add0_revoked, X509_CRL_sort - CRL revoked entry utility | |
bb9ad09e | 9 | functions |
73a7e8de DSH |
10 | |
11 | =head1 SYNOPSIS | |
12 | ||
13 | #include <openssl/x509.h> | |
14 | ||
15 | int X509_CRL_get0_by_serial(X509_CRL *crl, | |
16 | X509_REVOKED **ret, ASN1_INTEGER *serial); | |
17 | int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x); | |
18 | ||
19 | STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl); | |
20 | ||
604f6eff MC |
21 | const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *r); |
22 | const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *r); | |
73a7e8de DSH |
23 | |
24 | int X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial); | |
25 | int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); | |
26 | ||
27 | int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); | |
28 | ||
29 | int X509_CRL_sort(X509_CRL *crl); | |
30 | ||
31 | =head1 DESCRIPTION | |
32 | ||
33 | X509_CRL_get0_by_serial() attempts to find a revoked entry in B<crl> for | |
34 | serial number B<serial>. If it is successful it sets B<*ret> to the internal | |
35 | pointer of the matching entry, as a result B<*ret> must not be freed up | |
36 | after the call. | |
37 | ||
38 | X509_CRL_get0_by_cert() is similar to X509_get0_by_serial() except it | |
39 | looks for a revoked entry using the serial number of certificate B<x>. | |
40 | ||
41 | X509_CRL_get_REVOKED() returns an internal pointer to a stack of all | |
42 | revoked entries for B<crl>. | |
43 | ||
44 | X509_REVOKED_get0_serialNumber() returns an internal pointer to the | |
45 | serial number of B<r>. | |
46 | ||
47 | X509_REVOKED_get0_revocationDate() returns an internal pointer to the | |
48 | revocation date of B<r>. | |
49 | ||
50 | X509_REVOKED_set_serialNumber() sets the serial number of B<r> to B<serial>. | |
51 | The supplied B<serial> pointer is not used internally so it should be | |
52 | freed up after use. | |
53 | ||
54 | X509_REVOKED_set_revocationDate() sets the revocation date of B<r> to | |
55 | B<tm>. The supplied B<tm> pointer is not used internally so it should be | |
56 | freed up after use. | |
57 | ||
58 | X509_CRL_add0_revoked() appends revoked entry B<rev> to CRL B<crl>. The | |
59 | pointer B<rev> is used internally so it must not be freed up after the call: | |
60 | it is freed when the parent CRL is freed. | |
61 | ||
62 | X509_CRL_sort() sorts the revoked entries of B<crl> into ascending serial | |
63 | number order. | |
64 | ||
65 | =head1 NOTES | |
66 | ||
67 | Applications can determine the number of revoked entries returned by | |
68 | X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one | |
69 | in turn using sk_X509_REVOKED_value(). | |
70 | ||
71 | =head1 RETURN VALUES | |
72 | ||
cdd6c8c5 RL |
73 | X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure, |
74 | 1 on success except if the revoked entry has the reason C<removeFromCRL> (8), | |
75 | in which case 2 is returned. | |
76 | ||
73a7e8de DSH |
77 | X509_REVOKED_set_serialNumber(), X509_REVOKED_set_revocationDate(), |
78 | X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success and 0 for | |
79 | failure. | |
80 | ||
81 | X509_REVOKED_get0_serialNumber() returns an B<ASN1_INTEGER> pointer. | |
82 | ||
83 | X509_REVOKED_get0_revocationDate() returns an B<ASN1_TIME> value. | |
84 | ||
85 | X509_CRL_get_REVOKED() returns a STACK of revoked entries. | |
86 | ||
87 | =head1 SEE ALSO | |
88 | ||
89 | L<d2i_X509(3)>, | |
90 | L<ERR_get_error(3)>, | |
91 | L<X509_get0_signature(3)>, | |
92 | L<X509_get_ext_d2i(3)>, | |
93 | L<X509_get_extension_flags(3)>, | |
94 | L<X509_get_pubkey(3)>, | |
95 | L<X509_get_subject_name(3)>, | |
96 | L<X509_get_version(3)>, | |
97 | L<X509_NAME_add_entry_by_txt(3)>, | |
98 | L<X509_NAME_ENTRY_get_object(3)>, | |
99 | L<X509_NAME_get_index_by_NID(3)>, | |
100 | L<X509_NAME_print_ex(3)>, | |
101 | L<X509_new(3)>, | |
102 | L<X509_sign(3)>, | |
103 | L<X509V3_get_d2i(3)>, | |
104 | L<X509_verify_cert(3)> | |
105 | ||
e2f92610 RS |
106 | =head1 COPYRIGHT |
107 | ||
108 | Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. | |
109 | ||
4746f25a | 110 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
111 | this file except in compliance with the License. You can obtain a copy |
112 | in the file LICENSE in the source distribution or at | |
113 | L<https://www.openssl.org/source/license.html>. | |
114 | ||
115 | =cut |