HsOpenSSL-0.10.1.2: (Incomplete) OpenSSL binding for Haskell

OpenSSL.X509.Revocation

Contents

Description

An interface to Certificate Revocation List.

Synopsis

Types

data CRL Source

CRL is an opaque object that represents Certificate Revocation List.

data RevokedCertificate Source

RevokedCertificate represents a revoked certificate in a list. Each certificates are supposed to be distinguishable by issuer name and serial number, so it is sufficient to have only serial number on each entries.

Constructors

RevokedCertificate 

Fields

revSerialNumber :: Integer
 
revRevocationDate :: UTCTime
 

Instances

Functions to manipulate revocation list

newCRL :: IO CRLSource

newCRL creates an empty revocation list. You must set the following properties to and sign it (see signCRL) to actually use the revocation list. If you have any certificates to be listed, you must of course add them (see addRevoked) before signing the list.

Version
See setVersion.
Last Update
See setLastUpdate.
Next Update
See setNextUpdate.
Issuer Name
See setIssuerName.

signCRLSource

Arguments

:: KeyPair key 
=> CRL

The revocation list to be signed.

-> key

The private key to sign with.

-> Maybe Digest

A hashing algorithm to use. If Nothing the most suitable algorithm for the key is automatically used.

-> IO () 

signCRL signs a revocation list with an issuer private key.

verifyCRL :: PublicKey key => CRL -> key -> IO VerifyStatusSource

verifyCRL verifies a signature of revocation list with an issuer public key.

printCRL :: CRL -> IO StringSource

printCRL translates a revocation list into human-readable format.

sortCRL :: CRL -> IO ()Source

sortCRL crl sorts the certificates in the revocation list.

Accessors

getVersion :: CRL -> IO IntSource

getVersion crl returns the version number of revocation list.

setVersion :: CRL -> Int -> IO ()Source

setVersion crl ver updates the version number of revocation list.

getLastUpdate :: CRL -> IO UTCTimeSource

getLastUpdate crl returns the time when the revocation list has last been updated.

setLastUpdate :: CRL -> UTCTime -> IO ()Source

setLastUpdate crl utc updates the time when the revocation list has last been updated.

getNextUpdate :: CRL -> IO UTCTimeSource

getNextUpdate crl returns the time when the revocation list will next be updated.

setNextUpdate :: CRL -> UTCTime -> IO ()Source

setNextUpdate crl utc updates the time when the revocation list will next be updated.

getIssuerName :: CRL -> Bool -> IO [(String, String)]Source

getIssuerName crl wantLongName returns the issuer name of revocation list. See OpenSSL.X509.getIssuerName of OpenSSL.X509.

setIssuerName :: CRL -> [(String, String)] -> IO ()Source

setIssuerName crl name updates the issuer name of revocation list. See OpenSSL.X509.setIssuerName of OpenSSL.X509.

getRevokedList :: CRL -> IO [RevokedCertificate]Source

getRevokedList crl returns the list of revoked certificates.

addRevoked :: CRL -> RevokedCertificate -> IO ()Source

addRevoked crl revoked add the certificate to the revocation list.

getRevoked :: CRL -> Integer -> IO (Maybe RevokedCertificate)Source

getRevoked crl serial looks up the corresponding revocation.