xref: /openbsd/lib/libcrypto/man/DIST_POINT_new.3 (revision 73471bf0) 
1.\"	$OpenBSD: DIST_POINT_new.3,v 1.5 2019/06/06 01:06:58 schwarze Exp $
2.\"
3.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: June 6 2019 $
18.Dt DIST_POINT_NEW 3
19.Os
20.Sh NAME
21.Nm DIST_POINT_new ,
22.Nm DIST_POINT_free ,
23.Nm CRL_DIST_POINTS_new ,
24.Nm CRL_DIST_POINTS_free ,
25.Nm DIST_POINT_NAME_new ,
26.Nm DIST_POINT_NAME_free ,
27.Nm ISSUING_DIST_POINT_new ,
28.Nm ISSUING_DIST_POINT_free
29.Nd X.509 CRL distribution point extensions
30.Sh SYNOPSIS
31.In openssl/x509v3.h
32.Ft DIST_POINT *
33.Fn DIST_POINT_new void
34.Ft void
35.Fn DIST_POINT_free "DIST_POINT *dp"
36.Ft CRL_DIST_POINTS *
37.Fn CRL_DIST_POINTS_new void
38.Ft void
39.Fn CRL_DIST_POINTS_free "CRL_DIST_POINTS *dps"
40.Ft DIST_POINT_NAME *
41.Fn DIST_POINT_NAME_new void
42.Ft void
43.Fn DIST_POINT_NAME_free "DIST_POINT_NAME *name"
44.Ft ISSUING_DIST_POINT *
45.Fn ISSUING_DIST_POINT_new void
46.Ft void
47.Fn ISSUING_DIST_POINT_free "ISSUING_DIST_POINT *dp"
48.Sh DESCRIPTION
49Using the CRL distribution point extension, a certificate can specify
50where to obtain certificate revocation lists that might later revoke it.
51.Pp
52.Fn DIST_POINT_new
53allocates and initializes an empty
54.Vt DIST_POINT
55object, representing an ASN.1
56.Vt DistributionPoint
57structure defined in RFC 5280 section 4.2.1.13.
58It can hold issuer names, distribution point names, and reason flags.
59.Fn DIST_POINT_free
60frees
61.Fa dp .
62.Pp
63.Fn CRL_DIST_POINTS_new
64allocates and initializes an empty
65.Vt CRL_DIST_POINTS
66object, which is a
67.Vt STACK_OF(DIST_POINT)
68and represents the ASN.1
69.Vt CRLDistributionPoints
70structure defined in RFC 5280 section 4.2.1.13.
71It can be used as an extension in
72.Vt X509
73and in
74.Vt X509_CRL
75objects.
76.Fn CRL_DIST_POINTS_free
77frees
78.Fa dps .
79.Pp
80.Fn DIST_POINT_NAME_new
81allocates and initializes an empty
82.Vt DIST_POINT_NAME
83object, representing an ASN.1
84.Vt DistributionPointName
85structure defined in RFC 5280 section 4.2.1.13.
86It is used by the
87.Vt DIST_POINT
88and
89.Vt ISSUING_DIST_POINT
90objects and can hold multiple names, each representing a different
91way to obtain the same CRL.
92.Fn DIST_POINT_NAME_free
93frees
94.Fa name .
95.Pp
96.Fn ISSUING_DIST_POINT_new
97allocates and initializes an empty
98.Vt ISSUING_DIST_POINT
99object, representing an ASN.1
100.Vt IssuingDistributionPoint
101structure defined in RFC 5280 section 5.2.5.
102Using this extension, a CRL can specify which distribution point
103it was issued from and which kinds of certificates and revocation
104reasons it covers.
105.Fn ISSUING_DIST_POINT_free
106frees
107.Fa dp .
108.Sh RETURN VALUES
109.Fn DIST_POINT_new ,
110.Fn CRL_DIST_POINTS_new ,
111.Fn DIST_POINT_NAME_new ,
112and
113.Fn ISSUING_DIST_POINT_new
114return the new
115.Vt DIST_POINT ,
116.Vt CRL_DIST_POINTS ,
117.Vt DIST_POINT_NAME ,
118or
119.Vt ISSUING_DIST_POINT
120object, respectively, or
121.Dv NULL
122if an error occurs.
123.Sh SEE ALSO
124.Xr d2i_DIST_POINT 3 ,
125.Xr GENERAL_NAMES_new 3 ,
126.Xr X509_CRL_new 3 ,
127.Xr X509_EXTENSION_new 3 ,
128.Xr X509_NAME_new 3 ,
129.Xr X509_new 3
130.Sh STANDARDS
131RFC 5280: Internet X.509 Public Key Infrastructure Certificate and
132Certificate Revocation List (CRL) Profile:
133.Bl -dash -compact
134.It
135section 4.2.1.13: CRL Distribution Points
136.It
137section 5.2.5: Issuing Distribution Point
138.El
139.Sh HISTORY
140.Fn DIST_POINT_new ,
141.Fn DIST_POINT_free ,
142.Fn CRL_DIST_POINTS_new ,
143.Fn CRL_DIST_POINTS_free ,
144.Fn DIST_POINT_NAME_new ,
145and
146.Fn DIST_POINT_NAME_free
147first appeared in OpenSSL 0.9.3 and have been available since
148.Ox 2.6 .
149.Pp
150.Fn ISSUING_DIST_POINT_new
151and
152.Fn ISSUING_DIST_POINT_free
153first appeared in OpenSSL 1.0.0 and have been available since
154.Ox 4.9 .
155