OTP-8587 DSA key support

New ssl now support client/server-certificates signed by dsa keys.

1 files changed, 29 insertions, 5 deletions

diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl
index 37d5646673..9aa31ae8a4 100644
--- a/lib/ssl/src/ssl_certificate.erl
+++ b/lib/ssl/src/ssl_certificate.erl
@@ -34,7 +34,13 @@
 -export([trusted_cert_and_path/3, 
 	 certificate_chain/2, 
 	 file_to_certificats/1,
-	 validate_extensions/6]).
+	 validate_extensions/6,
+	 is_valid_extkey_usage/2,
+	 is_valid_key_usage/2,
+	 select_extension/2,
+	 extensions_list/1,
+	 signature_type/1
+	]).
  
 %%====================================================================
 %% Internal application API
@@ -112,7 +118,28 @@ validate_extensions([Extension | Rest],  ValidationState, UnknownExtensions,
 		    Verify, AccErr, Role) ->
     validate_extensions(Rest, ValidationState, [Extension | UnknownExtensions],
 		       Verify, AccErr, Role).
-    
+
+is_valid_key_usage(KeyUse, Use) ->
+    lists:member(Use, KeyUse).
+ 
+    select_extension(_, []) ->
+    undefined;
+select_extension(Id, [#'Extension'{extnID = Id} = Extension | _]) ->
+    Extension;
+select_extension(Id, [_ | Extensions]) ->
+    select_extension(Id, Extensions).
+
+extensions_list(asn1_NOVALUE) ->
+    [];
+extensions_list(Extensions) ->
+    Extensions.
+
+signature_type(RSA) when RSA == ?sha1WithRSAEncryption;
+			 RSA == ?md5WithRSAEncryption ->
+    rsa;
+signature_type(?'id-dsa-with-sha1') ->
+    dsa.
+
 %%--------------------------------------------------------------------
 %%% Internal functions
 %%--------------------------------------------------------------------
@@ -188,9 +215,6 @@ is_valid_extkey_usage(KeyUse, server) ->
     %% Server wants to verify client
     is_valid_key_usage(KeyUse, ?'id-kp-clientAuth').
 
-is_valid_key_usage(KeyUse, Use) ->
-    lists:member(Use, KeyUse).
-
 not_valid_extension(Error, true, _) ->
     throw(Error);
 not_valid_extension(Error, false, AccErrors) ->