Document X509_REVOKED_new(3) and X509_REVOKED_free(3) and move

X509_REVOKED_set_serialNumber(3) and X509_REVOKED_set_revocationDate(3) into this new page. Replace irrelevant cross references with relevant cross references to X509_CRL* pages.
author: schwarze <> 2016-12-16 14:50:58 +0000
committer: schwarze <> 2016-12-16 14:50:58 +0000
commit: bf1a8cba765fb4734f2f428f5dcec8f709beeb65 (patch)
tree: 28e47ac8f82390e068f796bd463f0e098168a0d3 /src/lib
parent: 36b636961c892cd3ced23afa06180d25ebaf76d3 (diff)
download: openbsd-bf1a8cba765fb4734f2f428f5dcec8f709beeb65.tar.gz
openbsd-bf1a8cba765fb4734f2f428f5dcec8f709beeb65.tar.bz2
openbsd-bf1a8cba765fb4734f2f428f5dcec8f709beeb65.zip
3 files changed, 157 insertions, 49 deletions
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index e35d6239af..dccb082a02 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.81 2016/12/16 09:56:33 schwarze Exp $
+# $OpenBSD: Makefile,v 1.82 2016/12/16 14:50:58 schwarze Exp $
 .include <bsd.own.mk>
@@ -188,6 +188,7 @@ MAN=	\
        X509_NAME_new.3 \
        X509_NAME_print_ex.3 \
        X509_PUBKEY_new.3 \
+        X509_REVOKED_new.3 \
        X509_STORE_CTX_get_error.3 \
        X509_STORE_CTX_get_ex_new_index.3 \
        X509_STORE_CTX_new.3 \
diff --git a/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3 b/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3
index 1f84671342..15c94d7c2a 100644
--- a/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3
+++ b/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3
@@ -1,5 +1,5 @@
-.\"     $OpenBSD: X509_CRL_get0_by_serial.3,v 1.2 2016/12/05 18:25:07 schwarze Exp $
+.\"     $OpenBSD: X509_CRL_get0_by_serial.3,v 1.3 2016/12/16 14:50:58 schwarze Exp $
-.\"     OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
+.\"     OpenSSL X509_CRL_get0_by_serial.pod 99d63d46 Oct 26 13:56:48 2016 -0400
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
 .\" Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
@@ -48,18 +48,16 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 5 2016 $
+.Dd $Mdocdate: December 16 2016 $
 .Dt X509_CRL_GET0_BY_SERIAL 3
 .Os
 .Sh NAME
 .Nm X509_CRL_get0_by_serial ,
 .Nm X509_CRL_get0_by_cert ,
 .Nm X509_CRL_get_REVOKED ,
-.Nm X509_REVOKED_set_serialNumber ,
-.Nm X509_REVOKED_set_revocationDate ,
 .Nm X509_CRL_add0_revoked ,
 .Nm X509_CRL_sort
-.Nd CRL revoked entry utility functions
+.Nd add, sort, and retrieve CRL entries
 .Sh SYNOPSIS
 .In openssl/x509.h
 .Ft int
@@ -79,16 +77,6 @@
 .Fa "X509_CRL *crl"
 .Fc
 .Ft int
-.Fo X509_REVOKED_set_serialNumber
-.Fa "X509_REVOKED *r"
-.Fa "ASN1_INTEGER *serial"
-.Fc
-.Ft int
-.Fo X509_REVOKED_set_revocationDate
-.Fa "X509_REVOKED *r"
-.Fa "ASN1_TIME *tm"
-.Fc
-.Ft int
 .Fo X509_CRL_add0_revoked
 .Fa "X509_CRL *crl"
 .Fa "X509_REVOKED *rev"
@@ -122,24 +110,6 @@ returns an internal pointer to a stack of all revoked entries for
 .Fa crl .
 It is implemented as a macro.
 .Pp
-.Fn X509_REVOKED_set_serialNumber
-sets the serial number of
-.Fa r
-to
-.Fa serial .
-The supplied
-.Fa serial
-pointer is not used internally so it should be freed up after use.
-.Pp
-.Fn X509_REVOKED_set_revocationDate
-sets the revocation date of
-.Fa r
-to
-.Fa tm .
-The supplied
-.Fa tm
-pointer is not used internally so it should be freed up after use.
