Z      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~        !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_]^_]^_ `abcdefghi`fhi`fhijklmnopqrstu lnopqrstu lnopqrstuvwxyz{|}~vwxyzvzyxwwxyz  str% lazilly encodes a stream of data to  Base64. The string doesn'*t have to be finite. Note that the string ( must not contain any letters which aren't in the range of U+0000 -  U+00FF.  bs- strictly encodes a chunk of data to Base64.  lbs% lazilly encodes a stream of data to  Base64. The string doesn't have to be finite.  str' lazilly decodes a stream of data from  Base64. The string doesn't have to be finite.  bs' strictly decodes a chunk of data from  Base64.  lbs' lazilly decodes a stream of data from  Base64. The string doesn't have to be finite. #Convert an integer to a hex string #Convert a hex string to an integer " CryptoMode represents instruction to  and such like.  Cipher5 is an opaque object that represents an algorithm of  symmetric cipher.  name& returns a symmetric cipher algorithm  whose name is name,. If no algorithms are found, the result is  Nothing. , returns a list of name of symmetric cipher  algorithms. FEncrypt a lazy bytestring in a strict manner. Does not leak the keys. Cipher Key IV Encrypt/Decrypt Input 4 lazilly encrypts or decrypts a stream of data. The  input string doesn'!t necessarily have to be finite. algorithm to use symmetric key IV  operation An input string to encrypt/decrypt. Note 0 that the string must not contain any letters  which aren't in the range of U+0000 -  U+00FF. the result string 0 strictly encrypts or decrypts a chunk of data. algorithm to use symmetric key IV  operation input string to encrypt/decrypt the result string 4 lazilly encrypts or decrypts a stream of data. The  input string doesn'!t necessarily have to be finite. algorithm to use symmetric key IV  operation input string to encrypt/decrypt the result string      Digest5 is an opaque object that represents an algorithm of  message digest.    name* returns a message digest algorithm whose  name is name,. If no algorithms are found, the result is  Nothing. !!* returns a list of name of message digest  algorithms. "#$%%+ digests a stream of data. The string must # not contain any letters which aren't in the range of U+0000 -  U+00FF. && digests a chunk of data. '(( digests a stream of data. )HPerform a private key signing using the HMAC template with a given hash 1the hash function to use in the HMAC calculation  the HMAC key the data to be signed resulting HMAC *BCalculate a PKCS5-PBKDF2 SHA1-HMAC suitable for password hashing.  password salt  iterations destination key length destination key  !"#$%&'()* !"#$%&'()* !"#$%&'()*+,-./=Construct a new context which holds the key schedule and IV. *For CTR mode, this must always be Encrypt Key: 128, 192 or 256 bits long IV: 16 bytes long 0HEncrypt some number of blocks using CBC. This is an IO function because ( the context is destructivly updated. context 1input, must be multiple of block size (16 bytes) 1DEncrypt some number of bytes using CTR mode. This is an IO function 0 because the context is destructivly updated. context input, any number of bytes +,-./01,.-+/01+,.--./013BIO is a  ForeignPtr> to an opaque BIO object. They are created by newXXX actions. Computation of  a b connects b behind a.  Example:  do b64 <- newBase64 True  mem <- newMem  bioPush b64 mem  > -- Encode some text in Base64 and write the result to the  -- memory buffer. ! bioWrite b64 "Hello, world!"  bioFlush b64  $ -- Then dump the memory buffer.  bioRead mem >>= putStrLn a  b is an alias to  a b. a  b is an alias to  b a.  [bio1, bio2, ..] connects many BIOs at once.  bio3 normally writes out any internally buffered data, C in some cases it is used to signal EOF and that no more data will  be written.  bio/ typically resets a BIO to some initial state.  bio returns 1 if bio has read EOF, the precise 2 meaning of EOF varies according to the BIO type.  bio lazily reads all data in bio.  bio len attempts to read len bytes from bio, C then return a ByteString. The actual length of result may be less  than len.  bio lazily reads all data in bio, then return a  LazyByteString.  bio len, normally attempts to read one line of data  from bio of maximum length len. There are exceptions to this  however, for example $ on a digest BIO will calculate and 2 return the digest and other BIOs may not support  at all.  does the same as  but returns ByteString.  does the same as  but returns  LazyByteString.  bio str lazily writes entire str to bio. The  string doesn'!t necessarily have to be finite.  bio bs writes bs to bio.  bio lbs lazily writes entire lbs to bio. The  string doesn'!t necessarily have to be finite.  noNL/ creates a Base64 BIO filter. This is a filter E bio that base64 encodes any data written through it and decodes any  data read through it. If noNL; flag is True, the filter encodes the data all on one line , or expects the data to be all on one line. Base64 BIOs do not support . : on a Base64 BIO that is being written through is used to B signal that no more data is to be encoded: this is used to flush " the final block through the BIO.  mBufSize& creates a buffering BIO filter. Data D written to a buffering BIO is buffered and periodically written to A the next BIO in the chain. Data read from a buffering BIO comes ! from the next BIO in the chain. Buffering BIOs support . Calling . on a buffering BIO clears any buffered data. @Question: When I created a BIO chain like this and attempted to B read from the buf, the buffering BIO weirdly behaved: BIO_read() = returned nothing, but both BIO_eof() and BIO_should_retry() 6 returned zero. I tried to examine the source code of  crypto/bio/(bf_buff.c but it was too complicated to ? understand. Does anyone know why this happens? The version of  OpenSSL was 0.9.7l.   main = withOpenSSL $ . do mem <- newConstMem "Hello, world!" $ buf <- newBuffer Nothing  mem ==> buf  < bioRead buf >>= putStrLn -- This fails, but why? 5I am being depressed for this unaccountable failure. Explicit buffer size (Just n ) or the  default size (Nothing).  