x509-store-1.4.2/0000755000000000000000000000000012224424521011541 5ustar0000000000000000x509-store-1.4.2/x509-store.cabal0000644000000000000000000000275712224424521014377 0ustar0000000000000000Name: x509-store Version: 1.4.2 Description: X.509 collection accessing and storing methods for certificate, crl, exception list License: BSD3 License-file: LICENSE Copyright: Vincent Hanquez Author: Vincent Hanquez Maintainer: Vincent Hanquez Synopsis: X.509 collection accessing and storing methods Build-Type: Simple Category: Data stability: experimental Homepage: http://github.com/vincenthz/hs-certificate Cabal-Version: >=1.8 Flag test Description: Build unit test Default: False Flag executable Description: Build the executable Default: False Library Build-Depends: base >= 3 && < 5 , bytestring , mtl , containers , directory , filepath , process , time , pem >= 0.1 && < 0.3 , asn1-types >= 0.2 && < 0.3 , asn1-encoding >= 0.8 && < 0.9 , crypto-pubkey-types >= 0.3 && < 0.5 , x509 >= 1.4.3 && < 1.5 Exposed-modules: Data.X509.CertificateStore Data.X509.File ghc-options: -Wall source-repository head type: git location: git://github.com/vincenthz/hs-certificate subdir: x509-store x509-store-1.4.2/LICENSE0000644000000000000000000000273112224424521012551 0ustar0000000000000000Copyright (c) 2010-2013 Vincent Hanquez All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the author nor the names of his contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. x509-store-1.4.2/Setup.hs0000644000000000000000000000005612224424521013176 0ustar0000000000000000import Distribution.Simple main = defaultMain x509-store-1.4.2/Data/0000755000000000000000000000000012224424521012412 5ustar0000000000000000x509-store-1.4.2/Data/X509/0000755000000000000000000000000012224424521013057 5ustar0000000000000000x509-store-1.4.2/Data/X509/File.hs0000644000000000000000000000350312224424521014273 0ustar0000000000000000module Data.X509.File ( readSignedObject , readKeyFile ) where import Control.Applicative import Data.ASN1.Types import Data.ASN1.BinaryEncoding import Data.ASN1.Encoding import qualified Data.X509 as X509 import Data.PEM (pemParseLBS, pemContent, pemName, PEM) import qualified Data.ByteString.Lazy as L import qualified Crypto.Types.PubKey.DSA as DSA readPEMs :: FilePath -> IO [PEM] readPEMs filepath = do content <- L.readFile filepath return $ either error id $ pemParseLBS content -- | return all the signed objects in a file. -- -- (only one type at a time). readSignedObject :: (ASN1Object a, Eq a, Show a) => FilePath -> IO [X509.SignedExact a] readSignedObject filepath = foldl pemToSigned [] <$> readPEMs filepath where pemToSigned acc pem = case X509.decodeSignedObject $ pemContent pem of Left _ -> acc Right obj -> obj : acc -- | return all the public key that were successfully read from a file. readKeyFile :: FilePath -> IO [X509.PrivKey] readKeyFile path = foldl pemToKey [] <$> readPEMs path where pemToKey acc pem = do case decodeASN1' BER (pemContent pem) of Left _ -> acc Right asn1 -> case pemName pem of "RSA PRIVATE KEY" -> case fromASN1 asn1 of Left _ -> acc Right (k,_) -> X509.PrivKeyRSA k : acc "DSA PRIVATE KEY" -> case fromASN1 asn1 of Left _ -> acc Right (k,_) -> X509.PrivKeyDSA (DSA.toPrivateKey k) : acc _ -> acc x509-store-1.4.2/Data/X509/CertificateStore.hs0000644000000000000000000000337212224424521016657 0ustar0000000000000000module Data.X509.CertificateStore ( CertificateStore , makeCertificateStore -- * Queries , findCertificate , listCertificates ) where import Data.List (foldl') import Data.Monoid import Data.X509 import qualified Data.Map as M import Control.Monad (mplus) -- | A Collection of certificate or store of certificates. data CertificateStore = CertificateStore (M.Map DistinguishedName SignedCertificate) | CertificateStores [CertificateStore] instance Monoid CertificateStore where mempty = CertificateStore M.empty mappend s1@(CertificateStore _) s2@(CertificateStore _) = CertificateStores [s1,s2] mappend (CertificateStores l) s2@(CertificateStore _) = CertificateStores (l ++ [s2]) mappend s1@(CertificateStore _) (CertificateStores l) = CertificateStores ([s1] ++ l) mappend (CertificateStores l1) (CertificateStores l2) = CertificateStores (l1 ++ l2) -- | Create a certificate store out of a list of X509 certificate makeCertificateStore :: [SignedCertificate] -> CertificateStore makeCertificateStore = CertificateStore . foldl' accumulate M.empty where accumulate m x509 = M.insert (certSubjectDN $ getCertificate x509) x509 m -- | Find a certificate using the subject distinguished name findCertificate :: DistinguishedName -> CertificateStore -> Maybe SignedCertificate findCertificate dn store = lookupIn store where lookupIn (CertificateStore m) = M.lookup dn m lookupIn (CertificateStores l) = foldl mplus Nothing $ map lookupIn l -- | List all certificates in a store listCertificates :: CertificateStore -> [SignedCertificate] listCertificates (CertificateStore store) = map snd $ M.toList store listCertificates (CertificateStores l) = concatMap listCertificates l