{-# LINE 1 "OpenSSL/X509/Revocation.hsc" #-}
{-# LANGUAGE DeriveDataTypeable #-}
{-# LANGUAGE EmptyDataDecls #-}
{-# LANGUAGE ForeignFunctionInterface #-}
{-# LANGUAGE CApiFFI #-}
{-# OPTIONS_HADDOCK prune #-}
module OpenSSL.X509.Revocation
(
CRL
, X509_CRL
, RevokedCertificate(..)
, newCRL
, wrapCRL
, withCRLPtr
, signCRL
, verifyCRL
, printCRL
, sortCRL
, getVersion
, setVersion
, getLastUpdate
, setLastUpdate
, getNextUpdate
, setNextUpdate
, getIssuerName
, setIssuerName
, getRevokedList
, addRevoked
, getRevoked
)
where
import Control.Monad
{-# LINE 48 "OpenSSL/X509/Revocation.hsc" #-}
import Data.Time.Clock
import Data.Typeable
import Foreign
import Foreign.C
import OpenSSL.ASN1
import OpenSSL.BIO
import OpenSSL.EVP.Digest hiding (digest)
import OpenSSL.EVP.PKey
import OpenSSL.EVP.Verify
import OpenSSL.EVP.Internal
import OpenSSL.Stack
import OpenSSL.Utils
import OpenSSL.X509.Name
newtype CRL = CRL (ForeignPtr X509_CRL)
data {-# CTYPE "openssl/x509.h" "X509_CRL" #-} X509_CRL
data {-# CTYPE "openssl/x509.h" "X509_REVOKED" #-} X509_REVOKED
data RevokedCertificate
= RevokedCertificate {
RevokedCertificate -> Integer
revSerialNumber :: Integer
, RevokedCertificate -> UTCTime
revRevocationDate :: UTCTime
}
deriving (Int -> RevokedCertificate -> ShowS
[RevokedCertificate] -> ShowS
RevokedCertificate -> String
(Int -> RevokedCertificate -> ShowS)
-> (RevokedCertificate -> String)
-> ([RevokedCertificate] -> ShowS)
-> Show RevokedCertificate
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
$cshowsPrec :: Int -> RevokedCertificate -> ShowS
showsPrec :: Int -> RevokedCertificate -> ShowS
$cshow :: RevokedCertificate -> String
show :: RevokedCertificate -> String
$cshowList :: [RevokedCertificate] -> ShowS
showList :: [RevokedCertificate] -> ShowS
Show, RevokedCertificate -> RevokedCertificate -> Bool
(RevokedCertificate -> RevokedCertificate -> Bool)
-> (RevokedCertificate -> RevokedCertificate -> Bool)
-> Eq RevokedCertificate
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
$c== :: RevokedCertificate -> RevokedCertificate -> Bool
== :: RevokedCertificate -> RevokedCertificate -> Bool
$c/= :: RevokedCertificate -> RevokedCertificate -> Bool
/= :: RevokedCertificate -> RevokedCertificate -> Bool
Eq, Typeable)
foreign import capi unsafe "openssl/x509.h X509_CRL_new"
_new :: IO (Ptr X509_CRL)
foreign import capi unsafe "openssl/x509.h &X509_CRL_free"
_free :: FunPtr (Ptr X509_CRL -> IO ())
foreign import capi unsafe "openssl/x509.h X509_CRL_sign"
_sign :: Ptr X509_CRL -> Ptr EVP_PKEY -> Ptr EVP_MD -> IO CInt
foreign import capi unsafe "openssl/x509.h X509_CRL_verify"
_verify :: Ptr X509_CRL -> Ptr EVP_PKEY -> IO CInt
foreign import capi unsafe "openssl/x509.h X509_CRL_print"
_print :: Ptr BIO_ -> Ptr X509_CRL -> IO CInt
foreign import capi unsafe "HsOpenSSL.h HsOpenSSL_X509_CRL_get_version"
_get_version :: Ptr X509_CRL -> IO CLong
foreign import capi unsafe "openssl/x509.h X509_CRL_set_version"
_set_version :: Ptr X509_CRL -> CLong -> IO CInt
foreign import capi unsafe "HsOpenSSL.h HsOpenSSL_X509_CRL_get_lastUpdate"
_get_lastUpdate :: Ptr X509_CRL -> IO (Ptr ASN1_TIME)
foreign import capi unsafe "HsOpenSSL.h HsOpenSSL_X509_CRL_get_nextUpdate"