creates a memory BIO sink/source. Any data written to D a memory BIO can be recalled by reading from it. Unless the memory A BIO is read only any data read from it is deleted from the BIO. Memory BIOs support . Calling / on a read write memory BIO clears any data in B it. On a read only BIO it restores the BIO to its original state + and the read only data can be read again. # is true if no data is in the BIO. BEvery read from a read write memory BIO will remove the data just C read with an internal copy operation, if a BIO contains a lots of ? data and it is read in small chunks the operation can be very E slow. The use of a read only memory BIO avoids this problem. If the 5 BIO must be read write then adding a buffering BIO () to & the chain will speed up the process.  str( creates a read-only memory BIO source.  bs is like  but takes a ByteString.  lbs is like  but takes a  LazyByteString.  creates a null BIO sink/source. Data written to / the null sink is discarded, reads return EOF. @A null sink is useful if, for example, an application wishes to C digest some data by writing through a digest bio but not send the C digested data anywhere. Since a BIO chain must normally include a  source/;sink BIO this can be achieved by adding a null sink BIO to  the end of the chain. 2FReturn a bytestring consisting of the given number of strongly random  bytes the number of bytes requested 3DReturn a bytestring consisting of the given number of pseudo random  bytes the number of bytes requested 4 Add data to the entropy pool. It'$s safe to add sensitive information L (e.g. user passwords etc) to the pool. Also, adding data with an entropy  of 0 can never hurt. $random data to be added to the pool 4the number of bits of entropy in the first argument 234234234*5660 is an opaque object representing a big number. 77 f allocates a 6 and computes f . Then it  frees the 6. 89:Convert a BIGNUM to an Integer ;EThis is a GHC specific, fast conversion between Integers and OpenSSL * bignums. It returns a malloced BigNum. << n f converts n to a 6 and computes f . Then it  frees the 6. =This is an alias to :. >This is an alias to ;. FConvert a BigNum to an MPI: a serialisation of large ints which has a D 4-byte, big endian length followed by the bytes of the number in ! most-significant-first order. DConvert an MPI into a BigNum. See bnToMPI for details of the format ?9Convert an Integer to an MPI. SEe bnToMPI for the format @9Convert an MPI to an Integer. SEe bnToMPI for the format AA a p m computes a to the p-th power modulo m. B/Return a strongly random number in the range 0 <= x < n where the given ! filter function returns true. a filter function one plus the upper limit C&Return a random number in the range 0 <= x < n where the given ! filter function returns true. a filter function one plus the upper limit D/Return a strongly random number in the range 0 <= x < n E/Return a strongly random number in the range 0 < x < n F&Return a random number in the range 0 <= x < n G&Return a random number in the range 0 < x < n 56789:;<=>?@ABCDEFG657<>98=;:?@ABCDFEG56789:;<=>?@ABCDEFG%HH a is either S or R. IReturn the length of key. J+Return the public prime number of the key. K$Return the public 160-bit subprime,  q | p - 1 of the key. L4Return the public generator of subgroup of the key. MReturn the public key y = g^x. NOPQRLThe type of a DSA keypair, includes parameters p, q, g, public and private. SFThe type of a DSA public key, includes parameters p, q, g and public.      TIGenerate DSA parameters (*not* a key, but required for a key). This is a L compute intensive operation. See FIPS 186-2, app 2. This agrees with the * test vectors given in FIP 186-2, app 5 /The number of bits in the generated prime: 512 <= x <= 1024 +optional seed, its length must be 20 bytes ,(iteration count, generator count, p, q, g) U3Generate a new DSA keypair, given valid parameters p q g VReturn the private key x. W<Convert a DSAPubKey object to a tuple of its members in the  order p, q, g, and public. X=Convert a DSAKeyPair object to a tuple of its members in the & order p, q, g, public and private. Y7Convert a tuple of members (in the same format as from  W) into a DSAPubKey object Z7Convert a tuple of members (in the same format as from  W) into a DSAPubKey object [KA utility function to generate both the parameters and the key pair at the E same time. Saves serialising and deserialising the parameters too /The number of bits in the generated prime: 512 <= x <= 1024 +optional seed, its length must be 20 bytes \JSign pre-digested data. The DSA specs call for SHA1 to be used so, if you L use anything else, YMMV. Returns a pair of Integers which, together, are  the signature ],Verify pre-digested data given a signature. HIJKLMNOPQRSTUVWXYZ[\]HIJKLMNOPSRQTU[\]VWXYZHIJKLMNOPIJKLMNOPQRSTUVWXYZ[\] !^^' represents a callback function to get . informed the progress of RSA key generation.   callback 0 i is called after generating the i-th potential  prime number. 1 While the number is being tested for primality,  callback 1 j is  called after the j-th iteration (j = 0, 1, ...).  When the n0-th randomly generated prime is rejected as not  suitable for the key,  callback 2 n is called.  