sig
type oid = Netoid.t
class type directory_name =
object
method eq_name : (Netx509.oid * Netasn1.Value.value) list list
method eq_string : string
method name : (Netx509.oid * Netasn1.Value.value) list list
method string : string
end
class type x509_certificate =
object
method extensions : (Netx509.oid * string * bool) list
method issuer : Netx509.directory_name
method issuer_unique_id : Netasn1.Value.bitstring_value option
method public_key : Netasn1.Value.bitstring_value
method public_key_algorithm : Netx509.oid * Netasn1.Value.value option
method serial_number : string
method signature : Netasn1.Value.bitstring_value
method signature_algorithm : Netx509.oid * Netasn1.Value.value option
method subject : Netx509.directory_name
method subject_unique_id : Netasn1.Value.bitstring_value option
method valid_not_after : float
method valid_not_before : float
method version : int
end
module DN_attributes :
sig
val at_name : Netx509.oid
val at_surname : Netx509.oid
val at_givenName : Netx509.oid
val at_initials : Netx509.oid
val at_generationQualifier : Netx509.oid
val at_commonName : Netx509.oid
val at_localityName : Netx509.oid
val at_stateOrProvinceName : Netx509.oid
val at_organizationName : Netx509.oid
val at_organizationalUnitName : Netx509.oid
val at_title : Netx509.oid
val at_dnQualifier : Netx509.oid
val at_countryName : Netx509.oid
val at_serialNumber : Netx509.oid
val at_pseudonym : Netx509.oid
val at_domainComponent : Netx509.oid
val at_emailAddress : Netx509.oid
val at_uid : Netx509.oid
val attribute_types : (Netx509.oid * string * string list) list
val lookup_attribute_type_by_oid : Netx509.oid -> string * string list
val lookup_attribute_type_by_name :
string -> Netx509.oid * string * string list
end
module X509_DN_string : Netdn.DN_string
val lookup_dn_ava :
Netx509.directory_name -> Netx509.oid -> Netasn1.Value.value
val lookup_dn_ava_utf8 : Netx509.directory_name -> Netx509.oid -> string
class x509_dn_from_ASN1 : Netasn1.Value.value -> directory_name
class x509_dn_from_string : string -> directory_name
class x509_certificate_from_ASN1 : Netasn1.Value.value -> x509_certificate
class x509_certificate_from_DER : string -> x509_certificate
module CE :
sig
val ce_authority_key_identifier : Netx509.oid
val ce_subject_key_identifier : Netx509.oid
val ce_key_usage : Netx509.oid
val ce_certificate_policies : Netx509.oid
val ce_any_policy : Netx509.oid
val ce_policy_mappings : Netx509.oid
val ce_subject_alt_name : Netx509.oid
val ce_issuer_alt_name : Netx509.oid
val ce_subject_directory_attributes : Netx509.oid
val ce_basic_constraints : Netx509.oid
val ce_name_constraints : Netx509.oid
val ce_policy_constraints : Netx509.oid
val ce_ext_key_usage : Netx509.oid
val ce_crl_distribution_points : Netx509.oid
val ce_inhibit_any_policy : Netx509.oid
val ce_freshest_crl : Netx509.oid
val ce_authority_info_access : Netx509.oid
val ce_subject_info_access : Netx509.oid
val certificate_extensions : (Netx509.oid * string) list
end
exception Extension_not_found of Netx509.oid
val find_extension :
Netx509.oid -> (Netx509.oid * string * bool) list -> string * bool
val check_critical_exts :
Netx509.oid list -> (Netx509.oid * string * bool) list -> bool
type general_name =
[ `DNS_name of string
| `Directory_name of Netx509.directory_name
| `Edi_party_name of string option * string
| `IP_address of Unix.socket_domain * Unix.inet_addr * Unix.inet_addr
| `Other_name of Netx509.oid * Netasn1.Value.value
| `Registered_ID of Netx509.oid
| `Rfc822_name of string
| `Uniform_resource_identifier of string
| `X400_address of Netasn1.Value.value ]
type authority_key_identifier = {
aki_key_identifier : string option;
aki_authority_cert_issuer : Netx509.general_name list;
aki_authority_cert_serial_number : string option;
}
val parse_authority_key_identifier :
string -> Netx509.authority_key_identifier
val parse_subject_key_identifier : string -> string
type key_usage_flag =
[ `Crl_sign
| `Data_encipherment
| `Decipher_only
| `Digital_signature
| `Encipher_only
| `Key_agreement
| `Key_cert_sign
| `Key_encipherment
| `Non_repudiation ]
val parse_key_usage : string -> Netx509.key_usage_flag list
val parse_subject_alt_name : string -> Netx509.general_name list
val parse_issuer_alt_name : string -> Netx509.general_name list
val parse_subject_directory_attributes :
string -> (Netx509.oid * Netasn1.Value.value list) list
val parse_basic_constraints : string -> bool * int option
type ext_key_usage_flag =
[ `Client_auth
| `Code_signing
| `Email_protection
| `OCSP_signing
| `Server_auth
| `Time_stamping
| `Unknown ]
val parse_ext_key_usage :
string -> (Netx509.oid * Netx509.ext_key_usage_flag) list
module KP :
sig
val kp_server_auth : Netx509.oid
val kp_client_auth : Netx509.oid
val kp_code_signing : Netx509.oid
val kp_email_protection : Netx509.oid
val kp_time_stamping : Netx509.oid
val kp_ocsp_signing : Netx509.oid
val ext_key_purposes :
(Netx509.oid * Netx509.ext_key_usage_flag * string) list
end
type authority_access_description_flag = [ `CA_issuers | `OCSP | `Unknown ]
type subject_access_description_flag =
[ `CA_repository | `Time_stamping | `Unknown ]
type access_description_flag =
[ `CA_issuers | `CA_repository | `OCSP | `Time_stamping | `Unknown ]
val parse_authority_info_access :
string ->
(Netx509.oid * Netx509.authority_access_description_flag *
Netx509.general_name)
list
val parse_subject_info_access :
string ->
(Netx509.oid * Netx509.subject_access_description_flag *
Netx509.general_name)
list
module AD :
sig
val ad_ca_issuers : Netx509.oid
val ad_ocsp : Netx509.oid
val ad_ca_repository : Netx509.oid
val ad_time_stamping : Netx509.oid
val access_descriptions :
(Netx509.oid * Netx509.access_description_flag * string) list
end
val general_name_from_ASN1 : Netasn1.Value.value -> Netx509.general_name
val general_names_from_ASN1 :
Netasn1.Value.value -> Netx509.general_name list
val directory_string_from_ASN1 : Netasn1.Value.value -> string
val attribute_from_ASN1 :
Netasn1.Value.value -> Netx509.oid * Netasn1.Value.value list
val attributes_from_ASN1 :
Netasn1.Value.value -> (Netx509.oid * Netasn1.Value.value list) list
end