Socket-Class
view release on metacpan or search on metacpan
xs/sc_ssl/CTX.pod view on Meta::CPAN
$ssl = Socket::Class::SSL->startssl( $sock, 'use_ctx' => $ctx, ... );
=head1 DESCRIPTION
The module creates shared ssl context for improved performance.
=head2 Functions in alphabetical order
=over
L<check_private_key|Socket::Class::SSL::CTX/check_private_key>,
L<enable_compatibility|Socket::Class::SSL::CTX/enable_compatibility>,
L<new|Socket::Class::SSL::CTX/new>,
L<set_certificate|Socket::Class::SSL::CTX/set_certificate>,
L<set_cipher_list|Socket::Class::SSL::CTX/set_cipher_list>,
L<set_client_ca|Socket::Class::SSL::CTX/set_client_ca>,
L<set_private_key|Socket::Class::SSL::CTX/set_private_key>,
L<set_ssl_method|Socket::Class::SSL::CTX/set_ssl_method>,
L<set_verify_locations|Socket::Class::SSL::CTX/set_verify_locations>,
=back
=head1 EXAMPLES
=head2 SSL Server using fork
I<thanks to J. Nick Koston>
use Socket::Class::SSL;
%ssl_args = (
'private_key' => '/path/to/server.key.pem',
'certificate' => '/path/to/server.crt.pem',
'cipher_list' => 'ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP'
);
# create shared context
$ssl_ctx = Socket::Class::SSL::CTX->new(
'server' => 1,
%ssl_args
) or die $@;
xs/sc_ssl/CTX.pod view on Meta::CPAN
=over
=item B<new ( [%arg] )>
Additional arguments for the constructor.
=for formatter none
certificate Path to certificate file in PEM format
private_key Path to private key file in PEM format
client_ca Path to PEM formatted file with CA certificates
to send to the client
ca_file A file of CA certificates in PEM format
ca_path A directory containing CA certificates in PEM format
ssl_method One of "SSLv2", "SSLv23", "SSLv3" or "TLSv1"
default method is SSLv23
cipher_list A string representing a list of availables ciphers
The format is described at
http://www.openssl.org/docs/apps/ciphers.html
server Create server context on true value. False by default.
xs/sc_ssl/CTX.pod view on Meta::CPAN
=item I<$certificate>
Path to certificate file in PEM format.
=back
B<Return Values>
Returns a TRUE value on success or UNDEF on failure.
=item B<set_private_key ( $private_key )>
Adds a private key to the socket.
To change a certificate, private key pair the new certificate needs
to be set before setting the private key.
B<Parameters>
=over
=item I<$private_key>
Path to private key file in PEM format.
=back
B<Return Values>
Returns a TRUE value on success or UNDEF on failure.
=item B<check_private_key ()>
Verifies that the private key agrees with the corresponding public key
in the certificate.
Returns a TRUE value on success or UNDEF on failure.
The most likely causes of errors:
=over
xs/sc_ssl/SSL.pod view on Meta::CPAN
=head1 DESCRIPTION
The module inherits L<Socket::Class> and adds SSL support implemented
by the OpenSSL Toolkit.
Only the differences to Socket::Class are documented here.
=head2 Functions in alphabetical order
=over
L<check_private_key|Socket::Class::SSL/check_private_key>,
L<create_client_context|Socket::Class::SSL/create_client_context>,
L<create_server_context|Socket::Class::SSL/create_server_context>,
L<enable_compatibility|Socket::Class::SSL/enable_compatibility>,
L<get_cipher_name|Socket::Class::SSL/get_cipher_name>,
L<get_cipher_version|Socket::Class::SSL/get_cipher_version>,
L<new|Socket::Class::SSL/new>,
L<set_certificate|Socket::Class::SSL/set_certificate>,
L<set_cipher_list|Socket::Class::SSL/set_cipher_list>,
L<set_client_ca|Socket::Class::SSL/set_client_ca>,
L<set_private_key|Socket::Class::SSL/set_private_key>,
L<set_ssl_method|Socket::Class::SSL/set_ssl_method>,
L<set_verify_locations|Socket::Class::SSL/set_verify_locations>,
L<startssl|Socket::Class::SSL/startssl>,
L<starttls|Socket::Class::SSL/starttls>
=back
=head1 EXAMPLES
=head2 Simple HTTPS Server
use Socket::Class::SSL;
$s = Socket::Class::SSL->new(
'local_port' => 10443,
'listen' => 10,
#'private_key' => 'cert/server.key',
#'certificate' => 'cert/server.crt',
) or die Socket::Class->error;
while( $c = $s->accept ) {
# read request header
while( $l = $c->readline ) {
print $l, "\n";
}
# send response header
$c->write(
xs/sc_ssl/SSL.pod view on Meta::CPAN
=over
=item B<new ( [%arg] )>
Additional arguments for the constructor.
=for formatter none
certificate Path to certificate file in PEM format
private_key Path to private key file in PEM format
client_ca Path to PEM formatted file with CA certificates
to send to the client
ca_file A file of CA certificates in PEM format
ca_path A directory containing CA certificates in PEM format
ssl_method One of "SSLv2", "SSLv23", "SSLv3" or "TLSv1"
default method is SSLv23
cipher_list A string representing a list of availables ciphers
The format is described at
http://www.openssl.org/docs/apps/ciphers.html
xs/sc_ssl/SSL.pod view on Meta::CPAN
=item I<$certificate>
Path to certificate file in PEM format.
=back
B<Return Values>
Returns a TRUE value on success or UNDEF on failure.