When a random p has been found with p-1 relatively prime to  e, it is called as  callback 3 0. ( The process is then repeated for prime q with  callback 3 1. __ a is either h or g. `` key returns the length of key. aa key( returns the public modulus of the key. bb key) returns the public exponent of the key. cdefgg2 is an opaque object that represents RSA keypair. hh5 is an opaque object that represents RSA public key. i7Make a copy of the public parameters of the given key. jkk generates an RSA keypair. )The number of bits of the public modulus # (i.e. key size). Key sizes with n <  1024 should be considered insecure. "The public exponent. It is an odd % number, typically 3, 17 or 65537. A callback function. The generated keypair. lA simplified alternative to k )The number of bits of the public modulus # (i.e. key size). Key sizes with n <  1024 should be considered insecure. "The public exponent. It is an odd % number, typically 3, 17 or 65537. The generated keypair.  !mm privKey* returns the private exponent of the key. nn privkey! returns the secret prime factor p of the key. oo privkey! returns the secret prime factor q of the key. pp privkey returns  d mod (p-1) of the key. qq privkey returns  d mod (q-1) of the key. rr privkey returns  q^-1 mod p of the key. ^_`abcdefghijklmnopqr_`abcdehgf^klmnopqrij^_`abcde`abcdefghijklmnopqr #s?This is an opaque type to hold an arbitrary keypair in it. The 2 actual key type can be safelly type-casted using w. "tBThis is an opaque type to hold an arbitrary public key in it. The 2 actual key type can be safelly type-casted using z. #uCInstances of this class has both of public and private portions of  a keypair. v0Wrap an arbitrary keypair into polymorphic type s. wCast from the polymorphic type s to the concrete  type. Return $ if failed. x9Instances of this class has at least public portion of a 8 keypair. They might or might not have the private key. y3Wrap an arbitrary public key into polymorphic type  t. zCast from the polymorphic type t to the concrete  type. Return $ if failed. {|}~%&'()*+,-./012stuvwxyz{|}~xyzuvwts{|}~stuvwvwxyzyz{|}~|}~ 345 lazilly decrypts a stream of data. The input string  doesn'!t necessarily have to be finite. "symmetric cipher algorithm to use 4encrypted symmetric key to decrypt the input string IV )private key to decrypt the symmetric key input string to decrypt decrypted string  decrypts a chunk of data. "symmetric cipher algorithm to use 4encrypted symmetric key to decrypt the input string IV )private key to decrypt the symmetric key input string to decrypt decrypted string 5 lazilly decrypts a stream of data. The input string  doesn'!t necessarily have to be finite. "symmetric cipher algorithm to use 4encrypted symmetric key to decrypt the input string IV )private key to decrypt the symmetric key input string to decrypt decrypted string  565 lazilly encrypts a stream of data. The input string  doesn'!t necessarily have to be finite. "symmetric cipher algorithm to use #A list of public keys to encrypt a * symmetric key. At least one public key - must be supplied. If two or more keys are - given, the symmetric key are encrypted by ' each public keys so that any of the * corresponding private keys can decrypt  the message. input string to encrypt (encrypted string, list of  encrypted asymmetric keys,  IV) $ strictly encrypts a chunk of data. "symmetric cipher algorithm to use !list of public keys to encrypt a  symmetric key input string to encrypt (encrypted string,  list of encrypted  asymmetric keys, IV) 5 lazilly encrypts a stream of data. The input string  doesn'!t necessarily have to be finite. "symmetric cipher algorithm to use !list of public keys to encrypt a  symmetric key input string to encrypt  (encrypted  string, list of  encrypted  asymmetric keys,  IV)  79 generates a signature from a stream of data. The string ( must not contain any letters which aren't in the range of U+0000 -  U+00FF.  message digest algorithm to use 'private key to sign the message digest  input string the result signature - generates a signature from a chunk of data.  message digest algorithm to use 'private key to sign the message digest  input string the result signature . generates a signature from a stream of data.  message digest algorithm to use 'private key to sign the message digest  input string the result signature & represents a result of verification. 897 verifies a signature and a stream of data. The string ( must not contain any letters which aren't in the range of U+0000 -  U+00FF.  message digest algorithm to use message signature #public key to verify the signature input string to verify the result of verification + verifies a signature and a chunk of data.  message digest algorithm to use message signature #public key to verify the signature input string to verify the result of verification + verifies a signature of a stream of data.  message digest algorithm to use message signature #public key to verify the signature input string to verify the result of verification :;<=>?@A gen n generates n-bit long DH parameters. $Get DH parameters length (in bits). 'Check that DH parameters are coherent. IThe first step of a key exchange. Public and private keys are generated. "Get parameters of a key exchange. Get the public key. ,Compute the shared key using the other party's public key.   BCDEFGHIJKLMNOPQRSTUVWXY BCDEPQRSTVWY BCDEPQRSTVWY Z[\]^_`abcde[cde[cde28 is an opaque object that represents X.509 certificate. fghijklmnopqrstuvwxyz{|0 creates an empty certificate. You must set the * following properties to and sign it (see ) to actually  use the certificate. Version See .  Serial number See .  Issuer name See .  Subject name See . Validity See  and .  Public Key See .  cert1 cert2 compares two certificates. 1 signs a certificate with an issuer private key. The certificate to be signed. The private key to sign with. A hashing algorithm to use. If Nothing + the most suitable algorithm for the key  is automatically used. 4 verifies a signature of certificate with an issuer  public key.  The certificate to be verified. The public key to verify with.  cert. translates a certificate into human-readable  format.  cert/ returns the version number of certificate. It 9 seems the number is 0-origin: version 2 means X.509 v3.  