NAME
X509_REVOKED_new
,
X509_REVOKED_free
,
X509_REVOKED_set_serialNumber
,
X509_REVOKED_set_revocationDate
—
create and change an X.509 CRL revoked
entry
SYNOPSIS
#include
<openssl/x509.h>
X509_REVOKED *
X509_REVOKED_new
(void);
void
X509_REVOKED_free
(X509_REVOKED
*r);
int
X509_REVOKED_set_serialNumber
(X509_REVOKED
*r, ASN1_INTEGER *serial);
int
X509_REVOKED_set_revocationDate
(X509_REVOKED
*r, ASN1_TIME *tm);
DESCRIPTION
X509_REVOKED_new
()
allocates and initializes an empty X509_REVOKED
object, representing one of the elements of the revokedCertificates field of
the ASN.1 TBSCertList structure defined in RFC 5280
section 5.1. It is used by X509_CRL objects and can
hold information about one revoked certificate including issuer names,
serial number, revocation date, and revocation reason.
X509_REVOKED_free
()
frees r.
X509_REVOKED_set_serialNumber
()
sets the serial number of r to
serial. The supplied serial
pointer is not used internally so it should be freed up after use.
X509_REVOKED_set_revocationDate
()
sets the revocation date of r to
tm. The supplied tm pointer is
not used internally so it should be freed up after use.
RETURN VALUES
X509_REVOKED_new
() returns the new
X509_REVOKED object or NULL
if
an error occurs.
X509_REVOKED_set_serialNumber
() and
X509_REVOKED_set_revocationDate
() return 1 for
success or 0 for failure.
SEE ALSO
d2i_X509_CRL(3), ERR_get_error(3), PEM_read_X509_CRL(3), X509_CRL_get0_by_serial(3)
STANDARDS
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, section 5.1: CRL Fields