crypto.x509 Package
Function Description
The x509 package provides digital certificate processing functions, including parsing and serializing X509 certificates, verifying certificates, creating self-signed certificates, and creating and verifying certificate chains.
This package depends on the crypto dynamic library file of OpenSSL 3. Therefore, related tools must be installed before using this package.
-
For Linux, perform the following operations:
- Install the OpenSSL 3 development tool package using the package management tool of the system if the tool supports the installation, and ensure that the system installation directory contains the libcrypto.so and libcrypto.so.3 dynamic library files. For example, on Ubuntu 22.04, run the sudo apt install libssl-dev command to install the libssl-dev tool package.
- Download and install the OpenSSL 3.x.x source code compilation software package if the preceding method fails, and ensure that the installation directory contains the libcrypto.so and libcrypto.so.3 dynamic library files. Then, use either of the following methods to ensure that the system linker can find these files:
- Install the software in a system directory if OpenSSL has not been installed.
- Set the directory containing these files to the environment variables LD_LIBRARY_PATH and LIBRARY_PATH if the software is installed in a user-defined directory.
-
For Windows, perform the following operations:
- Download and install the OpenSSL 3.x.x source code compilation software package for the x64 architecture, or download and install the OpenSSL 3.x.x software package precompiled by a third party for developers.
- Ensure that the installation directory contains the libcrypto.dll.a (or libcrypto.lib) and libcrypto-3-x64.dll library files.
- Set the directory containing the libcrypto.dll.a (or libcrypto.lib) to the environment variable LIBRARY_PATH, and the directory containing libcrypto-3-x64.dll to the environment variable PATH.
-
For macOS, perform the following operations:
- Run the brew install openssl@3 command to install OpenSSL, and ensure that the system installation directory contains the libcrypto.dylib and libcrypto.3.dylib dynamic library files.
- Download and install the OpenSSL 3.x.x source code compilation software package if the preceding method fails, and ensure that the installation directory contains the libcrypto.dylib and libcrypto.3.dylib dynamic library files. Then, use either of the following methods to ensure that the system linker can find these files:
- Install the software in a system directory if OpenSSL has not been installed.
- Set the directory containing these files to the environment variables DYLD_LIBRARY_PATH and LIBRARY_PATH.
Note:
If OpenSSL 3 is not installed or an earlier version is installed, the program may fail to work with the following exception thrown: X509Exception: Can not load openssl library or function xxx.
API List
Type Alias
| Type Alias | Description |
|---|---|
| IP | x509 uses Array<Byte> to record IP addresses. |
Interface
| Name | Description |
|---|---|
| DHParamters | Provides DH key interfaces. |
| Key | Provides key interfaces. |
| PrivateKey | Provides private key interfaces. |
| PublicKey | Provides public key interfaces. |
Class
| Name | Description |
|---|---|
| X509Certificate | The X509 digital certificate is a digital certificate used for encrypted communication. |
| X509CertificateRequest | Specifies a digital certificate signature request. |
| X509Name | Specifies a recognizable name of the certificate entity. |
Enumeration
| Name | Description |
|---|---|
| PublicKeyAlgorithm | Specifies public key information contained in a digital certificate. |
| SignatureAlgorithm | Specifies the certificate signature algorithm. |
Struct
| Name | Description |
|---|---|
| DerBlob | Binary certificate streams can be configured for Crypto. |
| ExtKeyUsage | Specifies the digital certificate extension field. |
| KeyUsage | The digital certificate extension field usually contains the usage description of the public key carried. |
| Pem | Specifies a Pem struct. |
| PemEntry | Specifies the PEM text format. |
| SerialNumber | Specifies the serial number of the digital certificate. |
| Signature | Specifies the signature of the digital certificate. |
| VerifyOption | Specifies a verification option. |
| X509CertificateInfo | Specifies certificate information. |
| X509CertificateRequestInfo | Specifies certificate request information. |
Exception Class
| Name | Description |
|---|---|
| X509Exception | Specifies the exception class of the x509 package. |