Attachment #183628 for bug #220134

View | Details | Raw Unified | Return to bug 220134
Collapse All | Expand All




}
X509_CRL_BASE


=head2 parse_CRL ($pem_crl)

Creates and returns an I<Crypt::OpenSSL::CA::X509_CRL> object.

=cut

sub parse_CRL {
    my ($class, $pemcrl) = @_;

    unless ($pemcrl) {
        croak("CRL pem must by");
    }
    return $class->_parse_CRL($pemcrl);
}



use Crypt::OpenSSL::CA::Inline::C <<"_PARSE_CRL";
static
SV* _parse_CRL(char *class, const char* pemcrl) {
    BIO *crlbio;
    X509_CRL *crl = NULL;

    crlbio = BIO_new_mem_buf((void *) pemcrl, -1);
    if (crlbio == NULL) {
        croak("BIO_new_mem_buf failed");
    }
    crl = PEM_read_bio_X509_CRL(crlbio, NULL, NULL, NULL);
    if (crl == NULL) {
            X509_CRL_free(crl);
            sslcroak("unable to parse CRL");
    }
    return perl_wrap("${\__PACKAGE__}", crl);
}
_PARSE_CRL

=head2 new ()

=head2 new ($version)

}
SET_ISSUER_DN

=head2 get_issuer_DN()

Get DN string of issuer the CRL

=cut

use Crypt::OpenSSL::CA::Inline::C <<"GET_ISSUER";

static
SV* get_issuer_DN(SV* sv_self) {
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
    BIO* mem = BIO_new(BIO_s_mem());
    ASN1_TIME *next_update;
    X509_NAME *issuer = NULL;

    if (! mem) {
        croak("Cannot allocate BIO");
    }

    issuer = X509_NAME_new();

    if (!(issuer = X509_CRL_get_issuer(self))) {
        sslcroak("X509_CRL_get_issuer failed");
    }
    if (!(X509_NAME_print_ex(mem, issuer, 0, XN_FLAG_ONELINE) && (BIO_write(mem, "\\0", 1) > 0))) {
            sslcroak("X509_CRL_get_nextUpdate failed");
    }
    return BIO_mem_to_SV(mem);
}
GET_ISSUER


=head2 set_lastUpdate ($enddate)

=head2 set_nextUpdate ($startdate)

=head2 get_nextUpdate ()

=head2 get_lastUpdate ()


Sets the validity period of the certificate.  The dates must be in the
GMT timezone, with the format yyyymmddhhmmssZ (it's a literal Z at the
end, meaning "Zulu" in case you care).

}

static
SV* get_lastUpdate(SV* sv_self) {
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
    BIO* mem = BIO_new(BIO_s_mem());
    ASN1_TIME *last_update;

    if (! mem) {
        croak("Cannot allocate BIO");
    }
    if (!(last_update = X509_CRL_get_lastUpdate(self))) {
        sslcroak("X509_CRL_get_lastUpdate");
    }
    if (!(ASN1_TIME_print(mem, last_update) && (BIO_write(mem, "\\0", 1) > 0))) {
        sslcroak("X509_CRL_get_lastUpdate failed");
    }
    return BIO_mem_to_SV(mem);
}

static
void set_nextUpdate(SV* sv_self, char* enddate) {
    ASN1_TIME* newtime;
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);

    X509_CRL_set_nextUpdate(self, time);
    ASN1_TIME_free(time);
}


static
SV* get_nextUpdate(SV* sv_self) {
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
    BIO* mem = BIO_new(BIO_s_mem());
    ASN1_TIME *next_update;

    if (! mem) {
        croak("Cannot allocate BIO");
    }
    if (!(next_update = X509_CRL_get_nextUpdate(self))) {
        sslcroak("X509_CRL_get_nextUpdate");
    }
    if (!(ASN1_TIME_print(mem, next_update) && (BIO_write(mem, "\\0", 1) > 0))) {
        sslcroak("ASN1_TIME_print failed");
    }
    return BIO_mem_to_SV(mem);
}
SET_UPDATES



=head2 get_entryNumbers()

Get array of revoked serial numbers.