cert ver, updates the version number of certificate.  cert+ returns the serial number of certificate.  cert num updates the serial number of  certificate. ) returns the issuer name of certificate. The certificate to examine. True$ if you want the keys of each parts  to be of long form (e.g. " commonName"),  or False if you don't (e.g. "CN"). Pairs of key and value,  for example [("C",  "JP"), ("ST",  " Some-State"), ...].  cert name updates the issuer name of E certificate. Keys of each parts may be of either long form or short  form. See .  cert wantLongName returns the subject name of  certificate. See .  cert name updates the subject name of  certificate. See .  cert. returns the time when the certificate begins  to be valid.  cert utc' updates the time when the certificate  begins to be valid.  cert' returns the time when the certificate  expires.  cert utc' updates the time when the certificate  expires.  cert* returns the public key of the subject of  certificate.  cert pubkey' updates the public key of the subject  of certificate.  cert* returns every subject email addresses in  the certificate. ) is an opaque object that represents PKCS#10  certificate request. }~4 creates an empty certificate request. You must set . the following properties to and sign it (see ) to ' actually use the certificate request. Version See .  Subject Name See .  Public Key See . 4 signs a certificate request with a subject private  key. The request to be signed. The private key to sign with. A hashing algorithm to use. If  Nothing the most suitable algorithm & for the key is automatically used. 2 verifies a signature of certificate request with  a subject public key. The request to be verified. The public key to verify with.  req' translates a certificate request into  human-readable format.  req+ returns the version number of certificate  request.  req ver+ updates the version number of certificate  request.  req wantLongName returns the subject name of  certificate request. See OpenSSL.X509.getSubjectName of   OpenSSL.X509.  req name updates the subject name of  certificate request. See OpenSSL.X509.setSubjectName of   OpenSSL.X509.  req* returns the public key of the subject of  certificate request.  req* updates the public key of the subject of  certificate request.  req cert$ creates an empty X.509 certificate E and copies as much data from the request as possible. The resulting  certificate doesn'$t have the following data and it isn' t signed so * you must fill them and sign it yourself.  Serial number % Validity (Not Before and Not After)  Example:  import Data.Time.Clock  D genCert :: X509 -> EvpPKey -> Integer -> Int -> X509Req -> IO X509 & genCert caCert caKey serial days req - = do cert <- makeX509FromReq req caCert ! now <- getCurrentTime & setSerialNumber cert serial 2 setNotBefore cert $ addUTCTime (-1) now C setNotAfter cert $ addUTCTime (days * 24 * 60 * 60) now & signX509 cert caKey Nothing  return cert 1' represents a revoked certificate in a ? list. Each certificates are supposed to be distinguishable by A issuer name and serial number, so it is sufficient to have only  serial number on each entries. < is an opaque object that represents Certificate Revocation  List. 4 creates an empty revocation list. You must set the * following properties to and sign it (see ) to actually use E the revocation list. If you have any certificates to be listed, you  must of course add them (see ) before signing the list. Version See .  Last Update See .  Next Update See .  Issuer Name See . 5 signs a revocation list with an issuer private key. "The revocation list to be signed. The private key to sign with. A hashing algorithm to use. If Nothing + the most suitable algorithm for the key  is automatically used. 1 verifies a signature of revocation list with an  issuer public key. 2 translates a revocation list into human-readable  format.  crl0 returns the version number of revocation list.  crl ver* updates the version number of revocation  list.  crl+ returns the time when the revocation list  has last been updated.  crl utc& updates the time when the revocation  list has last been updated.  crl+ returns the time when the revocation list  will next be updated.  crl utc& updates the time when the revocation  list will next be updated.  crl wantLongName returns the issuer name of  revocation list. See OpenSSL.X509.getIssuerName of   OpenSSL.X509.  crl name' updates the issuer name of revocation  list. See OpenSSL.X509.setIssuerName of  OpenSSL.X509.  crl+ returns the list of revoked certificates.  crl revoked' add the certificate to the revocation  list.  crl serial( looks up the corresponding revocation.  crl0 sorts the certificates in the revocation list. + is an opaque object that represents X.509 D certificate store. The certificate store is usually used for chain  verification. + creates an empty X.509 certificate store.  store cert adds a certificate to store.  store crl" adds a revocation list to store.  , represents a result of PKCS#7  verification. See . Nothing if the PKCS#7  signature was a detached  signature, and  Just content  if it wasn't. 4 is a set of flags that are used in many operations  related to PKCS#7.  represents an abstract PKCS#7 structure. The concrete A type of structure is hidden in the object: such polymorphism isn't E very haskellish but please get it out of your mind since OpenSSL is  written in C.  creates a PKCS#7 signedData structure. certificate to sign with corresponding private key (optional additional set of certificates  to include in the PKCS#7 structure (for ' example any intermediate CAs in the  chain) data to be signed An optional set of flags:  Many S/ MIME clients ( expect the signed content to include  valid MIME headers. If the  % flag is set MIME headers for type  "text/plain" are prepended to the  data.  