X509_CRL_NEW(3)            Library Functions Manual            X509_CRL_NEW(3)

NAME
     X509_CRL_new, X509_CRL_dup, X509_CRL_up_ref, X509_CRL_free,
     X509_CRL_INFO_new, X509_CRL_INFO_free - X.509 certificate revocation
     lists

SYNOPSIS
     #include <openssl/x509.h>

     X509_CRL *
     X509_CRL_new(void);

     X509_CRL *
     X509_CRL_dup(X509_CRL *crl);

     int
     X509_CRL_up_ref(X509_CRL *crl);

     void
     X509_CRL_free(X509_CRL *crl);

     X509_CRL_INFO *
     X509_CRL_INFO_new(void);

     void
     X509_CRL_INFO_free(X509_CRL_INFO *crl_info);

DESCRIPTION
     X509_CRL_new() allocates and initializes an empty X509_CRL object,
     representing an ASN.1 CertificateList structure defined in RFC 5280
     section 5.1.  It can hold a pointer to an X509_CRL_INFO object discussed
     below together with a cryptographic signature and information about the
     signature algorithm used.  The reference count is set to 1.

     X509_CRL_dup() creates a deep copy of crl.

     X509_CRL_up_ref() increments the reference count of crl by 1.

     X509_CRL_free() decrements the reference count of crl by 1.  If the
     reference count reaches 0, it frees crl.

     X509_CRL_INFO_new() allocates and initializes an empty X509_CRL_INFO
     object, representing an ASN.1 TBSCertList structure defined in RFC 5280
     section 5.1.  It is used inside the X509_CRL object and can hold a list
     of revoked certificates, an issuer name, the time the list was issued,
     the time when the next update of the list is due, and optional
     extensions.  X509_CRL_INFO_free() frees crl_info.

RETURN VALUES
     X509_CRL_new(), X509_CRL_dup(), and X509_CRL_INFO_new() return the new
     X509_CRL or X509_CRL_INFO object, respectively, or NULL if an error
     occurs.

     X509_CRL_up_ref() returns 1 on success or 0 on error.

SEE ALSO
     ACCESS_DESCRIPTION_new(3), AUTHORITY_KEYID_new(3), d2i_X509_CRL(3),
     DIST_POINT_new(3), PEM_read_X509_CRL(3), X509_CRL_digest(3),
     X509_CRL_get0_by_serial(3), X509_CRL_get0_lastUpdate(3),
     X509_CRL_get0_signature(3), X509_CRL_get_ext(3), X509_CRL_get_ext_d2i(3),
     X509_CRL_get_issuer(3), X509_CRL_get_version(3), X509_CRL_match(3),
     X509_CRL_print(3), X509_CRL_sign(3), X509_EXTENSION_new(3),
     X509_INFO_new(3), X509_load_crl_file(3), X509_new(3),
     X509_OBJECT_get0_X509_CRL(3), X509_REVOKED_new(3),
     X509_STORE_CTX_set0_crls(3), X509_STORE_get1_crls(3)

STANDARDS
     RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
     Certificate Revocation List (CRL) Profile, section 5: CRL and CRL
     Extensions Profile

HISTORY
     X509_CRL_new(), X509_CRL_free(), X509_CRL_INFO_new(), and
     X509_CRL_INFO_free() first appeared in SSLeay 0.4.4.  X509_CRL_dup()
     first appeared in SSLeay 0.5.1.  These functions have been available
     since OpenBSD 2.4.

     X509_CRL_up_ref() first appeared in OpenSSL 1.1.0 and has been available
     since OpenBSD 6.3.

Linux 6.8.2-arch2-1              March 6, 2024             Linux 6.8.2-arch2-1