Library
Module
Module type
Parameter
Class
Class type
X509v3 certificate
val decode_pkcs1_digest_info :
Cstruct.t ->
(Nocrypto.Hash.hash * Cstruct.t, [> Rresult.R.msg ]) Rresult.result
decode_pkcs1_digest_info buffer
is hash, signature
, the hash and raw signature of the given buffer
in ASN.1 DER encoding, or an error.
val encode_pkcs1_digest_info : (Nocrypto.Hash.hash * Cstruct.t) -> Cstruct.t
encode_pkcs1_digest_info (hash, signature)
is data
, the ASN.1 DER encoded hash and signature.
val pp : t Fmt.t
pp ppf cert
pretty-prints the certificate.
val decode_der : Cstruct.t -> (t, [> Rresult.R.msg ]) Rresult.result
decode_der cstruct
is certificate
, the ASN.1 decoded certificate
or an error.
val encode_der : t -> Cstruct.t
encode_der certificate
is cstruct
, the ASN.1 encoded representation of the certificate
.
val decode_pem_multiple :
Cstruct.t ->
(t list, [> Rresult.R.msg ]) Rresult.result
decode_pem_multiple pem
is t list
, where all certificates of the pem
are extracted
val decode_pem : Cstruct.t -> (t, [> Rresult.R.msg ]) Rresult.result
decode_pem pem
is t
, where the single certificate of the pem
is extracted
val encode_pem_multiple : t list -> Cstruct.t
encode_pem_multiple certificates
is pem
, the pem encoded certificates.
val encode_pem : t -> Cstruct.t
encode_pem certificate
is pem
, the pem encoded certificate.
supports_keytype certificate key_type
is result
, whether public key of the certificate
matches the given key_type
.
val public_key : t -> Public_key.t
public_key certificate
is pk
, the public key of the certificate
.
val hostnames : t -> Domain_name.Set.t
hostnames certficate
are hostnames
, the list of hostnames this certificate
is valid for. Currently, these are the DNS names of the Subject Alternative Name extension, if present, or otherwise the singleton list containing the common name.
type host = [ `Strict | `Wildcard ] * [ `host ] Domain_name.t
The polymorphic variant for hostname validation.
supports_hostname certificate host
is result
, whether the certificate
contains the given host
, using hostnames
.
val fingerprint : Nocrypto.Hash.hash -> t -> Cstruct.t
fingerprint hash cert
is digest
, the digest of cert
using the specified hash
algorithm
val subject : t -> Distinguished_name.t
subject certificate
is dn
, the subject as dn of the certificate
.
val issuer : t -> Distinguished_name.t
issuer certificate
is dn
, the issuer as dn of the certificate
.
val serial : t -> Z.t
serial certificate
is sn
, the serial number of the certificate
.
val validity : t -> Ptime.t * Ptime.t
validity certificate
is from, until
, the validity of the certificate.
val extensions : t -> Extension.t
extensions certificate
is the extension map of certificate
.