Namespace: | GLOBAL |
---|---|
Source File: | /scripts/base/bif/plugins/Bro_X509.functions.bif.bro |
x509_get_certificate_string: function | Returns the string form of a certificate. |
x509_ocsp_verify: function | Verifies an OCSP reply. |
x509_parse: function | Parses a certificate into an X509::Certificate structure. |
x509_verify: function | Verifies a certificate. |
Type : | function (cert: opaque of x509, pem: bool &default = F &optional) : string |
---|
Returns the string form of a certificate.
Cert : | The X509 certificate opaque handle. |
---|---|
Pem : | A boolean that specifies if the certificate is returned in pem-form (true), or as the raw ASN1 encoded binary (false). |
Returns : | X509 certificate as a string. |
See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_verify
Type : | function (certs: x509_opaque_vector, ocsp_reply: string, root_certs: table_string_of_string, verify_time: time &default = 0.0 &optional) : X509::Result |
---|
Verifies an OCSP reply.
Certs : | Specifies the certificate chain to use. Server certificate first. |
---|---|
Ocsp_reply : | the ocsp reply to validate. |
Root_certs : | A list of root certificates to validate the certificate chain. |
Verify_time : | Time for the validity check of the certificates. |
Returns : | A record of type X509::Result containing the result code of the verify operation. |
See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_get_certificate_string, x509_verify
Type : | function (cert: opaque of x509) : X509::Certificate |
---|
Parses a certificate into an X509::Certificate structure.
Cert : | The X509 certificate opaque handle. |
---|---|
Returns : | A X509::Certificate structure. |
See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_verify, x509_get_certificate_string
Type : | function (certs: x509_opaque_vector, root_certs: table_string_of_string, verify_time: time &default = 0.0 &optional) : X509::Result |
---|
Verifies a certificate.
Certs : | Specifies a certificate chain that is being used to validate the given certificate against the root store given in root_certs. The host certificate has to be at index 0. |
---|---|
Root_certs : | A list of root certificates to validate the certificate chain. |
Verify_time : | Time for the validity check of the certificates. |
Returns : | A record of type X509::Result containing the result code of the verify operation. In case of success also returns the full certificate chain. |
See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_get_certificate_string, x509_ocsp_verify