NAME
X509_CRL_new
,
X509_CRL_free
,
X509_CRL_INFO_new
,
X509_CRL_INFO_free
—
X.509 certificate revocation
lists
SYNOPSIS
#include
<openssl/x509.h>
X509_CRL *
X509_CRL_new
(void);
void
X509_CRL_free
(X509_CRL
*crl);
X509_CRL_INFO *
X509_CRL_INFO_new
(void);
void
X509_CRL_INFO_free
(X509_CRL_INFO
*crl_info);
DESCRIPTION
X509_CRL_new
()
allocates and initializes an empty X509_CRL object,
representing an ASN.1 CertificateList structure
defined in RFC 5280 section 5.1. It can hold a pointer to an
X509_CRL_INFO object discussed below together with a
cryptographic signature and information about the signature algorithm used.
X509_CRL_free
()
frees crl.
X509_CRL_INFO_new
()
allocates and initializes an empty X509_CRL_INFO
object, representing an ASN.1 TBSCertList structure
defined in RFC 5280 section 5.1. It is used inside the
X509_CRL object and can hold a list of revoked
certificates, an issuer name, the time the list was issued, the time when
the next update of the list is due, and optional extensions.
X509_CRL_INFO_free
()
frees crl_info.
RETURN VALUES
X509_CRL_new
() and
X509_CRL_INFO_new
() return the new
X509_CRL or X509_CRL_INFO
object, respectively, or NULL
if an error
occurs.
SEE ALSO
ACCESS_DESCRIPTION_new(3), AUTHORITY_KEYID_new(3), d2i_X509_CRL(3), DIST_POINT_new(3), PEM_read_X509_CRL(3), X509_CRL_get0_by_serial(3), X509_CRL_get_ext(3), X509_CRL_get_ext_d2i(3), X509_CRL_get_issuer(3), X509_CRL_get_version(3), X509_CRL_sign(3), X509_EXTENSION_new(3), X509_load_crl_file(3), X509_new(3), X509_REVOKED_new(3), X509_STORE_CTX_set0_crls(3)
STANDARDS
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, section 5: CRL and CRL Extensions Profile