HsOpenSSL-0.6.5: (Incomplete) OpenSSL binding for HaskellSource codeContentsIndex
OpenSSL.X509
Contents
Type
Functions to manipulate certificate
Accessors
Description
An interface to X.509 certificate.
Synopsis
data X509
newX509 :: IO X509
compareX509 :: X509 -> X509 -> IO Ordering
signX509 :: KeyPair key => X509 -> key -> Maybe Digest -> IO ()
verifyX509 :: PublicKey key => X509 -> key -> IO VerifyStatus
printX509 :: X509 -> IO String
getVersion :: X509 -> IO Int
setVersion :: X509 -> Int -> IO ()
getSerialNumber :: X509 -> IO Integer
setSerialNumber :: X509 -> Integer -> IO ()
getIssuerName :: X509 -> Bool -> IO [(String, String)]
setIssuerName :: X509 -> [(String, String)] -> IO ()
getSubjectName :: X509 -> Bool -> IO [(String, String)]
setSubjectName :: X509 -> [(String, String)] -> IO ()
getNotBefore :: X509 -> IO UTCTime
setNotBefore :: X509 -> UTCTime -> IO ()
getNotAfter :: X509 -> IO UTCTime
setNotAfter :: X509 -> UTCTime -> IO ()
getPublicKey :: X509 -> IO SomePublicKey
setPublicKey :: PublicKey key => X509 -> key -> IO ()
getSubjectEmail :: X509 -> IO [String]
Type
data X509 Source
X509 is an opaque object that represents X.509 certificate.
Functions to manipulate certificate
newX509 :: IO X509Source

newX509 creates an empty certificate. You must set the following properties to and sign it (see signX509) to actually use the certificate.

Version
See setVersion.
Serial number
See setSerialNumber.
Issuer name
See setIssuerName.
Subject name
See setSubjectName.
Validity
See setNotBefore and setNotAfter.
Public Key
See setPublicKey.
compareX509 :: X509 -> X509 -> IO OrderingSource
compareX509 cert1 cert2 compares two certificates.
signX509Source
:: KeyPair key
=> X509The certificate to be signed.
-> keyThe private key to sign with.
-> Maybe DigestA hashing algorithm to use. If Nothing the most suitable algorithm for the key is automatically used.
-> IO ()
signX509 signs a certificate with an issuer private key.
verifyX509Source
:: PublicKey key
=> X509The certificate to be verified.
-> keyThe public key to verify with.
-> IO VerifyStatus
verifyX509 verifies a signature of certificate with an issuer public key.
printX509 :: X509 -> IO StringSource
printX509 cert translates a certificate into human-readable format.
Accessors
getVersion :: X509 -> IO IntSource
getVersion cert returns the version number of certificate. It seems the number is 0-origin: version 2 means X.509 v3.
setVersion :: X509 -> Int -> IO ()Source
setVersion cert ver updates the version number of certificate.
getSerialNumber :: X509 -> IO IntegerSource
getSerialNumber cert returns the serial number of certificate.
setSerialNumber :: X509 -> Integer -> IO ()Source
setSerialNumber cert num updates the serial number of certificate.
getIssuerNameSource
:: X509The certificate to examine.
-> BoolTrue if you want the keys of each parts to be of long form (e.g. "commonName"), or False if you don't (e.g. "CN").
-> IO [(String, String)]Pairs of key and value, for example [("C", "JP"), ("ST", "Some-State"), ...].
getIssuerName returns the issuer name of certificate.
setIssuerName :: X509 -> [(String, String)] -> IO ()Source
setIssuerName cert name updates the issuer name of certificate. Keys of each parts may be of either long form or short form. See getIssuerName.
getSubjectName :: X509 -> Bool -> IO [(String, String)]Source
getSubjectName cert wantLongName returns the subject name of certificate. See getIssuerName.
setSubjectName :: X509 -> [(String, String)] -> IO ()Source
setSubjectName cert name updates the subject name of certificate. See setIssuerName.
getNotBefore :: X509 -> IO UTCTimeSource
getNotBefore cert returns the time when the certificate begins to be valid.
setNotBefore :: X509 -> UTCTime -> IO ()Source
setNotBefore cert utc updates the time when the certificate begins to be valid.
getNotAfter :: X509 -> IO UTCTimeSource
getNotAfter cert returns the time when the certificate expires.
setNotAfter :: X509 -> UTCTime -> IO ()Source
setNotAfter cert utc updates the time when the certificate expires.
getPublicKey :: X509 -> IO SomePublicKeySource
getPublicKey cert returns the public key of the subject of certificate.
setPublicKey :: PublicKey key => X509 -> key -> IO ()Source
setPublicKey cert pubkey updates the public key of the subject of certificate.
getSubjectEmail :: X509 -> IO [String]Source
getSubjectEmail cert returns every subject email addresses in the certificate.
Produced by Haddock version 2.4.2