NAME

OpenCA::X509 - Perl extension for basic handling x509 Certificates.

SYNOPSIS

use OpenCA::X509;

DESCRIPTION

This module contains all functions needed for handling of X509 certificates. It requires some parameters to be passed such as a reference to a OpenCA::OpenSSL instance.

This module provides an interface to X509 structures, no specific crypto functions are performed (see the OpenCA::OpenSSL module for this). When not said different, default operational format is PEM.

FUNCTIONS

sub new () - Create a new instance of the Class.

This function creates an instance of the module. If you
provide a certificate it will be parsed and stored in
local variable(s) for later usage. The function will return
a blessed reference.

Accepted parameters are:

	SHELL       - Reference to an initialized
		      OpenCA::OpenSSL instance;
	CERTIFICATE - Certificate to stored in structure(*);
	INFILE      - Certificate file(*);
	FORMAT	    - Format of the provided certificate,
		      one of PEM|DER|NET(*);

(*) - Optional parameter.

EXAMPLE:

      $x509 = new OpenCA::X509( SHELL=>$crypto,
				CERTIFICATE=>$self->{cert});

sub initCert () - Use a new certificate.

	You can use a new certificate without having to get a
	new module reference. Accepted parameters are:

		CERTIFICATE   - Certificate data to be stored;
		FORMAT        - Provided certificate's format,
				one of PEM|DER|NET(*);

	EXAMPLE:

		if( not $x509->initCert( CERTIFICATE=>$self->{cert} ) ) 
                {
                    print "Error in storing certificate!";
                }

sub getParsed () - Get an hash structure from certificate

	By calling this function you can retrieve a reference to the
	parsed certificate (PERL hash). This structure will include,
	for example:

		$ret->{SERIAL}		## Serial Number
                $ret->{DN}		## Subject DN
                $ret->{EMAIL}		## Subject e-mail
                $ret->{CN}		## Subject CN
                $ret->{OU}		## Subject OU (list)
                $ret->{O}		## Subject Organization
                $ret->{C}		## Subject Country
                $ret->{ISSUER}		## Issuer DN
                $ret->{NOT_BEFORE}	## Not Before Date
                $ret->{NOT_AFTER}	## Not After Date (Expiration)
                $ret->{PK_ALGORITHM}	## Algorithm used (RSA,DSA,..)
                $ret->{MODULUS}		## Modulus (Size in bits)
                $ret->{EXPONENT}	## Exponent

	EXAMPLE:

		my $self->{parsedItem} = $x509->parseCertificate();

		print $self->{parsedItem}->{SERIAL};
		foreach $ou ( @{ $self->{parsedItem}->{OU} } ) {
			print "OU=$ou, ";
		}

sub status () - Get certificate status

Get certificate status using provided OpenCA::CRL initialized
reference as argument. Returned status can be Valid, Revoked,
Expired and Unknown. Accepted arguments:

	CRL   - Crl to check certificate status;

The returned structure is:

	$status->{STATUS};
	$status->{REVOKATION_DATE};
	$status->{EXPIRATION_DATE};

EXAMPLE:

	my $status = $x509->status( CRL=>$crl );
	print $status->{STATUS};

sub getPEM () - Get certificate in PEM format.

Get certificate in PEM format.

EXAMPLE:

	$pem = $x509->getPEM();

sub getDER () - Get certificate in DER format.

Get certificate in DER format.

EXAMPLE:

	$der = $x509->getDER();

sub getTXT () - Get certificate in TXT format.

Get certificate in TXT format.

EXAMPLE:

	$der = $x509->getTXT();

AUTHOR

Massimiliano Pala <madwolf@openca.org>

SEE ALSO

OpenCA::OpenSSL, OpenCA::CRL, OpenCA::REQ, OpenCA::X509