search

haskell-tls / hs-certificate

Certificate and Key Reader/Writer in haskell
60 stars 57 forks source link

x509-validation: Export `doValidate` and no `IO` #99

Open ch1bo opened 5 years ago

ch1bo commented 5 years ago

Hi,

I am using validate from x509-validation package in an otherwise pure (no IO) scenario. After looking at the code I would be interested in accessing doValidate and pass in the current DateTime or not use that at all (disabling the check).

Would you be open about a PR where doValidate is exported and changed to something like:

doValidate :: Monad m => DateTime
           -> ValidationHooks
           -> ValidationChecks
           -> CertificateStore
           -> ServiceID
           -> CertificateChain
           -> m [FailedReason]

As far as I could tell there is no reason to have this lower-level checking function run in IO.

Thanks for creating these packages!

infinisil commented 2 years ago

I made a PR for this here: https://github.com/vincenthz/hs-certificate/pull/126