CODEWITHSUNDEEP
perlx509
Banned_User
Banned_User

Reputation: 1023

Process x509 client certificates in Perl (further processing)

This question is an extension of my last question.

Basically the last question asked how to get the cert into perl and ive done that with the Web::ID package..

my $webid = Web::ID->new(certificate => $ENV{SSL_CLIENT_CERT});

I verified this works by calling blessed($webid) and also Dumper($webid)

however I still cant call $webid->uri which is an attribute that should have been set up for me. In fact I cant call any attribute other than $webid->certificate

So basically im still unable to parse the SAN.

EDIT

So now directly using the Web::ID::Certificate package i can directly loop through the SAN array.

my $cert = Web::ID::Certificate->new(pem => $ENV{SSL_CLIENT_CERT}); foreach (@{ $cert->subject_alt_names }) { print "SAN: ", $_->type, " = ", $_->value; }

So my question is answered.. but... Im still confused... I guess I dont understand why the Web::ID's uri isnt being set?

Why are none of my $webid's attributes being set?

EDIT2 at tobyink's request:

$VAR1 = bless( { 'certificate' => bless( { 'pem' => '-----BEGIN CERTIFICATE----- MIIDlzCCAn+gAwIBAgIJAI6PdfUNmz5oMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNV BAYTAlhYMREwDwYDVQQHDAhJbnRlcm5ldDEQMA4GA1UECgwHQml0bWFyazEUMBIG A1UEAwwLbGVhdGhhbi5uZXQwIBcNMTQxMDMxMTI1NjAzWhgPMjExNDEwMDcxMjU2 MDNaMEgxCzAJBgNVBAYTAlhYMREwDwYDVQQHDAhJbnRlcm5ldDEQMA4GA1UECgwH Qml0bWFyazEUMBIGA1UEAwwLbGVhdGhhbi5uZXQwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCna/Lvihx5nD3LbjfLo0vDIQkkSR6u/bKbwm346VJBVRh6 /K5gHM19os7ZeNp8GlArl0OGtF5QSf+TGHt0hD8RtgACJumdn/oATYGvGfdwnLu0 vUD9XHc6wzl+thvp7cT1Dw8BtEvUi+e4UBpIJMXCJkMt+Er23Mn288EbSGsC8q1u ga6Vp4toX4/fSuDEHAlEGeVhWCJfHy26lpaHPPuLTUfr1/8b1TiYI19rit4HK/wS MfKfXkLXc2a+Clr+/girqa60Q9zXP0GjQRawZ/B8WHVKBkE3DqOp/jEtEytS7Ojv 2ieylYT+/IhiQgqVS6CgE6vZ65PRzuQOItFoNaV7AgMBAAGjgYEwfzAvBgNVHREE KDAmhhVodHRwOi8vbGVhdGhhbi5uZXQvI2mBDTFAbGVhdGhhbi5uZXQwHQYDVR0O BBYEFIBUZ3r+B/dc900RyvhlVXq4Znf9MB8GA1UdIwQYMBaAFIBUZ3r+B/dc900R yvhlVXq4Znf9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAE/adF6C MJHoh1IxnwrvPLZ0S66XD0xPHlQ6ZKvuKqTX2nakf7vXaSzFCkoXJ6Vbv19NXpqZ 28jRBCgv0rszT8ODICApp65XsFc67w5S2/+soIDKs3ZLuKBPvRu6x7cPIeSDfj2J w6fQ9dXOSzUmdPCoorudrW+L/CmKI8Tn2I2KQah6p9HGh0/XnxXob0kGkGeJF5sR WOLQOUT+HpEjAy3Eeu1nygxqscaTESKv+0hLV7yHHzJl9TJRFbNw4zYzU3h8t8M+ pSu3SD4YC3HixmZarz7fV36zWaAxJBHRtBkbOwgOMBY4wzfpMPPV4fQ61Qio8DLR lN7nzvuQD+BA4OQ= -----END CERTIFICATE----- ' }, 'Web::ID::Certificate' ) }, 'Web::ID' );

Upvotes: 1

Views: 540

Answers (2)

Banned_User
Banned_User

Reputation: 1023

The specific problem was not having "RDF::RDFa::Parser" installed.

cpan install RDF::RDFa::Parser solved my problem.

