ssl_crl_cache_api
(ssl)API for a SSL/TLS CRL (Certificate Revocation List) cache.
When SSL/TLS performs certificate path validation according to
DATA TYPES
The following data types are used in the functions below:
cache_ref() =
dist_point() =
#'DistributionPoint'{} see X509 certificates records
Functions
fresh_crl(DistributionPoint, CRL) -> FreshCRL
DistributionPoint = dist_point()
CRL = [public_key:der_encoded()]
FreshCRL = [public_key:der_encoded()]
fun fresh_crl/2
will be used as input option update_crl
to
public_key:pkix_crls_validate/3
lookup(DistributionPoint, DbHandle) -> not_available | CRLs
DistributionPoint = dist_point()
DbHandle = cache_ref()
CRLs = [public_key:der_encoded()]
Lookup the CRLs belonging to the distribution point Distributionpoint
.
select(Issuer, DbHandle) -> CRLs
Issuer = public_key:issuer_name()
DbHandle = cache_ref()
Select the CRLs in the cache that are issued by Issuer