HsOpenSSL-0.5: (Part of) OpenSSL binding for HaskellSource codeContentsIndex
OpenSSL.X509
Contents
Type
Functions to manipulate certificate
Accessors
Description
An interface to X.509 certificate.
Synopsis
data X509
data X509_
newX509 :: IO X509
wrapX509 :: Ptr X509_ -> IO X509
withX509Ptr :: X509 -> (Ptr X509_ -> IO a) -> IO a
withX509Stack :: [X509] -> (Ptr STACK -> IO a) -> IO a
unsafeX509ToPtr :: X509 -> Ptr X509_
touchX509 :: X509 -> IO ()
compareX509 :: X509 -> X509 -> IO Ordering
signX509 :: X509 -> PKey -> Maybe Digest -> IO ()
verifyX509 :: X509 -> PKey -> IO VerifyStatus
printX509 :: X509 -> IO String
getVersion :: X509 -> IO Int
setVersion :: X509 -> Int -> IO ()
getSerialNumber :: X509 -> IO Integer
setSerialNumber :: X509 -> Integer -> IO ()
getIssuerName :: X509 -> Bool -> IO [(String, String)]
setIssuerName :: X509 -> [(String, String)] -> IO ()
getSubjectName :: X509 -> Bool -> IO [(String, String)]
setSubjectName :: X509 -> [(String, String)] -> IO ()
getNotBefore :: X509 -> IO UTCTime
setNotBefore :: X509 -> UTCTime -> IO ()
getNotAfter :: X509 -> IO UTCTime
setNotAfter :: X509 -> UTCTime -> IO ()
getPublicKey :: X509 -> IO PKey
setPublicKey :: X509 -> PKey -> IO ()
getSubjectEmail :: X509 -> IO [String]
Type
data X509 Source
X509 is an opaque object that represents X.509 certificate.
data X509_ Source
Functions to manipulate certificate
newX509 :: IO X509Source

newX509 creates an empty certificate. You must set the following properties to and sign it (see signX509) to actually use the certificate.

Version
See setVersion.
Serial number
See setSerialNumber.
Issuer name
See setIssuerName.
Subject name
See setSubjectName.
Validity
See setNotBefore and setNotAfter.
Public Key
See setPublicKey.
wrapX509 :: Ptr X509_ -> IO X509Source
withX509Ptr :: X509 -> (Ptr X509_ -> IO a) -> IO aSource
withX509Stack :: [X509] -> (Ptr STACK -> IO a) -> IO aSource
unsafeX509ToPtr :: X509 -> Ptr X509_Source
touchX509 :: X509 -> IO ()Source
compareX509 :: X509 -> X509 -> IO OrderingSource
compareX509 cert1 cert2 compares two certificates.
signX509Source
:: X509The certificate to be signed.
-> PKeyThe private key to sign with.
-> Maybe DigestA hashing algorithm to use. If Nothing the most suitable algorithm for the key is automatically used.
-> IO ()
signX509 signs a certificate with an issuer private key.
verifyX509Source
:: X509The certificate to be verified.
-> PKeyThe public key to verify with.
-> IO VerifyStatus
verifyX509 verifies a signature of certificate with an issuer public key.
printX509 :: X509 -> IO StringSource
printX509 cert translates a certificate into human-readable format.
Accessors
getVersion :: X509 -> IO IntSource
getVersion cert returns the version number of certificate. It seems the number is 0-origin: version 2 means X.509 v3.
setVersion :: X509 -> Int -> IO ()Source
setVersion cert ver updates the version number of certificate.
getSerialNumber :: X509 -> IO IntegerSource
getSerialNumber cert returns the serial number of certificate.
setSerialNumber :: X509 -> Integer -> IO ()Source
setSerialNumber cert num updates the serial number of certificate.
getIssuerNameSource
:: X509The certificate to examine.
-> BoolTrue if you want the keys of each parts to be of long form (e.g. "commonName"), or False if you don't (e.g. "CN").
-> IO [(String, String)]Pairs of key and value, for example [("C", "JP"), ("ST", "Some-State"), ...].
getIssuerName returns the issuer name of certificate.
setIssuerName :: X509 -> [(String, String)] -> IO ()Source
setIssuerName cert name updates the issuer name of certificate. Keys of each parts may be of either long form or short form. See getIssuerName.
getSubjectName :: X509 -> Bool -> IO [(String, String)]Source
getSubjectName cert wantLongName returns the subject name of certificate. See getIssuerName.
setSubjectName :: X509 -> [(String, String)] -> IO ()Source
setSubjectName cert name updates the subject name of certificate. See setIssuerName.
getNotBefore :: X509 -> IO UTCTimeSource
getNotBefore cert returns the time when the certificate begins to be valid.
setNotBefore :: X509 -> UTCTime -> IO ()Source
setNotBefore cert utc updates the time when the certificate begins to be valid.
getNotAfter :: X509 -> IO UTCTimeSource
getNotAfter cert returns the time when the certificate expires.
setNotAfter :: X509 -> UTCTime -> IO ()Source
setNotAfter cert utc updates the time when the certificate expires.
getPublicKey :: X509 -> IO PKeySource
getPublicKey cert returns the public key of the subject of certificate.
setPublicKey :: X509 -> PKey -> IO ()Source
setPublicKey cert pubkey updates the public key of the subject of certificate.
getSubjectEmail :: X509 -> IO [String]Source
getSubjectEmail cert returns every subject email addresses in the certificate.
Produced by Haddock version 2.4.2