=item B<set_private_key ( $private_key )>
Adds a private key to the socket.
To change a certificate, private key pair the new certificate needs
to be set before setting the private key.
B<Parameters>
=over
=item I<$private_key>
Path to private key file in PEM format.
=back
B<Return Values>
Returns a TRUE value on success or UNDEF on failure.
=item B<check_private_key ()>
Verifies that the private key agrees with the corresponding public key
in the certificate.
Returns a TRUE value on success or UNDEF on failure.
The most likely causes of errors:
=over
xs/sc_ssl/SSL.pod view on Meta::CPAN
PREINIT:
sc_t *socket;
char *args[8];
int r;
SV *sv;
PPCODE:
args[0] = "local_port";
args[1] = "443";
args[2] = "listen";
args[3] = "10";
args[4] = "private_key";
args[5] = "/path/to/private_key.pem";
args[6] = "certificate";
args[7] = "/path/to/certificate.pem";
r = g_mod_sc_ssl->sc_create(args, 8, &socket);
if (r != SC_OK)
croak(g_mod_sc_ssl->sc_get_error(NULL));
g_mod_sc_ssl->sc_create_class(socket, NULL, &sv);
ST(0) = sv_2mortal(sv);
XSRETURN(1);
=for formatter perl
xs/sc_ssl/SSL.xs view on Meta::CPAN
mod_sc_ssl.sc_printf = mod_sc_ssl_printf;
mod_sc_ssl.sc_vprintf = mod_sc_ssl_vprintf;
mod_sc_ssl.sc_available = mod_sc_ssl_available;
mod_sc_ssl.sc_set_userdata = mod_sc_ssl_set_userdata;
mod_sc_ssl.sc_get_userdata = mod_sc_ssl_get_userdata;
/* set additional functions */
mod_sc_ssl.sc_ssl_version = XS_VERSION;
mod_sc_ssl.sc_ssl_create_server_context = mod_sc_ssl_create_server_context;
mod_sc_ssl.sc_ssl_create_client_context = mod_sc_ssl_create_client_context;
mod_sc_ssl.sc_ssl_set_certificate = mod_sc_ssl_set_certificate;
mod_sc_ssl.sc_ssl_set_private_key = mod_sc_ssl_set_private_key;
mod_sc_ssl.sc_ssl_set_client_ca = mod_sc_ssl_set_client_ca;
mod_sc_ssl.sc_ssl_set_verify_locations = mod_sc_ssl_set_verify_locations;
mod_sc_ssl.sc_ssl_check_private_key = mod_sc_ssl_check_private_key;
mod_sc_ssl.sc_ssl_enable_compatibility = mod_sc_ssl_enable_compatibility;
mod_sc_ssl.sc_ssl_get_cipher_name = mod_sc_ssl_get_cipher_name;
mod_sc_ssl.sc_ssl_get_cipher_version = mod_sc_ssl_get_cipher_version;
mod_sc_ssl.sc_ssl_get_version = mod_sc_ssl_get_version;
mod_sc_ssl.sc_ssl_starttls = mod_sc_ssl_starttls;
mod_sc_ssl.sc_ssl_set_ssl_method = mod_sc_ssl_set_ssl_method;
mod_sc_ssl.sc_ssl_set_cipher_list = mod_sc_ssl_set_cipher_list;
mod_sc_ssl.sc_ssl_read_packet = mod_sc_ssl_read_packet;
mod_sc_ssl.sc_ssl_ctx_create = mod_sc_ssl_ctx_create;
mod_sc_ssl.sc_ssl_ctx_destroy = mod_sc_ssl_ctx_destroy;
mod_sc_ssl.sc_ssl_ctx_create_class = mod_sc_ssl_ctx_create_class;
mod_sc_ssl.sc_ssl_ctx_from_class = mod_sc_ssl_ctx_from_class;
mod_sc_ssl.sc_ssl_ctx_set_ssl_method = mod_sc_ssl_ctx_set_ssl_method;
mod_sc_ssl.sc_ssl_ctx_set_private_key = mod_sc_ssl_ctx_set_private_key;
mod_sc_ssl.sc_ssl_ctx_set_certificate = mod_sc_ssl_ctx_set_certificate;
mod_sc_ssl.sc_ssl_ctx_set_client_ca = mod_sc_ssl_ctx_set_client_ca;
mod_sc_ssl.sc_ssl_ctx_set_verify_locations = mod_sc_ssl_ctx_set_verify_locations;
mod_sc_ssl.sc_ssl_ctx_set_cipher_list = mod_sc_ssl_ctx_set_cipher_list;
mod_sc_ssl.sc_ssl_ctx_check_private_key = mod_sc_ssl_ctx_check_private_key;
mod_sc_ssl.sc_ssl_ctx_enable_compatibility = mod_sc_ssl_ctx_enable_compatibility;
/* store the c module interface in the modglobal hash */
(void) hv_store( PL_modglobal,
"Socket::Class::SSL", 18, newSViv( PTR2IV( &mod_sc_ssl ) ), 0 );
/* openssl initialization */
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
Zero( &sc_ssl_global, 1, sc_ssl_global_t );
sc_ssl_global.process_id = PROCESS_ID();
xs/sc_ssl/SSL.xs view on Meta::CPAN
s = my_strcpy( s, ";SSL=" );
s = my_strcpy( s, SSL_get_version( ud->ssl ) );
}
*s ++ = ')';
*s = '\0';
ST(0) = sv_2mortal( newSVpvn( tmp, (s - tmp) ) );
XSRETURN(1);
#/*****************************************************************************
# * SSL_set_private_key( this, private_key )
# *****************************************************************************/
void
SSL_set_private_key( this, private_key )
SV *this;
char *private_key;
PREINIT:
sc_t *socket;
PPCODE:
if( (socket = mod_sc->sc_get_socket( this )) == NULL )
XSRETURN_EMPTY;
if( mod_sc_ssl_set_private_key( socket, private_key ) != SC_OK )
XSRETURN_EMPTY;
XSRETURN_YES;
#/*****************************************************************************
# * SSL_set_certificate( this, certificate )
# *****************************************************************************/
void
SSL_set_certificate( this, certificate )
xs/sc_ssl/SSL.xs view on Meta::CPAN
sc_t *socket;
PPCODE:
if( (socket = mod_sc->sc_get_socket( this )) == NULL )
XSRETURN_EMPTY;
if( mod_sc_ssl_create_server_context( socket ) != SC_OK )
XSRETURN_EMPTY;
XSRETURN_YES;
#/*****************************************************************************
