packages feed

certificate 0.2 → 0.2.1

raw patch · 2 files changed

+36/−37 lines, 2 filesdep ~asn1-dataPVP ok

version bump matches the API change (PVP)

Dependency ranges changed: asn1-data

API changes (from Hackage documentation)

Files

Data/Certificate/X509.hs view
@@ -73,36 +73,36 @@ 	deriving (Show, Eq)  data PubKeyDesc =-	  PubKeyRSA (Int, Integer, Integer) -- len modulus, modulus, e-	| PubKeyDSA (L.ByteString, Integer, Integer, Integer) -- pub, p, q, g-	| PubKeyUnknown [Word8]+	  PubKeyRSA (Int, Integer, Integer)                   -- ^ RSA format with (len modulus, modulus, e)+	| PubKeyDSA (L.ByteString, Integer, Integer, Integer) -- ^ DSA format with (pub, p, q, g)+	| PubKeyUnknown [Word8]                               -- ^ unrecognized format 	deriving (Show,Eq)  data PubKey = PubKey SignatureALG PubKeyDesc -- OID RSA|DSA|rawdata 	deriving (Show,Eq) -data CertificateDN = CertificateDN {-	cdnCommonName       :: Maybe String,-	cdnCountry          :: Maybe String,-	cdnOrganization     :: Maybe String,-	cdnOrganizationUnit :: Maybe String,-	cdnOthers           :: [ (OID, String) ]+data CertificateDN = CertificateDN+	{ cdnCommonName       :: Maybe String      -- ^ Certificate DN Common Name+	, cdnCountry          :: Maybe String      -- ^ Certificate DN Country of Issuance+	, cdnOrganization     :: Maybe String      -- ^ Certificate DN Organization+	, cdnOrganizationUnit :: Maybe String      -- ^ Certificate DN Organization Unit+	, cdnOthers           :: [ (OID, String) ] -- ^ Certificate DN Other Attributes 	} deriving (Show,Eq)  -- FIXME use a proper standard type for representing time. type Time = (Int, Int, Int, Int, Int, Int, Bool) -data Certificate = Certificate {-	certVersion      :: Int,-	certSerial       :: Integer,-	certSignatureAlg :: SignatureALG,-	certIssuerDN     :: CertificateDN,-	certSubjectDN    :: CertificateDN,-	certValidity     :: (Time, Time),-	certPubKey       :: PubKey,-	certExtensions   :: Maybe [ASN1],-	certSignature    :: Maybe (SignatureALG, [Word8]),-	certOthers       :: [ASN1]+data Certificate = Certificate+	{ certVersion      :: Int                           -- ^ Certificate Version+	, certSerial       :: Integer                       -- ^ Certificate Serial number+	, certSignatureAlg :: SignatureALG                  -- ^ Certificate Signature algorithm+	, certIssuerDN     :: CertificateDN                 -- ^ Certificate Issuer DN+	, certSubjectDN    :: CertificateDN                 -- ^ Certificate Subject DN+	, certValidity     :: (Time, Time)                  -- ^ Certificate Validity period+	, certPubKey       :: PubKey                        -- ^ Certificate Public key+	, certExtensions   :: Maybe [ASN1]                  -- ^ Certificate Extensions (format will change)+	, certSignature    :: Maybe (SignatureALG, [Word8]) -- ^ Certificate Signature Algorithm and Signature+	, certOthers       :: [ASN1]                        -- ^ any others fields not parsed 	} deriving (Show,Eq)  {- | parse a RSA pubkeys from ASN1 encoded bits.@@ -154,8 +154,8 @@ parseCertHeaderVersion = do 	n <- lookNext 	v <- case n of-		Other Application 0 (Right [ IntVal v ]) -> getNext >> return (fromIntegral v)-		_                                        -> return 1+		Other Context 0 (Right [ IntVal v ]) -> getNext >> return (fromIntegral v)+		_                                    -> return 1 	return v  parseCertHeaderSerial :: ParseCert Integer@@ -262,8 +262,8 @@ 		then do 			n <- lookNext 			case n of-				Other Application 3 (Right l) -> getNext >> return (Just l)-				_                             -> return Nothing+				Other Context 3 (Right l) -> getNext >> return (Just l)+				_                         -> return Nothing 		else return Nothing  {- | parse header structure of a x509 certificate. it contains@@ -294,8 +294,12 @@ 		certOthers       = l 		} -processCertificate :: ASN1 -> ASN1 -> ASN1 -> Either String Certificate-processCertificate header sigalg sig = do+{- | parse root structure of a x509 certificate. this has to be a sequence of 3 objects :+ - * the header+ - * the signature algorithm+ - * the signature -}+processCertificate :: ASN1 -> Either String Certificate+processCertificate (Sequence [ header, sigalg, sig ]) = do 	let sigAlg = 		case sigalg of 			Sequence [ OID oid, Null ] -> oidSig oid@@ -310,17 +314,11 @@ 			either Left (\c -> Right $ c { certSignature = Just (sigAlg, L.unpack sigbits) }) cert 		_          -> Left "Certificate is not a sequence"  	--{- | parse root structure of a x509 certificate. this has to be a sequence of 3 objects :- - * the header- - * the signature algorithm- - * the signature -}-parseCertRoot :: ASN1 -> Either String Certificate-parseCertRoot (Sequence [ header, sigalg, sig ]) = processCertificate header sigalg sig-parseCertRoot x = Left ("certificate root element error: " ++ show x)+processCertificate x = Left ("certificate root element error: " ++ show x) +{- | decode a X509 certificate from a bytestring -} decodeCertificate :: L.ByteString -> Either String Certificate-decodeCertificate by = either (Left . show) parseCertRoot $ decodeASN1 by+decodeCertificate by = either (Left . show) processCertificate $ decodeASN1 by  encodeDN :: CertificateDN -> ASN1 encodeDN dn = Sequence sets@@ -360,6 +358,7 @@ 		epkinfo   = encodePK $ certPubKey cert 		others    = [] +{-| encode a X509 certificate to a bytestring -} encodeCertificate :: Certificate -> L.ByteString encodeCertificate cert = encodeASN1 rootSeq 	where
certificate.cabal view
@@ -1,5 +1,5 @@ Name:                certificate-Version:             0.2+Version:             0.2.1 Description:     Certificates and Key reader/writer     .@@ -25,7 +25,7 @@                      binary >= 0.5,                      bytestring,                      mtl,-                     asn1-data,+                     asn1-data >= 0.2,                      base64-bytestring   Exposed-modules:   Data.Certificate.X509,                      Data.Certificate.PEM,