_get_nextUpdate :: Ptr X509_CRL -> IO (Ptr ASN1_TIME)
{-# LINE 108 "OpenSSL/X509/Revocation.hsc" #-}
foreign import capi unsafe "openssl/x509.h X509_CRL_set1_lastUpdate"
_set_lastUpdate :: Ptr X509_CRL -> Ptr ASN1_TIME -> IO CInt
foreign import capi unsafe "openssl/x509.h X509_CRL_set1_nextUpdate"
_set_nextUpdate :: Ptr X509_CRL -> Ptr ASN1_TIME -> IO CInt
{-# LINE 120 "OpenSSL/X509/Revocation.hsc" #-}
foreign import capi unsafe "HsOpenSSL.h HsOpenSSL_X509_CRL_get_issuer"
_get_issuer_name :: Ptr X509_CRL -> IO (Ptr X509_NAME)
foreign import capi unsafe "openssl/x509.h X509_CRL_set_issuer_name"
_set_issuer_name :: Ptr X509_CRL -> Ptr X509_NAME -> IO CInt
foreign import capi unsafe "HsOpenSSL.h HsOpenSSL_X509_CRL_get_REVOKED"
_get_REVOKED :: Ptr X509_CRL -> IO (Ptr STACK)
foreign import capi unsafe "openssl/x509.h X509_CRL_add0_revoked"
_add0_revoked :: Ptr X509_CRL -> Ptr X509_REVOKED -> IO CInt
{-# LINE 134 "OpenSSL/X509/Revocation.hsc" #-}
foreign import capi unsafe "openssl/x509.h X509_CRL_get0_by_serial"
_get0_by_serial :: Ptr X509_CRL -> Ptr (Ptr X509_REVOKED)
-> Ptr ASN1_INTEGER -> IO CInt
{-# LINE 139 "OpenSSL/X509/Revocation.hsc" #-}
foreign import capi unsafe "openssl/x509.h X509_CRL_sort"
_sort :: Ptr X509_CRL -> IO CInt
foreign import capi unsafe "openssl/x509.h X509_REVOKED_new"
_new_revoked :: IO (Ptr X509_REVOKED)
foreign import capi unsafe "openssl/x509.h X509_REVOKED_free"
freeRevoked :: Ptr X509_REVOKED -> IO ()
foreign import capi unsafe "openssl/x509.h X509_REVOKED_set_serialNumber"
_set_serialNumber :: Ptr X509_REVOKED -> Ptr ASN1_INTEGER -> IO CInt
foreign import capi unsafe "openssl/x509.h X509_REVOKED_set_revocationDate"
_set_revocationDate :: Ptr X509_REVOKED -> Ptr ASN1_TIME -> IO CInt
newCRL :: IO CRL
newCRL :: IO CRL
newCRL = IO (Ptr X509_CRL)
_new IO (Ptr X509_CRL) -> (Ptr X509_CRL -> IO CRL) -> IO CRL
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= Ptr X509_CRL -> IO CRL
wrapCRL
wrapCRL :: Ptr X509_CRL -> IO CRL
wrapCRL :: Ptr X509_CRL -> IO CRL
wrapCRL = (ForeignPtr X509_CRL -> CRL) -> IO (ForeignPtr X509_CRL) -> IO CRL
forall a b. (a -> b) -> IO a -> IO b
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
fmap ForeignPtr X509_CRL -> CRL
CRL (IO (ForeignPtr X509_CRL) -> IO CRL)
-> (Ptr X509_CRL -> IO (ForeignPtr X509_CRL))
-> Ptr X509_CRL
-> IO CRL
forall b c a. (b -> c) -> (a -> b) -> a -> c
. FinalizerPtr X509_CRL -> Ptr X509_CRL -> IO (ForeignPtr X509_CRL)
forall a. FinalizerPtr a -> Ptr a -> IO (ForeignPtr a)
newForeignPtr FinalizerPtr X509_CRL
_free
withCRLPtr :: CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr :: forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr (CRL ForeignPtr X509_CRL
crl) = ForeignPtr X509_CRL -> (Ptr X509_CRL -> IO a) -> IO a
forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr ForeignPtr X509_CRL
crl
signCRL :: KeyPair key =>
CRL
-> key
-> Maybe Digest
-> IO ()
signCRL :: forall key. KeyPair key => CRL -> key -> Maybe Digest -> IO ()
signCRL CRL
crl key
key Maybe Digest
mDigest
= CRL -> (Ptr X509_CRL -> IO ()) -> IO ()
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO ()) -> IO ())
-> (Ptr X509_CRL -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