If  is  set the signer's certificate will not be  included in the PKCS#7 structure, the  signer's certificate must still be * supplied in the parameter though. This + can reduce the size of the signature if  the signer's certificate can be obtained , by other means: for example a previously  signed message.  The data being signed  is included in the PKCS# 7 structure,  unless  is set in which ( case it is ommited. This is used for  PKCS# 7 detached signatures which are  used in S/MIME plaintext signed message  for example.  Normally the supplied # content is translated into MIME ( canonical format (as required by the  S/MIME specifications) but if   is set no translation ) occurs. This option should be uesd if ) the supplied data is in binary format * otherwise the translation will corrupt  it.   The signedData " structure includes several PKCS#7 ) authenticatedAttributes including the  signing time, the PKCS#7 content type + and the supported list of ciphers in an # SMIMECapabilities attribute. If   is set then no , authenticatedAttributes will be used. If ( Pkcs7NoSmimeCap is set then just the " SMIMECapabilities are omitted.  verifies a PKCS#7 signedData structure. A PKCS#7 structure to verify.  Set of certificates in which to  search for the signer's  certificate.  Trusted certificate store (used  for chain verification). "Signed data if the content is not  present in the PKCS# 7 structure  (that is it is detached). An optional set of flags:  If   is set the & certificates in the message itself & are not searched when locating the  signer's certificate. This means % that all the signers certificates " must be in the second argument  ([]).  If the  % flag is set MIME headers for type  "text/plain" are deleted from & the content. If the content is not  of type "text/plain" then an  error is returned.  If   is set the  signer's certificates are not  chain verified.  If   is set then the certificates $ contained in the message are not % used as untrusted CAs. This means & that the whole verify chain (apart  from the signer's certificate) $ must be contained in the trusted  store.  If  % is set then the signatures on the  data are not checked.  creates a PKCS#7 envelopedData structure. "A list of recipient certificates. The content to be encrypted. The symmetric cipher to use. An optional set of flags:  If the  flag  is set MIME headers for type  "text/plain" are prepended to the  data.  Normally the supplied # content is translated into MIME ( canonical format (as required by the  S/MIME specifications) if   is set no translation ) occurs. This option should be used if ) the supplied data is in binary format " otherwise the translation will  corrupt it. If  is set  then  is ignored.  decrypts content from PKCS#7 envelopedData  structure. The PKCS#7 structure to decrypt. "The private key of the recipient.  The recipient's certificate. An optional set of flags:  If the  flag  is set MIME headers for type  "text/plain" are deleted from the % content. If the content is not of  type "text/plain" then an error is  thrown. The decrypted content.  writes PKCS#7 structure to S/MIME message. A PKCS#7 structure to be written. If cleartext signing  (multipart/signed) is being used then * the signed data must be supplied here. An optional set of flags:  If  ) is set then cleartext signing will be * used, this option only makes sense for  signedData where  is  also set when  is also  called.  If the  flag  is set MIME headers for type  "text/plain" are added to the % content, this only makes sense if   is also set.  The result S/MIME message.  parses S/MIME message. The message to be read. (The result PKCS#7  structure,  Just content  if the PKCS#7 structure was  a cleartext signature and  Nothing if it wasn't.)  > represents format of PKCS#10 certificate  request.  The old format, whose header is " CERTIFICATE  REQUEST".   The new format, whose header is "NEW  CERTIFICATE REQUEST".   & represents a way to supply password. ,FIXME: using PwTTY causes an error but I don' t know why:  ":error:0906406D:PEM routines:DEF_CALLBACK:problems getting  password"  read a password from TTY  get a  password  by a  callback  !password in a static bytestring. password in a static string  no password  represents a context of  . The callback was called to get  a password to encrypt  something. The callback was called to get  a password to read something  encrypted. , represents a callback function to supply a  password. Int4 The maximum length of the password to be accepted. PemPasswordRWState The context.  IO String The resulting password. ' writes a private key to PEM string in  PKCS# 8 format. private key to write Either (symmetric cipher  algorithm, password  supply) or Nothing. If  Nothing is given the  private key is not  encrypted. the result PEM string  pem supply$ reads a private key in PEM string.  pubkey writes a public to PEM string.  pem# reads a public key in PEM string.  cert, writes an X.509 certificate to PEM string.  pem+ reads an X.509 certificate in PEM string.  writes a PKCS#10 certificate request to PEM  string. request format the result PEM string  reads a PKCS#&10 certificate request in PEM string.  crl- writes a Certificate Revocation List to PEM  string.  pem4 reads a Certificate Revocation List in PEM string.  p7 writes a PKCS#7 structure to PEM string.  pem reads a PKCS#7 structure in PEM string.    dh% writes DH parameters to PEM string. !! pem$ reads DH parameters in PEM string.       !      !          !o"@SSL_get_error() returned an error code which is unknown to this  library. #$:A failure in the SSL library occurred, usually a protocol A error. The OpenSSL error queue contains more information on the  error. %Some I/6O error occurred. The OpenSSL error queue may contain < more information on the error. If the error queue is empty D (i.e. ERR_get_error() returns 0), ret can be used to find out more E about the error: If ret == 0, an EOF was observed that violates the 9 protocol. If ret == -1, the underlying BIO reported an I/O error  (for socket I//O on Unix systems, consult errno for details). &?The operation did not complete because an application callback < set by SSL_CTX_set_client_cert_cb() has asked to be called  again. The TLS/SSL I/"O function should be called again + later. Details depend on the application. ',The operation did not complete; the same TLS/SSL I/ O function = should be called again later. The underlying socket was not 7 connected yet to the peer and the call would block in K. The < SSL function should be called again when the connection is 0 established. This message can only appear with K. (,The operation did not complete; the same TLS/SSL I/ O function = should be called again later. The underlying socket was not 7 connected yet to the peer and the call would block in  M3. The SSL function should be called again when the > connection is established. This message can only appear with  M. )AThe peer uncleanly terminated the connection without sending the  " close notify" alert. *The TLS/8SSL connection has been closed. If the protocol version ? is SSL 3.0 or TLS 1.0, this result code is returned only if a D closure alert has occurred in the protocol, i.e. if the connection 1 has been closed cleanly. Note that in this case  *( does not necessarily indicate that the ' underlying transport has been closed. +0The root exception type for all SSL exceptions. ,-only send our shutdown .#wait for the peer to also shutdown /IThis is the type of an SSL IO operation. EOF and termination are handled J by exceptions while everything else is one of these. Note that reading > from an SSL socket can result in WantWrite and vice versa. 0!needs more outgoing buffer space 1!needs more data from the network 2 operation finished successfully 3&This is the type of an SSL connection GSSL objects are not thread safe, so they carry a QSem around with them N which only lets a single thread work inside them at a time. Thus, one must < always use withSSL, rather than withForeignPtr directly. JIO with SSL objects is non-blocking and many SSL functions return a error L code which signifies that it needs to read or write more data. We handle J these calls and call threadWaitRead and threadWaitWrite at the correct * times. Thus multiple OS threads can be  inside IO in the same SSL & object at a time, because they aren'%t really in the SSL object, they are 3 waiting for the RTS to wake the Haskell thread. 4Get the underlying socket Fd 5,Get the socket underlying an SSL connection 6See  7http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html 78is a certificate required 9!only request once per connection :optional callback ;<=An SSL context. Contexts carry configuration such as a server' s private I key, root CA certiifcates etc. Contexts are stateful IO objects; they L start empty and various options are set on them by the functions in this N module. Note that an empty context will pretty much cause any operation to  fail since it doesn'!t even have any ciphers enabled. GContexts are not thread safe so they carry a QSem with them which only N lets a single thread work inside them at a time. Thus, one must always use - withContext, not withForeignPtr directly.  =Create a new SSL context.  FRun the given action with the raw context pointer and obtain the lock  while doing so.   >&Install a private key into a context. ?3Install a certificate (public key) into a context. @KInstall a private key file in a context. The key is given as a path to the M file which contains the key. The file is parsed first as PEM and, if that 9 fails, as ASN1. If both fail, an exception is raised. AJInstall a certificate (public key) file in a context. The key is given as N a path to the file which contains the key. The file is parsed first as PEM F and, if that fails, as ASN1. If both fail, an exception is raised. BJSet the ciphers to be used by the given context. The string argument is a 1 list of ciphers, comma separated, as given at  http:www.openssl.orgdocsapps/ ciphers.html BUnrecognised ciphers are ignored. If no ciphers from the list are ' recognised, an exception is raised. CDKReturn true iff the private key installed in the given context matches the  certificate also installed. EFJSet the location of a PEM encoded list of CA certificates to be used when  verifying a server's certificate GCSet the path to a directory which contains the PEM encoded CA root + certificates. This is an alternative to F. See   Bhttp://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html for % details of the file naming scheme HAGet a reference to, not a copy of, the X.509 certificate storage  in the SSL context.  IFWrap a Socket in an SSL connection. Reading and writing to the Socket F after this will cause weird errors in the SSL code. The SSL object J carries a handle to the Socket so you need not worry about the garbage = collector closing the file descriptor out from under you. J'Wrap a socket Fd in an SSL connection. 