View | Details | Raw Unified | Return to bug 220134
Collapse All | Expand All

(-)./lib/Crypt/OpenSSL/CA.pm (+277 lines)
Lines 2064-2069 Link Here
2064
}
2064
}
2065
X509_CRL_BASE
2065
X509_CRL_BASE
2066
2066
2067
2068
=head2 parse_CRL ($pem_crl)
2069
2070
Creates and returns an I<Crypt::OpenSSL::CA::X509_CRL> object.
2071
2072
=cut
2073
2074
sub parse_CRL {
2075
    my ($class, $pemcrl) = @_;
2076
2077
    unless ($pemcrl) {
2078
        croak("CRL pem must by");
2079
    }
2080
    return $class->_parse_CRL($pemcrl);
2081
}
2082
2083
2084
2085
use Crypt::OpenSSL::CA::Inline::C <<"_PARSE_CRL";
2086
static
2087
SV* _parse_CRL(char *class, const char* pemcrl) {
2088
    BIO *crlbio;
2089
    X509_CRL *crl = NULL;
2090
2091
    crlbio = BIO_new_mem_buf((void *) pemcrl, -1);
2092
    if (crlbio == NULL) {
2093
        croak("BIO_new_mem_buf failed");
2094
    }
2095
    crl = PEM_read_bio_X509_CRL(crlbio, NULL, NULL, NULL);
2096
    if (crl == NULL) {
2097
            X509_CRL_free(crl);
2098
            sslcroak("unable to parse CRL");
2099
    }
2100
    return perl_wrap("${\__PACKAGE__}", crl);
2101
}
2102
_PARSE_CRL
2103
2067
=head2 new ()
2104
=head2 new ()
2068
2105
2069
=head2 new ($version)
2106
=head2 new ($version)
Lines 2120-2129 Link Here
2120
}
2157
}
2121
SET_ISSUER_DN
2158
SET_ISSUER_DN
2122
2159
2160
=head2 get_issuer_DN()
2161
2162
Get DN string of issuer the CRL
2163
2164
=cut
2165
2166
use Crypt::OpenSSL::CA::Inline::C <<"GET_ISSUER";
2167
2168
static
2169
SV* get_issuer_DN(SV* sv_self) {
2170
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2171
    BIO* mem = BIO_new(BIO_s_mem());
2172
    ASN1_TIME *next_update;
2173
    X509_NAME *issuer = NULL;
2174
2175
    if (! mem) {
2176
        croak("Cannot allocate BIO");
2177
    }
2178
2179
    issuer = X509_NAME_new();
2180
2181
    if (!(issuer = X509_CRL_get_issuer(self))) {
2182
        sslcroak("X509_CRL_get_issuer failed");
2183
    }
2184
    if (!(X509_NAME_print_ex(mem, issuer, 0, XN_FLAG_ONELINE) && (BIO_write(mem, "\\0", 1) > 0))) {
2185
            sslcroak("X509_CRL_get_nextUpdate failed");
2186
    }
2187
    return BIO_mem_to_SV(mem);
2188
}
2189
GET_ISSUER
2190
2191
2123
=head2 set_lastUpdate ($enddate)
2192
=head2 set_lastUpdate ($enddate)
2124
2193
2125
=head2 set_nextUpdate ($startdate)
2194
=head2 set_nextUpdate ($startdate)
2126
2195
2196
=head2 get_nextUpdate ()
2197
2198
=head2 get_lastUpdate ()
2199
2200
2127
Sets the validity period of the certificate.  The dates must be in the
2201
Sets the validity period of the certificate.  The dates must be in the
2128
GMT timezone, with the format yyyymmddhhmmssZ (it's a literal Z at the
2202
GMT timezone, with the format yyyymmddhhmmssZ (it's a literal Z at the
2129
end, meaning "Zulu" in case you care).
2203
end, meaning "Zulu" in case you care).
