Copyright | (c) Alexey Radkov 2024 |
---|---|
License | BSD-style |
Maintainer | alexey.radkov@gmail.com |
Stability | experimental |
Portability | portable |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Encode and decode X509 OCSP requests and responses.
This module complies with rfc6960.
Synopsis
- data CertId = CertId {}
- encodeOCSPRequestASN1 :: Certificate -> Certificate -> ([ASN1], CertId)
- encodeOCSPRequest :: Certificate -> Certificate -> (ByteString, CertId)
- data OCSPResponse = OCSPResponse {}
- data OCSPResponseStatus
- data OCSPResponsePayload = OCSPResponsePayload {}
- data OCSPResponseCertData = OCSPResponseCertData {}
- data OCSPResponseCertStatus
- decodeOCSPResponse :: CertId -> ByteString -> Either ASN1Error (Maybe OCSPResponse)
Documentation
Certificate Id.
This data is used when building OCSP requests and parsing OCSP responses.
CertId | |
|
encodeOCSPRequestASN1 Source #
:: Certificate | Certificate |
-> Certificate | Issuer certificate |
-> ([ASN1], CertId) |
Build and encode OCSP request in ASN.1 format.
The returned value contains the encoded request and an object of type
CertId
with hashes calculated by the SHA1 algorithm.
:: Certificate | Certificate |
-> Certificate | Issuer certificate |
-> (ByteString, CertId) |
Build and encode OCSP request in ASN.1/DER format.
The returned value contains the encoded request and an object of type
CertId
with hashes calculated by the SHA1 algorithm.
data OCSPResponse Source #
OCSP response data.
OCSPResponse | |
|
Instances
Show OCSPResponse Source # | |
Defined in Data.X509.OCSP showsPrec :: Int -> OCSPResponse -> ShowS # show :: OCSPResponse -> String # showList :: [OCSPResponse] -> ShowS # | |
Eq OCSPResponse Source # | |
Defined in Data.X509.OCSP (==) :: OCSPResponse -> OCSPResponse -> Bool # (/=) :: OCSPResponse -> OCSPResponse -> Bool # |
data OCSPResponseStatus Source #
Status of OCSP response as defined in rfc6960.
OCSPRespSuccessful | |
OCSPRespMalformedRequest | |
OCSPRespInternalError | |
OCSPRespUnused1 | |
OCSPRespTryLater | |
OCSPRespSigRequired | |
OCSPRespUnauthorized |
Instances
Bounded OCSPResponseStatus Source # | |
Defined in Data.X509.OCSP | |
Enum OCSPResponseStatus Source # | |
Defined in Data.X509.OCSP succ :: OCSPResponseStatus -> OCSPResponseStatus # pred :: OCSPResponseStatus -> OCSPResponseStatus # toEnum :: Int -> OCSPResponseStatus # fromEnum :: OCSPResponseStatus -> Int # enumFrom :: OCSPResponseStatus -> [OCSPResponseStatus] # enumFromThen :: OCSPResponseStatus -> OCSPResponseStatus -> [OCSPResponseStatus] # enumFromTo :: OCSPResponseStatus -> OCSPResponseStatus -> [OCSPResponseStatus] # enumFromThenTo :: OCSPResponseStatus -> OCSPResponseStatus -> OCSPResponseStatus -> [OCSPResponseStatus] # | |
Show OCSPResponseStatus Source # | |
Defined in Data.X509.OCSP showsPrec :: Int -> OCSPResponseStatus -> ShowS # show :: OCSPResponseStatus -> String # showList :: [OCSPResponseStatus] -> ShowS # | |
Eq OCSPResponseStatus Source # | |
Defined in Data.X509.OCSP (==) :: OCSPResponseStatus -> OCSPResponseStatus -> Bool # (/=) :: OCSPResponseStatus -> OCSPResponseStatus -> Bool # |
data OCSPResponsePayload Source #
Payload data of OCSP response.
OCSPResponsePayload | |
|
Instances
Show OCSPResponsePayload Source # | |
Defined in Data.X509.OCSP showsPrec :: Int -> OCSPResponsePayload -> ShowS # show :: OCSPResponsePayload -> String # showList :: [OCSPResponsePayload] -> ShowS # | |
Eq OCSPResponsePayload Source # | |
Defined in Data.X509.OCSP (==) :: OCSPResponsePayload -> OCSPResponsePayload -> Bool # (/=) :: OCSPResponsePayload -> OCSPResponsePayload -> Bool # |
data OCSPResponseCertData Source #
Selected certificate data of OCSP response.
OCSPResponseCertData | |
|
Instances
Show OCSPResponseCertData Source # | |
Defined in Data.X509.OCSP showsPrec :: Int -> OCSPResponseCertData -> ShowS # show :: OCSPResponseCertData -> String # showList :: [OCSPResponseCertData] -> ShowS # | |
Eq OCSPResponseCertData Source # | |
Defined in Data.X509.OCSP (==) :: OCSPResponseCertData -> OCSPResponseCertData -> Bool # (/=) :: OCSPResponseCertData -> OCSPResponseCertData -> Bool # |
data OCSPResponseCertStatus Source #
Certificate status of OCSP response as defined in rfc6960.
Instances
Bounded OCSPResponseCertStatus Source # | |
Defined in Data.X509.OCSP | |
Enum OCSPResponseCertStatus Source # | |
Defined in Data.X509.OCSP succ :: OCSPResponseCertStatus -> OCSPResponseCertStatus # pred :: OCSPResponseCertStatus -> OCSPResponseCertStatus # toEnum :: Int -> OCSPResponseCertStatus # fromEnum :: OCSPResponseCertStatus -> Int # enumFrom :: OCSPResponseCertStatus -> [OCSPResponseCertStatus] # enumFromThen :: OCSPResponseCertStatus -> OCSPResponseCertStatus -> [OCSPResponseCertStatus] # enumFromTo :: OCSPResponseCertStatus -> OCSPResponseCertStatus -> [OCSPResponseCertStatus] # enumFromThenTo :: OCSPResponseCertStatus -> OCSPResponseCertStatus -> OCSPResponseCertStatus -> [OCSPResponseCertStatus] # | |
Show OCSPResponseCertStatus Source # | |
Defined in Data.X509.OCSP showsPrec :: Int -> OCSPResponseCertStatus -> ShowS # show :: OCSPResponseCertStatus -> String # showList :: [OCSPResponseCertStatus] -> ShowS # | |
Eq OCSPResponseCertStatus Source # | |
Defined in Data.X509.OCSP |
:: CertId | Certificate Id |
-> ByteString | OCSP response |
-> Either ASN1Error (Maybe OCSPResponse) |
Decode OCSP response.
The value of the certificate id is expected to be equal to what was
returned by encodeOCSPRequest
as it is used to check the correctness of
the response.
The Left value gets returned on parse errors detected by decodeASN1
.
The Right value with Nothing gets returned on unexpected ASN.1 contents.