{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.CertificateManagerPCA.Types.CertificateAuthorityConfiguration
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.CertificateManagerPCA.Types.CertificateAuthorityConfiguration where

import Amazonka.CertificateManagerPCA.Types.ASN1Subject
import Amazonka.CertificateManagerPCA.Types.CsrExtensions
import Amazonka.CertificateManagerPCA.Types.KeyAlgorithm
import Amazonka.CertificateManagerPCA.Types.SigningAlgorithm
import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude

-- | Contains configuration information for your private certificate
-- authority (CA). This includes information about the class of public key
-- algorithm and the key pair that your private CA creates when it issues a
-- certificate. It also includes the signature algorithm that it uses when
-- issuing certificates, and its X.500 distinguished name. You must specify
-- this information when you call the
-- <https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html CreateCertificateAuthority>
-- action.
--
-- /See:/ 'newCertificateAuthorityConfiguration' smart constructor.
data CertificateAuthorityConfiguration = CertificateAuthorityConfiguration'
  { -- | Specifies information to be added to the extension section of the
    -- certificate signing request (CSR).
    CertificateAuthorityConfiguration -> Maybe CsrExtensions
csrExtensions :: Prelude.Maybe CsrExtensions,
    -- | Type of the public key algorithm and size, in bits, of the key pair that
    -- your CA creates when it issues a certificate. When you create a
    -- subordinate CA, you must use a key algorithm supported by the parent CA.
    CertificateAuthorityConfiguration -> KeyAlgorithm
keyAlgorithm :: KeyAlgorithm,
    -- | Name of the algorithm your private CA uses to sign certificate requests.
    --
    -- This parameter should not be confused with the @SigningAlgorithm@
    -- parameter used to sign certificates when they are issued.
    CertificateAuthorityConfiguration -> SigningAlgorithm
signingAlgorithm :: SigningAlgorithm,
    -- | Structure that contains X.500 distinguished name information for your
    -- private CA.
    CertificateAuthorityConfiguration -> ASN1Subject
subject :: ASN1Subject
  }
  deriving (CertificateAuthorityConfiguration
-> CertificateAuthorityConfiguration -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: CertificateAuthorityConfiguration
-> CertificateAuthorityConfiguration -> Bool
$c/= :: CertificateAuthorityConfiguration
-> CertificateAuthorityConfiguration -> Bool
== :: CertificateAuthorityConfiguration
-> CertificateAuthorityConfiguration -> Bool
$c== :: CertificateAuthorityConfiguration
-> CertificateAuthorityConfiguration -> Bool
Prelude.Eq, ReadPrec [CertificateAuthorityConfiguration]
ReadPrec CertificateAuthorityConfiguration
Int -> ReadS CertificateAuthorityConfiguration
ReadS [CertificateAuthorityConfiguration]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [CertificateAuthorityConfiguration]
$creadListPrec :: ReadPrec [CertificateAuthorityConfiguration]
readPrec :: ReadPrec CertificateAuthorityConfiguration
$creadPrec :: ReadPrec CertificateAuthorityConfiguration
readList :: ReadS [CertificateAuthorityConfiguration]
$creadList :: ReadS [CertificateAuthorityConfiguration]
readsPrec :: Int -> ReadS CertificateAuthorityConfiguration
$creadsPrec :: Int -> ReadS CertificateAuthorityConfiguration
Prelude.Read, Int -> CertificateAuthorityConfiguration -> ShowS
[CertificateAuthorityConfiguration] -> ShowS
CertificateAuthorityConfiguration -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [CertificateAuthorityConfiguration] -> ShowS
$cshowList :: [CertificateAuthorityConfiguration] -> ShowS
show :: CertificateAuthorityConfiguration -> String
$cshow :: CertificateAuthorityConfiguration -> String
showsPrec :: Int -> CertificateAuthorityConfiguration -> ShowS
$cshowsPrec :: Int -> CertificateAuthorityConfiguration -> ShowS
Prelude.Show, forall x.
Rep CertificateAuthorityConfiguration x
-> CertificateAuthorityConfiguration
forall x.
CertificateAuthorityConfiguration
-> Rep CertificateAuthorityConfiguration x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep CertificateAuthorityConfiguration x
-> CertificateAuthorityConfiguration
$cfrom :: forall x.
CertificateAuthorityConfiguration
-> Rep CertificateAuthorityConfiguration x
Prelude.Generic)