Lines 2141-2146 Link Here
2141
}
2215
}
2142
2216
2143
static
2217
static
2218
SV* get_lastUpdate(SV* sv_self) {
2219
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2220
    BIO* mem = BIO_new(BIO_s_mem());
2221
    ASN1_TIME *last_update;
2222
2223
    if (! mem) {
2224
        croak("Cannot allocate BIO");
2225
    }
2226
    if (!(last_update = X509_CRL_get_lastUpdate(self))) {
2227
        sslcroak("X509_CRL_get_lastUpdate");
2228
    }
2229
    if (!(ASN1_TIME_print(mem, last_update) && (BIO_write(mem, "\\0", 1) > 0))) {
2230
        sslcroak("X509_CRL_get_lastUpdate failed");
2231
    }
2232
    return BIO_mem_to_SV(mem);
2233
}
2234
2235
static
2144
void set_nextUpdate(SV* sv_self, char* enddate) {
2236
void set_nextUpdate(SV* sv_self, char* enddate) {
2145
    ASN1_TIME* newtime;
2237
    ASN1_TIME* newtime;
2146
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2238
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
Lines 2149-2156 Link Here
2149
    X509_CRL_set_nextUpdate(self, time);
2241
    X509_CRL_set_nextUpdate(self, time);
2150
    ASN1_TIME_free(time);
2242
    ASN1_TIME_free(time);
2151
}
2243
}
2244
2245
2246
static
2247
SV* get_nextUpdate(SV* sv_self) {
2248
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2249
    BIO* mem = BIO_new(BIO_s_mem());
2250
    ASN1_TIME *next_update;
2251
2252
    if (! mem) {
2253
        croak("Cannot allocate BIO");
2254
    }
2255
    if (!(next_update = X509_CRL_get_nextUpdate(self))) {
2256
        sslcroak("X509_CRL_get_nextUpdate");
2257
    }
2258
    if (!(ASN1_TIME_print(mem, next_update) && (BIO_write(mem, "\\0", 1) > 0))) {
2259
        sslcroak("ASN1_TIME_print failed");
2260
    }
2261
    return BIO_mem_to_SV(mem);
2262
}
2152
SET_UPDATES
2263
SET_UPDATES
2153
2264
2265
2266
2267
=head2 get_entryNumbers()
2268
2269
Get array of revoked serial numbers.
2270
2271
=cut
2272
2273
use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_NUMBERS";
2274
2275
static
2276
SV* get_entryNumbers(SV* sv_self) {
2277
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2278
    STACK_OF(X509_REVOKED) *rev = NULL;
2279
    X509_REVOKED *rev_entry = NULL;
2280
    int revnum, i;
2281
2282
    if (!(rev = X509_CRL_get_REVOKED(self))) {
2283
        sslcroak("X509_CRL_get_REVOKED failed");
2284
    }
2285
    if (!(revnum = sk_X509_REVOKED_num(rev))) {
2286
        sslcroak("sk_X509_REVOKED_num failed");
2287
    }
2288
2289
    SV* serial_SV = NULL;
2290
    SV* revokedate_SV = NULL;
2291
    HV* hash = NULL;
2292
    AV* array = newAV();
2293
2294
    char* revokedate_label = "revokedate";
2295
    char* serial_label = "serial";
2296
2297
    BIO* mem = NULL;
2298
    for(i = 0; i < revnum; i++) {
2299
        if (!(hash = newHV())) {
2300
            croak("Cannot allocate HV");
2301
        }
2302
2303
        if (!(rev_entry = sk_X509_REVOKED_value(rev, i))) {
2304
            sslcroak("sk_X509_REVOKED_value failed");
2305
        }
2306
2307
        if (!(mem = BIO_new(BIO_s_mem()))) {
2308
            croak("Cannot allocate BIO");
2309
        }
2310
        BIO_write(mem, "0x", 2);
2311
        i2a_ASN1_INTEGER(mem, rev_entry->serialNumber);
2312
        BIO_write(mem, "\\0", 1);
2313
        serial_SV = BIO_mem_to_SV(mem);
2314
        hv_store(hash, serial_label, strlen(serial_label), serial_SV, 0);
2315
2316
        if (!(mem = BIO_new(BIO_s_mem()))) {
2317
            croak("Cannot allocate BIO");
2318
        }
2319
        ASN1_TIME_print(mem, rev_entry->revocationDate);
2320
        BIO_write(mem, "\\0", 1);
2321
        revokedate_SV = BIO_mem_to_SV(mem);
2322
        hv_store(hash, revokedate_label, strlen(revokedate_label), revokedate_SV, 0);
2323
2324
        av_push(array, newRV_noinc((SV*)hash));
2325
    }
2326
    return newRV_noinc((SV*)array);
2327
}
2328
GET_ENTRY_NUMBERS
2329
2330
=head2 get_entry_count()
2331
2332
Get count of CRL entries.
