View Source X509.CRL.Extension (X509 v0.8.9)
Convenience functions for creating :Extension
records for use in
CRLs or CRL entries.
Some extensions defined in X509.Certificate.Extension
may also be used
in CRLs (e.g. authority_key_identifier
). Please use the functions in
that module to create such extension records.
Link to this section Summary
Types
Supported values in the reason code extension
:Extension
record, as used in Erlang's :public_key
module
Functions
The CRL number conveys a monotonically increasing sequence number for a given CRL scope and CRL issuer. This extension allows users to easily determine when a particular CRL supersedes another CRL.
Looks up the value of a specific extension in a list.
The reason code identifies the reason for the certificate revocation. CRL issuers are strongly encouraged to include meaningful reason codes in CRL entries.
Link to this section Types
@type extension_id() :: :crl_reason | :crl_number | :authority_key_identifier
@type reason_code_value() ::
:keyCompromise
| :cACompromise
| :affiliationChanged
| :superseded
| :cessationOfOperation
| :certificateHold
| :removeFromCRL
| :privilegeWithdrawn
| :aACompromise
Supported values in the reason code extension
@opaque t()
:Extension
record, as used in Erlang's :public_key
module
Link to this section Functions
@spec crl_number(non_neg_integer()) :: t()
The CRL number conveys a monotonically increasing sequence number for a given CRL scope and CRL issuer. This extension allows users to easily determine when a particular CRL supersedes another CRL.
This extension is marked as non-critical.
Example:
iex> X509.CRL.Extension.crl_number(12)
{:Extension, {2, 5, 29, 20}, false, <<2, 1, 12>>}
@spec find([t()], extension_id() | :public_key.oid()) :: t() | nil
Looks up the value of a specific extension in a list.
The desired extension can be specified as an atom or an OID value. Returns
nil
if the specified extension is not present in the certificate.
@spec reason_code(reason_code_value()) :: t()
The reason code identifies the reason for the certificate revocation. CRL issuers are strongly encouraged to include meaningful reason codes in CRL entries.
The value :removeFromCRL
is reserved for use in delta CRLs.
This extension is marked as non-critical.
Example:
iex> X509.CRL.Extension.reason_code(:keyCompromise)
{:Extension, {2, 5, 29, 21}, false, <<10, 1, 1>>}