X509 v0.5.2 X509.CRL.Extension View Source

Convenience functions for creating :Extension records for use in CRLs or CRL entries.

Some extensions defined in X509.Certificate.Extension may also be used in CRLs (e.g. authority_key_identifier). Please use the functions in that module to create such extension records.

Link to this section Summary

Types

Supported values in the reason code extension

t()

:Extension record, as used in Erlang’s :public_key module

Functions

The CRL number conveys a monotonically increasing sequence number for a given CRL scope and CRL issuer. This extension allows users to easily determine when a particular CRL supersedes another CRL

Looks up the value of a specific extension in a list

The reason code identifies the reason for the certificate revocation. CRL issuers are strongly encouraged to include meaningful reason codes in CRL entries

Link to this section Types

Link to this type extension_id() View Source
extension_id() :: :crl_reason | :crl_number | :authority_key_identifier
Link to this type reason_code_value() View Source
reason_code_value() ::
  :keyCompromise
  | :cACompromise
  | :affiliationChanged
  | :superseded
  | :cessationOfOperation
  | :certificateHold
  | :removeFromCRL
  | :privilegeWithdrawn
  | :aACompromise

Supported values in the reason code extension

:Extension record, as used in Erlang’s :public_key module

Link to this section Functions

Link to this function crl_number(number) View Source
crl_number(non_neg_integer()) :: t()

The CRL number conveys a monotonically increasing sequence number for a given CRL scope and CRL issuer. This extension allows users to easily determine when a particular CRL supersedes another CRL.

This extension is marked as non-critical.

Example:

iex> X509.CRL.Extension.crl_number(12)
{:Extension, {2, 5, 29, 20}, false, <<2, 1, 12>>}
Link to this function find(list, extension_oid) View Source
find([t()], extension_id() | :public_key.oid()) :: t() | nil

Looks up the value of a specific extension in a list.

The desired extension can be specified as an atom or an OID value. Returns nil if the specified extension is not present in the certificate.

Link to this function reason_code(reason) View Source
reason_code(reason_code_value()) :: t()

The reason code identifies the reason for the certificate revocation. CRL issuers are strongly encouraged to include meaningful reason codes in CRL entries.

The value :removeFromCRL is reserved for use in delta CRLs.

This extension is marked as non-critical.

Example:

iex> X509.CRL.Extension.reason_code(:keyCompromise)
{:Extension, {2, 5, 29, 21}, false, <<10, 1, 1>>}