package tls-async

You can search for identifiers within the package.

in-package search v0.2.0

On This Page

Decoding and encoding in ASN.1 DER and PEM format
Construction of a signing request
Provision a signing request to a certificate

tls-async
- Tls_async
  - Session
    
    Fd
  - X509_async
    
    Authenticator
    
    Param
    
    CRL
    
    Certificate
    
    Distinguished_name
    
    OCSP
    
    Request
    
    Response
    
    PKCS12
    
    Private_key
    
    Public_key
    
    Signing_request

Legend:
Library
Module
Module type
Parameter
Class
Class type

A certificate authority (CA) deals with PKCS 10 certificate signing requests, their construction and encoding, and provisioning using a private key to generate a certificate with a signature thereof.

type t = X509.Signing_request.t

The abstract type of a (self-signed) certification request.

Decoding and encoding in ASN.1 DER and PEM format

val encode_der : t -> Cstruct.t

encode_der sr is cstruct, the ASN.1 encoded representation of the sr.

val encode_pem : t -> Cstruct.t

encode_pem signing_request is pem, the pem encoded signing request.

Construction of a signing request

module Ext = X509.Signing_request.Ext

type request_info = X509.Signing_request.request_info = {

subject : X509.Distinguished_name.t;
public_key : X509.Public_key.t;
extensions : Ext.t;

}

The raw request info of a PKCS 10 certification request info.

val info : t -> request_info

info signing_request is request_info, the information inside the signing_request.

val signature_algorithm : 
  t ->
  (X509.Key_type.signature_scheme * Mirage_crypto.Hash.hash) option

signature_algorithm signing_request is the algorithm used for the signature.

val hostnames : t -> X509.Host.Set.t

hostnames signing_request is the set of domain names this signing_request is requesting. This is either the content of the DNS entries of the SubjectAlternativeName extension, or the common name of the signing_request.

Provision a signing request to a certificate

val decode_der : 
  ?allowed_hashes:Mirage_crypto.Hash.hash list ->
  string ->
  t Core.Or_error.t

val decode_pem : string -> t Core.Or_error.t

val create : 
  Distinguished_name.t ->
  ?digest:Mirage_crypto.Hash.hash ->
  ?extensions:Ext.t ->
  Private_key.t ->
  t Core.Or_error.t

val sign : 
  ?allowed_hashes:Mirage_crypto.Hash.hash list ->
  ?digest:Mirage_crypto.Hash.hash ->
  ?serial:Z.t ->
  ?extensions:Extension.t ->
  t ->
  Private_key.t ->
  Distinguished_name.t ->
  valid_from:Ptime.t ->
  valid_until:Ptime.t ->
  Certificate.t Core.Or_error.t