# * SSL_check_private_key( this )
# *****************************************************************************/
void
SSL_check_private_key( this )
SV *this;
PREINIT:
sc_t *socket;
PPCODE:
if( (socket = mod_sc->sc_get_socket( this )) == NULL )
XSRETURN_EMPTY;
if( mod_sc_ssl_check_private_key( socket ) != SC_OK )
XSRETURN_EMPTY;
XSRETURN_YES;
#/*****************************************************************************
# * SSL_enable_compatibility( this )
# *****************************************************************************/
void
SSL_enable_compatibility( this )
xs/sc_ssl/SSL.xs view on Meta::CPAN
sc_ssl_ctx_t *ctx;
PPCODE:
if( (ctx = mod_sc_ssl_ctx_from_class( this )) == NULL )
XSRETURN_EMPTY;
if( mod_sc_ssl_ctx_set_ssl_method( ctx, name ) != SC_OK )
XSRETURN_EMPTY;
XSRETURN_YES;
#/*****************************************************************************
# * CTX_set_private_key( this, pk )
# *****************************************************************************/
void
CTX_set_private_key( this, pk )
SV *this;
char *pk;
PREINIT:
sc_ssl_ctx_t *ctx;
PPCODE:
if( (ctx = mod_sc_ssl_ctx_from_class( this )) == NULL )
XSRETURN_EMPTY;
if( mod_sc_ssl_ctx_set_private_key( ctx, pk ) != SC_OK )
XSRETURN_EMPTY;
XSRETURN_YES;
#/*****************************************************************************
# * CTX_set_certificate( this, crt )
# *****************************************************************************/
void
CTX_set_certificate( this, crt )
xs/sc_ssl/SSL.xs view on Meta::CPAN
sc_ssl_ctx_t *ctx;
PPCODE:
if( (ctx = mod_sc_ssl_ctx_from_class( this )) == NULL )
XSRETURN_EMPTY;
if( mod_sc_ssl_ctx_set_cipher_list( ctx, str ) != SC_OK )
XSRETURN_EMPTY;
XSRETURN_YES;
#/*****************************************************************************
# * CTX_check_private_key( this )
# *****************************************************************************/
void
CTX_check_private_key( this )
SV *this;
PREINIT:
sc_ssl_ctx_t *ctx;
PPCODE:
if( (ctx = mod_sc_ssl_ctx_from_class( this )) == NULL )
XSRETURN_EMPTY;
if( mod_sc_ssl_ctx_check_private_key( ctx ) != SC_OK )
XSRETURN_EMPTY;
XSRETURN_YES;
#/*****************************************************************************
# * CTX_enable_compatibility( this )
# *****************************************************************************/
void
CTX_enable_compatibility( this )
xs/sc_ssl/mod_sc_ssl.inc.h view on Meta::CPAN
typedef struct st_sc_ssl_ctx sc_ssl_ctx_t;
struct st_mod_sc_ssl {
/* st_mod_sc included by Makefile.PL */
/* !include st_mod_sc */
/* ssl extension starts here */
const char *sc_ssl_version; /* XS_VERSION */
int (*sc_ssl_create_server_context) ( sc_t *socket );
int (*sc_ssl_create_client_context) ( sc_t *socket );
int (*sc_ssl_set_certificate) ( sc_t *socket, const char *fn );
int (*sc_ssl_set_private_key) ( sc_t *socket, const char *fn );
int (*sc_ssl_set_client_ca) ( sc_t *socket, const char *fn );
int (*sc_ssl_set_verify_locations) (
sc_t *socket, const char *cafile, const char *capath
);
int (*sc_ssl_check_private_key) ( sc_t *socket );
int (*sc_ssl_enable_compatibility) ( sc_t *socket );
const char *(*sc_ssl_get_cipher_name) ( sc_t *socket );
const char *(*sc_ssl_get_cipher_version) ( sc_t *socket );
/* since version 1.1 */
const char *(*sc_ssl_get_version) ( sc_t *socket );
/* since version 1.2, changed in version 1.31 */
int (*sc_ssl_starttls) ( sc_t *socket, char **args, int argc );
/* since version 1.3 */
int (*sc_ssl_set_ssl_method) ( sc_t *socket, const char *name );
int (*sc_ssl_set_cipher_list) ( sc_t *socket, const char *str );
xs/sc_ssl/mod_sc_ssl.inc.h view on Meta::CPAN
sc_t *socket, char *separator, size_t max, char **p_buf, int *p_len
);
/* since version 1.4 */
int (*sc_ssl_ctx_create) (
char **args, int argc, sc_ssl_ctx_t **p_ctx
);
int (*sc_ssl_ctx_destroy) ( sc_ssl_ctx_t *ctx );
int (*sc_ssl_ctx_create_class) ( sc_ssl_ctx_t *ctx, SV **p_sv );
sc_ssl_ctx_t *(*sc_ssl_ctx_from_class) ( SV *sv );
int (*sc_ssl_ctx_set_ssl_method) ( sc_ssl_ctx_t *ctx, const char *name );
int (*sc_ssl_ctx_set_private_key) ( sc_ssl_ctx_t *ctx, const char *pk );
int (*sc_ssl_ctx_set_certificate) ( sc_ssl_ctx_t *ctx, const char *crt );
int (*sc_ssl_ctx_set_client_ca) ( sc_ssl_ctx_t *ctx, const char *str );
int (*sc_ssl_ctx_set_verify_locations) (
sc_ssl_ctx_t *ctx, const char *cafile, const char *capath
);
int (*sc_ssl_ctx_set_cipher_list) ( sc_ssl_ctx_t *ctx, const char *str );
int (*sc_ssl_ctx_check_private_key) ( sc_ssl_ctx_t *ctx );
int (*sc_ssl_ctx_enable_compatibility) ( sc_ssl_ctx_t *ctx );
};
#endif /* _MOD_SC_SSL_H_ */
xs/sc_ssl/openssl/source/CHANGES.SSLeay view on Meta::CPAN
This file also contains the 'pref_cipher' list which is the default
cipher preference order.
