NAME

VOMS::Lite::REQ - Perl extension for PKCS #10 Certificate Request creation

SYNOPSIS

use VOMS::Lite::REQ;
%REQ= %{ VOMS::Lite::REQ::Create(
                                  {
                                    DN => ["C=GB","CN=my common name"],
                                    subjectAltName => ["rfc822Name=my.email@address.com"]
                                  }
                               )
       };

%REQ= %{ VOMS::Lite::REQ::Examine(
                                   {
                                     SubjectDN => "",
                                   }
                                 )
       };
=head1 DESCRIPTION

VOMS::Lite::REQ is primarily for internal use. But frankly I don't mind if you use this package directly :-)

VOMS::Lite::REQ::Create

VOMS::Lite::REQ::Create takes one argument, an anonymous hash containing all the relevant information required to make the X509 Certificate.

In the Hash the following scalars should be defined:
'DN'     the array of attribute=value strings that make up the
   Distinguished Name

The following may also be defined

'Cert' the DER encoding of the issuing (CA) certificate.
'Key'  the DER encoding of the issuing (CA) key.
'Bits' the size of the key can be any of 512,1024,2048,4096

'subjectAltName' a reference to an Array of Generalnames e.g.
          [ 'rfc822Name=mike.jones@manchester.ac.uk',
            'dNSName=a.dns.fqdn',
            'directoryName=300f310d300b060355040313044d696b65',
               # The hex can also be specified as unsigned chars
            'uniformResourceIdentifier=http://www.mc.manchester.ac.uk/projects/shebangs/',
            'IPAddress=\202\130\001\202\377\377\377\377' ]

The return value is a hash containing the Certificate request and Key strings in DER format (Req and Key), a reference to an array of 'Warnings' (a request will still be created if warnings are present) and a reference to an array of 'Errors' (if an error is encountered then no Proxy will be produced).

VOMS::Lite::REQ::Examine

VOMS::Lite::REQ::Examine takes two arguments: the DER encoded certificate request and a hash of the required information. If defined in the hash of the first element in the call to Examine the following variables will be parsed from the certificate and returned in the return hash. Chuncks of DER encoded data directly from the certificate: 'REQversion' - DER encoded version 'REQsubject' - DER encoded subject 'REQsubjectPublicKeyInfo' - DER encoded subject Public Key Info 'REQattributes' - DER encoded attributes 'REQSignatureAlgorithm' - DER encoded Signature algorithem 'REQSignatureValue' - DER encoded Signature value

Other useful values:
'SubjectDN'                 - Subject's DN string, slash seperated
                              representation (yuk)
'KeypublicExponent'         - hex 2's complement integer string 
                              e.g. '10001' = 65537 
'Keymodulus'                - hex 2's complement integer string
'SignatureValue'            - hex 2's complement integer string
'SignatureType'             - one of 'md5WithRSA' 'sha1WithRSA' 
                              'md4WithRSA' 'md2WithRSA'

EXPORT

None by default;

SEE ALSO

PKCS #10: Certification Request Syntax Specification http://tools.ietf.org/html/2986

This module was originally designed for the SHEBANGS project at The University of Manchester. http://www.mc.manchester.ac.uk/projects/shebangs/ now http://www.rcs.manchester.ac.uk/research/shebangs/

Mailing list, shebangs@listserv.manchester.ac.uk

Mailing list, voms-lite@listserv.manchester.ac.uk

AUTHOR

Mike Jones <mike.jones@manchester.ac.uk>

COPYRIGHT AND LICENSE

Copyright (C) 2006 2009 by Mike Jones

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.3 or, at your option, any later version of Perl 5 you may have available.