1PKCS10(3)             User Contributed Perl Documentation            PKCS10(3)
2
3
4

NAME

6       Crypt::OpenSSL::PKCS10 - Perl extension to OpenSSL's PKCS10 API.
7

SYNOPSIS

9         use Crypt::OpenSSL::PKCS10::PKCS10 qw( :const );
10
11         my $req = Crypt::OpenSSL::PKCS10->new;
12         $req->set_subject("/C=RO/O=UTI/OU=ssi");
13         $req->add_ext(Crypt::OpenSSL::PKCS10::NID_key_usage,"critical,digitalSignature,keyEncipherment");
14         $req->add_ext(Crypt::OpenSSL::PKCS10::NID_ext_key_usage,"serverAuth, nsSGC, msSGC, 1.3.4");
15         $req->add_ext(Crypt::OpenSSL::PKCS10::NID_subject_alt_name,"email:steve@openssl.org");
16         $req->add_custom_ext('1.2.3.3',"My new extension");
17         $req->add_ext_final();
18         $req->sign();
19         $req->write_pem_req('request.pem');
20         $req->write_pem_pk('pk.pem');
21         print $req->get_pem_pubkey();
22         print $req->pubkey_type();
23         print $req->get_pem_req();
24

ABSTRACT

26         Crypt::OpenSSL::PKCS10 - Perl extension to OpenSSL's PKCS10 API.
27

DESCRIPTION

29       Crypt::OpenSSL::PKCS10 provides the ability to create PKCS10
30       certificate requests using RSA key pairs.
31

Class Methods

33       new Create a new Crypt::OpenSSL::PKCS10 object by generating a new RSA
34           key pair. There is one optional argument, the key size, which has
35           the default value of 1024 if omitted.
36
37       new_from_rsa( $rsa_object )
38           Create a new Crypt::OpenSSL::PKCS10 object by using key information
39           from a Crypt::OpenSSL::RSA object. Here is an example:
40
41             my $rsa = Crypt::OpenSSL::RSA->generate_key(512);
42             my $req = Crypt::OpenSSL::PKCS10->new_from_rsa($rsa);
43
44       new_from_file( $filename )
45           Create a new Crypt::OpenSSL::PKCS10 object by reading the request
46           and key information from a PEM formatted file. Here is an example:
47
48             my $req = Crypt::OpenSSL::PKCS10->new_from_file("CSR.csr");
49

Instance Methods

51       set_subject($subject, [ $utf8 ])
52         Sets the subject DN of the request.  Note: $subject is expected to be
53         in the format /type0=value0/type1=value1/type2=... where characters
54         may be escaped by \.  If $utf8 is non-zero integer, $subject is
55         interpreted as UTF-8 string.
56
57       add_ext($nid, $extension)
58         Adds a new extension to the request. The first argument $nid is one
59         of the exported constants (see below).  The second one $extension is
60         a string (for more info read openssl(3)).
61
62           $req->add_ext(Crypt::OpenSSL::PKCS10::NID_key_usage,"critical,digitalSignature,keyEncipherment");
63           $req->add_ext(Crypt::OpenSSL::PKCS10::NID_ext_key_usage,"serverAuth, nsSGC, msSGC, 1.3.4");
64           $req->add_ext(Crypt::OpenSSL::PKCS10::NID_subject_alt_name,"email:steve@openssl.org");
65
66       add_custom_ext($oid, $desc)
67         Adds a new custom extension to the request. The value is added as a
68         text string, using ASN.1 encoding rules inherited from the Netscape
69         Comment OID.
70
71           $req->add_custom_ext('1.2.3.3',"My new extension");
72
73       add_custom_ext_raw($oid, $bytes)
74         Adds a new custom extension to the request. The value is added as a
75         raw DER octet string. Use this if you are packing your own ASN.1
76         structures and need to set the extension value directly.
77
78           $req->add_custom_ext_raw($oid, pack('H*','1E06006100620063')) # BMPString 'abc'
79
80       add_ext_final()
81         This must be called after all extensions has been added. It actually
82         copies the extension stack to request structure.
83
84           $req->add_ext(Crypt::OpenSSL::PKCS10::NID_subject_alt_name,"email:my@email.org");
85           $req->add_ext_final();
86
87       sign()
88         This adds the signature to the PKCS10 request.
89
90           $req->sign();
91
92       pubkey_type()
93         Returns the type of the PKCS10 public key - one of (rsa|dsa|ec).
94
95           $req->pubkey_type();
96
97       get_pubkey()
98         Returns the PEM encoding of the PKCS10 public key.
99
100           $req->get_pubkey();
101
102       get_pem_req()
103         Returns the PEM encoding of the PKCS10 request.
104
105           $req->get_pem_req();
106
107       write_pem_req($filename)
108         Writes the PEM encoding of the PKCS10 request to a given file.
109
110           $req->write_pem_req('request.pem');
111
112       get_pem_pk()
113         Returns the PEM encoding of the private key.
114
115           $req->get_pem_pk();
116
117       write_pem_pk($filename)
118         Writes the PEM encoding of the private key to a given file.
119
120           $req->write_pem_pk('request.pem');
121
122       subject()
123         returns the subject of the PKCS10 request
124
125           $subject = $req->subject();
126
127       keyinfo()
128         returns the human readable info about the key of the PKCS10 request
129
130           $keyinfo = $req->keyinfo();
131
132   EXPORT
133       None by default.
134
135       On request:
136
137               NID_key_usage NID_subject_alt_name NID_netscape_cert_type NID_netscape_comment
138               NID_ext_key_usage
139

BUGS

141       If you destroy $req object that is linked to a Crypt::OpenSSL::RSA
142       object, the RSA private key is also freed, thus you can't use latter
143       object anymore. Avoid this:
144
145         my $rsa = Crypt::OpenSSL::RSA->generate_key(512);
146         my $req = Crypt::OpenSSL::PKCS10->new_from_rsa($rsa);
147         undef $req;
148         print $rsa->get_private_key_string();
149

SEE ALSO

151       "Crypt::OpenSSL::RSA", "Crypt::OpenSSL::X509".
152

AUTHOR

154       JoNO, <jonozzz@yahoo.com>
155
157       Copyright (C) 2006 by JoNO
158
159       This library is free software; you can redistribute it and/or modify it
160       under the same terms as Perl itself, either Perl version 5.8.2 or, at
161       your option, any later version of Perl 5 you may have available.
162
163
164
165perl v5.30.1                      2020-01-29                         PKCS10(3)
Impressum