Module:fresh_crl(DistributionPoint,CRL)->FreshCRLModule:fresh_crl(DistributionPoint,CRL)->FreshCRL|{LoggerInfo,FreshCRL}
Types:
DistributionPoint = dist_point()
CRL = [public_key:der_encoded()]
FreshCRL = [public_key:der_encoded()]
LoggerInfo = {logger, logger_info() }}
funfresh_crl/2 will be used as input option update_crl to public_key:pkix_crls_validate/3
It is possible to return logger info that will be used by the TLS connection to produce log
events.
Module:lookup(DistributionPoint,Issuer,DbHandle)->not_available|CRLs|{LoggerInfo,CRLs}Module:lookup(DistributionPoint,Issuer,DbHandle)->not_available|CRLsModule:lookup(DistributionPoint,DbHandle)->not_available|CRLs
Types:
DistributionPoint = dist_point()
Issuer = public_key:issuer_name()
DbHandle = crl_cache_ref()
CRLs = [public_key:der_encoded()]
LoggerInfo = {logger, logger_info() }}
Lookup the CRLs belonging to the distribution point Distributionpoint. This function may choose
to only look in the cache or to follow distribution point links depending on how the cache is
administrated.
The Issuer argument contains the issuer name of the certificate to be checked. Normally the
returned CRL should be issued by this issuer, except if the cRLIssuer field of DistributionPoint
has a value, in which case that value should be used instead.
In an earlier version of this API, the lookup function received two arguments, omitting Issuer.
For compatibility, this is still supported: if there is no lookup/3 function in the callback
module, lookup/2 is called instead.
It is possible to return logger info that will be used by the TLS connection to produce log
events.
Module:select(Issuer,DbHandle)->CRLs|{LoggerInfo,CRLs}Module:select(Issuer,DbHandle)->CRLs
Types:
Issuer = public_key:issuer_name() | list()
DbHandle = cache_ref()
LoggerInfo = {logger, logger_info() }
Select the CRLs in the cache that are issued by Issuer unless the value is a list of so called
general names, see X509 certificates records, originating form #'DistributionPoint'.cRLissuer and
representing different mechanism to obtain the CRLs. The cache callback needs to use the
appropriate entry to retrive the CRLs or return an empty list if it does not exist.
It is possible to return logger info that will be used by the TLS connection to produce log
events.
Ericsson AB ssl 10.6.1 ssl_crl_cache_api(3erl)