1-- | 2-- Module : Data.X509.Validation.Fingerprint 3-- License : BSD-style 4-- Maintainer : Vincent Hanquez <vincent@snarc.org> 5-- Stability : experimental 6-- Portability : unknown 7-- 8{-# LANGUAGE GeneralizedNewtypeDeriving #-} 9module Data.X509.Validation.Fingerprint 10 ( Fingerprint(..) 11 , getFingerprint 12 ) where 13 14import Crypto.Hash 15import Data.X509 16import Data.ASN1.Types 17import Data.ByteArray (convert, ByteArrayAccess) 18import Data.ByteString (ByteString) 19 20-- | Fingerprint of a certificate 21newtype Fingerprint = Fingerprint ByteString 22 deriving (Show,Eq) 23 24instance ByteArrayAccess Fingerprint 25 26-- | Get the fingerprint of the whole signed object 27-- using the hashing algorithm specified 28getFingerprint :: (Show a, Eq a, ASN1Object a) 29 => SignedExact a -- ^ object to fingerprint 30 -> HashALG -- ^ algorithm to compute the fingerprint 31 -> Fingerprint -- ^ fingerprint in binary form 32getFingerprint sobj halg = Fingerprint $ mkHash halg $ encodeSignedObject sobj 33 where 34 mkHash HashMD2 = convert . hashWith MD2 35 mkHash HashMD5 = convert . hashWith MD5 36 mkHash HashSHA1 = convert . hashWith SHA1 37 mkHash HashSHA224 = convert . hashWith SHA224 38 mkHash HashSHA256 = convert . hashWith SHA256 39 mkHash HashSHA384 = convert . hashWith SHA384 40 mkHash HashSHA512 = convert . hashWith SHA512 41