base/bif/plugins/Bro_X509.functions.bif.bro

GLOBAL
Namespace:GLOBAL
Source File:/scripts/base/bif/plugins/Bro_X509.functions.bif.bro

Summary

Functions

x509_get_certificate_string: function Returns the string form of a certificate.
x509_ocsp_verify: function Verifies an OCSP reply.
x509_parse: function Parses a certificate into an X509::Certificate structure.
x509_verify: function Verifies a certificate.

Detailed Interface

Functions

x509_get_certificate_string
Type:function (cert: opaque of x509, pem: bool &default = F &optional) : string

Returns the string form of a certificate.

Cert:The X509 certificate opaque handle.
Pem:A boolean that specifies if the certificate is returned in pem-form (true), or as the raw ASN1 encoded binary (false).
Returns:X509 certificate as a string.

See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_verify

x509_ocsp_verify
Type:function (certs: x509_opaque_vector, ocsp_reply: string, root_certs: table_string_of_string, verify_time: time &default = 0.0 &optional) : X509::Result

Verifies an OCSP reply.

Certs:Specifies the certificate chain to use. Server certificate first.
Ocsp_reply:the ocsp reply to validate.
Root_certs:A list of root certificates to validate the certificate chain.
Verify_time:Time for the validity check of the certificates.
Returns:A record of type X509::Result containing the result code of the verify operation.

See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_get_certificate_string, x509_verify

x509_parse
Type:function (cert: opaque of x509) : X509::Certificate

Parses a certificate into an X509::Certificate structure.

Cert:The X509 certificate opaque handle.
Returns:A X509::Certificate structure.

See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_verify, x509_get_certificate_string

x509_verify
Type:function (certs: x509_opaque_vector, root_certs: table_string_of_string, verify_time: time &default = 0.0 &optional) : X509::Result

Verifies a certificate.

Certs:Specifies a certificate chain that is being used to validate the given certificate against the root store given in root_certs. The host certificate has to be at index 0.
Root_certs:A list of root certificates to validate the certificate chain.
Verify_time:Time for the validity check of the certificates.
Returns:A record of type X509::Result containing the result code of the verify operation. In case of success also returns the full certificate chain.

See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_get_certificate_string, x509_ocsp_verify

Copyright 2016, The Bro Project. Last updated on October 17, 2017. Created using Sphinx 1.5.2.