aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key/test/public_key_SUITE.erl
diff options
context:
space:
mode:
authorMaxim Fedorov <[email protected]>2018-04-18 15:48:34 -0700
committerMaxim Fedorov <[email protected]>2018-05-21 16:46:56 -0700
commit304dd8f81e28ed04cde9f6f7ac1f79870da1c2cd (patch)
tree0e4b12f70540dd25b07a4f089e4b638a4c2afc72 /lib/public_key/test/public_key_SUITE.erl
parent5ec78bc5314f5b32ba28bae4d95f12ffa28469ca (diff)
downloadotp-304dd8f81e28ed04cde9f6f7ac1f79870da1c2cd.tar.gz
otp-304dd8f81e28ed04cde9f6f7ac1f79870da1c2cd.tar.bz2
otp-304dd8f81e28ed04cde9f6f7ac1f79870da1c2cd.zip
public_key: PKCS8 (Private-Key Information Syntax Standard) encoded private key support
This patch adds support for RSA, DSA and EC private keys encoded using PKCS8 format. Test *.pem files are made with converting existing *.pem files using openssl: openssl pkcs8 -in ... -out ... -topk8 -nocrypt
Diffstat (limited to 'lib/public_key/test/public_key_SUITE.erl')
-rw-r--r--lib/public_key/test/public_key_SUITE.erl30
1 files changed, 30 insertions, 0 deletions
diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl
index 449d1fc040..f5a6f79136 100644
--- a/lib/public_key/test/public_key_SUITE.erl
+++ b/lib/public_key/test/public_key_SUITE.erl
@@ -64,6 +64,7 @@ all() ->
groups() ->
[{pem_decode_encode, [], [dsa_pem, rsa_pem, ec_pem, encrypted_pem,
dh_pem, cert_pem, pkcs7_pem, pkcs10_pem, ec_pem2,
+ rsa_priv_pkcs8, dsa_priv_pkcs8, ec_priv_pkcs8,
ec_pem_encode_generated,
gen_ec_param_prime_field, gen_ec_param_char_2_field
]},
@@ -181,6 +182,16 @@ dsa_pem(Config) when is_list(Config) ->
DSAPubPemNoEndNewLines = strip_superfluous_newlines(DSAPubPem),
DSAPubPemNoEndNewLines = strip_superfluous_newlines(public_key:pem_encode([PubEntry0])).
+dsa_priv_pkcs8() ->
+ [{doc, "DSA PKCS8 private key decode"}].
+dsa_priv_pkcs8(Config) when is_list(Config) ->
+ Datadir = proplists:get_value(data_dir, Config),
+ [{'PrivateKeyInfo', DerDSAKey, not_encrypted} = Entry0 ] =
+ erl_make_certs:pem_to_der(filename:join(Datadir, "dsa_key_pkcs8.pem")),
+ DSAKey = public_key:der_decode('PrivateKeyInfo', DerDSAKey),
+ DSAKey = public_key:pem_entry_decode(Entry0),
+ true = check_entry_type(DSAKey, 'DSAPrivateKey').
+
%%--------------------------------------------------------------------
rsa_pem() ->
@@ -216,6 +227,16 @@ rsa_pem(Config) when is_list(Config) ->
RSARawPemNoEndNewLines = strip_superfluous_newlines(RSARawPem),
RSARawPemNoEndNewLines = strip_superfluous_newlines(public_key:pem_encode([PubEntry1])).
+rsa_priv_pkcs8() ->
+ [{doc, "RSA PKCS8 private key decode"}].
+rsa_priv_pkcs8(Config) when is_list(Config) ->
+ Datadir = proplists:get_value(data_dir, Config),
+ [{'PrivateKeyInfo', DerRSAKey, not_encrypted} = Entry0 ] =
+ erl_make_certs:pem_to_der(filename:join(Datadir, "rsa_key_pkcs8.pem")),
+ RSAKey = public_key:der_decode('PrivateKeyInfo', DerRSAKey),
+ RSAKey = public_key:pem_entry_decode(Entry0),
+ true = check_entry_type(RSAKey, 'RSAPrivateKey').
+
%%--------------------------------------------------------------------
ec_pem() ->
@@ -262,6 +283,15 @@ ec_pem2(Config) when is_list(Config) ->
ECPemNoEndNewLines = strip_superfluous_newlines(ECPrivPem),
ECPemNoEndNewLines = strip_superfluous_newlines(public_key:pem_encode([Entry1, Entry2])).
+ec_priv_pkcs8() ->
+ [{doc, "EC PKCS8 private key decode"}].
+ec_priv_pkcs8(Config) when is_list(Config) ->
+ Datadir = proplists:get_value(data_dir, Config),
+ {ok, ECPrivPem} = file:read_file(filename:join(Datadir, "ec_key_pkcs8.pem")),
+ [{'PrivateKeyInfo', _, not_encrypted} = PKCS8Key] = public_key:pem_decode(ECPrivPem),
+ ECPrivKey = public_key:pem_entry_decode(PKCS8Key),
+ true = check_entry_type(ECPrivKey, 'ECPrivateKey'),
+ true = check_entry_type(ECPrivKey#'ECPrivateKey'.parameters, 'EcpkParameters').
init_ec_pem_encode_generated(Config) ->
case catch true = lists:member('secp384r1', crypto:ec_curves()) of