add a way to get credentials from memory instead of from files.
This commit is contained in:
parent
a59f8b334a
commit
331651b0ca
3 changed files with 17 additions and 1 deletions
|
@ -62,6 +62,7 @@ module Network.TLS
|
||||||
, Credentials(..)
|
, Credentials(..)
|
||||||
, Credential
|
, Credential
|
||||||
, credentialLoadX509
|
, credentialLoadX509
|
||||||
|
, credentialLoadX509FromMemory
|
||||||
|
|
||||||
-- * Initialisation and Termination of context
|
-- * Initialisation and Termination of context
|
||||||
, bye
|
, bye
|
||||||
|
|
|
@ -9,6 +9,7 @@ module Network.TLS.Credentials
|
||||||
( Credential
|
( Credential
|
||||||
, Credentials(..)
|
, Credentials(..)
|
||||||
, credentialLoadX509
|
, credentialLoadX509
|
||||||
|
, credentialLoadX509FromMemory
|
||||||
, credentialsFindForSigning
|
, credentialsFindForSigning
|
||||||
, credentialsFindForDecrypting
|
, credentialsFindForDecrypting
|
||||||
, credentialsListSigningAlgorithms
|
, credentialsListSigningAlgorithms
|
||||||
|
@ -20,6 +21,7 @@ import Data.List (find)
|
||||||
import Network.TLS.Struct
|
import Network.TLS.Struct
|
||||||
import Network.TLS.X509
|
import Network.TLS.X509
|
||||||
import Data.X509.File
|
import Data.X509.File
|
||||||
|
import Data.X509.Memory
|
||||||
import Data.X509
|
import Data.X509
|
||||||
|
|
||||||
type Credential = (CertificateChain, PrivKey)
|
type Credential = (CertificateChain, PrivKey)
|
||||||
|
@ -43,6 +45,19 @@ credentialLoadX509 certFile privateFile = do
|
||||||
[] -> return $ Left "no keys found"
|
[] -> return $ Left "no keys found"
|
||||||
(k:_) -> return $ Right (CertificateChain x509, k)
|
(k:_) -> return $ Right (CertificateChain x509, k)
|
||||||
|
|
||||||
|
-- | similar to 'credentialLoadX509' but take the certificate
|
||||||
|
-- and private key from memory instead of from the filesystem.
|
||||||
|
credentialLoadX509FromMemory :: Bytes
|
||||||
|
-> Bytes
|
||||||
|
-> Either String Credential
|
||||||
|
credentialLoadX509FromMemory certData privateData = do
|
||||||
|
let x509 = readSignedObjectFromMemory certData
|
||||||
|
keys = readKeyFileFromMemory privateData
|
||||||
|
in case keys of
|
||||||
|
[] -> Left "no keys found"
|
||||||
|
(k:_) -> Right (CertificateChain x509, k)
|
||||||
|
where
|
||||||
|
|
||||||
credentialsListSigningAlgorithms :: Credentials -> [SignatureAlgorithm]
|
credentialsListSigningAlgorithms :: Credentials -> [SignatureAlgorithm]
|
||||||
credentialsListSigningAlgorithms (Credentials l) = catMaybes $ map credentialCanSign l
|
credentialsListSigningAlgorithms (Credentials l) = catMaybes $ map credentialCanSign l
|
||||||
|
|
||||||
|
|
|
@ -49,7 +49,7 @@ Library
|
||||||
, asn1-types >= 0.2.0
|
, asn1-types >= 0.2.0
|
||||||
, asn1-encoding
|
, asn1-encoding
|
||||||
, x509 >= 1.4.3 && < 1.5.0
|
, x509 >= 1.4.3 && < 1.5.0
|
||||||
, x509-store
|
, x509-store >= 1.4.4
|
||||||
, x509-validation >= 1.5.0 && < 1.6.0
|
, x509-validation >= 1.5.0 && < 1.6.0
|
||||||
Exposed-modules: Network.TLS
|
Exposed-modules: Network.TLS
|
||||||
Network.TLS.Cipher
|
Network.TLS.Cipher
|
||||||
|
|
Loading…
Reference in a new issue