package Crypt::Perl::X509::Extension::acmeValidation_v1;
use strict;
use warnings;
=encoding utf-8
=head1 NAME
=head1 SYNOPSIS
See L<Crypt::Perl::X509v3> for a more useful syntax for instantiating
this extension as part of certificate creation. The following is how
to instantiate it directly .. which isn’t very useful per se.
my $extn = Crypt::Perl::X509::Extension::acmeValidation_v1->new(
$string_of_32_octets,
);
=head1 DESCRIPTION
This is the X.509 extension to use when creating validation certificates
for use with the experimental ACME TLS ALPN challenge, described at
L<https://datatracker.ietf.org/doc/draft-ietf-acme-tls-alpn/>.
=cut
use parent qw( Crypt::Perl::X509::Extension );
use constant {
# https://www.ietf.org/rfc/rfc7299.txt
# id-pkix = 1.3.6.1.5.5.7
# id-pe = id-pkix 1
# id-pe-acmeIdentifier = id-pe 31
#
OID => '1.3.6.1.5.5.7.1.31',
CRITICAL => 1,
# This results in an OCTET STRING that nests inside the extension’s
# own OCTET STRING. That seems to be what ACME wants.
ASN1 => 'acmeValidation_v1 ::= OCTET STRING',
};
my $str_len = 32;
sub new {
my ($class, $octets) = @_;
if ($str_len != length($octets)) {
die sprintf( 'Must have %d bytes, not “%v.02x”!', $str_len, $octets );
}
return bless \$octets, $class
}
sub _encode_params {
return ${ $_[0] };
}
1;