- I'm not currently sure if the 'rsa -inform net' and the 'rsa -outform net'
options work. They should, and they enable loading and writing the
netscape rsa private key format. I will be re-working this section of
SSLeay for the next version. What is currently in place is a quick and
dirty hack.
- I've re-written parts of the bignum library. This gives speedups
for all platforms. I now provide assembler for use under Windows NT.
I have not tested the Windows 3.1 assembler but it is quite simple code.
This gives RSAprivate_key operation encryption times of 0.047s (512bit key)
and 0.230s (1024bit key) on a pentium 100 which I consider reasonable.
Basically the times available under linux/solaris x86 can be achieve under
Windows NT. I still don't know how these times compare to RSA's BSAFE
library but I have been emailing with people and with their help, I should
be able to get my library's quite a bit faster still (more algorithm changes).
The object file crypto/bn/asm/x86-32.obj should be used when linking
under NT.
- 'make makefile.one' in the top directory will generate a single makefile
called 'makefile.one' This makefile contains no perl references and
will build the SSLeay library into the 'tmp' and 'out' directories.
xs/sc_ssl/openssl/source/apps/apps.c view on Meta::CPAN
{
BIO_printf(err,"no keyfile specified\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
if (format == FORMAT_ENGINE)
{
if (!e)
BIO_printf(bio_err,"no engine specified\n");
else
pkey = ENGINE_load_private_key(e, file,
ui_method, &cb_data);
goto end;
}
#endif
key=BIO_new(BIO_s_file());
if (key == NULL)
{
ERR_print_errors(err);
goto end;
}
xs/sc_ssl/openssl/source/apps/ca.c view on Meta::CPAN
#define ENV_DIR "dir"
#define ENV_CERTS "certs"
#define ENV_CRL_DIR "crl_dir"
#define ENV_CA_DB "CA_DB"
#define ENV_NEW_CERTS_DIR "new_certs_dir"
#define ENV_CERTIFICATE "certificate"
#define ENV_SERIAL "serial"
#define ENV_CRLNUMBER "crlnumber"
#define ENV_CRL "crl"
#define ENV_PRIVATE_KEY "private_key"
#define ENV_RANDFILE "RANDFILE"
#define ENV_DEFAULT_DAYS "default_days"
#define ENV_DEFAULT_STARTDATE "default_startdate"
#define ENV_DEFAULT_ENDDATE "default_enddate"
#define ENV_DEFAULT_CRL_DAYS "default_crl_days"
#define ENV_DEFAULT_CRL_HOURS "default_crl_hours"
#define ENV_DEFAULT_MD "default_md"
#define ENV_DEFAULT_EMAIL_DN "email_in_dn"
#define ENV_PRESERVE "preserve"
#define ENV_POLICY "policy"
xs/sc_ssl/openssl/source/apps/ca.c view on Meta::CPAN
section,ENV_CERTIFICATE)) == NULL))
{
lookup_fail(section,ENV_CERTIFICATE);
goto err;
}
x509=load_cert(bio_err, certfile, FORMAT_PEM, NULL, e,
"CA certificate");
if (x509 == NULL)
goto err;
if (!X509_check_private_key(x509,pkey))
{
BIO_printf(bio_err,"CA certificate and CA private key do not match\n");
goto err;
}
}
if (!selfsign) x509p = x509;
f=NCONF_get_string(conf,BASE_SECTION,ENV_PRESERVE);
if (f == NULL)
ERR_clear_error();
xs/sc_ssl/openssl/source/apps/ca.c view on Meta::CPAN
{
BIO_printf(bio_err,"Error reading certificate request in %s\n",
infile);
goto err;
}
if (verbose)
X509_REQ_print(bio_err,req);
BIO_printf(bio_err,"Check that the request matches the signature\n");
if (selfsign && !X509_REQ_check_private_key(req,pkey))
{
BIO_printf(bio_err,"Certificate request and CA private key do not match\n");
ok=0;
goto err;
}
if ((pktmp=X509_REQ_get_pubkey(req)) == NULL)
{
BIO_printf(bio_err,"error unpacking public key\n");
goto err;
}
xs/sc_ssl/openssl/source/apps/openssl-vms.cnf view on Meta::CPAN
database = $dir]index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir.newcerts] # default place for new certs.
