Name

SPVM::Net::SSLeay::X509 - X509 data structure in OpenSSL

Description

Net::SSLeay::X509 class in SPVM represents X509 data structure in OpenSSL.

Usage

use Net::SSLeay::X509;

Class Methods

new

static method new : Net::SSLeay::X509 ();

Calls native X509_new function, creates a new Net::SSLeay::X509 object, sets the pointer value of the object to the return value of the native function, and returns the new object.

Exceptions:

If X509_new failed, an exception is thrown with eval_error_id set to the basic type ID of Net::SSLeay::Error class.

check_issued

static method check_issued : int ($issuer : Net::SSLeay::X509, $subject : Net::SSLeay::X509);

Calls native X509_check_issued function given the pointer value of $issuer, the pointer value of $subject, and returns its return value.

Exceptions:

The X509 object $issuer must be defined. Otherwise an exception is thrown.

The X509 object $subject must be defined. Otherwise an exception is thrown.

Instance Methods

get_serialNumber

method get_serialNumber : Net::SSLeay::ASN1_INTEGER ()

Calls native X509_get_serialNumber function given the pointer value of the instance, copies its return value using native ASN1_INTEGER_dup function, creates a new Net::SSLeay::ASN1_INTEGER object, sets the pointer value of the new object to the native copied value, and returns the new object.

get_issuer_name

method get_issuer_name : Net::SSLeay::X509_NAME ();

Calls native X509_get_issuer_name function given the pointer value of the instance, copies its return value using native X509_NAME_dup function, creates a new Net::SSLeay::X509_NAME object, sets the pointer value of the new object to the native copied value, and returns the new object.

get_subject_name

method get_subject_name : Net::SSLeay::X509_NAME ();

Calls native X509_get_subject_name function given the pointer value of the instance, copies its return value using native X509_NAME_dup function, creates a new Net::SSLeay::X509_NAME object, sets the pointer value of the new object to the native copied value, and returns the new object.

get_pubkey

method get_pubkey : Net::SSLeay::EVP_PKEY ();

Calls native X509_get_pubkey function, creates a new Net::SSLeay::EVP_PKEY object, sets the pointer value of the new object to the return vlaue of the native function, and returns the new object.

Exceptions:

If X509_get_ext failed, an exception is thrown with eval_error_id set to the basic type ID of Net::SSLeay::Error class.

pubkey_digest

method pubkey_digest : int ($type : Net::SSLeay::EVP_MD, $md : mutable string, $len_ref : int*);

Calls native X509_pubkey_digest function given the pointer value of the instance, $type, the pointer value of $md, $len_ref, and returns its return value.

Exceptions:

The digest type $type must be defined. Otherwise an exception is thrown.

The output buffer $md must be defined. Otherwise an exception is thrown.

The length of output buffer $md must be greater than or equal to EVP_MAX_MD_SIZE. Otherwise an exception is thrown.

If X509_pubkey_digest failed, an exception is thrown with eval_error_id set to the basic type ID of Net::SSLeay::Error class.

pubkey_digest_return_string

method pubkey_digest_return_string : string ($type : Net::SSLeay::EVP_MD);

Calls "pubkey_digest" method given appropriate arguments, and returns the output string.

get_ext_by_NID

method get_ext_by_NID : int ($nid : int, $lastpos : int);

Calls native X509_get_ext_by_NID function given the pointer value of the instance, $nid, $lastpos, and returns its return value.

Exceptions:

If X509_get_ext_by_NID failed, an exception is thrown with eval_error_id set to the basic type ID of Net::SSLeay::Error class.

get_ext_count

method get_ext_count : int ();

Calls native X509_get_ext_count function given the pointer value of the instance, and returns its return value.

get_ext

method get_ext : Net::SSLeay::X509_EXTENSION ($loc : int);

Calls native X509_get_ext function given the pointer value of the instance, $loc, copies its return value using native X509_EXTENSION_dup function, creates a new Net::SSLeay::X509_EXTENSION object, sets the pointer value of the new object to the native copied value, and returns the new object.

