NAME
X509_REVOKED_new
,
X509_REVOKED_dup
,
X509_REVOKED_free
,
X509_REVOKED_get0_serialNumber
,
X509_REVOKED_get0_revocationDate
,
X509_REVOKED_set_serialNumber
,
X509_REVOKED_set_revocationDate
—
create, change, and inspect an X.509
CRL revoked entry
SYNOPSIS
#include
<openssl/x509.h>
X509_REVOKED *
X509_REVOKED_new
(void);
X509_REVOKED *
X509_REVOKED_dup
(X509_REVOKED
*r);
void
X509_REVOKED_free
(X509_REVOKED
*r);
const ASN1_INTEGER *
X509_REVOKED_get0_serialNumber
(const
X509_REVOKED *r);
const ASN1_TIME *
X509_REVOKED_get0_revocationDate
(const
X509_REVOKED *r);
int
X509_REVOKED_set_serialNumber
(X509_REVOKED
*r, ASN1_INTEGER *serial);
int
X509_REVOKED_set_revocationDate
(X509_REVOKED
*r, ASN1_TIME *tm);
DESCRIPTION
X509_REVOKED_new
()
allocates and initializes an empty X509_REVOKED
object, representing one of the elements of the revokedCertificates field of
the ASN.1 TBSCertList structure defined in RFC 5280
section 5.1. It is used by X509_CRL objects and can
hold information about one revoked certificate including issuer names,
serial number, revocation date, and revocation reason.
X509_REVOKED_dup
()
creates a deep copy of r.
X509_REVOKED_free
()
frees r.
X509_REVOKED_set_serialNumber
()
sets the serial number of r to
serial. The supplied serial
pointer is not used internally so it should be freed up after use.
X509_REVOKED_set_revocationDate
()
sets the revocation date of r to
tm. The supplied tm pointer is
not used internally so it should be freed up after use.
RETURN VALUES
The X509_REVOKED_new
() function returns
the new X509_REVOKED object if successful; otherwise
NULL
is returned and an error code can be retrieved
with
ERR_get_error(3).
X509_REVOKED_dup
() return the new
X509_REVOKED object or NULL
if
an error occurs. In some cases of failure, the reason can be determined with
ERR_get_error(3).
X509_REVOKED_get0_serialNumber
() returns
an internal pointer to the serial number of r.
X509_REVOKED_get0_revocationDate
() returns
an internal pointer to the revocation date of r.
X509_REVOKED_set_serialNumber
() and
X509_REVOKED_set_revocationDate
() return 1 for
success or 0 for failure. In some cases of failure, the reason can be
determined with
ERR_get_error(3).
SEE ALSO
d2i_X509_CRL(3), PEM_read_X509_CRL(3), X509_CRL_get0_by_serial(3), X509_CRL_new(3), X509_EXTENSION_new(3), X509_REVOKED_get_ext(3), X509_REVOKED_get_ext_d2i(3)
STANDARDS
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, section 5.1: CRL Fields
HISTORY
X509_REVOKED_new
() and
X509_REVOKED_free
() first appeared in SSLeay 0.4.4
and have been available since OpenBSD 2.4.
X509_REVOKED_set_serialNumber
() and
X509_REVOKED_set_revocationDate
() first appeared in
OpenSSL 0.9.7 and have been available since OpenBSD
3.2.
X509_REVOKED_dup
() first appeared in
OpenSSL 1.0.2. X509_REVOKED_get0_serialNumber
() and
X509_REVOKED_get0_revocationDate
() first appeared in
OpenSSL 1.1.0. These functions have been available since
OpenBSD 6.3.