gazagnaire.org / ocaml-x509
upstream: github.com/mirleft/ocaml-x509
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

OCaml 66.1%
Dune 0.2%
Shell 0.1%
Other 33.6%
28 1 0

Clone this repository

https://tangled.org/gazagnaire.org/ocaml-x509 https://tangled.org/did:plc:jhift2vwcxhou52p3sewcrpx/ocaml-x509
git@git.recoil.org:gazagnaire.org/ocaml-x509 git@git.recoil.org:did:plc:jhift2vwcxhou52p3sewcrpx/ocaml-x509

For self-hosted knots, clone URLs may differ based on your setup.

Download tar.gz
README.md

X.509 - Public Key Infrastructure purely in OCaml#

%%VERSION%% X.509 is a public key infrastructure used mostly on the Internet. It consists of certificates which include public keys and identifiers, signed by an authority. Authorities must be exchanged over a second channel to establish the trust relationship. This library implements most parts of RFC5280 and RFC6125. The Public Key Cryptography Standards (PKCS) defines encoding and decoding in ASN.1 DER and PEM format, which is also implemented by this library - namely PKCS 1, PKCS 7, PKCS 8, PKCS 9 and PKCS 10.

Read our Usenix Security 2015 paper.

Documentation#

API documentation

Installation#

Install with opam:

$ opam install nox-x509

If opam cannot find the package, it may not yet be released in the public opam-repository. Add the overlay repository, then install it:

$ opam repo add samoht https://tangled.org/gazagnaire.org/opam-overlay.git
$ opam update
$ opam install nox-x509

Example#

Decode a PEM bundle, extract certificates, then build an authenticator from a trust anchor set:

let certs =
  X509.Certificate.decode_pem_multiple (Cstruct.of_string pem_bundle)

let authenticator =
  X509.Authenticator.chain_of_trust ~time trust_anchors