Net-SSLeay
view release on metacpan or search on metacpan
BIO_free(bp);
}
int
CTX_use_PKCS12_file(ctx, file, password=NULL)
SSL_CTX *ctx
char *file
char *password
PREINIT:
PKCS12 *p12;
EVP_PKEY *private_key;
X509 *certificate;
BIO *bio;
CODE:
RETVAL = 0;
bio = BIO_new_file(file, "rb");
if (bio) {
OPENSSL_add_all_algorithms_noconf();
if ((p12 = d2i_PKCS12_bio(bio, NULL))) {
if (PKCS12_parse(p12, password, &private_key, &certificate, NULL)) {
if (private_key) {
if (SSL_CTX_use_PrivateKey(ctx, private_key)) RETVAL = 1;
EVP_PKEY_free(private_key);
}
if (certificate) {
if (SSL_CTX_use_certificate(ctx, certificate)) RETVAL = 1;
X509_free(certificate);
}
}
PKCS12_free(p12);
}
if (!RETVAL) ERR_print_errors_fp(stderr);
BIO_free(bio);
OUTPUT:
RETVAL
void
P_PKCS12_load_file(file, load_chain=0, password=NULL)
char *file
int load_chain
char *password
PREINIT:
PKCS12 *p12;
EVP_PKEY *private_key = NULL;
X509 *certificate = NULL;
STACK_OF(X509) *cachain = NULL;
X509 *x;
BIO *bio;
int i, result;
PPCODE:
bio = BIO_new_file(file, "rb");
if (bio) {
OPENSSL_add_all_algorithms_noconf();
if ((p12 = d2i_PKCS12_bio(bio, NULL))) {
if(load_chain)
result= PKCS12_parse(p12, password, &private_key, &certificate, &cachain);
else
result= PKCS12_parse(p12, password, &private_key, &certificate, NULL);
if (result) {
if (private_key)
XPUSHs(sv_2mortal(newSViv(PTR2IV(private_key))));
else
XPUSHs(sv_2mortal(newSVpv(NULL,0))); /* undef */
if (certificate)
XPUSHs(sv_2mortal(newSViv(PTR2IV(certificate))));
else
XPUSHs(sv_2mortal(newSVpv(NULL,0))); /* undef */
if (cachain) {
for (i=0; i<sk_X509_num(cachain); i++) {
x = sk_X509_value(cachain, i);
XPUSHs(sv_2mortal(newSViv(PTR2IV(x))));
SSL_alert_type_string_long(value)
int value
long
SSL_callback_ctrl(ssl,i,fp)
SSL * ssl
int i
callback_no_ret * fp
int
SSL_check_private_key(ctx)
SSL * ctx
# /* buf and size were required with Net::SSLeay 1.88 and earlier. */
# /* With OpenSSL 0.9.8l and older compile can warn about discarded const. */
void
SSL_CIPHER_description(const SSL_CIPHER *cipher, char *unused_buf=NULL, int unused_size=0)
PREINIT:
char *description;
char buf[512];
PPCODE:
SSL_CTX * ctx
X509 * x
long
SSL_CTX_callback_ctrl(ctx,i,fp)
SSL_CTX * ctx
int i
callback_no_ret * fp
int
SSL_CTX_check_private_key(ctx)
SSL_CTX * ctx
void *
SSL_CTX_get_ex_data(ssl,idx)
SSL_CTX * ssl
int idx
int
SSL_CTX_get_quiet_shutdown(ctx)
SSL_CTX * ctx
constants.c view on Meta::CPAN
}
break;
}
break;
case 28:
/* Names all of length 28. */
/* F_SSL_USE_RSAPRIVATEKEY_ASN1 F_SSL_USE_RSAPRIVATEKEY_FILE
NID_authority_key_identifier NID_netscape_ssl_server_name
NID_pbe_WithSHA1And128BitRC4 NID_pkcs7_signedAndEnveloped
NID_private_key_usage_period OPENSSL_INIT_ADD_ALL_CIPHERS
OPENSSL_INIT_ADD_ALL_DIGESTS OP_NO_EXTENDED_MASTER_SECRET
SESS_CACHE_NO_INTERNAL_STORE SSL3_MT_ENCRYPTED_EXTENSIONS
TLSEXT_TYPE_client_cert_type TLSEXT_TYPE_ec_point_formats
TLSEXT_TYPE_encrypt_then_mac TLSEXT_TYPE_server_cert_type
TLSEXT_TYPE_supported_groups X509_CHECK_FLAG_NO_WILDCARDS
