/ 
Crypt-Perl-0.19
/ Crypt::Perl::X509::Extensions
Security Advisories (2)
CVE-2020-17478 (2020-08-10)

ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly consider timing attacks against the EC point multiplication algorithm.

CVE-2020-13895 (2020-06-07)

Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module before 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 (prime256v1). This could conceivably have a security-relevant impact if an attacker wishes to use public r and s values when guessing whether signature verification will fail.

NAME

Crypt::Perl::X509::Extensions - extensions list for X.509 certificates

SYNOPSIS

#Each object passed should be an instance of a subclass of
#Crypt::Perl::X509::Extension
my $exreq = Crypt::Perl::X509::Extensions->new( @EXTN_OBJS );

#...or:

my $exreq = Crypt::Perl::X509::Extensions->new(
    [ $extn_type1 => @args1 ],
    [ $extn_type2 => @args2 ],
);

#...for example:

my $exreq = Crypt::Perl::X509::Extensions->new(
    [ 'subjectAltName',
        [ dNSName => 'foo.com' ],
        [ dNSName => 'haha.tld' ],
    ],
);

DESCRIPTION

Instances of this class represent the list of extensions in an X.509 (SSL) certificate.

You probably don’t need to instantiate this class directly; instead, you can instantiate it implicitly by listing out arguments to Crypt::Perl::X509v3’s constructor. See that module’s SYNOPSIS for an example.

Look in the Crypt::Perl distribution’s Crypt::Perl::X509::Extension namespace for supported extensions.