App-CamelPKI
19 results

 view release on metacpan or  search on metacpan

lib/App/CamelPKI/Certificate.pm  view on Meta::CPAN 


=head1 NAME

B<App::CamelPKI::Certificate> - Model for a X509 certificate in Camel-PKI.

=head1 SYNOPSIS

=for My::Tests::Below "synopsis" begin

  use App::CamelPKI::Certificate;

  my $cert = parse App::CamelPKI::Certificate($pemstring, -format => "PEM");

  print $cert->get_serial;

  my $derstring = $cert->serialize(-format => "DER");

=for My::Tests::Below "synopsis" end

=head1 DESCRIPTION

This class is a L<Crypt::X509> and L<Convert::ASN1> I<wrapper>; Its
compensate these two packages deficiencies and provide a complete
abstraction for X509 certificates, no matter they were issued by
Camel-PKI or not.

Each instance of this classe represents a certificate. Instances are
immutable.

=cut

use Crypt::X509;
use Crypt::OpenSSL::CA 0.05;
use App::CamelPKI::PublicKey;
use NEXT;
use base "App::CamelPKI::PEM";

sub _marker { "CERTIFICATE" }

=head1 METHODS

=head2 parse($texte, %options)

=head2 load($file, %options)

=head2 serialize(%options)

These methods are inherited from L<App::CamelPKI::PEM>.

=head2 parse_bundle($texte)

Load $texte, which is a certificate I<bundle>, ie a concatenation of
one or more certificates in PEM format. Returns a list of 
I<App::CamelPKI::Certificate> objects.

=cut

sub parse_bundle {
    my ($class, $text) = @_;

    throw App::CamelPKI::Error::Internal("MUST_CALL_IN_LIST_CONTEXT")
        if (! wantarray);

    my @allcerts = $text =~
        m/(-+BEGIN.*?-+$
          .*?
          ^-+END.*?-+$)/gmsx;
    return map { scalar $class->parse($_) }
        @allcerts;
}

=head2 as_crypt_openssl_ca_x509()

Returns an intance of L<Crypt::OpenSSL::CA/Crypt::OpenSSL::CA::X509>
which modelize the certificate. This instance is newly created for
each call, so that I<App::CamelPKI::Certificate> do not have a shared
mutable state.

=cut

sub as_crypt_openssl_ca_x509 {
    my ($self) = @_;
    Crypt::OpenSSL::CA::X509->parse($self->serialize());
}


=head2 get_serial

=head2 get_issuer_DN

=head2 get_subject_DN

=head2 get_subject_keyid

=head2 get_notBefore

=head2 get_notAfter

Delegated to methods of the same name in
L<Crypt::OpenSSL::CA/Crypt::OpenSSL::CA::X509>.

=cut

sub get_serial        { shift->_as_x509_cached->get_serial }
sub get_subject_DN    { shift->_as_x509_cached->get_subject_DN }
sub get_issuer_DN     { shift->_as_x509_cached->get_issuer_DN }
sub get_subject_keyid { shift->_as_x509_cached->get_subject_keyid }
sub get_notBefore     { shift->_as_x509_cached->get_notBefore }
sub get_notAfter      { shift->_as_x509_cached->get_notAfter }

=head2 get_subject_CN

Returns the CN of the DN of the certificate suject.

=cut

sub get_subject_CN {
    my ($self) = @_;
    Crypt::X509->new( cert => $self->serialize(-format => "DER") )
        ->subject_cn;
}



( run in 0.569 second using v1.01-cache-2.11-cpan-39bf76dae61 )