aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/src
diff options
context:
space:
mode:
authorHans Nilsson <[email protected]>2017-11-10 12:24:11 +0100
committerHans Nilsson <[email protected]>2017-11-10 12:24:11 +0100
commit1d0bd5f30cfd95d0977061618a5e483a8606deca (patch)
tree14307e4be51c3a12ec89b9ede8641e28391ac286 /lib/crypto/src
parent044b0dab40ad2501f84dfdee106b25749e9189a3 (diff)
parent04c2b4316b41598a7d249193db3930e628c1a5fb (diff)
downloadotp-1d0bd5f30cfd95d0977061618a5e483a8606deca.tar.gz
otp-1d0bd5f30cfd95d0977061618a5e483a8606deca.tar.bz2
otp-1d0bd5f30cfd95d0977061618a5e483a8606deca.zip
Merge branch 'hans/crypto/engine_pkey_load/OTP-14448' into maint
Diffstat (limited to 'lib/crypto/src')
-rw-r--r--lib/crypto/src/crypto.erl38
1 files changed, 32 insertions, 6 deletions
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index 9eba4561e1..7510babdde 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -53,6 +53,11 @@
engine_list/0
]).
+-export_type([engine_ref/0,
+ key_id/0,
+ password/0
+ ]).
+
%% Private. For tests.
-export([packed_openssl_version/4, engine_methods_convert_to_bitmask/2, get_test_engine/0]).
@@ -429,13 +434,24 @@ sign(Algorithm, Type, Data, Key, Options) ->
end.
+
+-type key_id() :: string() | binary() .
+-type password() :: string() | binary() .
+
+-type engine_key_ref() :: #{engine := engine_ref(),
+ key_id := key_id(),
+ password => password(),
+ term() => term()
+ }.
+
-type pk_algs() :: rsa | ecdsa | dss .
--type pk_opt() :: list() | rsa_padding() .
+-type pk_key() :: engine_key_ref() | [integer() | binary()] .
+-type pk_opt() :: list() | rsa_padding() .
--spec public_encrypt(pk_algs(), binary(), [binary()], pk_opt()) -> binary().
--spec public_decrypt(pk_algs(), binary(), [integer() | binary()], pk_opt()) -> binary().
--spec private_encrypt(pk_algs(), binary(), [integer() | binary()], pk_opt()) -> binary().
--spec private_decrypt(pk_algs(), binary(), [integer() | binary()], pk_opt()) -> binary().
+-spec public_encrypt(pk_algs(), binary(), pk_key(), pk_opt()) -> binary().
+-spec public_decrypt(pk_algs(), binary(), pk_key(), pk_opt()) -> binary().
+-spec private_encrypt(pk_algs(), binary(), pk_key(), pk_opt()) -> binary().
+-spec private_decrypt(pk_algs(), binary(), pk_key(), pk_opt()) -> binary().
public_encrypt(Algorithm, In, Key, Options) when is_list(Options) ->
case pkey_crypt_nif(Algorithm, In, format_pkey(Algorithm, Key), Options, false, true) of
@@ -588,6 +604,8 @@ compute_key(ecdh, Others, My, Curve) ->
engine_method_pkey_meths | engine_method_pkey_asn1_meths |
engine_method_ec.
+-type engine_ref() :: term().
+
-spec engine_get_all_methods() ->
[engine_method_type()].
engine_get_all_methods() ->
@@ -599,7 +617,7 @@ engine_get_all_methods() ->
-spec engine_load(EngineId::unicode:chardata(),
PreCmds::[{unicode:chardata(), unicode:chardata()}],
PostCmds::[{unicode:chardata(), unicode:chardata()}]) ->
- {ok, Engine::term()} | {error, Reason::term()}.
+ {ok, Engine::engine_ref()} | {error, Reason::term()}.
engine_load(EngineId, PreCmds, PostCmds) when is_list(PreCmds), is_list(PostCmds) ->
engine_load(EngineId, PreCmds, PostCmds, engine_get_all_methods()).
@@ -1107,6 +1125,11 @@ ensure_int_as_bin(Int) when is_integer(Int) ->
ensure_int_as_bin(Bin) ->
Bin.
+format_pkey(_Alg, #{engine:=_, key_id:=T}=M) when is_binary(T) -> format_pwd(M);
+format_pkey(_Alg, #{engine:=_, key_id:=T}=M) when is_list(T) -> format_pwd(M#{key_id:=list_to_binary(T)});
+format_pkey(_Alg, #{engine:=_ }=M) -> error({bad_key_id, M});
+format_pkey(_Alg, #{}=M) -> error({bad_engine_map, M});
+%%%
format_pkey(rsa, Key) ->
map_ensure_int_as_bin(Key);
format_pkey(ecdsa, [Key, Curve]) ->
@@ -1116,6 +1139,9 @@ format_pkey(dss, Key) ->
format_pkey(_, Key) ->
Key.
+format_pwd(#{password := Pwd}=M) when is_list(Pwd) -> M#{password := list_to_binary(Pwd)};
+format_pwd(M) -> M.
+
%%--------------------------------------------------------------------
%%
-type rsa_padding() :: 'rsa_pkcs1_padding' | 'rsa_pkcs1_oaep_padding' | 'rsa_no_padding'.