=cut

use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_NUMBERS";

static
SV* get_entryNumbers(SV* sv_self) {
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
    STACK_OF(X509_REVOKED) *rev = NULL;
    X509_REVOKED *rev_entry = NULL;
    int revnum, i;

    if (!(rev = X509_CRL_get_REVOKED(self))) {
        sslcroak("X509_CRL_get_REVOKED failed");
    }
    if (!(revnum = sk_X509_REVOKED_num(rev))) {
        sslcroak("sk_X509_REVOKED_num failed");
    }

    SV* serial_SV = NULL;
    SV* revokedate_SV = NULL;
    HV* hash = NULL;
    AV* array = newAV();

    char* revokedate_label = "revokedate";
    char* serial_label = "serial";

    BIO* mem = NULL;
    for(i = 0; i < revnum; i++) {
        if (!(hash = newHV())) {
            croak("Cannot allocate HV");
        }

        if (!(rev_entry = sk_X509_REVOKED_value(rev, i))) {
            sslcroak("sk_X509_REVOKED_value failed");
        }

        if (!(mem = BIO_new(BIO_s_mem()))) {
            croak("Cannot allocate BIO");
        }
        BIO_write(mem, "0x", 2);
        i2a_ASN1_INTEGER(mem, rev_entry->serialNumber);
        BIO_write(mem, "\\0", 1);
        serial_SV = BIO_mem_to_SV(mem);
        hv_store(hash, serial_label, strlen(serial_label), serial_SV, 0);

        if (!(mem = BIO_new(BIO_s_mem()))) {
            croak("Cannot allocate BIO");
        }
        ASN1_TIME_print(mem, rev_entry->revocationDate);
        BIO_write(mem, "\\0", 1);
        revokedate_SV = BIO_mem_to_SV(mem);
        hv_store(hash, revokedate_label, strlen(revokedate_label), revokedate_SV, 0);

        av_push(array, newRV_noinc((SV*)hash));
    }
    return newRV_noinc((SV*)array);
}
GET_ENTRY_NUMBERS

=head2 get_entry_count()

Get count of CRL entries.

=cut

use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_COUNT";

int get_entry_count(SV* sv_self) {
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
    BIO* mem = BIO_new(BIO_s_mem());
    STACK_OF(X509_REVOKED) *rev = NULL;
    int count;

    if (! mem) {
        croak("Cannot allocate BIO");
    }
    if (!(rev = X509_CRL_get_REVOKED(self))) {
        sslcroak("X509_CRL_get_REVOKED failed");
    }
    if (!(count = sk_X509_REVOKED_num(rev))) {
        sslcroak("sk_X509_REVOKED_num failed");
    }
    return count;
}
GET_ENTRY_COUNT


=head2 get_entry_revoke_date( $num )

Get revoke date of entry in the CRL. Count begin from zero.

=cut

use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_REVOKE_DATE";

static
SV* get_entry_revoke_date(SV* sv_self, int num) {
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
    BIO* mem = BIO_new(BIO_s_mem());
    ASN1_TIME *next_update;
    STACK_OF(X509_REVOKED) *rev = NULL;
    X509_REVOKED *rev_entry = NULL;
    int revnum, i;

    if (! mem) {
        croak("Cannot allocate BIO");
    }
    if (!(rev = X509_CRL_get_REVOKED(self))) {
        sslcroak("X509_CRL_get_REVOKED failed");
    }
    if (!(rev_entry = sk_X509_REVOKED_value(rev, num))) {
            sslcroak("sk_X509_REVOKED_value failed");
    }
    ASN1_TIME_print(mem, rev_entry->revocationDate);
    if (!(BIO_write(mem, "\\0", 1) > 0)) {
        sslcroak("BIO_write failed");
    }
    return BIO_mem_to_SV(mem);
}
GET_ENTRY_REVOKE_DATE


=head2 get_entry_serial( $num )

Get serial number of entry in the CRL.


=cut

use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_SERIAL";

static
SV* get_entry_serial(SV* sv_self, int num) {
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
    BIO* mem = BIO_new(BIO_s_mem());
    STACK_OF(X509_REVOKED) *rev = NULL;
    X509_REVOKED *rev_entry = NULL;

    if (! mem) {
        croak("Cannot allocate BIO");
    }
    if (!(rev = X509_CRL_get_REVOKED(self))) {
        sslcroak("X509_CRL_get_REVOKED failed");
    }
    BIO_write(mem, "0x", 2); 
    if (!(rev_entry = sk_X509_REVOKED_value(rev, num))) {
            sslcroak("sk_X509_REVOKED_value failed");
    }
    i2a_ASN1_INTEGER(mem, rev_entry->serialNumber);
    if (!(BIO_write(mem, "\\0", 1) > 0)) {
        sslcroak("BIO_write failed");
    }
    return BIO_mem_to_SV(mem);
}
GET_ENTRY_SERIAL