Upvotes: 0

tobyink
tobyink

Reputation: 13664

Works for me. I've written this little script:

use strict;
use warnings;
use Web::ID;

printf "%s: %s\n", $_, $_->VERSION for qw(
    Web::ID
    Crypt::X509
    RDF::RDFa::Parser
    RDF::Trine
    RDF::Query
);

print Web::ID->new(certificate => <<'END')->uri, "\n";

    -----BEGIN CERTIFICATE-----
    MIIDlzCCAn+gAwIBAgIJAI6PdfUNmz5oMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNV
    BAYTAlhYMREwDwYDVQQHDAhJbnRlcm5ldDEQMA4GA1UECgwHQml0bWFyazEUMBIG
    A1UEAwwLbGVhdGhhbi5uZXQwIBcNMTQxMDMxMTI1NjAzWhgPMjExNDEwMDcxMjU2
    MDNaMEgxCzAJBgNVBAYTAlhYMREwDwYDVQQHDAhJbnRlcm5ldDEQMA4GA1UECgwH
    Qml0bWFyazEUMBIGA1UEAwwLbGVhdGhhbi5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
    A4IBDwAwggEKAoIBAQCna/Lvihx5nD3LbjfLo0vDIQkkSR6u/bKbwm346VJBVRh6
    /K5gHM19os7ZeNp8GlArl0OGtF5QSf+TGHt0hD8RtgACJumdn/oATYGvGfdwnLu0
    vUD9XHc6wzl+thvp7cT1Dw8BtEvUi+e4UBpIJMXCJkMt+Er23Mn288EbSGsC8q1u
    ga6Vp4toX4/fSuDEHAlEGeVhWCJfHy26lpaHPPuLTUfr1/8b1TiYI19rit4HK/wS
    MfKfXkLXc2a+Clr+/girqa60Q9zXP0GjQRawZ/B8WHVKBkE3DqOp/jEtEytS7Ojv
    2ieylYT+/IhiQgqVS6CgE6vZ65PRzuQOItFoNaV7AgMBAAGjgYEwfzAvBgNVHREE
    KDAmhhVodHRwOi8vbGVhdGhhbi5uZXQvI2mBDTFAbGVhdGhhbi5uZXQwHQYDVR0O
    BBYEFIBUZ3r+B/dc900RyvhlVXq4Znf9MB8GA1UdIwQYMBaAFIBUZ3r+B/dc900R
    yvhlVXq4Znf9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAE/adF6C
    MJHoh1IxnwrvPLZ0S66XD0xPHlQ6ZKvuKqTX2nakf7vXaSzFCkoXJ6Vbv19NXpqZ
    28jRBCgv0rszT8ODICApp65XsFc67w5S2/+soIDKs3ZLuKBPvRu6x7cPIeSDfj2J
    w6fQ9dXOSzUmdPCoorudrW+L/CmKI8Tn2I2KQah6p9HGh0/XnxXob0kGkGeJF5sR
    WOLQOUT+HpEjAy3Eeu1nygxqscaTESKv+0hLV7yHHzJl9TJRFbNw4zYzU3h8t8M+
    pSu3SD4YC3HixmZarz7fV36zWaAxJBHRtBkbOwgOMBY4wzfpMPPV4fQ61Qio8DLR
    lN7nzvuQD+BA4OQ=
    -----END CERTIFICATE-----

END

It produces the following output:

Web::ID: 1.927
Crypt::X509: 0.51
RDF::RDFa::Parser: 1.097
RDF::Trine: 1.010
RDF::Query: 2.912
http://leathan.net/#i

If you've got up-to-date versions of these modules, then you should be fine.

Upvotes: 2

Related Questions