OpenBSD manual page server

Manual Page Search Parameters

X509_REVOKED_NEW(3) Library Functions Manual X509_REVOKED_NEW(3)

X509_REVOKED_new, X509_REVOKED_dup, X509_REVOKED_free, X509_REVOKED_get0_serialNumber, X509_REVOKED_get0_revocationDate, X509_REVOKED_set_serialNumber, X509_REVOKED_set_revocationDatecreate, change, and inspect an X.509 CRL revoked entry

#include <openssl/x509.h>

X509_REVOKED *
X509_REVOKED_new(void);

X509_REVOKED *
X509_REVOKED_dup(X509_REVOKED *r);

void
X509_REVOKED_free(X509_REVOKED *r);

const ASN1_INTEGER *
X509_REVOKED_get0_serialNumber(const X509_REVOKED *r);

const ASN1_TIME *
X509_REVOKED_get0_revocationDate(const X509_REVOKED *r);

int
X509_REVOKED_set_serialNumber(X509_REVOKED *r, ASN1_INTEGER *serial);

int
X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);

X509_REVOKED_new() allocates and initializes an empty X509_REVOKED object, representing one of the elements of the revokedCertificates field of the ASN.1 TBSCertList structure defined in RFC 5280 section 5.1. It is used by X509_CRL objects and can hold information about one revoked certificate including issuer names, serial number, revocation date, and revocation reason.

X509_REVOKED_dup() creates a deep copy of r.

X509_REVOKED_free() frees r.

X509_REVOKED_set_serialNumber() sets the serial number of r to serial. The supplied serial pointer is not used internally so it should be freed up after use.

X509_REVOKED_set_revocationDate() sets the revocation date of r to tm. The supplied tm pointer is not used internally so it should be freed up after use.

The X509_REVOKED_new() function returns the new X509_REVOKED object if successful; otherwise NULL is returned and an error code can be retrieved with ERR_get_error(3).

X509_REVOKED_dup() return the new X509_REVOKED object or NULL if an error occurs. In some cases of failure, the reason can be determined with ERR_get_error(3).

X509_REVOKED_get0_serialNumber() returns an internal pointer to the serial number of r.

X509_REVOKED_get0_revocationDate() returns an internal pointer to the revocation date of r.

X509_REVOKED_set_serialNumber() and X509_REVOKED_set_revocationDate() return 1 for success or 0 for failure. In some cases of failure, the reason can be determined with ERR_get_error(3).

d2i_X509_CRL(3), PEM_read_X509_CRL(3), X509_CRL_get0_by_serial(3), X509_CRL_new(3), X509_EXTENSION_new(3), X509_REVOKED_get_ext(3), X509_REVOKED_get_ext_d2i(3)

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, section 5.1: CRL Fields

X509_REVOKED_new() and X509_REVOKED_free() first appeared in SSLeay 0.4.4 and have been available since OpenBSD 2.4.

X509_REVOKED_set_serialNumber() and X509_REVOKED_set_revocationDate() first appeared in OpenSSL 0.9.7 and have been available since OpenBSD 3.2.

X509_REVOKED_dup() first appeared in OpenSSL 1.0.2. X509_REVOKED_get0_serialNumber() and X509_REVOKED_get0_revocationDate() first appeared in OpenSSL 1.1.0. These functions have been available since OpenBSD 6.3.

June 14, 2019 OpenBSD-current