-.Pp
 .Fn X509_CRL_add0_revoked
 appends revoked entry
 .Fa rev
@@ -164,8 +134,6 @@ and examine each one in turn using
 .Sh RETURN VALUES
 .Fn X509_CRL_get0_by_serial ,
 .Fn X509_CRL_get0_by_cert ,
-.Fn X509_REVOKED_set_serialNumber ,
-.Fn X509_REVOKED_set_revocationDate ,
 .Fn X509_CRL_add0_revoked ,
 and
 .Fn X509_CRL_sort
@@ -174,17 +142,10 @@ return 1 for success or 0 for failure.
 .Fn X509_CRL_get_REVOKED
 returns a STACK of revoked entries.
 .Sh SEE ALSO
-.Xr d2i_X509 3 ,
+.Xr d2i_X509_CRL 3 ,
 .Xr ERR_get_error 3 ,
-.Xr X509_get_ext_d2i 3 ,
+.Xr X509_CRL_get_ext 3 ,
-.Xr X509_get_pubkey 3 ,
+.Xr X509_CRL_get_issuer 3 ,
-.Xr X509_get_subject_name 3 ,
+.Xr X509_CRL_get_version 3 ,
-.Xr X509_get_version 3 ,
+.Xr X509_REVOKED_new 3 ,
-.Xr X509_NAME_add_entry_by_txt 3 ,
-.Xr X509_NAME_ENTRY_get_object 3 ,
-.Xr X509_NAME_get_index_by_NID 3 ,
-.Xr X509_NAME_print_ex 3 ,
-.Xr X509_new 3 ,
-.Xr X509_sign 3 ,
-.Xr X509_verify_cert 3 ,
 .Xr X509V3_get_d2i 3
diff --git a/src/lib/libcrypto/man/X509_REVOKED_new.3 b/src/lib/libcrypto/man/X509_REVOKED_new.3
new file mode 100644
index 0000000000..2303f9caf2
--- /dev/null
+++ b/src/lib/libcrypto/man/X509_REVOKED_new.3
@@ -0,0 +1,146 @@
+.\"     $OpenBSD: X509_REVOKED_new.3,v 1.1 2016/12/16 14:50:58 schwarze Exp $
+.\"     OpenSSL X509_CRL_get0_by_serial.pod 99d63d46 Oct 26 13:56:48 2016 -0400
+.\"
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
+.\" Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: December 16 2016 $
+.Dt X509_REVOKED_NEW 3
+.Os
+.Sh NAME
+.Nm X509_REVOKED_new ,
+.Nm X509_REVOKED_free ,
+.Nm X509_REVOKED_set_serialNumber ,
+.Nm X509_REVOKED_set_revocationDate
+.Nd create and change an X.509 CRL revoked entry
+.Sh SYNOPSIS
+.In openssl/x509.h
+.Ft X509_REVOKED *
+.Fn X509_REVOKED_new void
+.Ft void
+.Fn X509_REVOKED_free "X509_REVOKED *r"
+.Ft int
+.Fo X509_REVOKED_set_serialNumber
+.Fa "X509_REVOKED *r"
+.Fa "ASN1_INTEGER *serial"
+.Fc
+.Ft int
+.Fo X509_REVOKED_set_revocationDate
+.Fa "X509_REVOKED *r"
+.Fa "ASN1_TIME *tm"
+.Fc
+.Sh DESCRIPTION
+.Fn X509_REVOKED_new
+allocates and initializes an empty
+.Vt X509_REVOKED
+object, representing one of the elements of
+the revokedCertificates field of the ASN.1 TBSCertList structure
+defined in RFC 5280 section 5.1.
+It is used by
+.Vt X509_CRL
+objects and can hold information about one revoked certificate
+including issuer names, serial number, revocation date, and revocation
+reason.
+.Pp
+.Fn X509_REVOKED_free
+frees
+.Fa r .
+.Pp
+.Fn X509_REVOKED_set_serialNumber
+sets the serial number of
+.Fa r
+to
+.Fa serial .
+The supplied
+.Fa serial
+pointer is not used internally so it should be freed up after use.
+.Pp
+.Fn X509_REVOKED_set_revocationDate
+sets the revocation date of
+.Fa r
+to
+.Fa tm .
+The supplied
+.Fa tm
+pointer is not used internally so it should be freed up after use.
+.Sh RETURN VALUES
+.Fn X509_REVOKED_new
+returns the new
+.Vt X509_REVOKED
+object or
+.Dv NULL
+if an error occurs.
+.Pp
+.Fn X509_REVOKED_set_serialNumber
+and
+.Fn X509_REVOKED_set_revocationDate
+return 1 for success or 0 for failure.
