pkcs10: PKCS#10 library

[ apache, data, library ] [ Propose Tags ]

Please see

[Skip to Readme]




Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees


  • No Candidates
Versions [RSS],,,,,,,
Dependencies asn1-encoding, asn1-parse, asn1-types, base (>=4.3 && <5), bytestring, cryptonite, pem, x509 [details]
License Apache-2.0
Copyright Timothy Klim <>
Author Timothy Klim <>
Maintainer Timothy Klim <>
Category Data
Home page
Source repo head: git clone git://
Uploaded by ktimothy at 2016-11-02T09:36:02Z
Reverse Dependencies 1 direct, 0 indirect [details]
Downloads 6212 total (26 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs available [build log]
Last success reported on 2016-11-18 [all 1 reports]

Readme for pkcs10-

[back to package description]

PKCS#10 library

Build Status


import           Crypto.Hash
import           Crypto.PubKey.RSA
import           Data.X509
import           Data.X509.PKCS10

main :: IO ()
main = do
  let rsaKeySize = 128
  let publicExponent = 3
  (pubKey, privKey) <- generate rsaKeySize publicExponent
  let subjectAttrs = makeX520Attributes [(X520CommonName, ""), (X520OrganizationName, "fcomb")]
  let extAttrs = PKCS9Attributes [PKCS9Attribute $ ExtBasicConstraints False Nothing, PKCS9Attribute $ ExtKeyUsage [KeyUsage_digitalSignature,KeyUsage_nonRepudiation,KeyUsage_keyEncipherment]]
  Right req <- generateCSR subjectAttrs extAttrs (KeyPairRSA pubKey privKey) SHA512
  putStrLn . show . toPEM $ req -- export in PEM format
  putStrLn . show $ verify (csrToSigned req) $ PubKeyRSA pubKey -- sign CSR before verifying