X509_V_ERR_CRL_NOT_YET_VALID X509_V_ERR_HOSTNAME_MISMATCH
X509_V_ERR_INVALID_EXTENSION X509_V_ERR_ISSUER_NAME_EMPTY
X509_V_ERR_OCSP_CERT_UNKNOWN X509_V_ERR_UNABLE_TO_GET_CRL
X509_V_ERR_UNNESTED_RESOURCE */
/* Offset 14 gives the best switch position. */
constants.c view on Meta::CPAN
#ifdef NID_netscape_ssl_server_name
return NID_netscape_ssl_server_name;
#else
goto not_there;
#endif
}
break;
case 'y':
if (!memcmp(name, "NID_private_key_usage_period", 28)) {
/* ^ */
#ifdef NID_private_key_usage_period
return NID_private_key_usage_period;
#else
goto not_there;
#endif
}
break;
}
break;
case 29:
/* Names all of length 29. */
helper_script/constants.txt view on Meta::CPAN
NID_pkcs9
NID_pkcs9_challengePassword
NID_pkcs9_contentType
NID_pkcs9_countersignature
NID_pkcs9_emailAddress
NID_pkcs9_extCertAttributes
NID_pkcs9_messageDigest
NID_pkcs9_signingTime
NID_pkcs9_unstructuredAddress
NID_pkcs9_unstructuredName
NID_private_key_usage_period
NID_rc2_40_cbc
NID_rc2_64_cbc
NID_rc2_cbc
NID_rc2_cfb64
NID_rc2_ecb
NID_rc2_ofb64
NID_rc4
NID_rc4_40
NID_rc5_cbc
NID_rc5_cfb64
lib/Net/SSLeay.pm view on Meta::CPAN
NID_pkcs9
NID_pkcs9_challengePassword
NID_pkcs9_contentType
NID_pkcs9_countersignature
NID_pkcs9_emailAddress
NID_pkcs9_extCertAttributes
NID_pkcs9_messageDigest
NID_pkcs9_signingTime
NID_pkcs9_unstructuredAddress
NID_pkcs9_unstructuredName
NID_private_key_usage_period
NID_rc2_40_cbc
NID_rc2_64_cbc
NID_rc2_cbc
NID_rc2_cfb64
NID_rc2_ecb
NID_rc2_ofb64
NID_rc4
NID_rc4_40
NID_rc5_cbc
NID_rc5_cfb64
lib/Net/SSLeay.pod view on Meta::CPAN
my $rv = Net::SSLeay::CTX_callback_ctrl($ctx, $cmd, $fp);
# $ctx - value corresponding to openssl's SSL_CTX structure
# $cmd - (integer) command id
# $fp - (function pointer) ???
#
# returns: ???
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_ctrl.html>
=item * CTX_check_private_key
Checks the consistency of a private key with the corresponding certificate loaded into $ctx.
my $rv = Net::SSLeay::CTX_check_private_key($ctx);
# $ctx - value corresponding to openssl's SSL_CTX structure
#
# returns: 1 on success, otherwise check out the error stack to find out the reason
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_use_certificate.html>
=item * CTX_ctrl
Internal handling function for SSL_CTX objects.
lib/Net/SSLeay.pod view on Meta::CPAN
my $rv = Net::SSLeay::callback_ctrl($ssl, $cmd, $fp);
# $ssl - value corresponding to openssl's SSL structure
# $cmd - (integer) command id
# $fp - (function pointer) ???
#
# returns: ???
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_ctrl.html>
=item * check_private_key
Checks the consistency of a private key with the corresponding certificate loaded into $ssl
my $rv = Net::SSLeay::check_private_key($ssl);
# $ssl - value corresponding to openssl's SSL structure
#
# returns: 1 on success, otherwise check out the error stack to find out the reason
Check openssl doc L<https://www.openssl.org/docs/manmaster/man3/SSL_CTX_use_certificate.html>
=item * clear
Reset SSL object to allow another connection.
