pike.git / lib / modules / Standards.pmod / X509.pmod

version» Context lines:

pike.git/lib/modules/Standards.pmod/X509.pmod:96:    subject,    keyinfo }) ));   }      //!   //! @param issuer   //! Distinguished name for the issuer.   //! See @[Standards.PKCS.Certificate.build_distinguished_name].   //!   //! @param c - //! RSA or DSA parameters for the issuer. - //! See @[Crypto.RSA] and @[Crypto.DSA]. + //! RSA, DSA or ECDSA parameters for the issuer. + //! See @[Crypto.RSA], @[Crypto.DSA] and @[Crypto.ECC.Curve.ECDSA].   //!   //! @param subject   //! Distinguished name for the issuer.   //! See @[Standards.PKCS.Certificate.build_distinguished_name].   //!   //! @param public_key   //! DER-encoded RSAPublicKey structure.   //! See @[Standards.PKCS.RSA.public_key()].   //!   //! @param serial   //! Serial number for this key and subject.   //!   //! @param ttl   //! Validity time in seconds for this signature to be valid.   //!   //! @param extensions   //! Set of extensions.   //!   //! @returns   //! Returns a DER-encoded certificate. - string sign_key(Sequence issuer, Crypto.RSA|Crypto.DSA c, Crypto.Hash h, + string sign_key(Sequence issuer, Crypto.Sign c, Crypto.Hash h,    Sequence subject, int serial, int ttl, array|void extensions)   {    Sequence algorithm_id = c->pkcs_signature_algorithm_id(h);    if(!algorithm_id) error("Can't use %O for %O.\n", h, c);    Sequence tbs = make_tbs(issuer, algorithm_id,    subject, c->pkcs_public_key(),    Integer(serial), ttl, extensions);       return Sequence(({ tbs, c->pkcs_signature_algorithm_id(h),    BitString(c->pkcs_sign(tbs->get_der(), h))    }))->get_der();   }      //! Creates a selfsigned certificate, i.e. where issuer and subject   //! are the same entity. This entity is derived from the list of pairs   //! in @[name], which is encoded into an distinguished_name by   //! @[Standards.PKCS.Certificate.build_distinguished_name].   //!   //! @param c - //! The public key cipher used for the certificate, @[Crypto.RSA] or - //! @[Crypto.DSA]. The object should be initialized with (at least) - //! public keys. + //! The public key cipher used for the certificate, @[Crypto.RSA], + //! @[Crypto.DSA] or @[Crypto.ECC.Curve.ECDSA]. The object should be + //! initialized with (at least) public keys.   //!   //! @param ttl   //! The validity of the certificate, in seconds, starting from   //! creation date.   //!   //! @param name   //! List of properties to create distinguished name from.   //!   //! @param extensions   //! List of extensions as ASN.1 structures.
pike.git/lib/modules/Standards.pmod/X509.pmod:162:   //! @param h   //! The hash function to use for the certificate. Must be one of the   //! standardized PKCS hashes to be used with the given Crypto. By   //! default @[Crypto.SHA256] is selected for both RSA and DSA.   //!   //! @param serial   //! Serial number of the certificate. Defaults to generating a UUID   //! version1 value with random node. Some browsers will refuse   //! different certificates from the same signer with the same serial   //! number. - string make_selfsigned_certificate(Crypto.RSA|Crypto.DSA c, int ttl, + string make_selfsigned_certificate(Crypto.Sign c, int ttl,    mapping|array name, array|void extensions,    void|Crypto.Hash h, void|int serial)   {    if(!serial)    serial = (int)Gmp.mpz(Standards.UUID.make_version1(-1)->encode(), 256);    Sequence dn = Certificate.build_distinguished_name(name);    return sign_key(dn, c, h||Crypto.SHA256, dn, serial, ttl, extensions);   }      class Verifier {