libghc-certificate-doc 1.3.9-1build4 / usr / share / doc / libghc-certificate-doc / html / certificate.txt

This file is indexed.

/usr/share/doc/libghc-certificate-doc/html/certificate.txt is in libghc-certificate-doc 1.3.9-1build4.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | Certificates and Key Reader/Writer
--   
--   Certificates and Key reader/writer
--   
--   At the moment only X509 certificate and unencrypted private key are
--   supported, but will include PGP certificate and pkcs8 private keys
@package certificate
@version 1.3.9


-- | Read/Write Private Key
module Data.Certificate.KeyDSA
decodePrivate :: ByteString -> Either String (PublicKey, PrivateKey)
encodePrivate :: (PublicKey, PrivateKey) -> ByteString


-- | Read/Write Private/Public RSA Key
module Data.Certificate.KeyRSA
decodePublic :: ByteString -> Either String PublicKey
decodePrivate :: ByteString -> Either String (PublicKey, PrivateKey)
encodePublic :: PublicKey -> ByteString
encodePrivate :: (PublicKey, PrivateKey) -> ByteString

-- | parse a RSA pubkeys from ASN1 encoded bits. - return RSA.PublicKey
--   (len-modulus, modulus, e) if successful
parse_RSA :: ByteString -> Either String PublicKey


-- | extension processing module.
module Data.Certificate.X509.Ext
type ExtensionRaw = (OID, Bool, [ASN1])
class Extension a
extOID :: Extension a => a -> OID
extEncode :: Extension a => a -> [ASN1]
extDecode :: Extension a => [ASN1] -> Either String a
data ExtBasicConstraints
ExtBasicConstraints :: Bool -> (Maybe Integer) -> ExtBasicConstraints
data ExtKeyUsage
ExtKeyUsage :: [ExtKeyUsageFlag] -> ExtKeyUsage

-- | key usage flag that is found in the key usage extension field.
data ExtKeyUsageFlag
KeyUsage_digitalSignature :: ExtKeyUsageFlag
KeyUsage_nonRepudiation :: ExtKeyUsageFlag
KeyUsage_keyEncipherment :: ExtKeyUsageFlag
KeyUsage_dataEncipherment :: ExtKeyUsageFlag
KeyUsage_keyAgreement :: ExtKeyUsageFlag
KeyUsage_keyCertSign :: ExtKeyUsageFlag
KeyUsage_cRLSign :: ExtKeyUsageFlag
KeyUsage_encipherOnly :: ExtKeyUsageFlag
KeyUsage_decipherOnly :: ExtKeyUsageFlag
data ExtSubjectKeyId
ExtSubjectKeyId :: ByteString -> ExtSubjectKeyId
data ExtSubjectAltName
ExtSubjectAltName :: [String] -> ExtSubjectAltName
data ExtAuthorityKeyId
ExtAuthorityKeyId :: ByteString -> ExtAuthorityKeyId
extensionGet :: Extension a => [ExtensionRaw] -> Maybe a
instance Show ExtKeyUsageFlag
instance Eq ExtKeyUsageFlag
instance Ord ExtKeyUsageFlag
instance Enum ExtKeyUsageFlag
instance Show ExtBasicConstraints
instance Eq ExtBasicConstraints
instance Show ExtKeyUsage
instance Eq ExtKeyUsage
instance Show ExtSubjectKeyId
instance Eq ExtSubjectKeyId
instance Show ExtSubjectAltName
instance Eq ExtSubjectAltName
instance Show ExtAuthorityKeyId
instance Eq ExtAuthorityKeyId
instance Extension ExtAuthorityKeyId
instance Extension ExtSubjectAltName
instance Extension ExtSubjectKeyId
instance Extension ExtKeyUsage
instance Extension ExtBasicConstraints

module Data.Certificate.X509.Cert
data SignatureALG
SignatureALG :: HashALG -> PubKeyALG -> SignatureALG
SignatureALG_Unknown :: OID -> SignatureALG
data HashALG
HashMD2 :: HashALG
HashMD5 :: HashALG
HashSHA1 :: HashALG
HashSHA224 :: HashALG
HashSHA256 :: HashALG
HashSHA384 :: HashALG
HashSHA512 :: HashALG
data PubKeyALG
PubKeyALG_RSA :: PubKeyALG
PubKeyALG_DSA :: PubKeyALG
PubKeyALG_ECDSA :: PubKeyALG
PubKeyALG_DH :: PubKeyALG
PubKeyALG_Unknown :: OID -> PubKeyALG
data PubKey

