OpenBSD manual page server

Manual Page Search Parameters

X509_CRL_NEW(3) Library Functions Manual X509_CRL_NEW(3)

X509_CRL_new, X509_CRL_dup, X509_CRL_up_ref, X509_CRL_free, X509_CRL_INFO_new, X509_CRL_INFO_freeX.509 certificate revocation lists

#include <openssl/x509.h>

X509_CRL *
X509_CRL_new(void);

X509_CRL *
X509_CRL_dup(X509_CRL *crl);

int
X509_CRL_up_ref(X509_CRL *crl);

void
X509_CRL_free(X509_CRL *crl);

X509_CRL_INFO *
X509_CRL_INFO_new(void);

void
X509_CRL_INFO_free(X509_CRL_INFO *crl_info);

() allocates and initializes an empty X509_CRL object, representing an ASN.1 CertificateList structure defined in RFC 5280 section 5.1. It can hold a pointer to an X509_CRL_INFO object discussed below together with a cryptographic signature and information about the signature algorithm used. The reference count is set to 1.

() creates a deep copy of crl.

() increments the reference count of crl by 1.

() decrements the reference count of crl by 1. If the reference count reaches 0, it frees crl.

() allocates and initializes an empty X509_CRL_INFO object, representing an ASN.1 TBSCertList structure defined in RFC 5280 section 5.1. It is used inside the X509_CRL object and can hold a list of revoked certificates, an issuer name, the time the list was issued, the time when the next update of the list is due, and optional extensions. () frees crl_info.

X509_CRL_new(), X509_CRL_dup(), and X509_CRL_INFO_new() return the new X509_CRL or X509_CRL_INFO object, respectively, or NULL if an error occurs.

X509_CRL_up_ref() returns 1 on success or 0 on error.

ACCESS_DESCRIPTION_new(3), AUTHORITY_KEYID_new(3), d2i_X509_CRL(3), DIST_POINT_new(3), PEM_read_X509_CRL(3), X509_CRL_digest(3), X509_CRL_get0_by_serial(3), X509_CRL_get0_lastUpdate(3), X509_CRL_get0_signature(3), X509_CRL_get_ext(3), X509_CRL_get_ext_d2i(3), X509_CRL_get_issuer(3), X509_CRL_get_version(3), X509_CRL_match(3), X509_CRL_print(3), X509_CRL_sign(3), X509_EXTENSION_new(3), X509_INFO_new(3), X509_load_crl_file(3), X509_new(3), X509_OBJECT_get0_X509_CRL(3), X509_REVOKED_new(3), X509_STORE_CTX_set0_crls(3), X509_STORE_get1_crls(3)

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, section 5: CRL and CRL Extensions Profile

X509_CRL_new(), X509_CRL_free(), X509_CRL_INFO_new(), and X509_CRL_INFO_free() first appeared in SSLeay 0.4.4. X509_CRL_dup() first appeared in SSLeay 0.5.1. These functions have been available since OpenBSD 2.4.

X509_CRL_up_ref() first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 6.3.

March 6, 2024 OpenBSD-7.6