X509_REVOKED *X509_REVOKED_new();
void X509_REVOKED_free(a)
X509_REVOKED *a;
int X509_REVOKED_get_ext_count(x)
X509_REVOKED *x;
int X509_REVOKED_get_ext_by_NID(x, nid, lastpos)
X509_REVOKED *x;
int nid;
int lastpos;
int X509_REVOKED_get_ext_by_OBJ(x, obj, lastpos)
X509_REVOKED *x;
ASN1_OBJECT *obj;
int lastpos;
int X509_REVOKED_get_ext_by_critical(x, crit, lastpos)
X509_REVOKED *x;
int crit;
int lastpos;
X509_EXTENSION *X509_REVOKED_get_ext(x, loc)
X509_REVOKED *x;
int loc;
X509_EXTENSION *X509_REVOKED_delete_ext(x, loc)
X509_REVOKED *x;
int loc;
int X509_REVOKED_add_ext(x, ex, loc)
X509_REVOKED *x;
X509_EXTENSION *ex;
int loc;
int i2d_X509_REVOKED(a, pp)
X509_REVOKED *a;
unsigned char **pp;
X509_REVOKED *d2i_X509_REVOKED(a, pp, length)
X509_REVOKED **a;
unsigned char **pp;
long length;
These nctions all operate on an X509_REVOKED structure:
typedef struct X509_revoked_st
{
ASN1_INTEGER *serialNumber;
ASN1_UTCTIME *revocationDate;
STACK /* optional X509_EXTENSION */ *extensions;
int sequence; /* load sequence */
} X509_REVOKED;
A STACK of these is included as a subfield of the X509_CRL structure.
Treating the certificate revocation list as a more-or-less opaque type, we have the following operations we can perform on it:
make a new one, free an old one, copy it
X509_REVOKED_new, X509_REVOKED_free, X509_REVOKED_dup
convert it to/from DER-encoded form
i2d_X509_REVOKED, d2i_X509_REVOKED
There is also a collection of functions that deal with X.509v3 extensions, determining how many there are, which ones are critical, what each one actually it, adding them and deleting them to the cerificate revocation list
X509_REVOKED_get_ext_count, X509_REVOKED_get_ext_by_NID, X509_REVOKED_get_ext_by_OBJ, X509_REVOKED_get_ext_by_critical, X509_REVOKED_get_ext, X509_REVOKED_delete_ext, X509_REVOKED_add_ext
We'll look at each of these in turn.
X509_REVOKED_new creates a new X509_REVOKED structure and returns a pointer to it; if memory cannot be allocated it returns NULL.
X509_REVOKED_free frees the memory of the X509_REVOKED structure pointed to by x, unless the argument is NULL, in which case it does nothing.
i2d_X509_REVOKED converts an X509_REVOKED structure pointed to by a to DER-encoded form; it places the results in *pp and then increments *pp to point to the end of the byte string it has just written, so you can call several i2d functions in a row. It returns the number of bytes written to the string or 0 on error.
See ASN.1 conversion to and from DER-encoded form for more on i2d functions.
d2i_X509_REVOKED converts length bytes of the DER-encoded string in *pp to an X509_REVOKED structure, updates *pp to point to the next byte to be processed, places the new X509_REVOKED structure in *a, and returns it, or NULL on error.
See ASN.1 conversion to and from DER-encoded form for more on d2i functions.
The following functions all rely on X509v3_* functions that manipulate extenstions; see X.509 Extension Handling for details on these.
X509_REVOKED_get_ext_count just calls X509v3_get_ext_count on the extenstions subfield of x.
X509_REVOKED_get_ext_by_NID just calls X509v3_get_ext_by_NID on the extension subfield of x, passing the other arguments through unchanged.
X509_REVOKED_get_ext_by_OBJ just calls X509v3_get_ext_by_OBJ on the extension subfield of x, passing the other arguments through unchanged.
X509_REVOKED_get_ext_by_critical just calls X509v3_get_ext_by_critical on the extension subfield of x, passing the other arguments through unchanged.
X509_REVOKED_get_ext just calls X509v3_get_ext on the extension subfield of x, passing the other argument through unchanged.
X509_REVOKED_delete_ext just calls X509v3_delete_ext on the extension subfield of x, passing the other argument through unchanged.
X509_REVOKED_add_ext just calls X509v3_add_ext on the extension subfield of x, passing the other arguments through unchanged.