key -> (Ptr EVP_PKEY -> IO ()) -> IO ()
forall k a. PKey k => k -> (Ptr EVP_PKEY -> IO a) -> IO a
withPKeyPtr' key
key ((Ptr EVP_PKEY -> IO ()) -> IO ())
-> (Ptr EVP_PKEY -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr EVP_PKEY
pkeyPtr ->
do Digest
digest <- case Maybe Digest
mDigest of
Just Digest
md -> Digest -> IO Digest
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return Digest
md
Maybe Digest
Nothing -> key -> IO Digest
forall k. PKey k => k -> IO Digest
pkeyDefaultMD key
key
Digest -> (Ptr EVP_MD -> IO ()) -> IO ()
forall a. Digest -> (Ptr EVP_MD -> IO a) -> IO a
withMDPtr Digest
digest ((Ptr EVP_MD -> IO ()) -> IO ()) -> (Ptr EVP_MD -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr EVP_MD
digestPtr ->
Ptr X509_CRL -> Ptr EVP_PKEY -> Ptr EVP_MD -> IO CInt
_sign Ptr X509_CRL
crlPtr Ptr EVP_PKEY
pkeyPtr Ptr EVP_MD
digestPtr
IO CInt -> (CInt -> IO ()) -> IO ()
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= (CInt -> Bool) -> CInt -> IO ()
forall a. (a -> Bool) -> a -> IO ()
failIf_ (CInt -> CInt -> Bool
forall a. Eq a => a -> a -> Bool
== CInt
0)
() -> IO ()
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return ()
verifyCRL :: PublicKey key => CRL -> key -> IO VerifyStatus
verifyCRL :: forall key. PublicKey key => CRL -> key -> IO VerifyStatus
verifyCRL CRL
crl key
key
= CRL -> (Ptr X509_CRL -> IO VerifyStatus) -> IO VerifyStatus
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO VerifyStatus) -> IO VerifyStatus)
-> (Ptr X509_CRL -> IO VerifyStatus) -> IO VerifyStatus
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
key -> (Ptr EVP_PKEY -> IO VerifyStatus) -> IO VerifyStatus
forall k a. PKey k => k -> (Ptr EVP_PKEY -> IO a) -> IO a
withPKeyPtr' key
key ((Ptr EVP_PKEY -> IO VerifyStatus) -> IO VerifyStatus)
-> (Ptr EVP_PKEY -> IO VerifyStatus) -> IO VerifyStatus
forall a b. (a -> b) -> a -> b
$ \ Ptr EVP_PKEY
pkeyPtr ->
Ptr X509_CRL -> Ptr EVP_PKEY -> IO CInt
_verify Ptr X509_CRL
crlPtr Ptr EVP_PKEY
pkeyPtr
IO CInt -> (CInt -> IO VerifyStatus) -> IO VerifyStatus
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= CInt -> IO VerifyStatus
interpret
where
interpret :: CInt -> IO VerifyStatus
interpret :: CInt -> IO VerifyStatus
interpret CInt
1 = VerifyStatus -> IO VerifyStatus
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return VerifyStatus
VerifySuccess
interpret CInt
0 = VerifyStatus -> IO VerifyStatus
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return VerifyStatus
VerifyFailure
interpret CInt
_ = IO VerifyStatus
forall a. IO a
raiseOpenSSLError
printCRL :: CRL -> IO String
printCRL :: CRL -> IO String
printCRL CRL
crl
= do BIO
mem <- IO BIO
newMem
BIO -> (Ptr BIO_ -> IO ()) -> IO ()
forall a. BIO -> (Ptr BIO_ -> IO a) -> IO a
withBioPtr BIO
mem ((Ptr BIO_ -> IO ()) -> IO ()) -> (Ptr BIO_ -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr BIO_
memPtr ->
CRL -> (Ptr X509_CRL -> IO ()) -> IO ()
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO ()) -> IO ())
-> (Ptr X509_CRL -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
Ptr BIO_ -> Ptr X509_CRL -> IO CInt
_print Ptr BIO_
memPtr Ptr X509_CRL
crlPtr
IO CInt -> (CInt -> IO ()) -> IO ()