certificate = $dir]cacert.pem # The CA certificate
serial = $dir]serial. # The current serial number
crlnumber = $dir]crlnumber. # the current crl number
# must be commented out to leave a V1 CRL
crl = $dir]crl.pem # The current CRL
private_key = $dir.private]cakey.pem# The private key
RANDFILE = $dir.private].rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
# Extension copying option: use with caution.
xs/sc_ssl/openssl/source/apps/openssl.cnf view on Meta::CPAN
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crlnumber = $dir/crlnumber # the current crl number
# must be commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = usr_cert # The extentions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
# Extension copying option: use with caution.
xs/sc_ssl/openssl/source/apps/pkcs12.c view on Meta::CPAN
"certificates");
if (!certs)
goto export_end;
if (key)
{
/* Look for matching private key */
for(i = 0; i < sk_X509_num(certs); i++)
{
x = sk_X509_value(certs, i);
if(X509_check_private_key(x, key))
{
ucert = x;
/* Zero keyid and alias */
X509_keyid_set1(ucert, NULL, 0);
X509_alias_set1(ucert, NULL, 0);
/* Remove from list */
(void)sk_X509_delete(certs, i);
break;
}
}
xs/sc_ssl/openssl/source/apps/s_cb.c view on Meta::CPAN
}
SSL_free(ssl);
*/
/* If we are using DSA, we can copy the parameters from
* the private key */
/* Now we know that a key and cert have been set against
* the SSL context */
if (!SSL_CTX_check_private_key(ctx))
{
BIO_printf(bio_err,"Private key does not match the certificate public key\n");
return(0);
}
}
return(1);
}
int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
{
xs/sc_ssl/openssl/source/apps/s_cb.c view on Meta::CPAN
if (SSL_CTX_use_PrivateKey(ctx,key) <= 0)
{
BIO_printf(bio_err,"error setting private key\n");
ERR_print_errors(bio_err);
return 0;
}
/* Now we know that a key and cert have been set against
* the SSL context */
if (!SSL_CTX_check_private_key(ctx))
{
BIO_printf(bio_err,"Private key does not match the certificate public key\n");
return 0;
}
return 1;
}
long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
int argi, long argl, long ret)
{
xs/sc_ssl/openssl/source/apps/ts.c view on Meta::CPAN
BIO_printf(bio_err, "usage:\n"
"ts -query [-rand file%cfile%c...] [-config configfile] "
"[-data file_to_hash] [-digest digest_bytes]"
"[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] "
"[-policy object_id] [-no_nonce] [-cert] "
"[-in request.tsq] [-out request.tsq] [-text]\n",
LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, "or\n"
"ts -reply [-config configfile] [-section tsa_section] "
"[-queryfile request.tsq] [-passin password] "
"[-signer tsa_cert.pem] [-inkey private_key.pem] "
"[-chain certs_file.pem] [-policy object_id] "
"[-in response.tsr] [-token_in] "
"[-out response.tsr] [-token_out] [-text] [-engine id]\n");
BIO_printf(bio_err, "or\n"
"ts -verify [-data file_to_hash] [-digest digest_bytes] "
"[-queryfile request.tsq] "
"-in response.tsr [-token_in] "
"-CApath ca_path -CAfile ca_file.pem "
"-untrusted cert_file.pem\n");
cleanup:
xs/sc_ssl/openssl/source/apps/tsget view on Meta::CPAN
}
}
return ($ts_body, $error_string);
}
# Print usage information and exists.
sub usage {
print STDERR "usage: $0 -h <server_url> [-e <extension>] [-o <output>] ";
print STDERR "[-v] [-d] [-k <private_key.pem>] [-p <key_password>] ";
print STDERR "[-c <client_cert.pem>] [-C <CA_certs.pem>] [-P <CA_path>] ";
print STDERR "[-r <file:file...>] [-g <EGD_socket>] [<request>]...\n";
exit 1;
}
# ----------------------------------------------------------------------
# Main program
# ----------------------------------------------------------------------
# Getting command-line options (default comes from TSGET environment variable).
xs/sc_ssl/openssl/source/apps/x509.c view on Meta::CPAN
goto end;
/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/
/* NOTE: this certificate can/should be self signed, unless it was
* a certificate request in which case it is not. */
X509_STORE_CTX_set_cert(&xsc,x);
if (!reqfile && X509_verify_cert(&xsc) <= 0)
goto end;
if (!X509_check_private_key(xca,pkey))
{
BIO_printf(bio_err,"CA certificate and CA private key do not match\n");
goto end;
}
if (!X509_set_issuer_name(x,X509_get_subject_name(xca))) goto end;
if (!X509_set_serialNumber(x,bs)) goto end;
if (X509_gmtime_adj(X509_get_notBefore(x),0L) == NULL)
goto end;
xs/sc_ssl/openssl/source/crypto/asn1/n_pkey.c view on Meta::CPAN
#include <openssl/evp.h>
#include <openssl/x509.h>
#ifndef OPENSSL_NO_RC4
typedef struct netscape_pkey_st
{
long version;
X509_ALGOR *algor;
ASN1_OCTET_STRING *private_key;
} NETSCAPE_PKEY;
typedef struct netscape_encrypted_pkey_st
{
ASN1_OCTET_STRING *os;
/* This is the same structure as DigestInfo so use it:
* although this isn't really anything to do with
* digests.
