Module x509.crl

x509.crl module to mapping X509_CRL to lua object, creates and processes CRL file in DER or PEM format.

Usage:

    crl = require'openssl'.x509.crl

Functions

new ([revoked_list[, cacert[, capkey[, md_alg[, period=7*24*3600]]]]]) create or generate a new x509_crl object.
read (input[, format='auto']) read x509_crl from string or bio input
reason () list all support reason info

Class x509_crl

x509_crl:version (version) set version key
x509_crl:add (serial, revokedtime[, reason=0]) add revoked entry to x509_crl object
x509_crl:extensions () get extensions of x509_crl
x509_crl:extensions (extensions) set extensions to x509_crl object
x509_crl:issuer () get issuer x509_name object
x509_crl:issuer (issuer) set issuer x509_name object
x509_crl:lastUpdate () get lastUpdate time
x509_crl:lastUpdate (lastUpdate) set lastUpdate time
x509_crl:nextUpdate () get nextUpdate time
x509_crl:nextUpdate (nextUpdate) set nextUpdate time
x509_crl:updateTime () get updateTime time
x509_crl:updateTime ([default=os.time()], period) set updateTime time
x509_crl:sort () sore crl entry in x509_crl object
x509_crl:verify (key) verify x509_crl object signature
x509_crl:sign (pkey, cacert[, md_alg='sha256WithRSAEncryption']) sign x509_crl
x509_crl:digest ([md_alg='sha256']) get digest of x509_crl
x509_crl:cmp (other) compare with other x509_crl object
x509_crl:diff (newer, pkey[, md_alg='sha256'[, flags=0]]) make a delta x509_crl object
x509_crl:parse ([default=true]) parse x509_crl object as table
x509_crl:export ([format='pem']) export x509_crl to string
x509_crl:count () get count of revoked entry
x509_crl:get (index) get revoekd entry


Functions

new ([revoked_list[, cacert[, capkey[, md_alg[, period=7*24*3600]]]]])
create or generate a new x509_crl object. Note if not give evp_pkey, will create a new x509_crl object,if give will generate a signed x509_crl object.

Parameters:

  • revoked_list table (optional)
  • cacert x509 ca cert to sign x509_crl (optional)
  • capkey evp_pkey private key to sign x509_crl (optional)
  • md_alg string or evp_md (optional)
  • period number to generate new crl (default 7*24*3600)

Returns:

    x509_crl object

See also:

read (input[, format='auto'])
read x509_crl from string or bio input

Parameters:

  • input bio or string input data
  • format string support ‘auto’,‘pem’,‘der’ (default 'auto')

Returns:

    x509_crl certificate sign request object

See also:

reason ()
list all support reason info

Returns:

    table contain support reason node like {lname=…,sname=…,bitnum=…}

Class x509_crl

openssl.x509_crl object
x509_crl:version (version)
set version key

Parameters:

  • version integer

Returns:

    boolean result
x509_crl:add (serial, revokedtime[, reason=0])
add revoked entry to x509_crl object

Parameters:

  • serial string, number or bn
  • revokedtime number
  • reason number or string (default 0)

Returns:

    boolean result true for add success
x509_crl:extensions ()
get extensions of x509_crl

Returns:

    stack_of_x509_extension extensions
x509_crl:extensions (extensions)
set extensions to x509_crl object

Parameters:

  • extensions stack_of_x509_extension add to x509_crl

Returns:

    boolean result
x509_crl:issuer ()
get issuer x509_name object

Returns:

    x509_name
x509_crl:issuer (issuer)
set issuer x509_name object

Parameters:

  • issuer x509_name or x509

Returns:

    boolean result
x509_crl:lastUpdate ()
get lastUpdate time

Returns:

    string lastUpdate
x509_crl:lastUpdate (lastUpdate)
set lastUpdate time

Parameters:

  • lastUpdate number

Returns:

    boolean result
x509_crl:nextUpdate ()
get nextUpdate time

Returns:

    string nextUpdate
x509_crl:nextUpdate (nextUpdate)
set nextUpdate time

Parameters:

  • nextUpdate number

Returns:

    boolean result
x509_crl:updateTime ()
get updateTime time

Returns:

  1. asn1_time lastUpdate
  2. asn1_time nextUpdate
x509_crl:updateTime ([default=os.time()], period)
set updateTime time

Parameters:

  • default lastUpdate, use current time (default os.time())
  • period number period how long time(seconds)

Returns:

    boolean result
x509_crl:sort ()
sore crl entry in x509_crl object

Returns:

    boolean result true for success and others for fail
x509_crl:verify (key)
verify x509_crl object signature

Parameters:

  • key x509 or evp_pkey ca cert or public to verify signature

Returns:

    boolean result true for success and others for fail
x509_crl:sign (pkey, cacert[, md_alg='sha256WithRSAEncryption'])
sign x509_crl

Parameters:

  • pkey evp_pkey private key to sign x509
  • cacert x509 or x509_name or cacert x509_name
  • md_alg string or md_digest (default 'sha256WithRSAEncryption')

Returns:

    boolean result true for check pass
x509_crl:digest ([md_alg='sha256'])
get digest of x509_crl

Parameters:

  • md_alg evp_md or string default use sha256 (default 'sha256')

Returns:

    string digest result
x509_crl:cmp (other)
compare with other x509_crl object

Parameters:

  • other x509_crl

Returns:

    boolean result true for equals or false

Usage:

    x:cmp(y) == (x==y)
x509_crl:diff (newer, pkey[, md_alg='sha256'[, flags=0]])
make a delta x509_crl object

Parameters:

  • newer x509_crl
  • pkey evp_pkey
  • md_alg evp_md or string (default 'sha256')
  • flags integer (default 0)

Returns:

    x509_crl delta result x509_crl object
x509_crl:parse ([default=true])
parse x509_crl object as table

Parameters:

  • default shortname will use short object name (default true)

Returns:

    table result
x509_crl:export ([format='pem'])
export x509_crl to string

Parameters:

  • format string (default 'pem')

Returns:

    string
x509_crl:count ()
get count of revoked entry

Returns:

    number count

Usage:

    assert(#crl==crl:count())
x509_crl:get (index)
get revoekd entry

Parameters:

  • index number

Returns:

    table revoekd
generated by LDoc 1.5.0 Last updated 2024-01-20 16:21:56