aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFredrik Gustafsson <fredrik@erlang.org>2012-11-13 16:19:18 +0100
committerIngela Anderton Andin <ingela@erlang.org>2012-11-15 14:02:00 +0100
commit689b6c5bacf0d7f89c7f3de028627753ad5a1438 (patch)
treeb2d639311e8a1036340fab2dc9a3fdd747fb07ce
parent067aef311309ad751ddeb9c40169b25c0dd1b72c (diff)
downloadotp-689b6c5bacf0d7f89c7f3de028627753ad5a1438.tar.gz
otp-689b6c5bacf0d7f89c7f3de028627753ad5a1438.tar.bz2
otp-689b6c5bacf0d7f89c7f3de028627753ad5a1438.zip
public_key: Added PKCS-10
-rw-r--r--lib/public_key/asn1/Makefile3
-rw-r--r--lib/public_key/asn1/PKCS-10.asn167
-rw-r--r--lib/public_key/asn1/PKCS-FRAME.set.asn1
-rw-r--r--lib/public_key/include/public_key.hrl2
-rw-r--r--lib/public_key/src/pubkey_pem.erl8
-rw-r--r--lib/public_key/src/public_key.erl4
-rw-r--r--lib/public_key/test/public_key_SUITE.erl15
7 files changed, 96 insertions, 4 deletions
diff --git a/lib/public_key/asn1/Makefile b/lib/public_key/asn1/Makefile
index 4b4db9ec6d..c8426411d3 100644
--- a/lib/public_key/asn1/Makefile
+++ b/lib/public_key/asn1/Makefile
@@ -40,7 +40,7 @@ RELSYSDIR = $(RELEASE_PATH)/lib/public_key-$(VSN)
ASN_TOP = OTP-PUB-KEY PKCS-FRAME
ASN_MODULES = PKIX1Explicit88 PKIX1Implicit88 PKIX1Algorithms88 \
- PKIXAttributeCertificate PKCS-1 PKCS-3 PKCS-7 PKCS-8 PKCS5v2-0 OTP-PKIX \
+ PKIXAttributeCertificate PKCS-1 PKCS-3 PKCS-7 PKCS-8 PKCS-10 PKCS5v2-0 OTP-PKIX \
AuthenticationFramework InformationFramework UsefulDefinitions SelectedAttributeTypes
ASN_ASNS = $(ASN_MODULES:%=%.asn1)
ASN_ERLS = $(ASN_TOP:%=%.erl)
@@ -120,6 +120,7 @@ PKCS-FRAME.erl PKCS-FRAME.hrl: PKCS-FRAME.asn1db
PKCS-FRAME.asn1db: PKCS5v2-0.asn1\
PKCS-8.asn1\
PKCS-7.asn1\
+ PKCS-10.asn1\
AuthenticationFramework.asn1\
InformationFramework.asn1\
UsefulDefinitions.asn1\
diff --git a/lib/public_key/asn1/PKCS-10.asn1 b/lib/public_key/asn1/PKCS-10.asn1
new file mode 100644
index 0000000000..09db4f9460
--- /dev/null
+++ b/lib/public_key/asn1/PKCS-10.asn1
@@ -0,0 +1,67 @@
+PKCS-10 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
+pkcs-10(10) modules(1) pkcs-10(1)}
+
+-- $Revision: 1.3 $ --
+
+DEFINITIONS IMPLICIT TAGS ::=
+
+BEGIN
+
+-- EXPORTS All --
+-- All types and values defined in this module are exported for use
+-- in other ASN.1 modules.
+
+IMPORTS
+
+informationFramework, authenticationFramework
+ FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
+ usefulDefinitions(0) 3}
+
+ATTRIBUTE, Name
+ FROM InformationFramework informationFramework
+
+ALGORITHM
+ FROM AuthenticationFramework authenticationFramework;
+
+-- Certificate requests
+
+CertificationRequestInfo ::= SEQUENCE {
+ version INTEGER { v1(0) } (v1,...),
+ subject Name,
+ subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
+ attributes [0] Attributes{{ CRIAttributes }}
+}
+
+SubjectPublicKeyInfo {ALGORITHM: IOSet} ::= SEQUENCE {
+ algorithm AlgorithmIdentifier {{IOSet}},
+ subjectPublicKey BIT STRING
+}
+
+PKInfoAlgorithms ALGORITHM ::= {
+ ... -- add any locally defined algorithms here -- }
+
+Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }}
+
+CRIAttributes ATTRIBUTE ::= {
+ ... -- add any locally defined attributes here -- }
+
+Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
+ type ATTRIBUTE.&id({IOSet}),
+ values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type})
+}
+
+CertificationRequest ::= SEQUENCE {
+ certificationRequestInfo CertificationRequestInfo,
+ signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }},
+ signature BIT STRING
+}
+
+AlgorithmIdentifier {ALGORITHM:IOSet } ::= SEQUENCE {
+ algorithm ALGORITHM.&id({IOSet}),
+ parameters ALGORITHM.&Type({IOSet}{@algorithm}) OPTIONAL
+}
+
+SignatureAlgorithms ALGORITHM ::= {
+ ... -- add any locally defined algorithms here -- }
+
+END \ No newline at end of file
diff --git a/lib/public_key/asn1/PKCS-FRAME.set.asn b/lib/public_key/asn1/PKCS-FRAME.set.asn
index 343afedd76..64da71509d 100644
--- a/lib/public_key/asn1/PKCS-FRAME.set.asn
+++ b/lib/public_key/asn1/PKCS-FRAME.set.asn
@@ -1,3 +1,4 @@
PKCS-8.asn1
PKCS-7.asn1
PKCS5v2-0.asn1
+PKCS-10.asn1
diff --git a/lib/public_key/include/public_key.hrl b/lib/public_key/include/public_key.hrl
index 2475295974..2dfdbbb8f3 100644
--- a/lib/public_key/include/public_key.hrl
+++ b/lib/public_key/include/public_key.hrl
@@ -78,7 +78,7 @@
-type dsa_public_key() :: {integer(), #'Dss-Parms'{}}.
