Crypt::NSS::X509::CRL - NSS CRL
use 5.10.1;
use Perl6::Slurp;
use Crypt::NSS::X509;
my $crl = Crypt::NSS::X509::Certificate->new(slurp('derfile'));
my $cert = Crypt::NSS::X509::Certificate->new_from_der(slurp('derfile'));
my $crlvalid = $crl->verify($cert);
my @revokedserials = map { $_->serial } $crl->entries;
Perl interface for the certificate revocation list parts of the NSS API.
This class gives access to some of the CRL handling functions of NSS. Note that this code is more unstable than the other classes and probably will change.
Creates a new NSS::CRL object from the provided der-encoded certificate string.
Creates a new NSS::CRL object from the provided pem-encoded certificate.
Returns the CRL issuer as a string.
Returns the CRL version
Returns the NSS::Certificate object, where the subject matches the CRL issuer. Certificate has to be in NSS database, otherwise it will not be found.
Check the signature of the CRL against the NSS::Certificate cert. Returns true on success, false otherwise.
Check the signature of the CRL at the provided time (now if no time provided). Tries to find a matching issuer certificate in the NSS db.
Returns the CRL entries as an array of hash-references.
Bernhard Amann, <bernhard@icsi.berkeley.edu>
Copyright 2012 by Bernhard Amann
This Library Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
The library contains source code of the Mozilla Network Security Services; for NSS license information please see http://www.mozilla.org/projects/security/pki/ nss/.
