DragonFly On-Line Manual Pages

X509_CRL_GET0_BY_S... DragonFly Library Functions Manual X509_CRL_GET0_BY_S...

NAME
     X509_CRL_get0_by_serial, X509_CRL_get0_by_cert, X509_CRL_get_REVOKED,
     X509_CRL_add0_revoked, X509_CRL_sort -- add, sort, and retrieve CRL
     entries

SYNOPSIS
     #include <openssl/x509.h>

     int
     X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret,
	 ASN1_INTEGER *serial);

     int
     X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);

     STACK_OF(X509_REVOKED) *
     X509_CRL_get_REVOKED(X509_CRL *crl);

     int
     X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);

     int
     X509_CRL_sort(X509_CRL *crl);

DESCRIPTION
     X509_CRL_get0_by_serial() attempts to find a revoked entry in crl for
     serial number serial.  If it is successful, it sets *ret to the internal
     pointer of the matching entry.  Consequently, *ret must not be freed up
     after the call.

     X509_CRL_get0_by_cert() is similar to X509_CRL_get0_by_serial() except
     that it looks for a revoked entry using the serial number of certificate
     x.

     X509_CRL_get_REVOKED() returns an internal pointer to a stack of all
     revoked entries for crl.  It is implemented as a macro.

     X509_CRL_add0_revoked() appends revoked entry rev to CRL crl.  The
     pointer rev is used internally so it must not be freed up after the call:
     it is freed when the parent CRL is freed.

     X509_CRL_sort() sorts the revoked entries of crl into ascending serial
     number order.

     Applications can determine the number of revoked entries returned by
     X509_CRL_get_revoked() using sk_X509_REVOKED_num() and examine each one
     in turn using sk_X509_REVOKED_value(), both defined in
     <openssl/safestack.h>.

RETURN VALUES
     X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() return 0 for fail-
     ure or 1 for success, except if the revoked entry has the reason
     "removeFromCRL", in which case 2 is returned.

     X509_CRL_add0_revoked() and X509_CRL_sort() return 1 for success or 0 for
     failure.

     X509_CRL_get_REVOKED() returns a STACK of revoked entries.

SEE ALSO
     d2i_X509_CRL(3), ERR_get_error(3), X509_CRL_get_ext(3),
     X509_CRL_get_issuer(3), X509_CRL_get_version(3), X509_REVOKED_new(3),
     X509V3_get_d2i(3)

HISTORY
     X509_CRL_get_REVOKED() first appeared in OpenSSL 0.9.2b and has been
     available since OpenBSD 2.6.

     X509_CRL_add0_revoked() and X509_CRL_sort() first appeared in OpenSSL
     0.9.7 and have been available since OpenBSD 3.2.

     X509_CRL_get0_by_serial() and X509_CRL_get0_by_cert() first appeared in
     OpenSSL 1.0.0 and have been available since OpenBSD 4.9.

DragonFly 5.5			March 23, 2018			 DragonFly 5.5