=head2 set_extension ($extname, $value, %options, %more_openssl_config)

=head2 add_extension ($extname, $value, %options, %more_openssl_config)


=cut




use Crypt::OpenSSL::CA::Inline::C <<"DUMP";
static
SV* dump(SV* sv_self) {

Return to bug 220134

Lines 2064-2069 Link Here

(-)./lib/Crypt/OpenSSL/CA.pm (+277 lines)
2064	}	2064	}
2065	X509_CRL_BASE	2065	X509_CRL_BASE
2066		2066
		2067
		2068	=head2 parse_CRL ($pem_crl)
		2069
		2070	Creates and returns an I<Crypt::OpenSSL::CA::X509_CRL> object.
		2071
		2072	=cut
		2073
		2074	sub parse_CRL {
		2075	my ($class, $pemcrl) = @_;
		2076
		2077	unless ($pemcrl) {
		2078	croak("CRL pem must by");
		2079	}
		2080	return $class->_parse_CRL($pemcrl);
		2081	}
		2082
		2083
		2084
		2085	use Crypt::OpenSSL::CA::Inline::C <<"_PARSE_CRL";
		2086	static
		2087	SV* _parse_CRL(char class, const char pemcrl) {
		2088	BIO *crlbio;
		2089	X509_CRL *crl = NULL;
		2090
		2091	crlbio = BIO_new_mem_buf((void *) pemcrl, -1);
		2092	if (crlbio == NULL) {
		2093	croak("BIO_new_mem_buf failed");
		2094	}
		2095	crl = PEM_read_bio_X509_CRL(crlbio, NULL, NULL, NULL);
		2096	if (crl == NULL) {
		2097	X509_CRL_free(crl);
		2098	sslcroak("unable to parse CRL");
		2099	}
		2100	return perl_wrap("${\__PACKAGE__}", crl);
		2101	}
		2102	_PARSE_CRL
		2103
2067	=head2 new ()	2104	=head2 new ()
2068		2105
2069	=head2 new ($version)	2106	=head2 new ($version)
Lines 2120-2129 Link Here
2120	}	2157	}
2121	SET_ISSUER_DN	2158	SET_ISSUER_DN
2122		2159
		2160	=head2 get_issuer_DN()
		2161
		2162	Get DN string of issuer the CRL
		2163
		2164	=cut
		2165
		2166	use Crypt::OpenSSL::CA::Inline::C <<"GET_ISSUER";
		2167
		2168	static
		2169	SV* get_issuer_DN(SV* sv_self) {
		2170	X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
		2171	BIO* mem = BIO_new(BIO_s_mem());
		2172	ASN1_TIME *next_update;
		2173	X509_NAME *issuer = NULL;
		2174
		2175	if (! mem) {
		2176	croak("Cannot allocate BIO");
		2177	}
		2178
		2179	issuer = X509_NAME_new();
		2180
		2181	if (!(issuer = X509_CRL_get_issuer(self))) {
		2182	sslcroak("X509_CRL_get_issuer failed");
		2183	}
		2184	if (!(X509_NAME_print_ex(mem, issuer, 0, XN_FLAG_ONELINE) && (BIO_write(mem, "\\0", 1) > 0))) {
		2185	sslcroak("X509_CRL_get_nextUpdate failed");
		2186	}
		2187	return BIO_mem_to_SV(mem);
		2188	}
		2189	GET_ISSUER
		2190
		2191
2123	=head2 set_lastUpdate ($enddate)	2192	=head2 set_lastUpdate ($enddate)
2124		2193
2125	=head2 set_nextUpdate ($startdate)	2194	=head2 set_nextUpdate ($startdate)
2126		2195
		2196	=head2 get_nextUpdate ()
		2197
		2198	=head2 get_lastUpdate ()
		2199
		2200
2127	Sets the validity period of the certificate. The dates must be in the	2201	Sets the validity period of the certificate. The dates must be in the
2128	GMT timezone, with the format yyyymmddhhmmssZ (it's a literal Z at the	2202	GMT timezone, with the format yyyymmddhhmmssZ (it's a literal Z at the
2129	end, meaning "Zulu" in case you care).	2203	end, meaning "Zulu" in case you care).
Lines 2141-2146 Link Here
2141	}	2215	}
2142		2216
2143	static	2217	static
		2218	SV* get_lastUpdate(SV* sv_self) {
		2219	X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
		2220	BIO* mem = BIO_new(BIO_s_mem());
		2221	ASN1_TIME *last_update;
		2222
		2223	if (! mem) {