-- | RSA public key
PubKeyRSA :: PublicKey -> PubKey

-- | DSA public key
PubKeyDSA :: PublicKey -> PubKey

-- | DH format with (p,g,q,j,(seed,pgenCounter))
PubKeyDH :: (Integer, Integer, Integer, Maybe Integer, ([Word8], Integer)) -> PubKey

-- | ECDSA format not done yet FIXME
PubKeyECDSA :: ECDSA_Hash -> ByteString -> PubKey

-- | unrecognized format
PubKeyUnknown :: OID -> [Word8] -> PubKey
data ECDSA_Hash
ECDSA_Hash_SHA384 :: ECDSA_Hash
data ASN1StringType
UTF8 :: ASN1StringType
Printable :: ASN1StringType
Univ :: ASN1StringType
BMP :: ASN1StringType
IA5 :: ASN1StringType
T61 :: ASN1StringType
type ASN1String = (ASN1StringType, String)
data Certificate
Certificate :: Int -> Integer -> SignatureALG -> DistinguishedName -> DistinguishedName -> (Time, Time) -> PubKey -> Maybe [ExtensionRaw] -> Certificate

-- | Certificate Version
certVersion :: Certificate -> Int

-- | Certificate Serial number
certSerial :: Certificate -> Integer

-- | Certificate Signature algorithm
certSignatureAlg :: Certificate -> SignatureALG

-- | Certificate Issuer DN
certIssuerDN :: Certificate -> DistinguishedName

-- | Certificate Subject DN
certSubjectDN :: Certificate -> DistinguishedName

-- | Certificate Validity period
certValidity :: Certificate -> (Time, Time)

-- | Certificate Public key
certPubKey :: Certificate -> PubKey

-- | Certificate Extensions
certExtensions :: Certificate -> Maybe [ExtensionRaw]
newtype DistinguishedName
DistinguishedName :: [(OID, ASN1String)] -> DistinguishedName
getDistinguishedElements :: DistinguishedName -> [(OID, ASN1String)]
type OID = [Integer]
oidCommonName :: OID
oidCountry :: OID
oidOrganization :: OID
oidOrganizationUnit :: OID
oidSig :: OID -> SignatureALG
sigOID :: SignatureALG -> OID
parseDN :: ParseASN1 DistinguishedName
encodeDNinner :: (ASN1String -> ASN1String) -> DistinguishedName -> [ASN1]
encodeDN :: DistinguishedName -> [ASN1]
instance Show HashALG
instance Eq HashALG
instance Show PubKeyALG
instance Eq PubKeyALG
instance Show SignatureALG
instance Eq SignatureALG
instance Show ECDSA_Hash
instance Eq ECDSA_Hash
instance Show PubKey
instance Eq PubKey
instance Show CertKeyUsage
instance Eq CertKeyUsage
instance Show ASN1StringType
instance Eq ASN1StringType
instance Ord ASN1StringType
instance Enum ASN1StringType
instance Show DistinguishedName
instance Eq DistinguishedName
instance Ord DistinguishedName
instance Show Certificate
instance Eq Certificate
instance ASN1Object Certificate
instance Monoid DistinguishedName


-- | Read/Write X509 certificate
module Data.Certificate.X509
data X509
X509 :: Certificate -> (Maybe ByteString) -> (Maybe ByteString) -> SignatureALG -> [Word8] -> X509

-- | the certificate part of a X509 structure
x509Cert :: X509 -> Certificate

-- | a cache of the raw representation of the x509 part for signing since
--   encoding+decoding might not result in the same data being signed.
x509CachedSigningData :: X509 -> (Maybe ByteString)

-- | a cache of the raw representation of the whole x509.
x509CachedData :: X509 -> (Maybe ByteString)

