HsOpenSSL- Partial OpenSSL binding for Haskell

Safe HaskellNone




An interface to PEM routines.


Password supply

type PemPasswordCallback = Int -> PemPasswordRWState -> IO String Source #

PemPasswordCallback represents a callback function to supply a password.

The maximum length of the password to be accepted.
The context.
IO String
The resulting password.

data PemPasswordRWState Source #

PemPasswordRWState represents a context of PemPasswordCallback.



The callback was called to get a password to read something encrypted.


The callback was called to get a password to encrypt something.

data PemPasswordSupply Source #

PemPasswordSupply represents a way to supply password.

FIXME: using PwTTY causes an error but I don't know why: "error:0906406D:PEM routines:DEF_CALLBACK:problems getting password"



no password

PwStr String

password in a static string

PwBS ByteString

password in a static bytestring.

PwCallback PemPasswordCallback

get a password by a callback


read a password from TTY

Private key

writePKCS8PrivateKey Source #


:: KeyPair key 
=> key

private key to write

-> Maybe (Cipher, PemPasswordSupply)

Either (symmetric cipher algorithm, password supply) or Nothing. If Nothing is given the private key is not encrypted.

-> IO String

the result PEM string

writePKCS8PrivateKey writes a private key to PEM string in PKCS#8 format.

readPrivateKey :: String -> PemPasswordSupply -> IO SomeKeyPair Source #

readPrivateKey pem supply reads a private key in PEM string.

Public key

writePublicKey :: PublicKey key => key -> IO String Source #

writePublicKey pubkey writes a public to PEM string.

readPublicKey :: String -> IO SomePublicKey Source #

readPublicKey pem reads a public key in PEM string.

X.509 certificate

writeX509 :: X509 -> IO String Source #

writeX509 cert writes an X.509 certificate to PEM string.

readX509 :: String -> IO X509 Source #

readX509 pem reads an X.509 certificate in PEM string.

PKCS#10 certificate request

data PemX509ReqFormat Source #

PemX509ReqFormat represents format of PKCS#10 certificate request.



The new format, whose header is "NEW CERTIFICATE REQUEST".


The old format, whose header is "CERTIFICATE REQUEST".

writeX509Req Source #


:: X509Req


-> PemX509ReqFormat


-> IO String

the result PEM string

writeX509Req writes a PKCS#10 certificate request to PEM string.

readX509Req :: String -> IO X509Req Source #

readX509Req reads a PKCS#10 certificate request in PEM string.

Certificate Revocation List

writeCRL :: CRL -> IO String Source #

writeCRL crl writes a Certificate Revocation List to PEM string.

readCRL :: String -> IO CRL Source #

readCRL pem reads a Certificate Revocation List in PEM string.

PKCS#7 structure

writePkcs7 :: Pkcs7 -> IO String Source #

writePkcs7 p7 writes a PKCS#7 structure to PEM string.

readPkcs7 :: String -> IO Pkcs7 Source #

readPkcs7 pem reads a PKCS#7 structure in PEM string.

DH parameters

writeDHParams :: DHP -> IO String Source #

writeDHParams dh writes DH parameters to PEM string.

readDHParams :: String -> IO DHP Source #

readDHParams pem reads DH parameters in PEM string.