		2224	croak("Cannot allocate BIO");
		2225	}
		2226	if (!(last_update = X509_CRL_get_lastUpdate(self))) {
		2227	sslcroak("X509_CRL_get_lastUpdate");
		2228	}
		2229	if (!(ASN1_TIME_print(mem, last_update) && (BIO_write(mem, "\\0", 1) > 0))) {
		2230	sslcroak("X509_CRL_get_lastUpdate failed");
		2231	}
		2232	return BIO_mem_to_SV(mem);
		2233	}
		2234
		2235	static
2144	void set_nextUpdate(SV* sv_self, char* enddate) {	2236	void set_nextUpdate(SV* sv_self, char* enddate) {
2145	ASN1_TIME* newtime;	2237	ASN1_TIME* newtime;
2146	X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);	2238	X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
Lines 2149-2156 Link Here
2149	X509_CRL_set_nextUpdate(self, time);	2241	X509_CRL_set_nextUpdate(self, time);
2150	ASN1_TIME_free(time);	2242	ASN1_TIME_free(time);
2151	}	2243	}
		2244
		2245
		2246	static
		2247	SV* get_nextUpdate(SV* sv_self) {
		2248	X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
		2249	BIO* mem = BIO_new(BIO_s_mem());
		2250	ASN1_TIME *next_update;
		2251
		2252	if (! mem) {
		2253	croak("Cannot allocate BIO");
		2254	}
		2255	if (!(next_update = X509_CRL_get_nextUpdate(self))) {
		2256	sslcroak("X509_CRL_get_nextUpdate");
		2257	}
		2258	if (!(ASN1_TIME_print(mem, next_update) && (BIO_write(mem, "\\0", 1) > 0))) {
		2259	sslcroak("ASN1_TIME_print failed");
		2260	}
		2261	return BIO_mem_to_SV(mem);
		2262	}
2152	SET_UPDATES	2263	SET_UPDATES
2153		2264
		2265
		2266
		2267	=head2 get_entryNumbers()
		2268
		2269	Get array of revoked serial numbers.
		2270
		2271	=cut
		2272
		2273	use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_NUMBERS";
		2274
		2275	static
		2276	SV* get_entryNumbers(SV* sv_self) {
		2277	X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
		2278	STACK_OF(X509_REVOKED) *rev = NULL;
		2279	X509_REVOKED *rev_entry = NULL;
		2280	int revnum, i;
		2281
		2282	if (!(rev = X509_CRL_get_REVOKED(self))) {
		2283	sslcroak("X509_CRL_get_REVOKED failed");
		2284	}
		2285	if (!(revnum = sk_X509_REVOKED_num(rev))) {
		2286	sslcroak("sk_X509_REVOKED_num failed");
		2287	}
		2288
		2289	SV* serial_SV = NULL;
		2290	SV* revokedate_SV = NULL;
		2291	HV* hash = NULL;
		2292	AV* array = newAV();
		2293
		2294	char* revokedate_label = "revokedate";
		2295	char* serial_label = "serial";
		2296
		2297	BIO* mem = NULL;
		2298	for(i = 0; i < revnum; i++) {
		2299	if (!(hash = newHV())) {
		2300	croak("Cannot allocate HV");
		2301	}
		2302
		2303	if (!(rev_entry = sk_X509_REVOKED_value(rev, i))) {
		2304	sslcroak("sk_X509_REVOKED_value failed");
		2305	}
		2306
		2307	if (!(mem = BIO_new(BIO_s_mem()))) {
		2308	croak("Cannot allocate BIO");
		2309	}
		2310	BIO_write(mem, "0x", 2);
		2311	i2a_ASN1_INTEGER(mem, rev_entry->serialNumber);
		2312	BIO_write(mem, "\\0", 1);
		2313	serial_SV = BIO_mem_to_SV(mem);
		2314	hv_store(hash, serial_label, strlen(serial_label), serial_SV, 0);
		2315
		2316	if (!(mem = BIO_new(BIO_s_mem()))) {
		2317	croak("Cannot allocate BIO");
		2318	}
		2319	ASN1_TIME_print(mem, rev_entry->revocationDate);
		2320	BIO_write(mem, "\\0", 1);
		2321	revokedate_SV = BIO_mem_to_SV(mem);
		2322	hv_store(hash, revokedate_label, strlen(revokedate_label), revokedate_SV, 0);
		2323
		2324	av_push(array, newRV_noinc((SV*)hash));
		2325	}