2333
2334
=cut
2335
2336
use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_COUNT";
2337
2338
int get_entry_count(SV* sv_self) {
2339
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2340
    BIO* mem = BIO_new(BIO_s_mem());
2341
    STACK_OF(X509_REVOKED) *rev = NULL;
2342
    int count;
2343
2344
    if (! mem) {
2345
        croak("Cannot allocate BIO");
2346
    }
2347
    if (!(rev = X509_CRL_get_REVOKED(self))) {
2348
        sslcroak("X509_CRL_get_REVOKED failed");
2349
    }
2350
    if (!(count = sk_X509_REVOKED_num(rev))) {
2351
        sslcroak("sk_X509_REVOKED_num failed");
2352
    }
2353
    return count;
2354
}
2355
GET_ENTRY_COUNT
2356
2357
2358
=head2 get_entry_revoke_date( $num )
2359
2360
Get revoke date of entry in the CRL. Count begin from zero.
2361
2362
=cut
2363
2364
use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_REVOKE_DATE";
2365
2366
static
2367
SV* get_entry_revoke_date(SV* sv_self, int num) {
2368
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2369
    BIO* mem = BIO_new(BIO_s_mem());
2370
    ASN1_TIME *next_update;
2371
    STACK_OF(X509_REVOKED) *rev = NULL;
2372
    X509_REVOKED *rev_entry = NULL;
2373
    int revnum, i;
2374
2375
    if (! mem) {
2376
        croak("Cannot allocate BIO");
2377
    }
2378
    if (!(rev = X509_CRL_get_REVOKED(self))) {
2379
        sslcroak("X509_CRL_get_REVOKED failed");
2380
    }
2381
    if (!(rev_entry = sk_X509_REVOKED_value(rev, num))) {
2382
            sslcroak("sk_X509_REVOKED_value failed");
2383
    }
2384
    ASN1_TIME_print(mem, rev_entry->revocationDate);
2385
    if (!(BIO_write(mem, "\\0", 1) > 0)) {
2386
        sslcroak("BIO_write failed");
2387
    }
2388
    return BIO_mem_to_SV(mem);
2389
}
2390
GET_ENTRY_REVOKE_DATE
2391
2392
2393
=head2 get_entry_serial( $num )
2394
2395
Get serial number of entry in the CRL.
2396
2397
2398
=cut
2399
2400
use Crypt::OpenSSL::CA::Inline::C <<"GET_ENTRY_SERIAL";
2401
2402
static
2403
SV* get_entry_serial(SV* sv_self, int num) {
2404
    X509_CRL* self = perl_unwrap("${\__PACKAGE__}", X509_CRL *, sv_self);
2405
    BIO* mem = BIO_new(BIO_s_mem());
2406
    STACK_OF(X509_REVOKED) *rev = NULL;
2407
    X509_REVOKED *rev_entry = NULL;
2408
2409
    if (! mem) {
2410
        croak("Cannot allocate BIO");
2411
    }
2412
    if (!(rev = X509_CRL_get_REVOKED(self))) {
2413
        sslcroak("X509_CRL_get_REVOKED failed");
2414
    }
2415
    BIO_write(mem, "0x", 2); 
2416
    if (!(rev_entry = sk_X509_REVOKED_value(rev, num))) {
2417
            sslcroak("sk_X509_REVOKED_value failed");
2418
    }
2419
    i2a_ASN1_INTEGER(mem, rev_entry->serialNumber);
2420
    if (!(BIO_write(mem, "\\0", 1) > 0)) {
2421
        sslcroak("BIO_write failed");
2422
    }
2423
    return BIO_mem_to_SV(mem);
2424
}
2425
GET_ENTRY_SERIAL
2426
2427
2154
=head2 set_extension ($extname, $value, %options, %more_openssl_config)
2428
=head2 set_extension ($extname, $value, %options, %more_openssl_config)
2155
2429
2156
=head2 add_extension ($extname, $value, %options, %more_openssl_config)
2430
=head2 add_extension ($extname, $value, %options, %more_openssl_config)
Lines 2428-2433 Link Here
2428
2702
2429
=cut
2703
=cut
2430
2704
2705
2706
2707
2431
use Crypt::OpenSSL::CA::Inline::C <<"DUMP";
2708
use Crypt::OpenSSL::CA::Inline::C <<"DUMP";
2432
static
2709
static
2433
SV* dump(SV* sv_self) {
2710
SV* dump(SV* sv_self) {

Return to bug 220134