aboutsummaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorLibravatarLibravatar william <william+macosx@25thandclement.com> 2015-06-04 15:27:16 -0700
committerLibravatarLibravatar william <william+macosx@25thandclement.com> 2015-06-04 15:27:16 -0700
commitc7edf769c899cab01d35dc97256a049f11d508ec (patch)
tree829b96ed78c1bf04321b082dcb4466761701bbde /doc
parentdc6063ab7dcc99462dcca0bcaa92a00dbf5c3fcb (diff)
downloadluaossl-c7edf769c899cab01d35dc97256a049f11d508ec.tar.gz
luaossl-c7edf769c899cab01d35dc97256a049f11d508ec.tar.bz2
luaossl-c7edf769c899cab01d35dc97256a049f11d508ec.zip
update documentation for new extension APIs
Diffstat (limited to 'doc')
-rw-r--r--doc/luaossl.pdfbin284785 -> 286521 bytes
-rw-r--r--doc/luaossl.tex43
2 files changed, 39 insertions, 4 deletions
diff --git a/doc/luaossl.pdf b/doc/luaossl.pdf
index c2b2418..a253cff 100644
--- a/doc/luaossl.pdf
+++ b/doc/luaossl.pdf
Binary files differ
diff --git a/doc/luaossl.tex b/doc/luaossl.tex
index b7b8c15..96a966c 100644
--- a/doc/luaossl.tex
+++ b/doc/luaossl.tex
@@ -355,15 +355,38 @@ Returns a key-value iterator over the alternative names. The key is one of ``ema
Binds the X.509 extension OpenSSL object.
-\subsubsection[\fn{extension.new}]{\fn{extension.new($name$, $value$ [, $conf$])}}
+\subsubsection[\fn{extension.new}]{\fn{extension.new($name$, $value$ [, $data$])}}
-Returns a new X.509 extension. $name$, $value$, and $conf$ are [currently] plain text strings.
-$value$ and $conf$ should use \href{https://www.openssl.org/docs/apps/x509v3_config.html#ARBITRARY_EXTENSIONS}{OpenSSL's arbitrary extension format}.
+Returns a new X.509 extension. If $value$ is the string ``DER'' or ``critical,DER'', then $data$ is an ASN.1-encoded octet string. Otherwise, $name$ and $value$ are plain text strings in \href{https://www.openssl.org/docs/apps/x509v3_config.html#ARBITRARY_EXTENSIONS}{OpenSSL's arbitrary extension format}; and if specified, $data$ is an OpenSSL configuration string defining any referenced identifiers in $value$.
\subsubsection[\fn{extension.interpose}]{\fn{extension.interpose($name$, $function$)}}
Add or interpose an extension class method. Returns the previous method, if any.
+\subsubsection[\fn{extension:getID}]{\fn{extension:getID()}}
+
+Returns the ASN.1 OID as a plain text string.
+
+\subsubsection[\fn{extension:getName}]{\fn{extension:getName()}}
+
+Returns a more human-readable name as a plain text string in the following order of preference: OpenSSL's short name, OpenSSL's long name, ASN.1 OID.
+
+\subsubsection[\fn{extension:getShortName}]{\fn{extension:getShortName()}}
+
+Returns OpenSSL's short name as a plain text string if available.
+
+\subsubsection[\fn{extension:getLongName}]{\fn{extension:getLongName()}}
+
+Returns OpenSSL's long name as a plain text string if available.
+
+\subsubsection[\fn{extension:getData}]{\fn{extension:getData()}}
+
+Returns the extension value as an ASN.1-encoded octet string.
+
+\subsubsection[\fn{extension:getCritical}]{\fn{extension:getCritical()}}
+
+Returns the extension critical flag as a boolean.
+
\end{Module}
@@ -473,7 +496,11 @@ Sets the basic constraints critical flag.
\subsubsection[\fn{x509:addExtension}]{\fn{x509:addExtension($ext$)}}
-Adds \module{x509.extension} object to the certificate.
+Adds a copy of the \module{x509.extension} object to the certificate.
+
+\subsubsection[\fn{x509:getExtension}]{\fn{x509:getExtension($name$)}}
+
+Returns a copy of the \module{x509.extension} object identified by $name$, where $name$ is a plain text string of the OID, long name, or short name. Returns $nil$ if no such extension was found.
\subsubsection[\fn{x509:isIssuedBy}]{\fn{x509:isIssuedBy($issuer$)}}
@@ -601,6 +628,14 @@ Sets the issuer distinguished name. $name$ should be an \module{x509.name} objec
Add the certificate identified by $serial$ to the revocation list. $serial$ should be a \module{openssl.bignum} object, as returned by \fn{x509:getSerial}. $time$ is the revocation date as a Unix timestamp. If unspecified $time$ defaults to the current time.
+\subsubsection[\fn{crl:addExtension}]{\fn{crl:addExtension($ext$)}}
+
+Adds a copy of the \module{x509.extension} object to the revocation list.
+
+\subsubsection[\fn{crl:getExtension}]{\fn{crl:getExtension($name$)}}
+
+Returns a copy of the \module{x509.extension} object identified by $name$, where $name$ is a plain text string of the OID, long name, or short name. Returns $nil$ if no such extension was found.
+
\subsubsection[\fn{crl:sign}]{\fn{crl:sign($key$)}}
Signs the instance CRL using the \module{openssl.pkey} $key$.