-- | the signature algorithm used.
x509SignatureALG :: X509 -> SignatureALG

-- | the signature.
x509Signature :: X509 -> [Word8]
data SignatureALG
SignatureALG :: HashALG -> PubKeyALG -> SignatureALG
SignatureALG_Unknown :: OID -> SignatureALG
data HashALG
HashMD2 :: HashALG
HashMD5 :: HashALG
HashSHA1 :: HashALG
HashSHA224 :: HashALG
HashSHA256 :: HashALG
HashSHA384 :: HashALG
HashSHA512 :: HashALG
data PubKeyALG
PubKeyALG_RSA :: PubKeyALG
PubKeyALG_DSA :: PubKeyALG
PubKeyALG_ECDSA :: PubKeyALG
PubKeyALG_DH :: PubKeyALG
PubKeyALG_Unknown :: OID -> PubKeyALG
data PubKey

-- | RSA public key
PubKeyRSA :: PublicKey -> PubKey

-- | DSA public key
PubKeyDSA :: PublicKey -> PubKey

-- | DH format with (p,g,q,j,(seed,pgenCounter))
PubKeyDH :: (Integer, Integer, Integer, Maybe Integer, ([Word8], Integer)) -> PubKey

-- | ECDSA format not done yet FIXME
PubKeyECDSA :: ECDSA_Hash -> ByteString -> PubKey

-- | unrecognized format
PubKeyUnknown :: OID -> [Word8] -> PubKey
type OID = [Integer]
data ASN1StringType
UTF8 :: ASN1StringType
Printable :: ASN1StringType
Univ :: ASN1StringType
BMP :: ASN1StringType
IA5 :: ASN1StringType
T61 :: ASN1StringType
type ASN1String = (ASN1StringType, String)
newtype DistinguishedName
DistinguishedName :: [(OID, ASN1String)] -> DistinguishedName
getDistinguishedElements :: DistinguishedName -> [(OID, ASN1String)]
data Certificate
Certificate :: Int -> Integer -> SignatureALG -> DistinguishedName -> DistinguishedName -> (Time, Time) -> PubKey -> Maybe [ExtensionRaw] -> Certificate

-- | Certificate Version
certVersion :: Certificate -> Int

-- | Certificate Serial number
certSerial :: Certificate -> Integer

-- | Certificate Signature algorithm
certSignatureAlg :: Certificate -> SignatureALG

-- | Certificate Issuer DN
certIssuerDN :: Certificate -> DistinguishedName

-- | Certificate Subject DN
certSubjectDN :: Certificate -> DistinguishedName

-- | Certificate Validity period
certValidity :: Certificate -> (Time, Time)

-- | Certificate Public key
certPubKey :: Certificate -> PubKey

-- | Certificate Extensions
certExtensions :: Certificate -> Maybe [ExtensionRaw]

-- | get signing data related to a X509 message, - which is either the
--   cached data or the encoded certificate
getSigningData :: X509 -> ByteString

-- | decode an X509 from a bytestring - the structure is the following: -
--   Certificate - Certificate Signature Algorithm - Certificate Signature
decodeCertificate :: ByteString -> Either String X509

-- | encode a X509 certificate to a bytestring
encodeCertificate :: X509 -> ByteString
decodeDN :: ByteString -> Either String DistinguishedName
encodeDN :: DistinguishedName -> ByteString

-- | Make an openssl style hash of distinguished name
hashDN :: DistinguishedName -> ByteString

-- | Create an openssl style old hash of distinguished name
hashDN_old :: DistinguishedName -> ByteString
instance Show X509
instance Eq X509

module Data.CertificateStore

-- | A Collection of certificate or store of certificates.
data CertificateStore

-- | Create a certificate store out of a list of X509 certificate
makeCertificateStore :: [X509] -> CertificateStore

-- | Find a certificate using the subject distinguished name
findCertificate :: DistinguishedName -> CertificateStore -> Maybe X509

-- | List all certificates in a store
listCertificates :: CertificateStore -> [X509]
instance Monoid CertificateStore


-- | this module is portable to unix system where there is usually a
--   <i>etc</i>ssl/certs with system X509 certificates.
--   
--   the path can be dynamically override using the environment variable
--   defined by envPathOverride in the module, which by default is
--   SYSTEM_CERTIFICATE_PATH
module System.Certificate.X509.Unix
getSystemCertificateStore :: IO CertificateStore


module System.Certificate.X509
getSystemCertificateStore :: IO CertificateStore

module System.Certificate.X509.MacOS
getSystemCertificateStore :: IO CertificateStore

APT Browse - Built by Thomas Orozco.