*/
X509_SIG *enckey;
xs/sc_ssl/openssl/source/crypto/asn1/n_pkey.c view on Meta::CPAN
ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG)
} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY)
DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY,NETSCAPE_ENCRYPTED_PKEY)
IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
ASN1_SEQUENCE(NETSCAPE_PKEY) = {
ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG),
ASN1_SIMPLE(NETSCAPE_PKEY, algor, X509_ALGOR),
ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(NETSCAPE_PKEY)
DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY)
IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
int (*cb)(char *buf, int len, const char *prompt,
int verify),
int sgckey);
xs/sc_ssl/openssl/source/crypto/asn1/n_pkey.c view on Meta::CPAN
pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
pkey->algor->parameter->type=V_ASN1_NULL;
rsalen = i2d_RSAPrivateKey(a, NULL);
/* Fake some octet strings just for the initial length
* calculation.
*/
pkey->private_key->length=rsalen;
pkeylen=i2d_NETSCAPE_PKEY(pkey,NULL);
enckey->enckey->digest->length = pkeylen;
enckey->os->length = 11; /* "private-key" */
enckey->enckey->algor->algorithm=OBJ_nid2obj(NID_rc4);
if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
enckey->enckey->algor->parameter->type=V_ASN1_NULL;
xs/sc_ssl/openssl/source/crypto/asn1/n_pkey.c view on Meta::CPAN
}
/* Since its RC4 encrypted length is actual length */
if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL)
{
ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
goto err;
}
pkey->private_key->data = zz;
/* Write out private key encoding */
i2d_RSAPrivateKey(a,&zz);
if ((zz=OPENSSL_malloc(pkeylen)) == NULL)
{
ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
goto err;
}
if (!ASN1_STRING_set(enckey->os, "private-key", -1))
{
ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
goto err;
}
enckey->enckey->digest->data = zz;
i2d_NETSCAPE_PKEY(pkey,&zz);
/* Wipe the private key encoding */
OPENSSL_cleanse(pkey->private_key->data, rsalen);
if (cb == NULL)
cb=EVP_read_pw_string;
i=cb((char *)buf,256,"Enter Private Key password:",1);
if (i != 0)
{
ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ);
goto err;
}
i = strlen((char *)buf);
xs/sc_ssl/openssl/source/crypto/asn1/n_pkey.c view on Meta::CPAN
os->length=i+j;
zz=os->data;
if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL)
{
ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
goto err;
}
zz=pkey->private_key->data;
if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
{
ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
goto err;
}
err:
NETSCAPE_PKEY_free(pkey);
return(ret);
}
#endif /* OPENSSL_NO_RC4 */
xs/sc_ssl/openssl/source/crypto/asn1/t_pkey.c view on Meta::CPAN
public_key = EC_KEY_get0_public_key(x);
if ((pub_key = EC_POINT_point2bn(group, public_key,
EC_KEY_get_conv_form(x), NULL, ctx)) == NULL)
{
reason = ERR_R_EC_LIB;
goto err;
}
buf_len = (size_t)BN_num_bytes(pub_key);
priv_key = EC_KEY_get0_private_key(x);
if (priv_key != NULL)
{
if ((i = (size_t)BN_num_bytes(priv_key)) > buf_len)
buf_len = i;
}
buf_len += 10;
if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
{
reason = ERR_R_MALLOC_FAILURE;
xs/sc_ssl/openssl/source/crypto/cms/cms_sd.c view on Meta::CPAN
}
CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
unsigned int flags)
{
CMS_SignedData *sd;
CMS_SignerInfo *si = NULL;
X509_ALGOR *alg;
int i, type;
if(!X509_check_private_key(signer, pk))
{
CMSerr(CMS_F_CMS_ADD1_SIGNER,
CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
return NULL;
}
sd = cms_signed_data_init(cms);
if (!sd)
goto err;
si = M_ASN1_new_of(CMS_SignerInfo);
if (!si)
xs/sc_ssl/openssl/source/crypto/ec/ec.h view on Meta::CPAN
EC_KEY *EC_KEY_new(void);
EC_KEY *EC_KEY_new_by_curve_name(int nid);
void EC_KEY_free(EC_KEY *);
EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *);
EC_KEY *EC_KEY_dup(const EC_KEY *);
int EC_KEY_up_ref(EC_KEY *);
const EC_GROUP *EC_KEY_get0_group(const EC_KEY *);
int EC_KEY_set_group(EC_KEY *, const EC_GROUP *);
const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *);
int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *);
const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *);
int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *);
unsigned EC_KEY_get_enc_flags(const EC_KEY *);
void EC_KEY_set_enc_flags(EC_KEY *, unsigned int);
point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *);
void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t);
/* functions to set/get method specific data */
void *EC_KEY_get_key_method_data(EC_KEY *,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
void EC_KEY_insert_key_method_data(EC_KEY *, void *data,
xs/sc_ssl/openssl/source/crypto/ec/ec_key.c view on Meta::CPAN
}
int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group)
{
if (key->group != NULL)
EC_GROUP_free(key->group);
key->group = EC_GROUP_dup(group);
return (key->group == NULL) ? 0 : 1;
}
const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key)
{
return key->priv_key;
}
int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key)
{
if (key->priv_key)
BN_clear_free(key->priv_key);
key->priv_key = BN_dup(priv_key);
return (key->priv_key == NULL) ? 0 : 1;
}
const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key)
{
return key->pub_key;
xs/sc_ssl/openssl/source/crypto/ecdh/ecdhtest.c view on Meta::CPAN
