Legend:
Library
Module
Module type
Parameter
Class
Class type
Library
Module
Module type
Parameter
Class
Class type
X.509v3 extensions
type key_usage = [
| `Digital_signature
| `Content_commitment
| `Key_encipherment
| `Data_encipherment
| `Key_agreement
| `Key_cert_sign
| `CRL_sign
| `Encipher_only
| `Decipher_only
]
The polymorphic variant of key usages.
type extended_key_usage = [
| `Any
| `Server_auth
| `Client_auth
| `Code_signing
| `Email_protection
| `Ipsec_end
| `Ipsec_tunnel
| `Ipsec_user
| `Time_stamping
| `Ocsp_signing
| `Other of Asn.oid
]
The polymorphic variant of extended key usages.
type authority_key_id = string option * General_name.t * string option
The authority key identifier, as present in the Authority Key Identifier extension.
The private key usage period, as defined in RFC 3280.
type name_constraint = (General_name.b * int * int option) list
Name constraints, as defined in RFC 5280.
Certificate policies, the policy extension.
type reason = [
| `Unspecified
| `Key_compromise
| `CA_compromise
| `Affiliation_changed
| `Superseded
| `Cessation_of_operation
| `Certificate_hold
| `Remove_from_CRL
| `Privilege_withdrawn
| `AA_compromise
]
Type of revocation reasons for a given distribution point.
Distribution point name, either a full one using general names, or a relative one using a distinguished name.
type distribution_point =
distribution_point_name option * reason list option * General_name.t option
Distribution point, consisting of an optional name, an optional list of allowed reasons, and an optional issuer.
type _ k =
| Unsupported : Asn.oid -> string extension k
| Subject_alt_name : General_name.t extension k
| Authority_key_id : authority_key_id extension k
| Subject_key_id : string extension k
| Issuer_alt_name : General_name.t extension k
| Key_usage : key_usage list extension k
| Ext_key_usage : extended_key_usage list extension k
| Basic_constraints : (bool * int option) extension k
| CRL_number : int extension k
| Delta_CRL_indicator : int extension k
| Priv_key_period : priv_key_usage_period extension k
| Name_constraints : (name_constraint * name_constraint) extension k
| CRL_distribution_points : distribution_point list extension k
| Issuing_distribution_point : (distribution_point_name option
* bool
* bool
* reason list option
* bool
* bool)
extension
k
| Freshest_CRL : distribution_point list extension k
| Reason : reason extension k
| Invalidity_date : Ptime.t extension k
| Certificate_issuer : General_name.t extension k
| Policies : policy list extension k
include Gmap.S with type 'a key = 'a k
type 'a key = 'a k
The type for map keys whose lookup value is 'a
.
val empty : t
empty
is the empty map.
singleton key value
creates a one-element map that contains a binding value
for key
.
val is_empty : t -> bool
is_empty m
returns true
if the map m
is empty, false
otherwise.
val cardinal : t -> int
cardinal m
returns the number of bindings of the map m
.
find key m
returns Some v
if the binding of key
in m
is v
, or None
if key
is not bound m
.
add_unless_bound key value m
returns Some m'
, a map containing the same bindings as m
, plus a binding of key
to value
. Or, None
if key
was already bound in m
.
add key value m
returns a map containing the same bindings as m
, plus a binding of key
to value
. If key
was already bound in m
, the previous binding disappears.
remove key m
returns a map containing the same bindings as m
, except for key
which is not bound in the returned map. If key
was not bound in m
, m
is returned unchanged.
update k f m
returns a map containing the same bindings as m
, except for the binding v
of k
. Depending the value of v
, which is f (find k m)
, the binding of k
is added, removed, or updated.
bindings m
returns the list of all bindings in the given map m
. The list is sorted with respect to the ordering over the type of the keys.
The function type for the equal operation, using a record type for "first-class" semi-explicit polymorphism.
equal p m m'
tests whether the maps m
and m'
are equal, that is contain equal keys and associate them with equal data. p
is the equality predicate used to compare the data associated with the keys.
The function type for the map operation, using a record type for "first-class" semi-explicit polymorphism.
map f m
returns a map with the same domain as m
, where the associated binding b
has been replaced by the result of the application of f
to b
. The bindings are passed to f
in increasing order with respect to the ordering over the type of the keys.
iter f m
applies f
to all bindings in m
. The bindings are passed in increasing order with respect to the ordering over the type of keys.
fold f m acc
computes (f bN .. (f b1 acc))
, where b1 .. bN
are the bindings of m
in increasing order with respect to the ordering over the type of the keys.
for_all p m
checks if all bindings of the map m
satisfy the predicate p
.
exists p m
checks if at least one binding of the map m
satisfies p
.
filter p m
returns the map with all the bindings in m
that satisfy p
.
The function type for the merge operation, using a record type for "first-class" semi-explicit polymorphism.
merge f m m'
computes a map whose keys is a subset of keys of m
and m'
. The presence of each such binding, and the corresponding value, is determined with the function f
.
The function type for the union operation, using a record type for "first-class" semi-explicit polymorphism.
val critical : 'a key -> 'a -> bool
critical ext_key ext_value
is the critical bit in ext_value
.
val pp : t Fmt.t
pp ppf ext_map
pretty-prints the extension map.