module Network.TLS.Extra.File
( fileReadCertificate
, fileReadPrivateKey
) where
import Control.Applicative ((<$>))
import qualified Data.ByteString as B
import qualified Data.ByteString.Lazy as L
import Data.Either
import Data.PEM (PEM(..), pemParseBS)
import Data.Certificate.X509
import qualified Data.Certificate.KeyRSA as KeyRSA
import Network.TLS
fileReadCertificate :: FilePath -> IO X509
fileReadCertificate filepath = do
certs <- rights . parseCerts . pemParseBS <$> B.readFile filepath
case certs of
[] -> error "no valid certificate found"
(x:_) -> return x
where parseCerts (Right pems) = map (decodeCertificate . L.fromChunks . (:[]) . pemContent)
$ filter (flip elem ["CERTIFICATE", "TRUSTED CERTIFICATE"] . pemName) pems
parseCerts (Left err) = error ("cannot parse PEM file " ++ show err)
fileReadPrivateKey :: FilePath -> IO PrivateKey
fileReadPrivateKey filepath = do
pk <- rights . parseKey . pemParseBS <$> B.readFile filepath
case pk of
[] -> error "no valid RSA key found"
(x:_) -> return x
where parseKey (Right pems) = map (fmap (PrivRSA . snd) . KeyRSA.decodePrivate . L.fromChunks . (:[]) . pemContent)
$ filter ((== "RSA PRIVATE KEY") . pemName) pems
parseKey (Left err) = error ("Cannot parse PEM file " ++ show err)