 | HsOpenSSL-0.3: (Part of) OpenSSL binding for Haskell | Contents | Index |
|
|
|
|
|
| Description |
| An interface to X.509 certificate.
|
|
| Synopsis |
|
|
|
|
| Type
|
|
| data X509 |
| X509 is an opaque object that represents X.509 certificate.
|
|
|
| Functions to manipulate certificate
|
|
| newX509 :: IO X509 |
newX509 creates an empty certificate. You must set the
following properties to and sign it (see signX509) to actually
use the certificate.
- Version
- See setVersion.
- Serial number
- See setSerialNumber.
- Issuer name
- See setIssuerName.
- Subject name
- See setSubjectName.
- Validity
- See setNotBefore and setNotAfter.
- Public Key
- See setPublicKey.
|
|
| compareX509 :: X509 -> X509 -> IO Ordering |
| compareX509 cert1 cert2 compares two certificates.
|
|
| signX509 |
| :: X509 | The certificate to be signed.
| | -> PKey | The private key to sign with.
| | -> Maybe Digest | A hashing algorithm to use. If Nothing
the most suitable algorithm for the key
is automatically used.
| | -> IO () | | | signX509 signs a certificate with an issuer private key.
|
|
|
| verifyX509 |
| :: X509 | The certificate to be verified.
| | -> PKey | The public key to verify with.
| | -> IO VerifyStatus | | | verifyX509 verifies a signature of certificate with an issuer
public key.
|
|
|
| printX509 :: X509 -> IO String |
| printX509 cert translates a certificate into human-readable
format.
|
|
| Accessors
|
|
| getVersion :: X509 -> IO Int |
| getVersion cert returns the version number of certificate. It
seems the number is 0-origin: version 2 means X.509 v3.
|
|
| setVersion :: X509 -> Int -> IO () |
| setVersion cert ver updates the version number of certificate.
|
|
| getSerialNumber :: X509 -> IO Integer |
| getSerialNumber cert returns the serial number of certificate.
|
|
| setSerialNumber :: X509 -> Integer -> IO () |
| setSerialNumber cert num updates the serial number of
certificate.
|
|
| getIssuerName |
| :: X509 | The certificate to examine.
| | -> Bool | True if you want the keys of each parts
to be of long form (e.g. "commonName"),
or False if you don't (e.g. "CN").
| | -> IO [(String, String)] | Pairs of key and value,
for example [("C",
"JP"), ("ST",
"Some-State"), ...].
| | getIssuerName returns the issuer name of certificate.
|
|
|
| setIssuerName :: X509 -> [(String, String)] -> IO () |
| setIssuerName cert name updates the issuer name of
certificate. Keys of each parts may be of either long form or short
form. See getIssuerName.
|
|
| getSubjectName :: X509 -> Bool -> IO [(String, String)] |
| getSubjectName cert wantLongName returns the subject name of
certificate. See getIssuerName.
|
|
| setSubjectName :: X509 -> [(String, String)] -> IO () |
| setSubjectName cert name updates the subject name of
certificate. See setIssuerName.
|
|
| getNotBefore :: X509 -> IO UTCTime |
| getNotBefore cert returns the time when the certificate begins
to be valid.
|
|
| setNotBefore :: X509 -> UTCTime -> IO () |
| setNotBefore cert utc updates the time when the certificate
begins to be valid.
|
|
| getNotAfter :: X509 -> IO UTCTime |
| getNotAfter cert returns the time when the certificate
expires.
|
|
| setNotAfter :: X509 -> UTCTime -> IO () |
| setNotAfter cert utc updates the time when the certificate
expires.
|
|
| getPublicKey :: X509 -> IO PKey |
| getPublicKey cert returns the public key of the subject of
certificate.
|
|
| setPublicKey :: X509 -> PKey -> IO () |
| setPublicKey cert pubkey updates the public key of the subject
of certificate.
|
|
| getSubjectEmail :: X509 -> IO [String] |
| getSubjectEmail cert returns every subject email addresses in
the certificate.
|
|
| Produced by Haddock version 0.8 |