-- |
-- Create a value of 'CertificateAuthorityConfiguration' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'csrExtensions', 'certificateAuthorityConfiguration_csrExtensions' - Specifies information to be added to the extension section of the
-- certificate signing request (CSR).
--
-- 'keyAlgorithm', 'certificateAuthorityConfiguration_keyAlgorithm' - Type of the public key algorithm and size, in bits, of the key pair that
-- your CA creates when it issues a certificate. When you create a
-- subordinate CA, you must use a key algorithm supported by the parent CA.
--
-- 'signingAlgorithm', 'certificateAuthorityConfiguration_signingAlgorithm' - Name of the algorithm your private CA uses to sign certificate requests.
--
-- This parameter should not be confused with the @SigningAlgorithm@
-- parameter used to sign certificates when they are issued.
--
-- 'subject', 'certificateAuthorityConfiguration_subject' - Structure that contains X.500 distinguished name information for your
-- private CA.
newCertificateAuthorityConfiguration ::
  -- | 'keyAlgorithm'
  KeyAlgorithm ->
  -- | 'signingAlgorithm'
  SigningAlgorithm ->
  -- | 'subject'
  ASN1Subject ->
  CertificateAuthorityConfiguration
newCertificateAuthorityConfiguration :: KeyAlgorithm
-> SigningAlgorithm
-> ASN1Subject
-> CertificateAuthorityConfiguration
newCertificateAuthorityConfiguration
  KeyAlgorithm
pKeyAlgorithm_
  SigningAlgorithm
pSigningAlgorithm_
  ASN1Subject
pSubject_ =
    CertificateAuthorityConfiguration'
      { $sel:csrExtensions:CertificateAuthorityConfiguration' :: Maybe CsrExtensions
csrExtensions =
          forall a. Maybe a
Prelude.Nothing,
        $sel:keyAlgorithm:CertificateAuthorityConfiguration' :: KeyAlgorithm
keyAlgorithm = KeyAlgorithm
pKeyAlgorithm_,
        $sel:signingAlgorithm:CertificateAuthorityConfiguration' :: SigningAlgorithm
signingAlgorithm = SigningAlgorithm
pSigningAlgorithm_,
        $sel:subject:CertificateAuthorityConfiguration' :: ASN1Subject
subject = ASN1Subject
pSubject_
      }

-- | Specifies information to be added to the extension section of the
-- certificate signing request (CSR).
certificateAuthorityConfiguration_csrExtensions :: Lens.Lens' CertificateAuthorityConfiguration (Prelude.Maybe CsrExtensions)
certificateAuthorityConfiguration_csrExtensions :: Lens' CertificateAuthorityConfiguration (Maybe CsrExtensions)
certificateAuthorityConfiguration_csrExtensions = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CertificateAuthorityConfiguration' {Maybe CsrExtensions
csrExtensions :: Maybe CsrExtensions
$sel:csrExtensions:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> Maybe CsrExtensions
csrExtensions} -> Maybe CsrExtensions
csrExtensions) (\s :: CertificateAuthorityConfiguration
s@CertificateAuthorityConfiguration' {} Maybe CsrExtensions
a -> CertificateAuthorityConfiguration
s {$sel:csrExtensions:CertificateAuthorityConfiguration' :: Maybe CsrExtensions
csrExtensions = Maybe CsrExtensions
a} :: CertificateAuthorityConfiguration)

-- | Type of the public key algorithm and size, in bits, of the key pair that
-- your CA creates when it issues a certificate. When you create a
-- subordinate CA, you must use a key algorithm supported by the parent CA.
certificateAuthorityConfiguration_keyAlgorithm :: Lens.Lens' CertificateAuthorityConfiguration KeyAlgorithm
certificateAuthorityConfiguration_keyAlgorithm :: Lens' CertificateAuthorityConfiguration KeyAlgorithm
certificateAuthorityConfiguration_keyAlgorithm = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CertificateAuthorityConfiguration' {KeyAlgorithm
keyAlgorithm :: KeyAlgorithm
$sel:keyAlgorithm:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> KeyAlgorithm
keyAlgorithm} -> KeyAlgorithm
keyAlgorithm) (\s :: CertificateAuthorityConfiguration
s@CertificateAuthorityConfiguration' {} KeyAlgorithm
a -> CertificateAuthorityConfiguration
s {$sel:keyAlgorithm:CertificateAuthorityConfiguration' :: KeyAlgorithm
keyAlgorithm = KeyAlgorithm
a} :: CertificateAuthorityConfiguration)

-- | Name of the algorithm your private CA uses to sign certificate requests.
--
-- This parameter should not be confused with the @SigningAlgorithm@
-- parameter used to sign certificates when they are issued.
certificateAuthorityConfiguration_signingAlgorithm :: Lens.Lens' CertificateAuthorityConfiguration SigningAlgorithm
certificateAuthorityConfiguration_signingAlgorithm :: Lens' CertificateAuthorityConfiguration SigningAlgorithm
certificateAuthorityConfiguration_signingAlgorithm = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CertificateAuthorityConfiguration' {SigningAlgorithm
signingAlgorithm :: SigningAlgorithm
$sel:signingAlgorithm:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> SigningAlgorithm
signingAlgorithm} -> SigningAlgorithm
signingAlgorithm) (\s :: CertificateAuthorityConfiguration
s@CertificateAuthorityConfiguration' {} SigningAlgorithm
a -> CertificateAuthorityConfiguration
s {$sel:signingAlgorithm:CertificateAuthorityConfiguration' :: SigningAlgorithm
signingAlgorithm = SigningAlgorithm
a} :: CertificateAuthorityConfiguration)

