diff options
author | Ingela Anderton Andin <[email protected]> | 2016-06-14 10:47:38 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2016-06-14 10:47:38 +0200 |
commit | 5268c7b957c30c31e551f197463cdd55a792ea69 (patch) | |
tree | 880afe20bbbc06587fe175a8de90a6f4483b0e79 /lib/public_key/doc/src | |
parent | 1418cbbb689dc2c88ecceaedb4eba33061d338e7 (diff) | |
parent | c3e06e575b06f25601fdc60f4142a0d6b9e6eb7a (diff) | |
download | otp-5268c7b957c30c31e551f197463cdd55a792ea69.tar.gz otp-5268c7b957c30c31e551f197463cdd55a792ea69.tar.bz2 otp-5268c7b957c30c31e551f197463cdd55a792ea69.zip |
Merge branch 'legoscia/ssl_crl_hash_dir-bis/PR-982/OTP-13530'
* legoscia/ssl_crl_hash_dir-bis/PR-982/OTP-13530:
Skip crl_hash_dir_expired test for LibreSSL
Add ssl_crl_hash_dir module
Function for generating OpenSSL-style name hashes
Add public_key:pkix_match_dist_point
Improve formatting for crl_{check,cache} options
Add issuer arg to ssl_crl_cache_api lookup callback
Conflicts:
lib/public_key/test/public_key_SUITE.erl
Diffstat (limited to 'lib/public_key/doc/src')
-rw-r--r-- | lib/public_key/doc/src/public_key.xml | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml index 1aa601dc55..74bb06b9b2 100644 --- a/lib/public_key/doc/src/public_key.xml +++ b/lib/public_key/doc/src/public_key.xml @@ -701,6 +701,23 @@ fun(#'DistributionPoint'{}, #'CertificateList'{}, </func> <func> + <name>pkix_match_dist_point(CRL, DistPoint) -> boolean()</name> + <fsummary>Checks whether the given distribution point matches the + Issuing Distribution Point of the CRL.</fsummary> + + <type> + <v>CRL = der_encoded() | #'CertificateList'{} </v> + <v>DistPoint = #'DistributionPoint'{}</v> + </type> + <desc> + <p>Checks whether the given distribution point matches the + Issuing Distribution Point of the CRL, as described in RFC 5280. + If the CRL doesn't have an Issuing Distribution Point extension, + the distribution point always matches.</p> + </desc> + </func> + + <func> <name>pkix_sign(#'OTPTBSCertificate'{}, Key) -> der_encoded()</name> <fsummary>Signs certificate.</fsummary> <type> @@ -819,7 +836,26 @@ fun(#'DistributionPoint'{}, #'CertificateList'{}, <p>Verifies a digital signature.</p> </desc> </func> - + + <func> + <name>short_name_hash(Name) -> string()</name> + <type> + <v>Name = issuer_name()</v> + </type> + <desc> + <p>Generates a short hash of an issuer name. The hash is + returned as a string containing eight hexadecimal digits.</p> + + <p>The return value of this function is the same as the result + of the commands <c>openssl crl -hash</c> and + <c>openssl x509 -issuer_hash</c>, when passed the issuer name of + a CRL or a certificate, respectively. This hash is used by the + <c>c_rehash</c> tool to maintain a directory of symlinks to CRL + files, in order to facilitate looking up a CRL by its issuer + name.</p> + </desc> + </func> + </funcs> </erlref> |