'Block until the operation is finished. IPerform an SSL operation which can return non-blocking error codes, thus K requesting that the operation be performed when data or buffer space is  availible. K Perform an SSL server handshake L8Try to perform an SSL server handshake without blocking M Perform an SSL client handshake N8Try to perform an SSL client handshake without blocking CPerform an SSL operation which operates of a buffer and can return M non-blocking error codes, thus requesting that it be performed again when + more data or buffer space is availible. JNote that these SSL functions generally require that the arguments to the N repeated call be exactly the same. This presents an issue because multiple N threads could try writing at the same time (with different buffers) so the M calling function should probably hold the lock on the SSL object over the ' whole time (include repeated calls) the SSL IO function to call the buffer to pass the length to pass OHTry to read the given number of bytes from an SSL connection. On EOF an K empty ByteString is returned. If the connection dies without a graceful ) SSL shutdown, an exception is raised. P=Try to read the given number of bytes from an SSL connection  without blocking. QGWrite a given ByteString to the SSL connection. Either all the data is 9 written or an exception is raised because of an error RHTry to write a given ByteString to the SSL connection without blocking. S@Lazily read all data until reaching EOF. If the connection dies < without a graceful SSL shutdown, an exception is raised. T>Write a lazy ByteString to the SSL connection. In contrast to  Q;, there is a chance that the string is written partway and = then an exception is raised for an error. The string doesn't " necessarily have to be finite. UECleanly shutdown an SSL connection. Note that SSL has a concept of a L secure shutdown, which is distinct from just closing the TCP connection. < This performs the former and should always be preferred. GThis can either just send a shutdown, or can send and wait for the peer's  shutdown message. V<Try to cleanly shutdown an SSL connection without blocking. WJAfter a successful connection, get the certificate of the other party. If 0 this is a server connection, you probably won't get a certificate unless 4 you asked for it with contextSetVerificationMode X#Get the result of verifing the peer'"s certificate. This is mostly for L clients to verify the certificate of the server that they have connected L it. You must set a list of root CA certificates with contextSetCA... for  this to make sense. (Note that this returns True iff the peer' s certificate has a valid chain N to a root CA. You also need to check that the certificate is correct (i.e. < has the correct hostname in it) with getPeerCertificate. 7"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWX9<=>?@ABCD6;789:EFGH345/210IJKLMNOPQRSTUV,.-WX54+*)('&%$"#7"##$%&'()*+,.--./210012345456;789:789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYComputation of Y action initializes the OpenSSL  library and computes action. Every applications that use < HsOpenSSL must wrap any operations related to OpenSSL with  Y, or they might crash.  module Main where  import OpenSSL   main :: IO ()  main = withOpenSSL $  do ... YYY !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKL)*MNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{ | } ~                 !"#$%&'()*+,-./01234556789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{ !|}~,.<>3KTpq                         ! " # $ % & ' ( ) * + , - ./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmn_`efkln[\opiqrstuvghwxyzkln[\{|}~[\6789:;<=ENHsOpenSSL-0.10.1 OpenSSL.DHOpenSSL.EVP.Base64OpenSSL.EVP.CipherOpenSSL.EVP.DigestOpenSSL.CipherOpenSSL.Random OpenSSL.BN OpenSSL.DSA OpenSSL.RSAOpenSSL.EVP.PKeyOpenSSL.EVP.OpenOpenSSL.EVP.SealOpenSSL.EVP.SignOpenSSL.EVP.Verify OpenSSL.X509OpenSSL.X509.RequestOpenSSL.X509.RevocationOpenSSL.X509.Store OpenSSL.PKCS7 OpenSSL.PEMOpenSSL.SessionOpenSSL OpenSSL.ERR OpenSSL.StackOpenSSL.DH.InternalOpenSSL.Objects OpenSSL.Utils OpenSSL.BIO OpenSSL.ASN1OpenSSL.X509.Name OpenSSL.SSLDHDHP encodeBase64encodeBase64BSencodeBase64LBS decodeBase64decodeBase64BSdecodeBase64LBS CryptoModeDecryptEncryptEVP_CIPHER_CTX CipherCtx EVP_CIPHERCipher withCipherPtrgetCipherByNamegetCipherNamescipherIvLengthnewCtxwithCipherCtxPtrcipherStrictLBSciphercipherBS cipherLBScipherStrictly cipherLazily EVP_MD_CTX DigestCtxEVP_MDDigest withMDPtrgetDigestByNamegetDigestNameswithDigestCtxPtrdigestStrictly digestLazilydigestdigestBS digestBS' digestLBShmacBSpkcs5_pbkdf2_hmac_sha1AESCtxMode newAESCtxaesCBCaesCTR randBytes prandBytesaddBIGNUMBigNumallocaBNunwrapBNwrapBN bnToInteger integerToBNwithBNpeekBNnewBN integerToMPI mpiToIntegermodexp randIntegerUptoNMinusOneSuchThat!prandIntegerUptoNMinusOneSuchThatrandIntegerZeroToNMinusOnerandIntegerOneToNMinusOneprandIntegerZeroToNMinusOneprandIntegerOneToNMinusOneDSAKeydsaSizedsaPdsaQdsaG dsaPublic withDSAPtr peekDSAPtr absorbDSAPtrDSA DSAKeyPair DSAPubKeygenerateDSAParametersgenerateDSAKey dsaPrivatedsaPubKeyToTupledsaKeyPairToTupletupleToDSAPubKeytupleToDSAKeyPairgenerateDSAParametersAndKeysignDigestedDataWithDSAverifyDigestedDataWithDSARSAGenKeyCallbackRSAKeyrsaSizersaNrsaE withRSAPtr peekRSAPtr absorbRSAPtrRSA RSAKeyPair RSAPubKey rsaCopyPublicrsaKeyPairFinalizegenerateRSAKeygenerateRSAKey'rsaDrsaPrsaQrsaDMP1rsaDMQ1rsaIQMP SomeKeyPair SomePublicKeyKeyPair fromKeyPair toKeyPair PublicKey fromPublicKey toPublicKeyPKeytoPKeyfromPKeypkeySize pkeyDefaultMDEVP_PKEY wrapPKeyPtr withPKeyPtr' withPKeyPtrunsafePKeyToPtr touchPKeyopenopenBSopenLBSsealsealBSsealLBS signFinalsignsignBSsignLBS VerifyStatus VerifyFailure VerifySuccessverifyverifyBS verifyLBSDHGenDHGen5DHGen2 genDHParams getDHLength checkDHParamsgenDH getDHParamsgetDHPublicKey computeDHKeyX509_X509newX509wrapX509 withX509Ptr withX509StackunsafeX509ToPtr touchX509 compareX509signX509 verifyX509 printX509 getVersion setVersiongetSerialNumbersetSerialNumber getIssuerName setIssuerNamegetSubjectNamesetSubjectName getNotBefore setNotBefore getNotAfter setNotAfter getPublicKey setPublicKeygetSubjectEmailX509_REQX509Req newX509Req wrapX509ReqwithX509ReqPtr signX509Req verifyX509Req printX509ReqmakeX509FromReqRevokedCertificaterevSerialNumberrevRevocationDateX509_CRLCRLnewCRLwrapCRL withCRLPtrsignCRL verifyCRLprintCRL getLastUpdate setLastUpdate getNextUpdate setNextUpdategetRevokedList addRevoked getRevokedsortCRL X509StoreCtxX509_STORE_CTX X509_STORE X509Store newX509Store wrapX509StorewithX509StorePtraddCertToStore addCRLToStorewithX509StoreCtxPtrwrapX509StoreCtxPkcs7VerifyStatusPkcs7VerifyFailurePkcs7VerifySuccess