-- | Structure that contains X.500 distinguished name information for your
-- private CA.
certificateAuthorityConfiguration_subject :: Lens.Lens' CertificateAuthorityConfiguration ASN1Subject
certificateAuthorityConfiguration_subject :: Lens' CertificateAuthorityConfiguration ASN1Subject
certificateAuthorityConfiguration_subject = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CertificateAuthorityConfiguration' {ASN1Subject
subject :: ASN1Subject
$sel:subject:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> ASN1Subject
subject} -> ASN1Subject
subject) (\s :: CertificateAuthorityConfiguration
s@CertificateAuthorityConfiguration' {} ASN1Subject
a -> CertificateAuthorityConfiguration
s {$sel:subject:CertificateAuthorityConfiguration' :: ASN1Subject
subject = ASN1Subject
a} :: CertificateAuthorityConfiguration)

instance
  Data.FromJSON
    CertificateAuthorityConfiguration
  where
  parseJSON :: Value -> Parser CertificateAuthorityConfiguration
parseJSON =
    forall a. String -> (Object -> Parser a) -> Value -> Parser a
Data.withObject
      String
"CertificateAuthorityConfiguration"
      ( \Object
x ->
          Maybe CsrExtensions
-> KeyAlgorithm
-> SigningAlgorithm
-> ASN1Subject
-> CertificateAuthorityConfiguration
CertificateAuthorityConfiguration'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"CsrExtensions")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"KeyAlgorithm")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"SigningAlgorithm")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"Subject")
      )

instance
  Prelude.Hashable
    CertificateAuthorityConfiguration
  where
  hashWithSalt :: Int -> CertificateAuthorityConfiguration -> Int
hashWithSalt
    Int
_salt
    CertificateAuthorityConfiguration' {Maybe CsrExtensions
ASN1Subject
KeyAlgorithm
SigningAlgorithm
subject :: ASN1Subject
signingAlgorithm :: SigningAlgorithm
keyAlgorithm :: KeyAlgorithm
csrExtensions :: Maybe CsrExtensions
$sel:subject:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> ASN1Subject
$sel:signingAlgorithm:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> SigningAlgorithm
$sel:keyAlgorithm:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> KeyAlgorithm
$sel:csrExtensions:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> Maybe CsrExtensions
..} =
      Int
_salt
        forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe CsrExtensions
csrExtensions
        forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` KeyAlgorithm
keyAlgorithm
        forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` SigningAlgorithm
signingAlgorithm
        forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` ASN1Subject
subject

instance
  Prelude.NFData
    CertificateAuthorityConfiguration
  where
  rnf :: CertificateAuthorityConfiguration -> ()
rnf CertificateAuthorityConfiguration' {Maybe CsrExtensions
ASN1Subject
KeyAlgorithm
SigningAlgorithm
subject :: ASN1Subject
signingAlgorithm :: SigningAlgorithm
keyAlgorithm :: KeyAlgorithm
csrExtensions :: Maybe CsrExtensions
$sel:subject:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> ASN1Subject
$sel:signingAlgorithm:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> SigningAlgorithm
$sel:keyAlgorithm:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> KeyAlgorithm
$sel:csrExtensions:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> Maybe CsrExtensions
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe CsrExtensions
csrExtensions
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf KeyAlgorithm
keyAlgorithm
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf SigningAlgorithm
signingAlgorithm
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf ASN1Subject
subject

instance
  Data.ToJSON
    CertificateAuthorityConfiguration
  where
  toJSON :: CertificateAuthorityConfiguration -> Value
toJSON CertificateAuthorityConfiguration' {Maybe CsrExtensions
ASN1Subject
KeyAlgorithm
SigningAlgorithm
subject :: ASN1Subject
signingAlgorithm :: SigningAlgorithm
keyAlgorithm :: KeyAlgorithm
csrExtensions :: Maybe CsrExtensions
$sel:subject:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> ASN1Subject
$sel:signingAlgorithm:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> SigningAlgorithm
$sel:keyAlgorithm:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> KeyAlgorithm
$sel:csrExtensions:CertificateAuthorityConfiguration' :: CertificateAuthorityConfiguration -> Maybe CsrExtensions
..} =
    [Pair] -> Value
Data.object
      ( forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ (Key
"CsrExtensions" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..=) forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe CsrExtensions
csrExtensions,
            forall a. a -> Maybe a
Prelude.Just (Key
"KeyAlgorithm" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= KeyAlgorithm
keyAlgorithm),
            forall a. a -> Maybe a
Prelude.Just
              (Key
"SigningAlgorithm" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= SigningAlgorithm
signingAlgorithm),
            forall a. a -> Maybe a
Prelude.Just (Key
"Subject" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= ASN1Subject
subject)
          ]
      )