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= (CInt -> Bool) -> CInt -> IO ()
forall a. (a -> Bool) -> a -> IO ()
failIf_ (CInt -> CInt -> Bool
forall a. Eq a => a -> a -> Bool
/= CInt
1)
BIO -> IO String
bioRead BIO
mem
getVersion :: CRL -> IO Int
getVersion :: CRL -> IO Int
getVersion CRL
crl
= CRL -> (Ptr X509_CRL -> IO Int) -> IO Int
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO Int) -> IO Int)
-> (Ptr X509_CRL -> IO Int) -> IO Int
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
(CLong -> Int) -> IO CLong -> IO Int
forall (m :: * -> *) a1 r. Monad m => (a1 -> r) -> m a1 -> m r
liftM CLong -> Int
forall a b. (Integral a, Num b) => a -> b
fromIntegral (IO CLong -> IO Int) -> IO CLong -> IO Int
forall a b. (a -> b) -> a -> b
$ Ptr X509_CRL -> IO CLong
_get_version Ptr X509_CRL
crlPtr
setVersion :: CRL -> Int -> IO ()
setVersion :: CRL -> Int -> IO ()
setVersion CRL
crl Int
ver
= CRL -> (Ptr X509_CRL -> IO ()) -> IO ()
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO ()) -> IO ())
-> (Ptr X509_CRL -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
Ptr X509_CRL -> CLong -> IO CInt
_set_version Ptr X509_CRL
crlPtr (Int -> CLong
forall a b. (Integral a, Num b) => a -> b
fromIntegral Int
ver)
IO CInt -> (CInt -> IO CInt) -> IO CInt
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= (CInt -> Bool) -> CInt -> IO CInt
forall a. (a -> Bool) -> a -> IO a
failIf (CInt -> CInt -> Bool
forall a. Eq a => a -> a -> Bool
/= CInt
1)
IO CInt -> IO () -> IO ()
forall a b. IO a -> IO b -> IO b
forall (m :: * -> *) a b. Monad m => m a -> m b -> m b
>> () -> IO ()
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return ()
getLastUpdate :: CRL -> IO UTCTime
getLastUpdate :: CRL -> IO UTCTime
getLastUpdate CRL
crl
= CRL -> (Ptr X509_CRL -> IO UTCTime) -> IO UTCTime
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO UTCTime) -> IO UTCTime)
-> (Ptr X509_CRL -> IO UTCTime) -> IO UTCTime
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
Ptr X509_CRL -> IO (Ptr ASN1_TIME)
_get_lastUpdate Ptr X509_CRL
crlPtr
IO (Ptr ASN1_TIME) -> (Ptr ASN1_TIME -> IO UTCTime) -> IO UTCTime
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= Ptr ASN1_TIME -> IO UTCTime
peekASN1Time
setLastUpdate :: CRL -> UTCTime -> IO ()
setLastUpdate :: CRL -> UTCTime -> IO ()
setLastUpdate CRL
crl UTCTime
utc
= CRL -> (Ptr X509_CRL -> IO ()) -> IO ()
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO ()) -> IO ())
-> (Ptr X509_CRL -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
UTCTime -> (Ptr ASN1_TIME -> IO ()) -> IO ()
forall a. UTCTime -> (Ptr ASN1_TIME -> IO a) -> IO a
withASN1Time UTCTime
utc ((Ptr ASN1_TIME -> IO ()) -> IO ())
-> (Ptr ASN1_TIME -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr ASN1_TIME
time ->
Ptr X509_CRL -> Ptr ASN1_TIME -> IO CInt
_set_lastUpdate Ptr X509_CRL
crlPtr Ptr ASN1_TIME
time
IO CInt -> (CInt -> IO CInt) -> IO CInt
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= (CInt -> Bool) -> CInt -> IO CInt
forall a. (a -> Bool) -> a -> IO a
failIf (CInt -> CInt -> Bool
forall a. Eq a => a -> a -> Bool
/= CInt
1)
IO CInt -> IO () -> IO ()
forall a b. IO a -> IO b -> IO b
forall (m :: * -> *) a b. Monad m => m a -> m b -> m b
