opam-version: "2.0"
homepage:     "https://github.com/mirleft/ocaml-x509"
dev-repo: "git+https://github.com/mirleft/ocaml-x509.git"
bug-reports:  "https://github.com/mirleft/ocaml-x509/issues"
doc:          "https://mirleft.github.io/ocaml-x509/doc"
maintainer:   [ "Hannes Mehnert <hannes@mehnert.org>" "David Kaloper <david@numm.org>" ]
license:      "BSD-2-Clause"

build: [
  ["ocaml" "pkg/pkg.ml" "build" "--pinned" "%{pinned}%"]
  ["ocaml" "pkg/pkg.ml" "build" "--pinned" "%{pinned}%" "--tests" "true"]
    {with-test}
  ["ocaml" "pkg/pkg.ml" "test"] {with-test}
]
depends: [
  "ocaml" {>= "4.02.2"}
  "ocamlfind" {build}
  "ocamlbuild" {build}
  "topkg" {build}
  "ppx_sexp_conv" {< "v0.15"}
  "result" {< "1.5"}
  "cstruct" {>= "1.6.0" & < "4.0.0"}
  "sexplib" {< "v0.15"}
  "asn1-combinators" {>= "0.2.0"}
  "ptime"
  "nocrypto" {>= "0.5.3"}
  "astring"
  "ounit" {with-test}
  "cstruct-unix" {with-test & >= "3.0.0"}
]
conflicts: [
  "ppx_sexp_conv" {= "v0.11.0"}
]

tags: [ "org:mirage" ]
synopsis: "Public Key Infrastructure purely in OCaml"
description: """
X.509 is a public key infrastructure used mostly on the Internet.  It consists
of certificates which include public keys and identifiers, signed by an
authority.  Authorities must be exchanged over a second channel to establish the
trust relationship.  This library implements most parts of
[RFC5280](https://tools.ietf.org/html/rfc5280) and
[RFC6125](https://tools.ietf.org/html/rfc6125).

Read [further](https://nqsb.io) and our [Usenix Security 2015 paper](https://usenix15.nqsb.io)."""
authors: [
  "David Kaloper <david@numm.org>" "Hannes Mehnert <hannes@mehnert.org>"
]
url {
  src:
    "https://github.com/mirleft/ocaml-x509/releases/download/0.6.2/x509-0.6.2.tbz"
  checksum: "md5=b39c0ceae9bd22436bf5849316a7e0ee"
}
