base/bif/plugins/Bro_X509.functions.bif.bro

GLOBAL

Namespace:	GLOBAL
Source File:	`/scripts/base/bif/plugins/Bro_X509.functions.bif.bro`

Summary

Functions

`x509_get_certificate_string`: `function`	Returns the string form of a certificate.
`x509_ocsp_verify`: `function`	Verifies an OCSP reply.
`x509_parse`: `function`	Parses a certificate into an X509::Certificate structure.
`x509_verify`: `function`	Verifies a certificate.

Detailed Interface

Functions

x509_get_certificate_string

Type:	`function` (cert: `opaque` of x509, pem: `bool` `&default` = `F` `&optional`) : `string`

Returns the string form of a certificate.

Cert:	The X509 certificate opaque handle.
Pem:	A boolean that specifies if the certificate is returned in pem-form (true), or as the raw ASN1 encoded binary (false).
Returns:	X509 certificate as a string.

See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_verify

x509_ocsp_verify

Type:	`function` (certs: `x509_opaque_vector`, ocsp_reply: `string`, root_certs: `table_string_of_string`, verify_time: `time` `&default` = `0.0` `&optional`) : `X509::Result`

Verifies an OCSP reply.

Certs:	Specifies the certificate chain to use. Server certificate first.
Ocsp_reply:	the ocsp reply to validate.
Root_certs:	A list of root certificates to validate the certificate chain.
Verify_time:	Time for the validity check of the certificates.
Returns:	A record of type X509::Result containing the result code of the verify operation.

See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_get_certificate_string, x509_verify

x509_parse

Type:	`function` (cert: `opaque` of x509) : `X509::Certificate`

Parses a certificate into an X509::Certificate structure.

Cert:	The X509 certificate opaque handle.
Returns:	A X509::Certificate structure.

See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_verify, x509_get_certificate_string

x509_verify

Type:	`function` (certs: `x509_opaque_vector`, root_certs: `table_string_of_string`, verify_time: `time` `&default` = `0.0` `&optional`) : `X509::Result`

Verifies a certificate.

Certs:	Specifies a certificate chain that is being used to validate the given certificate against the root store given in root_certs. The host certificate has to be at index 0.
Root_certs:	A list of root certificates to validate the certificate chain.
Verify_time:	Time for the validity check of the certificates.
Returns:	A record of type X509::Result containing the result code of the verify operation. In case of success also returns the full certificate chain.

See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_get_certificate_string, x509_ocsp_verify

Copyright 2016, The Bro Project. Last updated on December 07, 2018. Created using Sphinx 1.8.2.