		2326	return newRV_noinc((SV*)array);
		2327	}
		2328	GET_ENTRY_NUMBERS
2329
2330	=head2 get_entry_count()
2331
2332	Get count of CRL entries.
2333
2334	=cut
2335
2336	use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_COUNT";
2337
2338	int get_entry_count(SV* sv_self) {
2339	X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2340	BIO* mem = BIO_new(BIO_s_mem());
2341	STACK_OF(X509_REVOKED) *rev = NULL;
2342	int count;
2343
2344	if (! mem) {
2345	croak("Cannot allocate BIO");
2346	}
2347	if (!(rev = X509_CRL_get_REVOKED(self))) {
2348	sslcroak("X509_CRL_get_REVOKED failed");
2349	}
2350	if (!(count = sk_X509_REVOKED_num(rev))) {
2351	sslcroak("sk_X509_REVOKED_num failed");
2352	}
2353	return count;
2354	}
2355	GET_ENTRY_COUNT
2356
2357
2358	=head2 get_entry_revoke_date( $num )
2359
2360	Get revoke date of entry in the CRL. Count begin from zero.
2361
2362	=cut
2363
2364	use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_REVOKE_DATE";
2365
2366	static
2367	SV* get_entry_revoke_date(SV* sv_self, int num) {
2368	X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2369	BIO* mem = BIO_new(BIO_s_mem());
2370	ASN1_TIME *next_update;
2371	STACK_OF(X509_REVOKED) *rev = NULL;
2372	X509_REVOKED *rev_entry = NULL;
2373	int revnum, i;
2374
2375	if (! mem) {
2376	croak("Cannot allocate BIO");
2377	}
2378	if (!(rev = X509_CRL_get_REVOKED(self))) {
2379	sslcroak("X509_CRL_get_REVOKED failed");
2380	}
2381	if (!(rev_entry = sk_X509_REVOKED_value(rev, num))) {
2382	sslcroak("sk_X509_REVOKED_value failed");
2383	}
2384	ASN1_TIME_print(mem, rev_entry->revocationDate);
2385	if (!(BIO_write(mem, "\\0", 1) > 0)) {
2386	sslcroak("BIO_write failed");
2387	}
2388	return BIO_mem_to_SV(mem);
2389	}
2390	GET_ENTRY_REVOKE_DATE
2391
2392
2393	=head2 get_entry_serial( $num )
2394
2395	Get serial number of entry in the CRL.
2396
2397
2398	=cut
2399
2400	use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_SERIAL";
2401
2402	static
2403	SV* get_entry_serial(SV* sv_self, int num) {
2404	X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2405	BIO* mem = BIO_new(BIO_s_mem());
2406	STACK_OF(X509_REVOKED) *rev = NULL;
2407	X509_REVOKED *rev_entry = NULL;
2408
2409	if (! mem) {
2410	croak("Cannot allocate BIO");
2411	}
2412	if (!(rev = X509_CRL_get_REVOKED(self))) {
2413	sslcroak("X509_CRL_get_REVOKED failed");
2414	}
2415	BIO_write(mem, "0x", 2);
2416	if (!(rev_entry = sk_X509_REVOKED_value(rev, num))) {
2417	sslcroak("sk_X509_REVOKED_value failed");
2418	}
2419	i2a_ASN1_INTEGER(mem, rev_entry->serialNumber);
2420	if (!(BIO_write(mem, "\\0", 1) > 0)) {
2421	sslcroak("BIO_write failed");
2422	}
2423	return BIO_mem_to_SV(mem);
2424	}
2425	GET_ENTRY_SERIAL
2426
2427
2154	=head2 set_extension ($extname, $value, %options, %more_openssl_config)	2428	=head2 set_extension ($extname, $value, %options, %more_openssl_config)
2155		2429
2156	=head2 add_extension ($extname, $value, %options, %more_openssl_config)	2430	=head2 add_extension ($extname, $value, %options, %more_openssl_config)
Lines 2428-2433 Link Here
2428		2702
2429	=cut	2703	=cut
2430		2704
		2705
		2706
		2707
2431	use Crypt::OpenSSL::CA::Inline::C <<"DUMP";	2708	use Crypt::OpenSSL::CA::Inline::C <<"DUMP";
2432	static	2709	static
2433	SV* dump(SV* sv_self) {	2710	SV* dump(SV* sv_self) {