| Safe Haskell | None | 
|---|---|
| Language | Haskell2010 | 
OpenSSL.X509.Request
Description
An interface to PKCS#10 certificate request.
- data X509Req
- newX509Req :: IO X509Req
- signX509Req :: KeyPair key => X509Req -> key -> Maybe Digest -> IO ()
- verifyX509Req :: PublicKey key => X509Req -> key -> IO VerifyStatus
- printX509Req :: X509Req -> IO String
- writeX509ReqDER :: X509Req -> IO ByteString
- makeX509FromReq :: X509Req -> X509 -> IO X509
- getVersion :: X509Req -> IO Int
- setVersion :: X509Req -> Int -> IO ()
- getSubjectName :: X509Req -> Bool -> IO [(String, String)]
- setSubjectName :: X509Req -> [(String, String)] -> IO ()
- getPublicKey :: X509Req -> IO SomePublicKey
- setPublicKey :: PublicKey key => X509Req -> key -> IO ()
- addExtensions :: X509Req -> [(Int, String)] -> IO CInt
Type
Functions to manipulate request
newX509Req :: IO X509Req Source #
newX509ReqsignX509Req) to
 actually use the certificate request.
- Version
- See setVersion.
- Subject Name
- See setSubjectName.
- Public Key
- See setPublicKey.
Arguments
| :: KeyPair key | |
| => X509Req | The request to be signed. | 
| -> key | The private key to sign with. | 
| -> Maybe Digest | A hashing algorithm to use. If
    | 
| -> IO () | 
signX509Req
Arguments
| :: PublicKey key | |
| => X509Req | The request to be verified. | 
| -> key | The public key to verify with. | 
| -> IO VerifyStatus | 
verifyX509Req
printX509Req :: X509Req -> IO String Source #
printX509Req req
writeX509ReqDER :: X509Req -> IO ByteString Source #
writeX509ReqDER req
makeX509FromReq :: X509Req -> X509 -> IO X509 Source #
makeX509FromReq req cert
- Serial number
- Validity (Not Before and Not After)
Example:
import Data.Time.Clock
genCert :: X509 -> EvpPKey -> Integer -> Int -> X509Req -> IO X509
genCert caCert caKey serial days req
    = do cert <- makeX509FromReq req caCert
         now  <- getCurrentTime
         setSerialNumber cert serial
         setNotBefore cert $ addUTCTime (-1) now
         setNotAfter  cert $ addUTCTime (days * 24 * 60 * 60) now
         signX509 cert caKey Nothing
         return certAccessors
getVersion :: X509Req -> IO Int Source #
getVersion req
setVersion :: X509Req -> Int -> IO () Source #
setVersion req ver
getSubjectName :: X509Req -> Bool -> IO [(String, String)] Source #
getSubjectName req wantLongNamegetSubjectName of
 OpenSSL.X509.
setSubjectName :: X509Req -> [(String, String)] -> IO () Source #
setSubjectName req namesetSubjectName of
 OpenSSL.X509.
getPublicKey :: X509Req -> IO SomePublicKey Source #
getPublicKey req
setPublicKey :: PublicKey key => X509Req -> key -> IO () Source #
setPublicKey req
addExtensions :: X509Req -> [(Int, String)] -> IO CInt Source #
addExtensions req [(nid, str)]E.g., nid 85 = subjectAltName http://osxr.org:8080/openssl/source/crypto/objects/objects.h#0476
(TODO: more docs; NID type)