Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
X509(3)		      User Contributed Perl Documentation	       X509(3)

NAME
       Crypt::OpenSSL::X509 - Perl extension to	OpenSSL's X509 API.

SYNOPSIS
	 use Crypt::OpenSSL::X509;

	 my $x509 = Crypt::OpenSSL::X509->new_from_file('cert.pem');

	 print $x509->pubkey() . "\n";
	 print $x509->subject()	. "\n";
	 print $x509->issuer() . "\n";
	 print $x509->email() .	"\n";
	 print $x509->hash() . "\n";
	 print $x509->notBefore() . "\n";
	 print $x509->notAfter() . "\n";
	 print $x509->modulus()	. "\n";
	 print $x509->exponent() . "\n";
	 print $x509->fingerprint_md5()	. "\n";
	 print $x509->fingerprint_sha256() . "\n";
	 print $x509->as_string() . "\n";

	 my $x509 = Crypt::OpenSSL::X509->new_from_string(
	   $der_encoded_data, Crypt::OpenSSL::X509::FORMAT_ASN1
	 );

	 # given a time	offset of $seconds, will the certificate be valid?
	 if ($x509->checkend($seconds))	{
	   # cert is expired at	$seconds offset
	 } else	{
	   # cert is ok	at $seconds offset
	 }

	 my $exts = $x509->extensions_by_oid();

	 foreach my $oid (keys %$exts) {
	   my $ext = $$exts{$oid};
	   print $oid, " ", $ext->object()->name(), ": ", $ext->value(), "\n";
	 }

ABSTRACT
	 Crypt::OpenSSL::X509 -	Perl extension to OpenSSL's X509 API.

DESCRIPTION
	 This implement	a large	majority of OpenSSL's useful X509 API.

	 The email() method supports both certificates where the
	 subject is of the form:
	 "... CN=Firstname lastname/emailAddress=user@domain", and also
	 certificates where there is a X509v3 Extension	of the form
	 "X509v3 Subject Alternative Name: email=user@domain".

   EXPORT
       None by default.

       On request:

	       FORMAT_UNDEF FORMAT_ASN1	FORMAT_TEXT FORMAT_PEM FORMAT_NETSCAPE
	       FORMAT_PKCS12 FORMAT_SMIME FORMAT_ENGINE	FORMAT_IISSGC

FUNCTIONS
   X509	CONSTRUCTORS
       new ( )
	   Create a new	X509 object.

       new_from_string ( STRING	[ FORMAT ] )
       new_from_file ( FILENAME	[ FORMAT ] )
	   Create a new	X509 object from a string or file. "FORMAT" should be
	   "FORMAT_ASN1" or "FORMAT_PEM".

   X509	ACCESSORS
       subject
	   Subject name	as a string.

       issuer
	   Issuer name as a string.

       serial
	   Serial number as a string.

       hash
	   Subject name	hash as	a string.

       notBefore
	   "notBefore" time as a string.

       notAfter
	   "notAfter" time as a	string.

       email
	   Email address as a string.

       version
	   Certificate version as a string.

       sig_alg_name
	   Signature algorithm name as a string.

       key_alg_name
	   Public key algorithm	name as	a string.

       curve
	   Name	of the EC curve	used in	the public key.

   X509	METHODS
       subject_name ( )
       issuer_name ( )
	   Return a Name object	for the	subject	or issuer name.	Methods	for
	   handling Name objects are given below.

       is_selfsigned ( )
	   Return Boolean value	if subject and issuer name are the same.

       as_string ( [ FORMAT ] )
	   Return the certificate as a string in the specified format.
	   "FORMAT" can	be one of "FORMAT_PEM" (the default), "FORMAT_ASN1",
	   or "FORMAT_NETSCAPE".

       modulus ( )
	   Return the modulus for an RSA public	key as a string	of hex digits.
	   For DSA and EC return the public key. Other algorithms are not
	   supported.

       bit_length ( )
	   Return the length of	the modulus as a number	of bits.

       fingerprint_md5 ( )
       fingerprint_sha1	( )
       fingerprint_sha224 ( )
       fingerprint_sha256 ( )
       fingerprint_sha384 ( )
       fingerprint_sha512 ( )
	   Return the specified	message	digest for the certificate.