>> () -> IO ()
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return ()
getNextUpdate :: CRL -> IO UTCTime
getNextUpdate :: CRL -> IO UTCTime
getNextUpdate CRL
crl
= CRL -> (Ptr X509_CRL -> IO UTCTime) -> IO UTCTime
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO UTCTime) -> IO UTCTime)
-> (Ptr X509_CRL -> IO UTCTime) -> IO UTCTime
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
Ptr X509_CRL -> IO (Ptr ASN1_TIME)
_get_nextUpdate Ptr X509_CRL
crlPtr
IO (Ptr ASN1_TIME) -> (Ptr ASN1_TIME -> IO UTCTime) -> IO UTCTime
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= Ptr ASN1_TIME -> IO UTCTime
peekASN1Time
setNextUpdate :: CRL -> UTCTime -> IO ()
setNextUpdate :: CRL -> UTCTime -> IO ()
setNextUpdate CRL
crl UTCTime
utc
= CRL -> (Ptr X509_CRL -> IO ()) -> IO ()
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO ()) -> IO ())
-> (Ptr X509_CRL -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
UTCTime -> (Ptr ASN1_TIME -> IO ()) -> IO ()
forall a. UTCTime -> (Ptr ASN1_TIME -> IO a) -> IO a
withASN1Time UTCTime
utc ((Ptr ASN1_TIME -> IO ()) -> IO ())
-> (Ptr ASN1_TIME -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr ASN1_TIME
time ->
Ptr X509_CRL -> Ptr ASN1_TIME -> IO CInt
_set_nextUpdate Ptr X509_CRL
crlPtr Ptr ASN1_TIME
time
IO CInt -> (CInt -> IO CInt) -> IO CInt
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= (CInt -> Bool) -> CInt -> IO CInt
forall a. (a -> Bool) -> a -> IO a
failIf (CInt -> CInt -> Bool
forall a. Eq a => a -> a -> Bool
/= CInt
1)
IO CInt -> IO () -> IO ()
forall a b. IO a -> IO b -> IO b
forall (m :: * -> *) a b. Monad m => m a -> m b -> m b
>> () -> IO ()
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return ()
getIssuerName :: CRL -> Bool -> IO [(String, String)]
getIssuerName :: CRL -> Bool -> IO [(String, String)]
getIssuerName CRL
crl Bool
wantLongName
= CRL
-> (Ptr X509_CRL -> IO [(String, String)]) -> IO [(String, String)]
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO [(String, String)]) -> IO [(String, String)])
-> (Ptr X509_CRL -> IO [(String, String)]) -> IO [(String, String)]
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
do Ptr X509_NAME
namePtr <- Ptr X509_CRL -> IO (Ptr X509_NAME)
_get_issuer_name Ptr X509_CRL
crlPtr
Ptr X509_NAME -> Bool -> IO [(String, String)]
peekX509Name Ptr X509_NAME
namePtr Bool
wantLongName
setIssuerName :: CRL -> [(String, String)] -> IO ()
setIssuerName :: CRL -> [(String, String)] -> IO ()
setIssuerName CRL
crl [(String, String)]
issuer
= CRL -> (Ptr X509_CRL -> IO ()) -> IO ()
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO ()) -> IO ())
-> (Ptr X509_CRL -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
[(String, String)] -> (Ptr X509_NAME -> IO ()) -> IO ()
forall a. [(String, String)] -> (Ptr X509_NAME -> IO a) -> IO a
withX509Name [(String, String)]
issuer ((Ptr X509_NAME -> IO ()) -> IO ())
-> (Ptr X509_NAME -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_NAME
namePtr ->
Ptr X509_CRL -> Ptr X509_NAME -> IO CInt
_set_issuer_name Ptr X509_CRL
crlPtr Ptr X509_NAME
namePtr
IO CInt -> (CInt -> IO CInt) -> IO CInt
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= (CInt -> Bool) -> CInt -> IO CInt
