NAME

Web::ID::Certificate - an x509 certificate

SYNOPSIS

my $cert = Web::ID::Certificate->new(pem => $pem_encoded_x509);
foreach (@{ $cert->subject_alt_names })
{
  say "SAN: ", $_->type, " = ", $_->value;
}

DESCRIPTION

Constructor

new

Standard Moose-style constructor. (This class uses Any::Moose.)

Attributes

pem

A PEM-encoded string for the certificate.

This is usually the only attribute you want to pass to the constructor. Allow the others to be built automatically.

public_key

A Web::ID::RSAKey object.

fingerprint

A string identifier for the certificate. It is the lower-cased hexadecimal SHA1 hash of the DER-encoded certificate.

This is not used in WebID authentication, but may be used as an identifier for the certificate if you need to keep it in a cache.

not_before

DateTime object indicating when the certificate started (or will start) to be valid.

not_after

DateTime object indicating when the certificate will cease (or has ceased) to be valid.

subject_alt_names

An arrayref containing a list of subject alt names (Web::ID::SAN objects) associated with the certificate. These are sorted in the order they'll be tried for WebID authentication.

san_factory

A coderef used for building Web::ID::SAN objects. It's very unlikely you need to play with this - the default is probably OK. But changing this is "supported" (in so much as any of this is supported).

The coderef is passed a hash (not hashref) along the lines of:

(
  type  => 'uniformResourceIdentifier',
  value => 'http://example.com/id/alice',
)

Methods

timely

Checks not_before and not_after against the current system time to indicate whether the certifixate is temporally valid. Returns a boolean.

You can optionally pass it a DateTime object to use instead of the current system time.

exponent

Delegated to the public_key attribute.

modulus

Delegated to the public_key attribute.

BUGS

Please report any bugs to http://rt.cpan.org/Dist/Display.html?Queue=Web-ID.

SEE ALSO

Web::ID, Web::ID::SAN, Web::ID::RSAKey.

Web::ID::Certificate::Generator - augments this class to add the ability to generate new WebID certificates.

Crypt::X509 provides a pure Perl X.509 certificate parser, and is used internally by this module.

AUTHOR

Toby Inkster <tobyink@cpan.org>.

COPYRIGHT AND LICENCE

This software is copyright (c) 2012 by Toby Inkster.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

DISCLAIMER OF WARRANTIES

THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.