public_key: Add PKCS-10 documentation and PKCS-7 test case

Note that PKCS-7 is an undocumented feature for now.

Also added some minor enhancements to the documentation.

5 files changed, 89 insertions, 13 deletions

diff --git a/lib/public_key/doc/src/cert_records.xml b/lib/public_key/doc/src/cert_records.xml
index ad4f5812cb..edef664245 100644
--- a/lib/public_key/doc/src/cert_records.xml
+++ b/lib/public_key/doc/src/cert_records.xml
@@ -5,7 +5,7 @@
   <header>
     <copyright>
       <year>2008</year>
-      <year>2011</year>
+      <year>2012</year>
       <holder>Ericsson AB, All Rights Reserved</holder>
     </copyright>
     <legalnotice>
@@ -37,7 +37,10 @@
   <p>This chapter briefly describes erlang records derived from asn1
   specifications used to handle X509 certificates. The intent is to
   describe the data types and not to specify the meaning of each
-  component for this we refer you to RFC 5280.
+  component for this we refer you to <url
+  href="http://www.ietf.org/rfc/rfc5280.txt">RFC 5280</url>. Also
+  descirbed is <p>CertificationRequest</p> that is defined by <url
+  href=http://www.rsa.com/rsalabs/node.asp?id=2124">PKCS-10</url>.
   </p>
 
   <p>Use the following include directive to get access to the
@@ -630,6 +633,40 @@ oid names see table below. Ex: ?'id-dsa-with-sha1'</p>
 	 aACompromise        
        </c></p>
  </section>
- 
+
+ <section>
+   <marker id="PKCS10"></marker>
+   <title>PKCS#10 Certification Request</title>
+   <code>
+#'CertificationRequest'{
+          certificationRequestInfo #'CertificationRequestInfo'{},
+	  signatureAlgorithm	   #'CertificationRequest_signatureAlgorithm'{}}.
+	  signature                {0, binary()} - asn1 compact bitstring
+	  }
+
+#'CertificationRequestInfo'{
+	  version       atom(),
+	  subject       {rdnSequence, [#AttributeTypeAndValue'{}]} ,
+	  subjectPKInfo #'CertificationRequestInfo_subjectPKInfo'{},
+	  attributes    [#AttributeTypeAndValue'{}]
+	  }
+
+#'CertificationRequestInfo_subjectPKInfo'{
+          algorithm		#'CertificationRequestInfo_subjectPKInfo_algorithm'{}
+	  subjectPublicKey 	 {0, binary()} - asn1 compact bitstring
+	  }
+
+#'CertificationRequestInfo_subjectPKInfo_algorithm'{
+     algorithm = oid(),
+     parameters = asn1_der_encoded()
+}	  
+
+#'CertificationRequest_signatureAlgorithm'{
+     algorithm = oid(),
+     parameters = asn1_der_encoded()
+     }  
+   </code> 
+ </section>
+
 </section>
 </chapter>
diff --git a/lib/public_key/doc/src/introduction.xml b/lib/public_key/doc/src/introduction.xml
index a21fcf3576..b1d1114a6c 100644
--- a/lib/public_key/doc/src/introduction.xml
+++ b/lib/public_key/doc/src/introduction.xml
@@ -1,11 +1,11 @@
-<?xml version="1.0" encoding="latin1" ?>
+<?xml version="1.0" encoding="iso-8859-1" ?>
 <!DOCTYPE chapter SYSTEM "chapter.dtd">
 
 <chapter>
   <header>
     <copyright>
       <year>2008</year>
-      <year>2011</year>
+      <year>2012</year>
       <holder>Ericsson AB, All Rights Reserved</holder>
     </copyright>
     <legalnotice>
@@ -37,15 +37,15 @@
   <section>
     <title>Purpose</title>
     <p> This application provides an API to public key infrastructure
-    from  RFC 3280 (X.509 certificates) and public key formats defined
-    by the PKCS-standard.</p>
+    from <url href="http://www.ietf.org/rfc/rfc5280.txt">RFC
+    5280</url> (X.509 certificates) and public key formats defined by
+    the <url href=http://www.rsa.com/rsalabs/node.asp?id=2124"> PKCS-standard</url></p>
   </section>
 
   <section>
     <title>Prerequisites</title>
-    <p>It is assumed that the reader is familiar with the Erlang
-    programming language, concepts of OTP and has a basic understanding
-    of the concepts of using public keys.</p>
+    <p>It is assumed that the reader has a basic understanding
+    of the concepts of using public keys and digital certificates.</p>
   </section>
 
   <section>
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index 5c227557f2..2ec1fcff9d 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -34,7 +34,7 @@
   <modulesummary> API module for public key infrastructure.</modulesummary>
   <description>
     <p>This module provides functions to handle public key infrastructure
-    from RFC 5280 - X.509 certificates and some parts of the PKCS-standard.
+    from <url href="http://www.ietf.org/rfc/rfc5280.txt">RFC 5280</url>- X.509 certificates and some parts of the PKCS-standard.
     </p>
   </description>
 