+.Sh SEE ALSO
+.Xr d2i_X509_CRL 3 ,
+.Xr ERR_get_error 3 ,
+.Xr PEM_read_X509_CRL 3 ,
+.Xr X509_CRL_get0_by_serial 3
+.Sh STANDARDS
+RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
+Certificate Revocation List (CRL) Profile, section 5.1: CRL Fields
author	schwarze <>	2016-12-16 14:50:58 +0000
committer	schwarze <>	2016-12-16 14:50:58 +0000
commit	bf1a8cba765fb4734f2f428f5dcec8f709beeb65 (patch)
tree	28e47ac8f82390e068f796bd463f0e098168a0d3 /src/lib
parent	36b636961c892cd3ced23afa06180d25ebaf76d3 (diff)
download	openbsd-bf1a8cba765fb4734f2f428f5dcec8f709beeb65.tar.gz openbsd-bf1a8cba765fb4734f2f428f5dcec8f709beeb65.tar.bz2 openbsd-bf1a8cba765fb4734f2f428f5dcec8f709beeb65.zip

diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index e35d6239af..dccb082a02 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.81 2016/12/16 09:56:33 schwarze Exp $	1	# $OpenBSD: Makefile,v 1.82 2016/12/16 14:50:58 schwarze Exp $
2		2
3	.include <bsd.own.mk>	3	.include <bsd.own.mk>
4		4
@@ -188,6 +188,7 @@ MAN= \
188	X509_NAME_new.3 \	188	X509_NAME_new.3 \
189	X509_NAME_print_ex.3 \	189	X509_NAME_print_ex.3 \
190	X509_PUBKEY_new.3 \	190	X509_PUBKEY_new.3 \
		191	X509_REVOKED_new.3 \
191	X509_STORE_CTX_get_error.3 \	192	X509_STORE_CTX_get_error.3 \
192	X509_STORE_CTX_get_ex_new_index.3 \	193	X509_STORE_CTX_get_ex_new_index.3 \
193	X509_STORE_CTX_new.3 \	194	X509_STORE_CTX_new.3 \


diff --git a/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3 b/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3 index 1f84671342..15c94d7c2a 100644 --- a/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3 +++ b/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3
@@ -1,5 +1,5 @@
1	.\" $OpenBSD: X509_CRL_get0_by_serial.3,v 1.2 2016/12/05 18:25:07 schwarze Exp $	1	.\" $OpenBSD: X509_CRL_get0_by_serial.3,v 1.3 2016/12/16 14:50:58 schwarze Exp $
2	.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400	2	.\" OpenSSL X509_CRL_get0_by_serial.pod 99d63d46 Oct 26 13:56:48 2016 -0400
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
5	.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved.	5	.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved.
@@ -48,18 +48,16 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: December 5 2016 $	51	.Dd $Mdocdate: December 16 2016 $
52	.Dt X509_CRL_GET0_BY_SERIAL 3	52	.Dt X509_CRL_GET0_BY_SERIAL 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
55	.Nm X509_CRL_get0_by_serial ,	55	.Nm X509_CRL_get0_by_serial ,
56	.Nm X509_CRL_get0_by_cert ,	56	.Nm X509_CRL_get0_by_cert ,
57	.Nm X509_CRL_get_REVOKED ,	57	.Nm X509_CRL_get_REVOKED ,
58	.Nm X509_REVOKED_set_serialNumber ,
59	.Nm X509_REVOKED_set_revocationDate ,
60	.Nm X509_CRL_add0_revoked ,	58	.Nm X509_CRL_add0_revoked ,
61	.Nm X509_CRL_sort	59	.Nm X509_CRL_sort
62	.Nd CRL revoked entry utility functions	60	.Nd add, sort, and retrieve CRL entries
63	.Sh SYNOPSIS	61	.Sh SYNOPSIS
64	.In openssl/x509.h	62	.In openssl/x509.h
65	.Ft int	63	.Ft int
@@ -79,16 +77,6 @@
79	.Fa "X509_CRL *crl"	77	.Fa "X509_CRL *crl"
80	.Fc	78	.Fc
81	.Ft int	79	.Ft int
82	.Fo X509_REVOKED_set_serialNumber
83	.Fa "X509_REVOKED *r"
84	.Fa "ASN1_INTEGER *serial"
85	.Fc
86	.Ft int
87	.Fo X509_REVOKED_set_revocationDate
88	.Fa "X509_REVOKED *r"
89	.Fa "ASN1_TIME *tm"
90	.Fc
91	.Ft int
92	.Fo X509_CRL_add0_revoked	80	.Fo X509_CRL_add0_revoked
93	.Fa "X509_CRL *crl"	81	.Fa "X509_CRL *crl"
94	.Fa "X509_REVOKED *rev"	82	.Fa "X509_REVOKED *rev"
@@ -122,24 +110,6 @@ returns an internal pointer to a stack of all revoked entries for
122	.Fa crl .	110	.Fa crl .