BIO_printf(out,".");
(void)BIO_flush(out);
#endif
if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
{
#ifndef NOISY
BIO_printf(out, " failed\n\n");
BIO_printf(out, "key a:\n");
BIO_printf(out, "private key: ");
BN_print(out, EC_KEY_get0_private_key(a));
BIO_printf(out, "\n");
BIO_printf(out, "public key (x,y): ");
BN_print(out, x_a);
BIO_printf(out, ",");
BN_print(out, y_a);
BIO_printf(out, "\nkey b:\n");
BIO_printf(out, "private key: ");
BN_print(out, EC_KEY_get0_private_key(b));
BIO_printf(out, "\n");
BIO_printf(out, "public key (x,y): ");
BN_print(out, x_b);
BIO_printf(out, ",");
BN_print(out, y_b);
BIO_printf(out, "\n");
BIO_printf(out, "generated key a: ");
for (i=0; i<bout; i++)
{
sprintf(buf, "%02X", bbuf[i]);
xs/sc_ssl/openssl/source/crypto/ecdh/ech_ossl.c view on Meta::CPAN
{
ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */
return -1;
}
if ((ctx = BN_CTX_new()) == NULL) goto err;
BN_CTX_start(ctx);
x = BN_CTX_get(ctx);
y = BN_CTX_get(ctx);
priv_key = EC_KEY_get0_private_key(ecdh);
if (priv_key == NULL)
{
ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
goto err;
}
group = EC_KEY_get0_group(ecdh);
if ((tmp=EC_POINT_new(group)) == NULL)
{
ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
xs/sc_ssl/openssl/source/crypto/ecdsa/ecs_ossl.c view on Meta::CPAN
BIGNUM *kinv=NULL, *s, *m=NULL,*tmp=NULL,*order=NULL;
const BIGNUM *ckinv;
BN_CTX *ctx = NULL;
const EC_GROUP *group;
ECDSA_SIG *ret;
ECDSA_DATA *ecdsa;
const BIGNUM *priv_key;
ecdsa = ecdsa_check(eckey);
group = EC_KEY_get0_group(eckey);
priv_key = EC_KEY_get0_private_key(eckey);
if (group == NULL || priv_key == NULL || ecdsa == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
ret = ECDSA_SIG_new();
if (!ret)
{
xs/sc_ssl/openssl/source/crypto/engine/eng_err.c view on Meta::CPAN
{ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"},
{ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"},
{ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"},
{ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"},
{ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"},
{ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"},
{ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"},
{ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"},
{ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"},
{ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"},
{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"},
{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"},
{ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT), "ENGINE_load_ssl_client_cert"},
{ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"},
{ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"},
{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"},
{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE), "ENGINE_SET_DEFAULT_TYPE"},
{ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"},
{ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"},
{ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"},
{ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"},
xs/sc_ssl/openssl/source/crypto/engine/eng_pkey.c view on Meta::CPAN
return e->load_pubkey;
}
ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e)
{
return e->load_ssl_client_cert;
}
/* API functions to load public/private keys */
EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data)
{
EVP_PKEY *pkey;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
xs/sc_ssl/openssl/source/crypto/engine/engine.h view on Meta::CPAN
* operational and cannot initialise. */
int ENGINE_init(ENGINE *e);
/* Free a functional reference to a engine type. This does not require
* a corresponding call to ENGINE_free as it also releases a structural
* reference. */
int ENGINE_finish(ENGINE *e);
/* The following functions handle keys that are stored in some secondary
* location, handled by the engine. The storage may be on a card or
* whatever. */
EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data);
EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data);
int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey,
STACK_OF(X509) **pother,
UI_METHOD *ui_method, void *callback_data);
/* This returns a pointer for the current ENGINE structure that
* is (by default) performing any RSA operations. The value returned
xs/sc_ssl/openssl/source/crypto/evp/evp.h view on Meta::CPAN
int EVP_add_cipher(const EVP_CIPHER *cipher);
int EVP_add_digest(const EVP_MD *digest);
const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
const EVP_MD *EVP_get_digestbyname(const char *name);
void EVP_cleanup(void);
int EVP_PKEY_decrypt(unsigned char *dec_key,
const unsigned char *enc_key,int enc_key_len,
EVP_PKEY *private_key);
int EVP_PKEY_encrypt(unsigned char *enc_key,
const unsigned char *key,int key_len,
EVP_PKEY *pub_key);
int EVP_PKEY_type(int type);
int EVP_PKEY_bits(EVP_PKEY *pkey);
int EVP_PKEY_size(EVP_PKEY *pkey);
int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
#ifndef OPENSSL_NO_RSA
struct rsa_st;
xs/sc_ssl/openssl/source/crypto/evp/evp_pkey.c view on Meta::CPAN
{
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
goto ecerr;
}
if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group)))
{
EC_POINT_free(pub_key);
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
goto ecerr;
}
priv_key = EC_KEY_get0_private_key(eckey);
if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx))
