Merge branch 'ia/ssl-asn1-spec-dss-params/OTP-7884' into dev

* ia/ssl-asn1-spec-dss-params/OTP-7884:
  Handling of DSA key parameters

3 files changed, 18 insertions, 9 deletions

diff --git a/lib/public_key/asn1/OTP-PKIX.asn1 b/lib/public_key/asn1/OTP-PKIX.asn1
index c0cf440496..ad704191a9 100644
--- a/lib/public_key/asn1/OTP-PKIX.asn1
+++ b/lib/public_key/asn1/OTP-PKIX.asn1
@@ -302,18 +302,25 @@ SupportedPublicKeyAlgorithms PUBLIC-KEY-ALGORITHM-CLASS ::= {
 
    --   DSA Keys and Signatures
 
+
+      DSAParams  ::=  CHOICE
+       {
+        params     Dss-Parms,
+        null       NULL
+       }
+
    -- SubjectPublicKeyInfo:
 
    dsa PUBLIC-KEY-ALGORITHM-CLASS ::= {
        ID id-dsa
-       TYPE Dss-Parms -- XXX Must be OPTIONAL
+       TYPE DSAParams -- XXX Must be OPTIONAL
        PUBLIC-KEY-TYPE DSAPublicKey }
 
    -- Certificate.signatureAlgorithm
 
    dsa-with-sha1 SIGNATURE-ALGORITHM-CLASS ::= {
-		 ID id-dsa-with-sha1 
-		 TYPE Dss-Parms } 
+		 ID id-dsa-with-sha1
+		 TYPE  DSAParams }
 
 				  --
    --   RSA Keys and Signatures
diff --git a/lib/public_key/src/pubkey_cert.erl b/lib/public_key/src/pubkey_cert.erl
index c1819e6ddc..2335a4e4b4 100644
--- a/lib/public_key/src/pubkey_cert.erl
+++ b/lib/public_key/src/pubkey_cert.erl
@@ -389,10 +389,12 @@ public_key_info(PublicKeyInfo,
     
     NewPublicKeyParams =
 	case PublicKeyParams of
-	    'NULL' when WorkingAlgorithm == Algorithm ->
+	    {null, 'NULL'} when WorkingAlgorithm == Algorithm ->
 		WorkingParams;
-	    _ ->
-		PublicKeyParams
+	    {params, Params} ->
+		Params;
+	    Params ->
+		Params
 	end,
     {Algorithm, PublicKey, NewPublicKeyParams}.
 
diff --git a/lib/public_key/test/erl_make_certs.erl b/lib/public_key/test/erl_make_certs.erl
index e31e5552d3..8b01ca3ad4 100644
--- a/lib/public_key/test/erl_make_certs.erl
+++ b/lib/public_key/test/erl_make_certs.erl
@@ -66,7 +66,7 @@ make_cert(Opts) ->
 %% @end
 %%--------------------------------------------------------------------
 write_pem(Dir, FileName, {Cert, Key = {_,_,not_encrypted}}) when is_binary(Cert) ->
-    ok = der_to_pem(filename:join(Dir, FileName ++ ".pem"), 
+    ok = der_to_pem(filename:join(Dir, FileName ++ ".pem"),
 			       [{'Certificate', Cert, not_encrypted}]),
     ok = der_to_pem(filename:join(Dir, FileName ++ "_key.pem"), [Key]).
 
@@ -268,7 +268,7 @@ publickey(#'RSAPrivateKey'{modulus=N, publicExponent=E}) ->
 			       subjectPublicKey = Public};
 publickey(#'DSAPrivateKey'{p=P, q=Q, g=G, y=Y}) ->
     Algo = #'PublicKeyAlgorithm'{algorithm= ?'id-dsa', 
-				 parameters=#'Dss-Parms'{p=P, q=Q, g=G}},
+				 parameters={params, #'Dss-Parms'{p=P, q=Q, g=G}}},
     #'OTPSubjectPublicKeyInfo'{algorithm = Algo, subjectPublicKey = Y}.
 
 validity(Opts) ->
@@ -290,7 +290,7 @@ sign_algorithm(#'RSAPrivateKey'{}, Opts) ->
 	   end,
     {Type, 'NULL'};
 sign_algorithm(#'DSAPrivateKey'{p=P, q=Q, g=G}, _Opts) ->
-    {?'id-dsa-with-sha1', #'Dss-Parms'{p=P, q=Q, g=G}}.
+    {?'id-dsa-with-sha1', {params,#'Dss-Parms'{p=P, q=Q, g=G}}}.
 
 make_key(rsa, _Opts) ->
     %% (OBS: for testing only)