OpenBSD manual page server

Manual Page Search Parameters

X509_CRL_GET0_BY_SERIAL(3) Library Functions Manual X509_CRL_GET0_BY_SERIAL(3)

X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED, X509_CRL_add0_revoked, X509_CRL_sortadd, sort, and retrieve CRL entries

#include <openssl/x509.h>

X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *serial);

X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);

X509_CRL_get_REVOKED(X509_CRL *crl);

X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);

X509_CRL_sort(X509_CRL *crl);

() attempts to find a revoked entry in crl for serial number serial. If it is successful, it sets *ret to the internal pointer of the matching entry. Consequently, *ret must not be freed up after the call.

() is similar to X509_CRL_get0_by_serial() except that it looks for a revoked entry using the serial number of certificate x.

() returns an internal pointer to a stack of all revoked entries for crl. It is implemented as a macro.

() appends revoked entry rev to CRL crl. The pointer rev is used internally so it must not be freed up after the call: it is freed when the parent CRL is freed.

() sorts the revoked entries of crl into ascending serial number order.

Applications can determine the number of revoked entries returned by () using () and examine each one in turn using (), both defined in <openssl/safestack.h>.

X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for failure or 1 for success, except if the revoked entry has the reason "removeFromCRL", in which case 2 is returned.

X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success or 0 for failure.

X509_CRL_get_REVOKED() returns a STACK of revoked entries.

d2i_X509_CRL(3), ERR_get_error(3), X509_CRL_get_ext(3), X509_CRL_get_issuer(3), X509_CRL_get_version(3), X509_REVOKED_new(3), X509V3_get_d2i(3)

March 25, 2017 OpenBSD-6.1