NAME
OpenCA::X509 - Perl extension for basic handling x509 Certificates.
SYNOPSIS
use OpenCA::X509;
DESCRIPTION
This module contains all functions needed for handling of X509 certificates. It requires some parameters to be passed such as a reference to a OpenCA::OpenSSL instance.
This module provides an interface to X509 structures, no specific crypto functions are performed (see the OpenCA::OpenSSL module for this). When not said different, default operational format is PEM.
FUNCTIONS
sub new () - Create a new instance of the Class.
This function creates an instance of the module. If you
provide a certificate it will be parsed and stored in
local variable(s) for later usage. The function will return
a blessed reference.
Accepted parameters are:
SHELL - Reference to an initialized
OpenCA::OpenSSL instance;
CERTIFICATE - Certificate to stored in structure(*);
INFILE - Certificate file(*);
FORMAT - Format of the provided certificate,
one of PEM|DER|NET(*);
(*) - Optional parameter.
EXAMPLE:
$x509 = new OpenCA::X509( SHELL=>$crypto,
CERTIFICATE=>$self->{cert});sub initCert () - Use a new certificate.
You can use a new certificate without having to get a
new module reference. Accepted parameters are:
CERTIFICATE - Certificate data to be stored;
FORMAT - Provided certificate's format,
one of PEM|DER|NET(*);
EXAMPLE:
if( not $x509->initCert( CERTIFICATE=>$self->{cert} ) )
{
print "Error in storing certificate!";
}sub getParsed () - Get an hash structure from certificate
By calling this function you can retrieve a reference to the
parsed certificate (PERL hash). This structure will include,
for example:
$ret->{SERIAL} ## Serial Number
$ret->{DN} ## Subject DN
$ret->{EMAIL} ## Subject e-mail
$ret->{CN} ## Subject CN
$ret->{OU} ## Subject OU (list)
$ret->{O} ## Subject Organization
$ret->{C} ## Subject Country
$ret->{ISSUER} ## Issuer DN
$ret->{NOT_BEFORE} ## Not Before Date
$ret->{NOT_AFTER} ## Not After Date (Expiration)
$ret->{PK_ALGORITHM} ## Algorithm used (RSA,DSA,..)
$ret->{MODULUS} ## Modulus (Size in bits)
$ret->{EXPONENT} ## Exponent
EXAMPLE:
my $self->{parsedItem} = $x509->parseCertificate();
print $self->{parsedItem}->{SERIAL};
foreach $ou ( @{ $self->{parsedItem}->{OU} } ) {
print "OU=$ou, ";
}sub status () - Get certificate status
Get certificate status using provided OpenCA::CRL initialized
reference as argument. Returned status can be Valid, Revoked,
Expired and Unknown. Accepted arguments:
CRL - Crl to check certificate status;
The returned structure is:
$status->{STATUS};
$status->{REVOKATION_DATE};
$status->{EXPIRATION_DATE};
EXAMPLE:
my $status = $x509->status( CRL=>$crl );
print $status->{STATUS};sub getPEM () - Get certificate in PEM format.
Get certificate in PEM format.
EXAMPLE:
$pem = $x509->getPEM();sub getDER () - Get certificate in DER format.
Get certificate in DER format.
EXAMPLE:
$der = $x509->getDER();sub getTXT () - Get certificate in TXT format.
Get certificate in TXT format.
EXAMPLE:
$der = $x509->getTXT();AUTHOR
Massimiliano Pala <madwolf@openca.org>
SEE ALSO
OpenCA::OpenSSL, OpenCA::CRL, OpenCA::REQ, OpenCA::X509