       checkend( OFFSET	)
	   Given an offset in seconds, will the	certificate be expired?
	   Returns True	if the certificate will	be expired. False otherwise.

       pubkey (	)
	   Return the RSA, DSA,	or EC public key.

       num_extensions (	)
	   Return the number of	extensions in the certificate.

       extension ( INDEX )
	   Return the Extension	specified by the integer "INDEX".  Methods for
	   handling Extension objects are given	below.

       extensions_by_oid ( )
       extensions_by_name ( )
       extensions_by_long_name ( )
	   Return a hash of Extensions indexed by OID or name.

       has_extension_oid ( OID )
	   Return true if the certificate has the extension specified by
	   "OID".

   X509::Extension METHODS
       critical	( )
	   Return a value indicating if	the extension is critical or not.
	   FIXME: the value is an ASN.1	BOOLEAN	value.

       object (	)
	   Return the ObjectID of the extension.  Methods for handling
	   ObjectID objects are	given below.

       value ( )
	   Return the value or data of the extension.  FIXME: the value	is
	   returned as a string	but may	represent a complex object.

   X509::ObjectID METHODS
       name ( )
	   Return the long name	of the object as a string.

       oid ( )
	   Return the numeric dot-separated form of the	object identifier as a
	   string.

   X509::Name METHODS
       as_string ( )
	   Return a string representation of the Name

       entries ( )
	   Return an array of Name_Entry objects. Methods for handling
	   Name_Entry objects are given	below.

       has_entry ( TYPE	[ LASTPOS ] )
       has_long_entry (	TYPE [ LASTPOS ] )
       has_oid_entry ( TYPE [ LASTPOS ]	)
	   Return true if a name has an	entry of the specified "TYPE".
	   Depending on	the function the "TYPE"	may be in the short form (e.g.
	   "CN"), long form ("commonName") or OID (2.5.4.3). If	"LASTPOS" is
	   specified then the search is	made from that index rather than from
	   the start.

       get_index_by_type ( TYPE	[ LASTPOS ] )
       get_index_by_long_type (	TYPE [ LASTPOS ] )
       get_index_by_oid_type ( TYPE [ LASTPOS ]	)
	   Return the index of an entry	of the specified "TYPE"	in a name.
	   Depending on	the function the "TYPE"	may be in the short form (e.g.
	   "CN"), long form ("commonName") or OID (2.5.4.3). If	"LASTPOS" is
	   specified then the search is	made from that index rather than from
	   the start.

       get_entry_by_type ( TYPE	[ LASTPOS ] )
       get_entry_by_long_type (	TYPE [ LASTPOS ] )
	   These methods work similarly	to get_index_by_* but return the
	   Name_Entry rather than the index.

   X509::Name_Entry METHODS
       as_string ( [ LONG ] )
	   Return a string representation of the Name_Entry of the form
	   "typeName=Value". If	"LONG" is 1, the long form of the type is
	   used.

       type ( [	LONG ] )
	   Return a string representation of the type of the Name_Entry. If
	   "LONG" is 1,	the long form of the type is used.

       value ( )
	   Return a string representation of the value of the Name_Entry.

       is_printableString ( )
       is_ia5string ( )
       is_utf8string ( )
       is_asn1_type ( [ASN1_TYPE] )
	   Return true if the Name_Entry value is of the specified type. The
	   value of "ASN1_TYPE"	should be as listed in OpenSSL's "asn1.h".

SEE ALSO
       OpenSSL(1), Crypt::OpenSSL::RSA,	Crypt::OpenSSL::Bignum

AUTHOR
       Dan Sully

CONTRIBUTORS
       David O'Callaghan, <david.ocallaghan@cs.tcd.ie> Daniel Kahn Gillmor
       <dkg@fifthhorseman.net>

COPYRIGHT AND LICENSE
       Copyright 2004-2016 by Dan Sully

       This library is free software; you can redistribute it and/or modify it
       under the same terms as Perl itself.

perl v5.24.1			  2016-08-05			       X509(3)

NAME | SYNOPSIS | ABSTRACT | DESCRIPTION | FUNCTIONS | SEE ALSO | AUTHOR | CONTRIBUTORS | COPYRIGHT AND LICENSE

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=Crypt::OpenSSL::X509&sektion=3&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help