Portability	unknown
Stability	experimental
Maintainer	Vincent Hanquez <vincent@snarc.org>
Safe Haskell	Safe-Infered

Data.Certificate.X509

Contents

Data Structure
Data Structure (reexported from X509Cert)
helper for signing/veryfing certificate
serialization from ASN1 bytestring

Description

Read/Write X509 certificate

Synopsis

Data Structure

data X509 Source

Constructors

X509

Fields

x509Cert :: Certificate: the certificate part of a X509 structure
x509CachedSigningData :: Maybe ByteString: a cache of the raw representation of the x509 part for signing since encoding+decoding might not result in the same data being signed.
x509CachedData :: Maybe ByteString: a cache of the raw representation of the whole x509.
x509SignatureALG :: SignatureALG: the signature algorithm used.
x509Signature :: [Word8]: the signature.

Instances

Eq X509
Show X509

Data Structure (reexported from X509Cert)

data SignatureALG Source

Constructors

SignatureALG HashALG PubKeyALG
SignatureALG_Unknown OID

Instances

Eq SignatureALG
Show SignatureALG

data HashALG Source

Constructors

HashMD2
HashMD5
HashSHA1
HashSHA224
HashSHA256
HashSHA384
HashSHA512

Instances

Eq HashALG
Show HashALG

data PubKeyALG Source

Constructors

PubKeyALG_RSA
PubKeyALG_DSA
PubKeyALG_ECDSA
PubKeyALG_DH
PubKeyALG_Unknown OID

Instances

Eq PubKeyALG
Show PubKeyALG

data PubKey Source

Constructors

PubKeyRSA PublicKey	RSA public key
PubKeyDSA PublicKey	DSA public key
PubKeyDH (Integer, Integer, Integer, Maybe Integer, ([Word8], Integer))	DH format with (p,g,q,j,(seed,pgenCounter))
PubKeyECDSA [ASN1]	ECDSA format not done yet FIXME
PubKeyUnknown OID [Word8]	unrecognized format

Instances

Eq PubKey
Show PubKey

data ASN1StringType Source

Constructors

UTF8
Printable
Univ
BMP
IA5
T61

Instances

Eq ASN1StringType
Show ASN1StringType

type ASN1String = (ASN1StringType, String)Source

data Certificate Source

Constructors

Certificate

Fields

certVersion :: Int: Certificate Version
certSerial :: Integer: Certificate Serial number
certSignatureAlg :: SignatureALG: Certificate Signature algorithm
certIssuerDN :: [(OID, ASN1String)]: Certificate Issuer DN
certSubjectDN :: [(OID, ASN1String)]: Certificate Subject DN
certValidity :: (Time, Time): Certificate Validity period
certPubKey :: PubKey: Certificate Public key
certExtensions :: Maybe [CertificateExt]: Certificate Extensions

Instances

Eq Certificate
Show Certificate

type CertificateExt = (OID, Bool, [ASN1])Source

data Ext Source

known X509v3 extensions

Constructors

ExtBasicConstraints Bool
ExtKeyUsage [ExtKeyUsageFlag]
ExtSubjectKeyId ByteString
ExtAuthorityKeyId ByteString

Instances

Eq Ext
Show Ext

data ExtKeyUsageFlag Source

key usage flag that is found in the key usage extension field.

Constructors

KeyUsage_digitalSignature
KeyUsage_nonRepudiation
KeyUsage_keyEncipherment
KeyUsage_dataEncipherment
KeyUsage_keyAgreement
KeyUsage_keyCertSign
KeyUsage_cRLSign
KeyUsage_encipherOnly
KeyUsage_decipherOnly

Instances

Enum ExtKeyUsageFlag
Eq ExtKeyUsageFlag
Ord ExtKeyUsageFlag
Show ExtKeyUsageFlag

extDecode :: CertificateExt -> Maybe Ext Source

try decoding a certificateExt tuple into a known extension.

helper for signing/veryfing certificate

getSigningData :: X509 -> ByteString Source

get signing data related to a X509 message, - which is either the cached data or the encoded certificate

serialization from ASN1 bytestring

decodeCertificate :: ByteString -> Either String X509 Source

decode an X509 from a bytestring - the structure is the following: - Certificate - Certificate Signature Algorithm - Certificate Signature

encodeCertificate :: X509 -> ByteString Source

encode a X509 certificate to a bytestring