123	It is implemented as a macro.	111	It is implemented as a macro.
124	.Pp	112	.Pp
125	.Fn X509_REVOKED_set_serialNumber
126	sets the serial number of
127	.Fa r
128	to
129	.Fa serial .
130	The supplied
131	.Fa serial
132	pointer is not used internally so it should be freed up after use.
133	.Pp
134	.Fn X509_REVOKED_set_revocationDate
135	sets the revocation date of
136	.Fa r
137	to
138	.Fa tm .
139	The supplied
140	.Fa tm
141	pointer is not used internally so it should be freed up after use.
142	.Pp
143	.Fn X509_CRL_add0_revoked	113	.Fn X509_CRL_add0_revoked
144	appends revoked entry	114	appends revoked entry
145	.Fa rev	115	.Fa rev
@@ -164,8 +134,6 @@ and examine each one in turn using
164	.Sh RETURN VALUES	134	.Sh RETURN VALUES
165	.Fn X509_CRL_get0_by_serial ,	135	.Fn X509_CRL_get0_by_serial ,
166	.Fn X509_CRL_get0_by_cert ,	136	.Fn X509_CRL_get0_by_cert ,
167	.Fn X509_REVOKED_set_serialNumber ,
168	.Fn X509_REVOKED_set_revocationDate ,
169	.Fn X509_CRL_add0_revoked ,	137	.Fn X509_CRL_add0_revoked ,
170	and	138	and
171	.Fn X509_CRL_sort	139	.Fn X509_CRL_sort
@@ -174,17 +142,10 @@ return 1 for success or 0 for failure.
174	.Fn X509_CRL_get_REVOKED	142	.Fn X509_CRL_get_REVOKED
175	returns a STACK of revoked entries.	143	returns a STACK of revoked entries.
176	.Sh SEE ALSO	144	.Sh SEE ALSO
177	.Xr d2i_X509 3 ,	145	.Xr d2i_X509_CRL 3 ,
178	.Xr ERR_get_error 3 ,	146	.Xr ERR_get_error 3 ,
179	.Xr X509_get_ext_d2i 3 ,	147	.Xr X509_CRL_get_ext 3 ,
180	.Xr X509_get_pubkey 3 ,	148	.Xr X509_CRL_get_issuer 3 ,
181	.Xr X509_get_subject_name 3 ,	149	.Xr X509_CRL_get_version 3 ,
182	.Xr X509_get_version 3 ,	150	.Xr X509_REVOKED_new 3 ,
183	.Xr X509_NAME_add_entry_by_txt 3 ,
184	.Xr X509_NAME_ENTRY_get_object 3 ,
185	.Xr X509_NAME_get_index_by_NID 3 ,
186	.Xr X509_NAME_print_ex 3 ,
187	.Xr X509_new 3 ,
188	.Xr X509_sign 3 ,
189	.Xr X509_verify_cert 3 ,
190	.Xr X509V3_get_d2i 3	151	.Xr X509V3_get_d2i 3


diff --git a/src/lib/libcrypto/man/X509_REVOKED_new.3 b/src/lib/libcrypto/man/X509_REVOKED_new.3 new file mode 100644 index 0000000000..2303f9caf2 --- /dev/null +++ b/src/lib/libcrypto/man/X509_REVOKED_new.3
@@ -0,0 +1,146 @@
		1	.\" $OpenBSD: X509_REVOKED_new.3,v 1.1 2016/12/16 14:50:58 schwarze Exp $
		2	.\" OpenSSL X509_CRL_get0_by_serial.pod 99d63d46 Oct 26 13:56:48 2016 -0400
		3	.\"
		4	.\" This file is a derived work.
		5	.\" The changes are covered by the following Copyright and license:
		6	.\"
		7	.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
		8	.\"
		9	.\" Permission to use, copy, modify, and distribute this software for any
		10	.\" purpose with or without fee is hereby granted, provided that the above
		11	.\" copyright notice and this permission notice appear in all copies.
		12	.\"
		13	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		14	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		15	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		16	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		17	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		18	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		19	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		20	.\"
		21	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
		22	.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved.