Pkcs7Flag Pkcs7CRLFEOLPkcs7NoOldMimeTypePkcs7NoSmimeCap Pkcs7NoAttr Pkcs7Binary Pkcs7Detached Pkcs7NoVerify Pkcs7NoIntern Pkcs7NoChain Pkcs7NoSigs Pkcs7NoCerts Pkcs7TextPKCS7Pkcs7 wrapPkcs7Ptr withPkcs7Ptr pkcs7Sign pkcs7Verify pkcs7Encrypt pkcs7Decrypt writeSmime readSmimePemX509ReqFormat ReqOldFormat ReqNewFormatPemPasswordSupplyPwTTY PwCallbackPwBSPwStrPwNonePemPasswordRWStatePwWritePwReadPemPasswordCallbackwritePKCS8PrivateKeyreadPrivateKeywritePublicKey readPublicKey writeX509readX509 writeX509Req readX509ReqwriteCRLreadCRL writePkcs7 readPkcs7 writeDHParams readDHParams UnknownError ProtocolError SSLIOErrorWantX509Lookup WantAccept WantConnectConnectionAbruptlyTerminatedConnectionCleanlyClosedSomeSSLException ShutdownTypeUnidirectional Bidirectional SSLResult WantWriteWantReadSSLDoneSSLsslFd sslSocketVerificationMode VerifyPeervpFailIfNoPeerCert vpClientOnce vpCallback VerifyNone SSLContextcontextcontextSetPrivateKeycontextSetCertificatecontextSetPrivateKeyFilecontextSetCertificateFilecontextSetCipherscontextSetDefaultCipherscontextCheckPrivateKeycontextSetVerificationModecontextSetCAFilecontextSetCADirectorycontextGetCAStore connection fdConnectionaccept tryAcceptconnect tryConnectreadtryReadwritetryWritelazyRead lazyWriteshutdown tryShutdowngetPeerCertificategetVerifyResult withOpenSSL _error_string _peek_error _get_errorgetError peekError errorStringSTACKskValueskNumskPushskFree skNewNullmapStacknewStack withStackwithForeignStackDH__DH_free withDHPPtrwrapDHPPtrWith wrapDHPPtr withDHPtr wrapDHPtrWith wrapDHPtrasDHasDHP ObjNameTypeCompMethodTypePKeyMethodTypeCipherMethodType MDMethodType DoAllCallbackOBJ_NAMEObjNamemkDoAllCallback_NAME_do_all_sorted _NAME_do_allobjNameTypeToIntiterateObjNames objNameStr getObjNames _DecodeBlock _EncodeBlock nextBlock encodeBlock decodeBlock failIfNull failIfNull_failIffailIf_raiseOpenSSLErrortoHexfromHexpeekCStringCLen _CipherFinal _CipherUpdate _CipherInit_ctx_block_size _ctx_cleanup' _ctx_cleanup _ctx_init _iv_length_get_cipherbynamecryptoModeToInt cipherInitcipherUpdateBS cipherFinalBS_PKCS5_PBKDF2_HMAC_SHA1_HMAC _DigestFinal _DigestUpdate _DigestInit_get_digestbyname digestInitdigestUpdateBS digestFinal digestFinalBSAES_KEY_free_AES_ctr_encrypt_AES_cbc_encrypt_AES_set_decrypt_key_AES_set_encrypt_key_memset_memcpy modeToIntBIO_BIO BIO_METHODs_null _new_mem_bufs_mem_set_buffer_sizef_buffer_FLAGS_BASE64_NO_NLf_base64_write_gets_read_eof_reset_flush _should_retry _set_flags_push_newnew wrapBioPtr withBioPtr withBioPtr'bioPush==><==bioJoinsetFlagsbioShouldRetrybioFlushbioResetbioEOFbioRead bioReadBS bioReadLBSbioGets bioGetsBS bioGetsLBSbioWrite bioWriteBS bioWriteLBS newBase64 newBuffernewMem newConstMem newConstMemBSnewConstMemLBS newNullBIO _RAND_add_RAND_pseudo_bytes _RAND_bytesBNCTXBNCtxMBA ByteArrayBA_BN_pseudo_rand_range_BN_rand_range _BN_ctx_free _BN_ctx_new_mod_exp_mpi2bn_bn2mpi _copy_out_copy_in newByteArrayfreezeByteArraybnToMPImpiToBN withBNCtx_size_privDup_pubDup_generate_params _dsa_verify _dsa_sign_dsa_generate_key_dsa_new_bn_freedsa_freehasDSAPrivateKeypeekIRSAGenKeyCallback' _generate_keymkGenKeyCallbackhasRSAPrivateKeypeekMIbase Data.MaybeNothing VaguePKey _set1_DSA _get1_DSA _set1_RSA _get1_RSA _pkey_free _pkey_newwithConcretePubKeywithConcreteKeyPair rsaToPKey rsaFromPKey dsaToPKey dsaFromPKey _OpenInitopenInit _SealInitsealInit _SignFinal _VerifyFinal verifyFinalBS _DH_length_DH_get_pub_key_DH_dup_DH_size _DH_check_DH_compute_key_DH_generate_key_DH_generate_parameters ASN1_TIME ASN1_INTEGER ASN1_STRING ASN1_OBJECT_ASN1_TIME_print_ASN1_TIME_set_ASN1_TIME_free_ASN1_TIME_new_BN_to_ASN1_INTEGER_ASN1_INTEGER_to_BN_ASN1_INTEGER_free_ASN1_INTEGER_new_nid2ln_nid2snobj2nidnid2snnid2lnpeekASN1StringpeekASN1IntegerallocaASN1IntegerwithASN1Integer peekASN1TimeallocaASN1Time withASN1TimeX509_NAME_ENTRY X509_NAME_ENTRY_get_data_ENTRY_get_object _get_entry _entry_count_add_entry_by_txtallocaX509Name withX509Name peekX509Name_verify_sign _email_free _get1_email _set_pubkey _get_pubkey _set_notAfter _get_notAfter_set_notBefore_get_notBefore_set_subject_name_get_subject_name_set_issuer_name_get_issuer_name_set_serialNumber_get_serialNumber _set_version _get_version_cmp_print X509_REVOKED_set_revocationDate freeRevoked _new_revoked_sort_get0_by_serial _add0_revoked _get_REVOKED_set_nextUpdate_get_nextUpdate_set_lastUpdate_get_lastUpdate peekRevoked newRevoked_add_crl _add_cert_SMIME_read_PKCS7_SMIME_write_PKCS7_decrypt_encrypt _is_detached flagToInt flagListToIntisDetachedSignature pkcs7Sign' pkcs7Verify' pkcs7Encrypt' pkcs7Decrypt' writeSmime' readSmime'PemPasswordCallback'memset _read_bio_DH _write_bio_DH_read_bio_PKCS7_write_bio_PKCS7_read_bio_X509_CRL_write_bio_X509_CRL_read_bio_X509_REQ_write_bio_X509_REQ_NEW_write_bio_X509_REQ_read_bio_X509_AUX_write_bio_X509_AUX_read_bio_PUBKEY_write_bio_PUBKEY_read_bio_PrivateKey_write_bio_PKCS8PrivateKeymkPemPasswordCallback rwflagToStatecallPasswordCBwritePKCS8PrivateKey'readPrivateKey'writePublicKey'readPublicKey' writeX509' readX509' writeX509Req' readX509Req' writeCRL'readCRL' writePkcs7' readPkcs7'writeDHParams' readDHParams'withBSGHC.IOblockedsslSemsslPtrSSL_ SSLMethod_ctxSemctxPtrctxVfCb SSLContext_VerifyCb_ssl_get_verify_result_ssl_get_peer_cert _ssl_shutdown _ssl_write_ssl_get_shutdown _ssl_read_ssl_get_error _ssl_connect _ssl_accept _ssl_set_fd _ssl_free_ssl_new_ssl_get_cert_store_ssl_load_verify_locations_ssl_set_verify_mode_ssl_ctx_check_private_key_ssl_ctx_set_cipher_list_ssl_ctx_use_certificate_file_ssl_ctx_use_privatekey_file_ssl_ctx_use_certificate_ssl_ctx_use_privatekey _ssl_method _ssl_ctx_free _ssl_ctx_new mkVerifyCb withContext touchContextcontextLoadFile connection'withSSLthrowSSLExceptionsslBlocksslTryHandshake sslIOInnercatchEOFsslExceptionToExceptionsslExceptionFromException libraryInitaddAllAlgorithmsloadErrorStrings setupMutex