forall a. (a -> Bool) -> a -> IO a
failIf (CInt -> CInt -> Bool
forall a. Eq a => a -> a -> Bool
/= CInt
1)
IO CInt -> IO () -> IO ()
forall a b. IO a -> IO b -> IO b
forall (m :: * -> *) a b. Monad m => m a -> m b -> m b
>> () -> IO ()
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return ()
getRevokedList :: CRL -> IO [RevokedCertificate]
getRevokedList :: CRL -> IO [RevokedCertificate]
getRevokedList CRL
crl
= CRL
-> (Ptr X509_CRL -> IO [RevokedCertificate])
-> IO [RevokedCertificate]
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO [RevokedCertificate])
-> IO [RevokedCertificate])
-> (Ptr X509_CRL -> IO [RevokedCertificate])
-> IO [RevokedCertificate]
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
Ptr X509_CRL -> IO (Ptr STACK)
_get_REVOKED Ptr X509_CRL
crlPtr IO (Ptr STACK)
-> (Ptr STACK -> IO [RevokedCertificate])
-> IO [RevokedCertificate]
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= (Ptr X509_REVOKED -> IO RevokedCertificate)
-> Ptr STACK -> IO [RevokedCertificate]
forall a b. (Ptr a -> IO b) -> Ptr STACK -> IO [b]
mapStack Ptr X509_REVOKED -> IO RevokedCertificate
peekRevoked
getSerialNumber :: Ptr X509_REVOKED -> IO (Ptr ASN1_INTEGER)
getRevocationDate :: Ptr X509_REVOKED -> IO (Ptr ASN1_TIME)
{-# LINE 305 "OpenSSL/X509/Revocation.hsc" #-}
foreign import capi unsafe "openssl/x509.h X509_REVOKED_get0_serialNumber"
_get0_serialNumber :: Ptr X509_REVOKED -> IO (Ptr ASN1_INTEGER)
foreign import capi unsafe "openssl/x509.h X509_REVOKED_get0_revocationDate"
_get0_revocationDate :: Ptr X509_REVOKED -> IO (Ptr ASN1_TIME)
getSerialNumber :: Ptr X509_REVOKED -> IO (Ptr ASN1_INTEGER)
getSerialNumber = Ptr X509_REVOKED -> IO (Ptr ASN1_INTEGER)
_get0_serialNumber
getRevocationDate :: Ptr X509_REVOKED -> IO (Ptr ASN1_TIME)
getRevocationDate = Ptr X509_REVOKED -> IO (Ptr ASN1_TIME)
_get0_revocationDate
{-# LINE 321 "OpenSSL/X509/Revocation.hsc" #-}
peekRevoked :: Ptr X509_REVOKED -> IO RevokedCertificate
peekRevoked :: Ptr X509_REVOKED -> IO RevokedCertificate
peekRevoked Ptr X509_REVOKED
rev = do
Integer
serial <- Ptr ASN1_INTEGER -> IO Integer
peekASN1Integer (Ptr ASN1_INTEGER -> IO Integer)
-> IO (Ptr ASN1_INTEGER) -> IO Integer
forall (m :: * -> *) a b. Monad m => (a -> m b) -> m a -> m b
=<< Ptr X509_REVOKED -> IO (Ptr ASN1_INTEGER)
getSerialNumber Ptr X509_REVOKED
rev
UTCTime
date <- Ptr ASN1_TIME -> IO UTCTime
peekASN1Time (Ptr ASN1_TIME -> IO UTCTime) -> IO (Ptr ASN1_TIME) -> IO UTCTime
forall (m :: * -> *) a b. Monad m => (a -> m b) -> m a -> m b
=<< Ptr X509_REVOKED -> IO (Ptr ASN1_TIME)
getRevocationDate Ptr X509_REVOKED
rev
RevokedCertificate -> IO RevokedCertificate
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return RevokedCertificate { revSerialNumber :: Integer
revSerialNumber = Integer
serial
, revRevocationDate :: UTCTime
revRevocationDate = UTCTime
date
}
newRevoked :: RevokedCertificate -> IO (Ptr X509_REVOKED)
newRevoked :: RevokedCertificate -> IO (Ptr X509_REVOKED)
newRevoked RevokedCertificate
revoked
= do Ptr X509_REVOKED
revPtr <- IO (Ptr X509_REVOKED)
_new_revoked
CInt
seriRet <- Integer -> (Ptr ASN1_INTEGER -> IO CInt) -> IO CInt
forall a. Integer -> (Ptr ASN1_INTEGER -> IO a) -> IO a
withASN1Integer (RevokedCertificate -> Integer
revSerialNumber RevokedCertificate
revoked) ((Ptr ASN1_INTEGER -> IO CInt) -> IO CInt)
-> (Ptr ASN1_INTEGER -> IO CInt) -> IO CInt
forall a b. (a -> b) -> a -> b
$
Ptr X509_REVOKED -> Ptr ASN1_INTEGER -> IO CInt
_set_serialNumber Ptr X509_REVOKED
revPtr
CInt
dateRet <- UTCTime -> (Ptr ASN1_TIME -> IO CInt) -> IO CInt
forall a. UTCTime -> (Ptr ASN1_TIME -> IO a) -> IO a
withASN1Time (RevokedCertificate -> UTCTime
revRevocationDate RevokedCertificate
revoked) ((Ptr ASN1_TIME -> IO CInt) -> IO CInt)
-> (Ptr ASN1_TIME -> IO CInt) -> IO CInt
forall a b. (a -> b) -> a -> b
$
Ptr X509_REVOKED -> Ptr ASN1_TIME -> IO CInt
_set_revocationDate Ptr X509_REVOKED
revPtr
if CInt
seriRet CInt -> CInt -> Bool
forall a. Eq a => a -> a -> Bool
/= CInt
1 Bool -> Bool -> Bool
|| CInt
dateRet CInt -> CInt -> Bool
forall a. Eq a => a -> a -> Bool
/= CInt
1 then
Ptr X509_REVOKED -> IO ()
freeRevoked Ptr X509_REVOKED
revPtr IO () -> IO (Ptr X509_REVOKED) -> IO (Ptr X509_REVOKED)
forall a b. IO a -> IO b -> IO b
forall (m :: * -> *) a b. Monad m => m a -> m b -> m b
>> IO (Ptr X509_REVOKED)
forall a. IO a
raiseOpenSSLError
else
Ptr X509_REVOKED -> IO (Ptr X509_REVOKED)
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return Ptr X509_REVOKED
revPtr
addRevoked :: CRL -> RevokedCertificate -> IO ()
addRevoked :: CRL -> RevokedCertificate -> IO ()
addRevoked CRL
crl RevokedCertificate
revoked
= CRL -> (Ptr X509_CRL -> IO ()) -> IO ()
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO ()) -> IO ())
-> (Ptr X509_CRL -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
do Ptr X509_REVOKED
revPtr <- RevokedCertificate -> IO (Ptr X509_REVOKED)
newRevoked RevokedCertificate
revoked
CInt
ret <- Ptr X509_CRL -> Ptr X509_REVOKED -> IO CInt
_add0_revoked Ptr X509_CRL
crlPtr Ptr X509_REVOKED
revPtr
case CInt
ret of
CInt
1 -> () -> IO ()
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return ()
CInt
_ -> Ptr X509_REVOKED -> IO ()
freeRevoked Ptr X509_REVOKED
revPtr IO () -> IO () -> IO ()
forall a b. IO a -> IO b -> IO b
forall (m :: * -> *) a b. Monad m => m a -> m b -> m b
>> IO ()
forall a. IO a
raiseOpenSSLError
getRevoked :: CRL -> Integer -> IO (Maybe RevokedCertificate)
{-# LINE 359 "OpenSSL/X509/Revocation.hsc" #-}
getRevoked crl serial =
withCRLPtr crl $ \crlPtr ->
alloca $ \revPtr ->
withASN1Integer serial $ \serialPtr -> do
r <- _get0_by_serial crlPtr revPtr serialPtr
if r == 1
then fmap Just $ peek revPtr >>= peekRevoked
else return Nothing
{-# LINE 373 "OpenSSL/X509/Revocation.hsc" #-}
sortCRL :: CRL -> IO ()
sortCRL :: CRL -> IO ()
sortCRL CRL
crl
= CRL -> (Ptr X509_CRL -> IO ()) -> IO ()
forall a. CRL -> (Ptr X509_CRL -> IO a) -> IO a
withCRLPtr CRL
crl ((Ptr X509_CRL -> IO ()) -> IO ())
-> (Ptr X509_CRL -> IO ()) -> IO ()
forall a b. (a -> b) -> a -> b
$ \ Ptr X509_CRL
crlPtr ->
Ptr X509_CRL -> IO CInt
_sort Ptr X509_CRL
crlPtr IO CInt -> (CInt -> IO ()) -> IO ()
forall a b. IO a -> (a -> IO b) -> IO b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= (CInt -> Bool) -> CInt -> IO ()
forall a. (a -> Bool) -> a -> IO ()
failIf_ (CInt -> CInt -> Bool
forall a. Eq a => a -> a -> Bool
/= CInt
1)