package x509

You can search for identifiers within the package.

in-package search v0.2.0

Public Key Infrastructure (RFC 5280, PKCS) purely in OCaml

Install

Dune Dependency

github.com Readme Changelog BSD-2-Clause License Edit opam file Versions (11)

Authors

Maintainers

H

Hannes Mehnert <hannes@mehnert.org>

Sources

x509-0.16.5.tbz

sha256=149e25a5fea37f619fb2690bee5c00f01c9dcf31d335f8ffcaab39a7538ccd99

sha512=6dd494dba799eab7edde2af1b63bac6035bf4ae06f3a36dd4fa9abcd13d0c3fe3e93dc5848b65405dc5401b1755fd30c71482cb91f7495bc9cfb7c5bf15ef6d7

doc/x509/X509/PKCS12/index.html

Module `X509.PKCS12`Source

PKCS12 archive files

type t

A PKCS12 encoded archive file,

val decode_der : Cstruct.t -> (t, [> `Msg of string ]) result

decode_der buffer is t, the PKCS12 archive of buffer.

val encode_der : t -> Cstruct.t

encode_der t is buf, the PKCS12 encoded archive of t.

val verify : 
  string ->
  t ->
  ([ `Certificate of Certificate.t
   | `Crl of CRL.t
   | `Private_key of Private_key.t
   | `Decrypted_private_key of Private_key.t ]
     list,
    [> `Msg of string ])
    result

verify password t verifies and decrypts the PKCS12 archive t. The result is the contents of the archive.

val create : 
  ?mac:[ `SHA1 | `SHA224 | `SHA256 | `SHA384 | `SHA512 ] ->
  ?algorithm:[ `AES128_CBC | `AES192_CBC | `AES256_CBC ] ->
  ?iterations:int ->
  string ->
  Certificate.t list ->
  Private_key.t ->
  t

create ~mac ~algorithm ~iterations password certificates private_key constructs a PKCS12 archive with certificates and private_key. They are encrypted with algorithm (using PBES2, PKCS5v2) and integrity protected using mac. A local key id is always embedded in the private key and matching certificate.