Rechercher une page de manuel
OpenCA::X509.3pm
Langue: en
Version: 2001-12-01 (mandriva - 01/05/08)
Section: 3 (Bibliothèques de fonctions)
NAME
OpenCA::X509 - Perl extension for basic handling x509 Certificates.SYNOPSIS
use OpenCA::X509;DESCRIPTION
This module contains all functions needed for handling of X509 certificates. It requires some parameters to be passed such as a reference to a OpenCA::OpenSSL instance.This module provides an interface to X509 structures, no specific crypto functions are performed (see the OpenCA::OpenSSL module for this). When not said different, default operational format is PEM.
FUNCTIONS
sub new () - Create a new instance of the Class.
This function creates an instance of the module. If you provide a certificate it will be parsed and stored in local variable(s) for later usage. The function will return a blessed reference. Accepted parameters are: SHELL - Reference to an initialized OpenCA::OpenSSL instance; DATA - Certificate to stored in structure(*); INFILE - Certificate file(*); FORMAT - Format of the provided certificate, one of PEM|DER|NET(*); (*) - Optional parameter. EXAMPLE: $x509 = new OpenCA::X509( SHELL=>$crypto, CERTIFICATE=>$self->{cert});
sub getParsed () - Get an hash structure from certificate
By calling this function you can retrieve a reference to the parsed certificate (PERL hash). This structure will include, for example: $ret->{SERIAL} ## Serial Number $ret->{DN} ## Subject DN $ret->{EMAIL} ## Subject e-mail $ret->{CN} ## Subject CN $ret->{OU} ## Subject OU (list) $ret->{O} ## Subject Organization $ret->{L} ## Subject Locality $ret->{S} ## Subject State $ret->{C} ## Subject Country $ret->{ISSUER} ## Issuer DN $ret->{NOTBEFORE} ## Not Before Date $ret->{NOTAFTER} ## Not After Date (Expiration) $ret->{PK_ALGORITHM} ## Algorithm used (RSA,DSA,..) $ret->{KEYSIZE} ## Modulus (Size in bits) $ret->{PUBKEY} ## Public Key (Base64) $ret->{FINGERPRINT} ## Certificate Fingerprint $ret->{HASH} ## Hash $ret->{EXPONENT} ## Exponent EXAMPLE: my $self->{parsedItem} = $x509->parseCertificate(); print $self->{parsedItem}->{SERIAL}; foreach $ou ( @{ $self->{parsedItem}->{OU} } ) { print "OU=$ou, "; }
sub status () - Get certificate status
Get certificate status using provided OpenCA::CRL initialized reference as argument. Returned status can be Valid, Revoked, Expired and Unknown. Accepted arguments: CRL - Crl to check certificate status; The returned structure is: $status->{STATUS}; $status->{REVOKATION_DATE}; $status->{EXPIRATION_DATE}; EXAMPLE: my $status = $x509->status( CRL=>$crl ); print $status->{STATUS};
sub getPEM () - Get certificate in PEM format.
Get certificate in PEM format. EXAMPLE: $pem = $x509->getPEM();
sub getPEMHeader () - Get certificate's header in PEM format.
Get certificate's header in PEM format. EXAMPLE: $pem = $x509->getPEMHeader();
sub getDER () - Get certificate in DER format.
Get certificate in DER format. EXAMPLE: $der = $x509->getDER();
sub getTXT () - Get certificate in TXT format.
Get certificate in TXT format. EXAMPLE: $der = $x509->getTXT();
sub setHeaderAttribute
Set an attribute in the header of a certificate. The certifcate must be in format PEM. The header is available via getHeader (). Attributes which are longer than one line are supported (e.g. PKCS7-signatures). EXAMPLE: $x509->setHeaderAttribute ( ROLE => "User" ); $cert = $x509->getPEMHeader ()."\n"; $x509->getPEM ();
AUTHOR
Massimiliano Pala <madwolf@openca.org>SEE ALSO
OpenCA::OpenSSL, OpenCA::CRL, OpenCA::REQ, OpenCA::X509Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre