package tls-async

  1. Overview
  2. Docs
type t = X509.CRL.t
val encode_der : t -> Cstruct.t
val issuer : t -> X509.Distinguished_name.t
val this_update : t -> Ptime.t
val next_update : t -> Ptime.t option
type revoked_cert = X509.CRL.revoked_cert = {
  1. serial : Z.t;
  2. date : Ptime.t;
  3. extensions : X509.Extension.t;
}
val reason : revoked_cert -> X509.Extension.reason option
val revoked_certificates : t -> revoked_cert list
val extensions : t -> X509.Extension.t
val crl_number : t -> int option
val signature_algorithm : t -> (X509.Key_type.signature_scheme * Mirage_crypto.Hash.hash) option
val validate : t -> ?allowed_hashes:Mirage_crypto.Hash.hash list -> X509.Public_key.t -> (unit, [> X509.Validation.signature_error ]) Stdlib.result
type verification_error = [
  1. | `Bad_encoding of X509.Distinguished_name.t * string * Cstruct.t
  2. | `Bad_signature of X509.Distinguished_name.t * string
  3. | `Hash_not_allowed of X509.Distinguished_name.t * Mirage_crypto.Hash.hash
  4. | `Issuer_subject_mismatch of X509.Distinguished_name.t * X509.Distinguished_name.t
  5. | `Msg of string
  6. | `Next_update_scheduled of X509.Distinguished_name.t * Ptime.t * Ptime.t
  7. | `Not_yet_valid of X509.Distinguished_name.t * Ptime.t * Ptime.t
  8. | `Unsupported_algorithm of X509.Distinguished_name.t * string
  9. | `Unsupported_keytype of X509.Distinguished_name.t * X509.Public_key.t
]
val pp_verification_error : verification_error Fmt.t
val verify : t -> ?allowed_hashes:Mirage_crypto.Hash.hash list -> ?time:Ptime.t -> X509.Certificate.t -> (unit, [> verification_error ]) Stdlib.result
val is_revoked : ?allowed_hashes:Mirage_crypto.Hash.hash list -> issuer:X509.Certificate.t -> cert:X509.Certificate.t -> t list -> bool
val decode_der : contents:string -> t Core.Or_error.t
val revoke : ?digest:Mirage_crypto.Hash.hash -> issuer:Distinguished_name.t -> this_update:Ptime.t -> ?next_update:Ptime.t -> ?extensions:Extension.t -> revoked_cert list -> Private_key.t -> t Core.Or_error.t
val revoke_certificate : revoked_cert -> this_update:Ptime.t -> ?next_update:Ptime.t -> t -> Private_key.t -> t Core.Or_error.t
val revoke_certificates : revoked_cert list -> this_update:Ptime.t -> ?next_update:Ptime.t -> t -> Private_key.t -> t Core.Or_error.t
val of_pem_dir : directory:Core.Filename.t -> t list Async.Deferred.Or_error.t
OCaml

Innovation. Community. Security.

GitHub Discord Twitter Peertube RSS
About
Changelog Releases Industrial Users Academic Users Why OCaml
Ecosystem
Packages Community Events OCaml Planet Jobs
Resources
Install OCaml Get Started Platform Tools Language Manual Standard Library API Books Exercises Papers OCaml Playground Logo
Policies
Carbon Footprint Governance Privacy Code of Conduct