Safe Haskell | Safe-Inferred |
---|---|
Language | Haskell2010 |
An interface to PKCS#7 structure and S/MIME message.
Synopsis
- data Pkcs7
- data Pkcs7Flag
- data Pkcs7VerifyStatus
- = Pkcs7VerifySuccess (Maybe String)
- | Pkcs7VerifyFailure
- pkcs7Sign :: KeyPair key => X509 -> key -> [X509] -> String -> [Pkcs7Flag] -> IO Pkcs7
- pkcs7Verify :: Pkcs7 -> [X509] -> X509Store -> Maybe String -> [Pkcs7Flag] -> IO Pkcs7VerifyStatus
- pkcs7Encrypt :: [X509] -> String -> Cipher -> [Pkcs7Flag] -> IO Pkcs7
- pkcs7Decrypt :: KeyPair key => Pkcs7 -> key -> X509 -> [Pkcs7Flag] -> IO String
- writeSmime :: Pkcs7 -> Maybe String -> [Pkcs7Flag] -> IO String
- readSmime :: String -> IO (Pkcs7, Maybe String)
Types
represents an abstract PKCS#7 structure. The concrete
type of structure is hidden in the object: such polymorphism isn't
very haskellish but please get it out of your mind since OpenSSL is
written in C.Pkcs7
is a set of flags that are used in many operations
related to PKCS#7.Pkcs7Flag
data Pkcs7VerifyStatus Source #
represents a result of PKCS#7
verification. See Pkcs7VerifyStatus
pkcs7Verify
.
Pkcs7VerifySuccess (Maybe String) | Nothing if the PKCS#7
signature was a detached
signature, and |
Pkcs7VerifyFailure |
Instances
Show Pkcs7VerifyStatus Source # | |
Defined in OpenSSL.PKCS7 showsPrec :: Int -> Pkcs7VerifyStatus -> ShowS show :: Pkcs7VerifyStatus -> String showList :: [Pkcs7VerifyStatus] -> ShowS | |
Eq Pkcs7VerifyStatus Source # | |
Defined in OpenSSL.PKCS7 (==) :: Pkcs7VerifyStatus -> Pkcs7VerifyStatus -> Bool (/=) :: Pkcs7VerifyStatus -> Pkcs7VerifyStatus -> Bool |
Encryption and Signing
:: KeyPair key | |
=> X509 | certificate to sign with |
-> key | corresponding private key |
-> [X509] | optional additional set of certificates to include in the PKCS#7 structure (for example any intermediate CAs in the chain) |
-> String | data to be signed |
-> [Pkcs7Flag] | An optional set of flags:
|
-> IO Pkcs7 |
creates a PKCS#7 signedData structure.pkcs7Sign
:: Pkcs7 | A PKCS#7 structure to verify. |
-> [X509] | Set of certificates in which to search for the signer's certificate. |
-> X509Store | Trusted certificate store (used for chain verification). |
-> Maybe String | Signed data if the content is not present in the PKCS#7 structure (that is it is detached). |
-> [Pkcs7Flag] | An optional set of flags:
|
-> IO Pkcs7VerifyStatus |
verifies a PKCS#7 signedData structure.pkcs7Verify
:: [X509] | A list of recipient certificates. |
-> String | The content to be encrypted. |
-> Cipher | The symmetric cipher to use. |
-> [Pkcs7Flag] | An optional set of flags:
|
-> IO Pkcs7 |
creates a PKCS#7 envelopedData structure.pkcs7Encrypt
:: KeyPair key | |
=> Pkcs7 | The PKCS#7 structure to decrypt. |
-> key | The private key of the recipient. |
-> X509 | The recipient's certificate. |
-> [Pkcs7Flag] | An optional set of flags: |
-> IO String | The decrypted content. |
decrypts content from PKCS#7 envelopedData
structure.pkcs7Decrypt
S/MIME
:: Pkcs7 | A PKCS#7 structure to be written. |
-> Maybe String | If cleartext signing (multipart/signed) is being used then the signed data must be supplied here. |
-> [Pkcs7Flag] | An optional set of flags:
|
-> IO String | The result S/MIME message. |
writes PKCS#7 structure to S/MIME message.writeSmime