lib/x509/crl/entry.ex

Select File:
lib/x509/crl/entry.ex

defmodule X509.CRL.Entry do
  @moduledoc """
  CRL entries identify revoked certificates and contain metadata about the
  revocation.
  """

  import X509.ASN1

  @typedoc """
  `:TBSCertList_revokedCertificates_SEQOF` record, as used in Erlang's
  `:public_key` module
  """
  @opaque t :: X509.ASN1.record(:tbs_cert_list_revoked_certificate)

  @doc """
  Returns a new CRL entry for the given certificate or serial number. The
  revocation date must be specified, and additional metadata may be specified
  as one or more `X509.CRL.Extension` entries.
  """
  # @doc since: "0.5.0"
  @spec new(X509.Certificate.t() | pos_integer(), DateTime.t(), [X509.CRL.Extension.t()]) :: t()
  def new(certificate, date, extensions \\ [])

  def new(serial, %DateTime{} = date, extensions)
      when is_integer(serial) and is_list(extensions) do
    tbs_cert_list_revoked_certificate(
      userCertificate: serial,
      revocationDate: X509.DateTime.new(date),
      crlEntryExtensions: extensions
    )
  end

  def new(certificate, %DateTime{} = date, extensions) when is_list(extensions) do
    certificate
    |> X509.Certificate.serial()
    |> new(date, extensions)
  end

  @doc """
  Returns the certificate serial number for a CRL entry.
  """
  # @doc since: "0.5.0"
  @spec serial(t()) :: pos_integer()
  def serial(tbs_cert_list_revoked_certificate(userCertificate: number)), do: number

  @doc """
  Returns the certificate recocation date for a CRL entry.
  """
  # @doc since: "0.5.0"
  @spec revocation_date(t()) :: DateTime.t()
  def revocation_date(tbs_cert_list_revoked_certificate(revocationDate: date)) do
    X509.DateTime.to_datetime(date)
  end

  @doc """
  Returns the list of extensions in a CRL entry.
  """
  # @doc since: "0.5.0"
  @spec extensions(t()) :: [X509.CRL.Extension.t()]
  def extensions(tbs_cert_list_revoked_certificate(crlEntryExtensions: extensions)) do
    extensions
  end

  @doc """
  Looks up a specific extension in a CRL entry.

  The desired extension can be specified as an atom or an OID value. Returns
  `nil` if the specified extension is not present in the CRL entry.
  """
  # @doc since: "0.5.0"
  @spec extension(
          t(),
          X509.CRL.Extension.extension_id()
          | :public_key.oid()
        ) :: X509.CRL.Extension.t() | nil
  def extension(entry, extension_id) do
    entry
    |> extensions()
    |> X509.CRL.Extension.find(extension_id)
  end
end