lib/Net/SSLeay.pod view on Meta::CPAN
NID_pkcs9 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD
NID_pkcs9_challengePassword X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD
NID_pkcs9_contentType X509_V_ERR_EXCLUDED_VIOLATION
NID_pkcs9_countersignature X509_V_ERR_EXTENSIONS_REQUIRE_VERSION_3
NID_pkcs9_emailAddress X509_V_ERR_HOSTNAME_MISMATCH
NID_pkcs9_extCertAttributes X509_V_ERR_INVALID_CA
NID_pkcs9_messageDigest X509_V_ERR_INVALID_CALL
NID_pkcs9_signingTime X509_V_ERR_INVALID_EXTENSION
NID_pkcs9_unstructuredAddress X509_V_ERR_INVALID_NON_CA
NID_pkcs9_unstructuredName X509_V_ERR_INVALID_POLICY_EXTENSION
NID_private_key_usage_period X509_V_ERR_INVALID_PURPOSE
NID_rc2_40_cbc X509_V_ERR_IP_ADDRESS_MISMATCH
NID_rc2_64_cbc X509_V_ERR_ISSUER_NAME_EMPTY
NID_rc2_cbc X509_V_ERR_KEYUSAGE_NO_CERTSIGN
NID_rc2_cfb64 X509_V_ERR_KEYUSAGE_NO_CRL_SIGN
NID_rc2_ecb X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE
NID_rc2_ofb64 X509_V_ERR_KU_KEY_CERT_SIGN_INVALID_FOR_NON_CA
NID_rc4 X509_V_ERR_MISSING_AUTHORITY_KEY_IDENTIFIER
NID_rc4_40 X509_V_ERR_MISSING_SUBJECT_KEY_IDENTIFIER
NID_rc5_cbc X509_V_ERR_NO_EXPLICIT_POLICY
NID_rc5_cfb64 X509_V_ERR_NO_ISSUER_PUBLIC_KEY
t/local/21_constants.t view on Meta::CPAN
NID_pkcs9
NID_pkcs9_challengePassword
NID_pkcs9_contentType
NID_pkcs9_countersignature
NID_pkcs9_emailAddress
NID_pkcs9_extCertAttributes
NID_pkcs9_messageDigest
NID_pkcs9_signingTime
NID_pkcs9_unstructuredAddress
NID_pkcs9_unstructuredName
NID_private_key_usage_period
NID_rc2_40_cbc
NID_rc2_64_cbc
NID_rc2_cbc
NID_rc2_cfb64
NID_rc2_ecb
NID_rc2_ofb64
NID_rc4
NID_rc4_40
NID_rc5_cbc
NID_rc5_cfb64
t/local/36_verify.t view on Meta::CPAN
sub run_server
{
my $pid;
defined($pid = fork()) or BAIL_OUT("failed to fork: $!");
return if $pid != 0;
$SIG{'PIPE'} = 'IGNORE';
my $ctx = new_ctx();
Net::SSLeay::set_cert_and_key($ctx, $cert_pem, $key_pem);
my $ret = Net::SSLeay::CTX_check_private_key($ctx);
BAIL_OUT("Server: CTX_check_private_key failed: $cert_pem, $key_pem") unless $ret == 1;
if (defined &Net::SSLeay::CTX_set_num_tickets) {
# TLS 1.3 server sends session tickets after a handhake as part of
# the SSL_accept(). If a client finishes all its job including closing
# TCP connectino before a server sends the tickets, SSL_accept() fails
# with SSL_ERROR_SYSCALL and EPIPE errno and the server receives
# SIGPIPE signal. <https://github.com/openssl/openssl/issues/6904>
my $ret = Net::SSLeay::CTX_set_num_tickets($ctx, 0);
BAIL_OUT("Session tickets disabled") unless $ret;
}
( run in 0.282 second using v1.01-cache-2.11-cpan-4d50c553e7e )