{
EC_POINT_free(pub_key);
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
goto ecerr;
}
if (EC_KEY_set_public_key(eckey, pub_key) == 0)
{
EC_POINT_free(pub_key);
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
xs/sc_ssl/openssl/source/crypto/objects/obj_dat.h view on Meta::CPAN
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [426] OBJ_netscape_revocation_url */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [435] OBJ_netscape_ca_revocation_url */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [444] OBJ_netscape_renewal_url */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [453] OBJ_netscape_ca_policy_url */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [462] OBJ_netscape_ssl_server_name */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [471] OBJ_netscape_comment */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [480] OBJ_netscape_cert_sequence */
0x55,0x1D, /* [489] OBJ_id_ce */
0x55,0x1D,0x0E, /* [491] OBJ_subject_key_identifier */
0x55,0x1D,0x0F, /* [494] OBJ_key_usage */
0x55,0x1D,0x10, /* [497] OBJ_private_key_usage_period */
0x55,0x1D,0x11, /* [500] OBJ_subject_alt_name */
0x55,0x1D,0x12, /* [503] OBJ_issuer_alt_name */
0x55,0x1D,0x13, /* [506] OBJ_basic_constraints */
0x55,0x1D,0x14, /* [509] OBJ_crl_number */
0x55,0x1D,0x20, /* [512] OBJ_certificate_policies */
0x55,0x1D,0x23, /* [515] OBJ_authority_key_identifier */
0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [518] OBJ_bf_cbc */
0x55,0x08,0x03,0x65, /* [527] OBJ_mdc2 */
0x55,0x08,0x03,0x64, /* [531] OBJ_mdc2WithRSA */
0x55,0x04,0x2A, /* [535] OBJ_givenName */
xs/sc_ssl/openssl/source/crypto/objects/obj_dat.h view on Meta::CPAN
NID_netscape_ssl_server_name,9,&(lvalues[462]),0},
{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0},
{"nsCertSequence","Netscape Certificate Sequence",
NID_netscape_cert_sequence,9,&(lvalues[480]),0},
{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0},
{"id-ce","id-ce",NID_id_ce,2,&(lvalues[489]),0},
{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
NID_subject_key_identifier,3,&(lvalues[491]),0},
{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[494]),0},
{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
NID_private_key_usage_period,3,&(lvalues[497]),0},
{"subjectAltName","X509v3 Subject Alternative Name",
NID_subject_alt_name,3,&(lvalues[500]),0},
{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
3,&(lvalues[503]),0},
{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
3,&(lvalues[506]),0},
{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[509]),0},
{"certificatePolicies","X509v3 Certificate Policies",
NID_certificate_policies,3,&(lvalues[512]),0},
{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
xs/sc_ssl/openssl/source/crypto/objects/obj_dat.h view on Meta::CPAN
&(nid_objs[99]),/* OBJ_givenName 2 5 4 42 */
&(nid_objs[101]),/* OBJ_initials 2 5 4 43 */
&(nid_objs[509]),/* OBJ_generationQualifier 2 5 4 44 */
&(nid_objs[503]),/* OBJ_x500UniqueIdentifier 2 5 4 45 */
&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */
&(nid_objs[510]),/* OBJ_pseudonym 2 5 4 65 */
&(nid_objs[400]),/* OBJ_role 2 5 4 72 */
&(nid_objs[769]),/* OBJ_subject_directory_attributes 2 5 29 9 */
&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
&(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */
&(nid_objs[85]),/* OBJ_subject_alt_name 2 5 29 17 */
&(nid_objs[86]),/* OBJ_issuer_alt_name 2 5 29 18 */
&(nid_objs[87]),/* OBJ_basic_constraints 2 5 29 19 */
&(nid_objs[88]),/* OBJ_crl_number 2 5 29 20 */
&(nid_objs[141]),/* OBJ_crl_reason 2 5 29 21 */
&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */
&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */
&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */
&(nid_objs[770]),/* OBJ_issuing_distribution_point 2 5 29 28 */
&(nid_objs[771]),/* OBJ_certificate_issuer 2 5 29 29 */
xs/sc_ssl/openssl/source/crypto/objects/obj_mac.h view on Meta::CPAN
#define SN_subject_key_identifier "subjectKeyIdentifier"
#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
#define NID_subject_key_identifier 82
#define OBJ_subject_key_identifier OBJ_id_ce,14L
#define SN_key_usage "keyUsage"
#define LN_key_usage "X509v3 Key Usage"
#define NID_key_usage 83
#define OBJ_key_usage OBJ_id_ce,15L
#define SN_private_key_usage_period "privateKeyUsagePeriod"
#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
#define NID_private_key_usage_period 84
#define OBJ_private_key_usage_period OBJ_id_ce,16L
#define SN_subject_alt_name "subjectAltName"
#define LN_subject_alt_name "X509v3 Subject Alternative Name"
#define NID_subject_alt_name 85
#define OBJ_subject_alt_name OBJ_id_ce,17L
#define SN_issuer_alt_name "issuerAltName"
#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
#define NID_issuer_alt_name 86
#define OBJ_issuer_alt_name OBJ_id_ce,18L
xs/sc_ssl/openssl/source/crypto/objects/obj_mac.num view on Meta::CPAN
netscape_ca_revocation_url 74
netscape_renewal_url 75
netscape_ca_policy_url 76
netscape_ssl_server_name 77
netscape_comment 78
netscape_cert_sequence 79
desx_cbc 80
id_ce 81
subject_key_identifier 82
key_usage 83
private_key_usage_period 84
subject_alt_name 85
issuer_alt_name 86
basic_constraints 87
crl_number 88
certificate_policies 89
authority_key_identifier 90
bf_cbc 91
bf_ecb 92
bf_cfb64 93
bf_ofb64 94
( run in 0.428 second using v1.01-cache-2.11-cpan-a5abf4f5562 )