		23	.\"
		24	.\" Redistribution and use in source and binary forms, with or without
		25	.\" modification, are permitted provided that the following conditions
		26	.\" are met:
		27	.\"
		28	.\" 1. Redistributions of source code must retain the above copyright
		29	.\" notice, this list of conditions and the following disclaimer.
		30	.\"
		31	.\" 2. Redistributions in binary form must reproduce the above copyright
		32	.\" notice, this list of conditions and the following disclaimer in
		33	.\" the documentation and/or other materials provided with the
		34	.\" distribution.
		35	.\"
		36	.\" 3. All advertising materials mentioning features or use of this
		37	.\" software must display the following acknowledgment:
		38	.\" "This product includes software developed by the OpenSSL Project
		39	.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
		40	.\"
		41	.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
		42	.\" endorse or promote products derived from this software without
		43	.\" prior written permission. For written permission, please contact
		44	.\" openssl-core@openssl.org.
		45	.\"
		46	.\" 5. Products derived from this software may not be called "OpenSSL"
		47	.\" nor may "OpenSSL" appear in their names without prior written
		48	.\" permission of the OpenSSL Project.
		49	.\"
		50	.\" 6. Redistributions of any form whatsoever must retain the following
		51	.\" acknowledgment:
		52	.\" "This product includes software developed by the OpenSSL Project
		53	.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
		54	.\"
		55	.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
		56	.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
		57	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
		58	.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
		59	.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
		60	.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
		61	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
		62	.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
		63	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
		64	.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
		65	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
		66	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
		67	.\"
		68	.Dd $Mdocdate: December 16 2016 $
		69	.Dt X509_REVOKED_NEW 3
		70	.Os
		71	.Sh NAME
		72	.Nm X509_REVOKED_new ,
		73	.Nm X509_REVOKED_free ,
		74	.Nm X509_REVOKED_set_serialNumber ,
		75	.Nm X509_REVOKED_set_revocationDate
		76	.Nd create and change an X.509 CRL revoked entry
		77	.Sh SYNOPSIS
		78	.In openssl/x509.h
		79	.Ft X509_REVOKED *
		80	.Fn X509_REVOKED_new void
		81	.Ft void
		82	.Fn X509_REVOKED_free "X509_REVOKED *r"
		83	.Ft int
		84	.Fo X509_REVOKED_set_serialNumber
		85	.Fa "X509_REVOKED *r"
		86	.Fa "ASN1_INTEGER *serial"
		87	.Fc
		88	.Ft int
		89	.Fo X509_REVOKED_set_revocationDate
		90	.Fa "X509_REVOKED *r"
		91	.Fa "ASN1_TIME *tm"
		92	.Fc
		93	.Sh DESCRIPTION
		94	.Fn X509_REVOKED_new
		95	allocates and initializes an empty
		96	.Vt X509_REVOKED
		97	object, representing one of the elements of
		98	the revokedCertificates field of the ASN.1 TBSCertList structure
		99	defined in RFC 5280 section 5.1.
		100	It is used by
		101	.Vt X509_CRL
		102	objects and can hold information about one revoked certificate
		103	including issuer names, serial number, revocation date, and revocation
		104	reason.
		105	.Pp
		106	.Fn X509_REVOKED_free
		107	frees
		108	.Fa r .
		109	.Pp
		110	.Fn X509_REVOKED_set_serialNumber
		111	sets the serial number of
		112	.Fa r
		113	to
		114	.Fa serial .
		115	The supplied
		116	.Fa serial
		117	pointer is not used internally so it should be freed up after use.
		118	.Pp
		119	.Fn X509_REVOKED_set_revocationDate
		120	sets the revocation date of
		121	.Fa r
		122	to
		123	.Fa tm .
		124	The supplied
		125	.Fa tm
		126	pointer is not used internally so it should be freed up after use.
		127	.Sh RETURN VALUES
		128	.Fn X509_REVOKED_new
		129	returns the new
		130	.Vt X509_REVOKED
		131	object or
		132	.Dv NULL
		133	if an error occurs.
		134	.Pp
		135	.Fn X509_REVOKED_set_serialNumber
		136	and
		137	.Fn X509_REVOKED_set_revocationDate
		138	return 1 for success or 0 for failure.
		139	.Sh SEE ALSO
		140	.Xr d2i_X509_CRL 3 ,
		141	.Xr ERR_get_error 3 ,
		142	.Xr PEM_read_X509_CRL 3 ,
		143	.Xr X509_CRL_get0_by_serial 3
		144	.Sh STANDARDS
		145	RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
		146	Certificate Revocation List (CRL) Profile, section 5.1: CRL Fields