@@ -61,7 +61,7 @@
     <p><code>string = [bytes()]</code></p>
    
     <p><code>pki_asn1_type() = 'Certificate' | 'RSAPrivateKey'| 'RSAPublicKey'
-    'DSAPrivateKey' | 'DSAPublicKey' | 'DHParameter' | 'SubjectPublicKeyInfo'| 'PrivateKeyInfo'</code></p>
+    'DSAPrivateKey' | 'DSAPublicKey' | 'DHParameter' | 'SubjectPublicKeyInfo'| 'PrivateKeyInfo' | 'CertificationRequest'</code></p>
     
     <p><code>pem_entry () = {pki_asn1_type(), binary(), %% DER or encrypted DER
           not_encrypted | cipher_info()} </code></p>
diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl
index 8dfd068d91..1db3b9df90 100644
--- a/lib/public_key/test/public_key_SUITE.erl
+++ b/lib/public_key/test/public_key_SUITE.erl
@@ -268,7 +268,23 @@ pkcs10_pem(Config) when is_list(Config) ->
 
     Entry = public_key:pem_entry_encode('CertificationRequest', PKCS10).
 
-   
+%%--------------------------------------------------------------------
+pkcs7_pem(doc) ->
+    [""];
+pkcs7_pem(suite) ->
+    [];
+pkcs7_pem(Config) when is_list(Config) ->
+    Datadir = ?config(data_dir, Config),
+    [{'ContentInfo', DerPKCS7, not_encrypted} = Entry] =
+	erl_make_certs:pem_to_der(filename:join(Datadir, "pkcs7_cert.pem")),
+
+    erl_make_certs:der_to_pem(filename:join(Datadir, "new_pkcs7_cert.pem"), [Entry]),
+
+    PKCS7 = public_key:der_decode('ContentInfo', DerPKCS7),
+    PKCS7 = public_key:pem_entry_decode(Entry),
+
+    Entry = public_key:pem_entry_encode('ContentInfo', PKCS7).
+
 %%--------------------------------------------------------------------
 cert_pem(doc) ->
     [""];
diff --git a/lib/public_key/test/public_key_SUITE_data/pkcs7_cert.pem b/lib/public_key/test/public_key_SUITE_data/pkcs7_cert.pem
new file mode 100644
index 0000000000..9b450a22c5
--- /dev/null
+++ b/lib/public_key/test/public_key_SUITE_data/pkcs7_cert.pem
@@ -0,0 +1,23 @@
+-----BEGIN PKCS7-----
+MIID6QYJKoZIhvcNAQcCoIID2jCCA9YCAQExADALBgkqhkiG9w0BBwGgggO8MIID
+uDCCAyGgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBgzEOMAwGA1UEAxMFb3RwQ0Ex
+EzARBgNVBAsTCkVybGFuZyBPVFAxFDASBgNVBAoTC0VyaWNzc29uIEFCMQswCQYD
+VQQGEwJTRTESMBAGA1UEBxMJU3RvY2tob2xtMSUwIwYJKoZIhvcNAQkBFhZwZXRl
+ckBlcml4LmVyaWNzc29uLnNlMB4XDTA4MDEwOTA4MjkzMFoXDTE3MTExNzA4Mjkz
+MFowgYQxDzANBgNVBAMTBnNlcnZlcjETMBEGA1UECxMKRXJsYW5nIE9UUDEUMBIG
+A1UEChMLRXJpY3Nzb24gQUIxCzAJBgNVBAYTAlNFMRIwEAYDVQQHEwlTdG9ja2hv
+bG0xJTAjBgkqhkiG9w0BCQEWFnBldGVyQGVyaXguZXJpY3Nzb24uc2UwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAKR20HPrkDGdiavHUyWwFEQwta2dmtF2eQZZ
+i9Xk68UJYbuU7CikHs2srkrwzj0OPIqbp/xOBNzJ7Kch0o4yO6vcEAiSCJ6AB4uS
+M742hrYW4qXgc18K6PqTwSuKr94sn3qQuo4hF/ymCxLrnSicrNpzGOz9A0Lf2+Vk
+6hV0BtdHAgMBAAGjggE3MIIBMzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNV
+HQ4EFgQUi19l/qhEwHP/CUeaEjWy4GhOBRIwgbMGA1UdIwSBqzCBqIAUBquANDqk
+uHayvZ0uKOVtkd59AZuhgYykgYkwgYYxETAPBgNVBAMTCGVybGFuZ0NBMRMwEQYD
+VQQLEwpFcmxhbmcgT1RQMRQwEgYDVQQKEwtFcmljc3NvbiBBQjESMBAGA1UEBxMJ
+U3RvY2tob2xtMQswCQYDVQQGEwJTRTElMCMGCSqGSIb3DQEJARYWcGV0ZXJAZXJp
+eC5lcmljc3Nvbi5zZYIBATAhBgNVHREEGjAYgRZwZXRlckBlcml4LmVyaWNzc29u
+LnNlMCEGA1UdEgQaMBiBFnBldGVyQGVyaXguZXJpY3Nzb24uc2UwDQYJKoZIhvcN
+AQEFBQADgYEAzHGutrGMSeC3Di7Z8d65SM7jZLrkkusmL+D2oPVIOGrfZbVuyfDK
+U/nImm99z+lhC/N3JEEpB6PgAYSskfVdBL3LoxbUTaCn/+G3A/G8NfRVIYyANTBe
+NW6ueNpjnauLzcwpyXpu3vp1VBg8wBePtGTBIbRHRgtwwHRXAddE/WuhADEA
+-----END PKCS7-----