Exceptions:

If X509_get_ext failed, an exception is thrown with eval_error_id set to the basic type ID of Net::SSLeay::Error class.

get_subjectAltNames

method get_subjectAltNames : Net::SSLeay::GENERAL_NAME[] ();

Gets STACK_OF(GENERAL_NAME) data by the following native C codes. self is the pointer value of the instancce.

int32_t ext_loc = X509_get_ext_by_NID(self, NID_subject_alt_name, -1);
STACK_OF(GENERAL_NAME)* sans_stack = NULL;
if (ext_loc >= 0) {
  X509_EXTENSION* ext = X509_get_ext(self, ext_loc);
  assert(ext);
  sans_stack = STACK_OF(GENERAL_NAME) *)X509V3_EXT_d2i(ext);
}

And creates a new Net::SSLeay::GENERAL_NAME array,

And runs the following loop: copies the element at index $i of the return value(STACK_OF(GENERAL_NAME)) of the native function using native GENERAL_NAME_dup, creates a new Net::SSLeay::GENERAL_NAME object, sets the pointer value of the new object to the native copied value, and puses the new object to the new array.

And returns the new array.

get_ocsp_uri

method get_ocsp_uri : string ();

Returns OCSP URI in the certificate $cert.

If not found, returns undef.

Implementation:

An OCSP URI is got by the following native C codes. self is the pointer value of the instancce.

STACK_OF(ACCESS_DESCRIPTION)* ads_stack = X509_get_ext_d2i(self, NID_info_access, NULL, NULL);

void* obj_ocsp_uri = NULL;

if (ads_stack) {
  for (int32_t i = 0; i < sk_ACCESS_DESCRIPTION_num(ads_stack); i++) {
    ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(ads_stack, i);
    
    if (OBJ_obj2nid(ad->method) == NID_ad_OCSP && ad->location->type == GEN_URI) {
      
      const char* ocsp_uri = (const char*)ASN1_STRING_get0_data(ad->location->d.uniformResourceIdentifier);
      int32_t ocsp_uri_length = ASN1_STRING_length(ad->location->d.uniformResourceIdentifier);
      
      obj_ocsp_uri = env->new_string(env, stack, ocsp_uri, ocsp_uri_length);
      
      break;
    }
  }
}

digest

method digest : int ($type : Net::SSLeay::EVP_MD, $md : mutable string, $len_ref : int*);

Calls native X509_digest function given the pointer value of the instance, $type, the pointer value of $md, $len_ref, and returns its return value.

Exceptions:

The digest type $type must be defined. Otherwise an exception is thrown.

The output buffer $md must be defined. Otherwise an exception is thrown.

The length of output buffer $md must be greater than or equal to EVP_MAX_MD_SIZE. Otherwise an exception is thrown.

If X509_digest failed, an exception is thrown with eval_error_id set to the basic type ID of Net::SSLeay::Error class.

digest_return_string

method digest_return_string : string ($type : Net::SSLeay::EVP_MD);

Calls "digest" method given appropriate arguments, and returns the output string.

dup

method dup : Net::SSLeay::X509 ();

Calls native X509_dup function given the pointer value of the instance, creates a new Net::SSLeay::X509 object, sets the pointer value of the new object to the return value of the native function, and returns the new object.

DESTROY

method DESTROY : void ();

Calls native X509_free function given the pointer value of the instance if no_free flag of the instance is not a true value.

FAQ

How to create a new Net::SSLeay::X509 object?

A way is reading PEM file by calling native Net::SSLeay::PEM#read_bio_X509 method.

See Also

• Net::SSLeay::X509_STORE

• Net::SSLeay::PEM

• Net::SSLeay

Copyright & License

Copyright (c) 2023 Yuki Kimoto

MIT License

cpanm SPVM::Net::SSLeay

perl -MCPAN -e shell
install SPVM::Net::SSLeay