-type pki_asn1_type() :: 'Certificate' | 'RSAPrivateKey' | 'RSAPublicKey'
| 'DSAPrivateKey' | 'DSAPublicKey' | 'DHParameter'
- | 'SubjectPublicKeyInfo'.
+ | 'SubjectPublicKeyInfo' | 'CertificationRequest'.
-type pem_entry() :: {pki_asn1_type(), binary(), %% DER or Encrypted DER
not_encrypted | {Cipher :: string(), Salt :: binary()}}.
-type asn1_type() :: atom(). %% see "OTP-PUB-KEY.hrl
diff --git a/lib/public_key/src/pubkey_pem.erl b/lib/public_key/src/pubkey_pem.erl
index f51d59a789..15290387ff 100644
--- a/lib/public_key/src/pubkey_pem.erl
+++ b/lib/public_key/src/pubkey_pem.erl
@@ -1,7 +1,7 @@
%%
%% %CopyrightBegin%
%%
-%% Copyright Ericsson AB 2008-2011. All Rights Reserved.
+%% Copyright Ericsson AB 2008-2012. All Rights Reserved.
%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
@@ -195,6 +195,8 @@ pem_start('DSAPrivateKey') ->
<<"-----BEGIN DSA PRIVATE KEY-----">>;
pem_start('DHParameter') ->
<<"-----BEGIN DH PARAMETERS-----">>;
+pem_start('CertificationRequest') ->
+ <<"-----BEGIN CERTIFICATE REQUEST-----">>;
pem_start('ContentInfo') ->
<<"-----BEGIN PKCS7-----">>.
@@ -214,6 +216,8 @@ pem_end(<<"-----BEGIN PRIVATE KEY-----">>) ->
<<"-----END PRIVATE KEY-----">>;
pem_end(<<"-----BEGIN ENCRYPTED PRIVATE KEY-----">>) ->
<<"-----END ENCRYPTED PRIVATE KEY-----">>;
+pem_end(<<"-----BEGIN CERTIFICATE REQUEST-----">>) ->
+ <<"-----END CERTIFICATE REQUEST-----">>;
pem_end(<<"-----BEGIN PKCS7-----">>) ->
<<"-----END PKCS7-----">>.
@@ -233,6 +237,8 @@ asn1_type(<<"-----BEGIN PRIVATE KEY-----">>) ->
'PrivateKeyInfo';
asn1_type(<<"-----BEGIN ENCRYPTED PRIVATE KEY-----">>) ->
'EncryptedPrivateKeyInfo';
+asn1_type(<<"-----BEGIN CERTIFICATE REQUEST-----">>) ->
+ 'CertificationRequest';
asn1_type(<<"-----BEGIN PKCS7-----">>) ->
'ContentInfo'.
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index d5df53e848..f7252d18a6 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -176,7 +176,9 @@ der_decode(Asn1Type, Der) when is_atom(Asn1Type), is_binary(Der) ->
%% Description: Encodes a public key entity with asn1 DER encoding.
%%--------------------------------------------------------------------
der_encode(Asn1Type, Entity) when (Asn1Type == 'PrivateKeyInfo') or
- (Asn1Type == 'EncryptedPrivateKeyInfo') ->
+ (Asn1Type == 'EncryptedPrivateKeyInfo') or
+ (Asn1Type == 'CertificationRequest')
+ ->
try
{ok, Encoded} = 'PKCS-FRAME':encode(Asn1Type, Entity),
iolist_to_binary(Encoded)
diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl
index 6a879867e1..eeecdb7d8f 100644
--- a/lib/public_key/test/public_key_SUITE.erl
+++ b/lib/public_key/test/public_key_SUITE.erl
@@ -249,6 +249,21 @@ dh_pem(Config) when is_list(Config) ->
DHParameter = public_key:pem_entry_decode(Entry),
Entry = public_key:pem_entry_encode('DHParameter', DHParameter).
+
+%%--------------------------------------------------------------------
+
+pkcs10_pem(doc) ->
+ [""];
+pkcs10_pem(suite) ->
+ [];
+pkcs10_pem(Config) when is_list(Config) ->
+ Datadir = ?config(data_dir, Config),
+ [{'CertificationRequest', DerPKCS10, not_encrypted} = Entry] =
+ erl_make_certs:pem_to_der(filename:join(Datadir, "req.pem")),
+
+ erl_make_certs:der_to_pem(filename:join(Datadir, "new_req.pem"), [Entry]),
+
+ public_key:der_decode('CertificationRequest', DerPKCS10).
%%--------------------------------------------------------------------
cert_pem(doc) ->