DIST_POINT_NEW(3) Library Functions Manual DIST_POINT_NEW(3)
NAME
DIST_POINT_new, DIST_POINT_free, CRL_DIST_POINTS_new, CRL_DIST_POINTS_free, DIST_POINT_NAME_new, DIST_POINT_NAME_free, ISSUING_DIST_POINT_new, ISSUING_DIST_POINT_free — X.509 CRL distribution point extensions
SYNOPSIS
#include <openssl/x509v3.h>
DIST_POINT *
DIST_POINT_new(void);
void
DIST_POINT_free(DIST_POINT *dp);
CRL_DIST_POINTS *
CRL_DIST_POINTS_new(void);
void
CRL_DIST_POINTS_free(CRL_DIST_POINTS *dps);
DIST_POINT_NAME *
DIST_POINT_NAME_new(void);
void
DIST_POINT_NAME_free(DIST_POINT_NAME *name);
ISSUING_DIST_POINT *
ISSUING_DIST_POINT_new(void);
void
ISSUING_DIST_POINT_free(ISSUING_DIST_POINT *dp);
DESCRIPTION
Using the CRL distribution point extension, a certificate can specify where to obtain certificate revocation lists that might later revoke it.
DIST_POINT_new() allocates and initializes an empty DIST_POINT object, representing an ASN.1 DistributionPoint structure defined in RFC 5280 section 4.2.1.13. It can hold issuer names, distribution point names, and reason flags. DIST_POINT_free() frees dp.
CRL_DIST_POINTS_new() allocates and initializes an empty CRL_DIST_POINTS object, which is a STACK_OF(DIST_POINT) and represents the ASN.1 CRLDistributionPoints structure defined in RFC 5280 section 4.2.1.13. It can be used as an extension in X509 and in X509_CRL objects. CRL_DIST_POINTS_free() frees dps.
DIST_POINT_NAME_new() allocates and initializes an empty DIST_POINT_NAME object, representing an ASN.1 DistributionPointName structure defined in RFC 5280 section 4.2.1.13. It is used by the DIST_POINT and ISSUING_DIST_POINT objects and can hold multiple names, each representing a different way to obtain the same CRL. DIST_POINT_NAME_free() frees name.
ISSUING_DIST_POINT_new() allocates and initializes an empty ISSUING_DIST_POINT object, representing an ASN.1 IssuingDistributionPoint structure defined in RFC 5280 section 5.2.5. Using this extension, a CRL can specify which distribution point it was issued from and which kinds of certificates and revocation reasons it covers. ISSUING_DIST_POINT_free() frees dp.
RETURN VALUES
DIST_POINT_new(), CRL_DIST_POINTS_new(), DIST_POINT_NAME_new(), and ISSUING_DIST_POINT_new() return the new DIST_POINT, CRL_DIST_POINTS, DIST_POINT_NAME, or ISSUING_DIST_POINT object, respectively, or NULL if an error occurs.
SEE ALSO
d2i_DIST_POINT(3), GENERAL_NAMES_new(3), X509_CRL_new(3), X509_EXTENSION_new(3), X509_NAME_new(3), X509_new(3)
STANDARDS
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile:
−
section 4.2.1.13: CRL Distribution Points
−
section 5.2.5: Issuing Distribution Point
HISTORY
DIST_POINT_new(), DIST_POINT_free(), CRL_DIST_POINTS_new(), CRL_DIST_POINTS_free(), DIST_POINT_NAME_new(), and DIST_POINT_NAME_free() first appeared in OpenSSL 0.9.3 and have been available since OpenBSD 2.6.
ISSUING_DIST_POINT_new() and ISSUING_DIST_POINT_free() first appeared in OpenSSL 1.0.0 and have been available since OpenBSD 4.9. GNU June 6, 2019 DIST_POINT_NEW(3)