Added PKCS-8 support in ssl

author: Ingela Anderton Andin <[email protected]> 2011-10-19 10:08:25 +0200
committer: Ingela Anderton Andin <[email protected]> 2011-11-01 16:54:41 +0100
commit: 1564b5853f286c97a7c9e1d6715d3c6f10bea50f (patch)
tree: b28f6c1ba414a4747f8c8d52d80783e266fa9d5a /lib/ssl/src
parent: b211df3a0cca478822d57836dac3dd6452aab32a (diff)
download: otp-1564b5853f286c97a7c9e1d6715d3c6f10bea50f.tar.gz
otp-1564b5853f286c97a7c9e1d6715d3c6f10bea50f.tar.bz2
otp-1564b5853f286c97a7c9e1d6715d3c6f10bea50f.zip
2 files changed, 29 insertions, 6 deletions
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index 35f9410562..d0693445e0 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -608,8 +608,11 @@ validate_option(certfile, Value) when Value == undefined; is_list(Value) ->
 validate_option(key, undefined) ->
     undefined;
 validate_option(key, {KeyType, Value}) when is_binary(Value),
-					    KeyType == rsa;
-					    KeyType == dsa ->
+					    KeyType == rsa; %% Backwards compatibility
+					    KeyType == dsa; %% Backwards compatibility
+					    KeyType == 'RSAPrivateKey';
+					    KeyType == 'DSAPrivateKey';
+					    KeyType == 'PrivateKeyInfo' ->
     {KeyType, Value};
 validate_option(keyfile, Value) when is_list(Value) ->
     Value;
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index c772697f1d..59b0132ff5 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -1126,18 +1126,38 @@ init_private_key(DbHandle, undefined, KeyFile, Password, _) ->
 	{ok, List} = ssl_manager:cache_pem_file(KeyFile, DbHandle),
 	[PemEntry] = [PemEntry || PemEntry = {PKey, _ , _} <- List,
 				  PKey =:= 'RSAPrivateKey' orelse
-				      PKey =:= 'DSAPrivateKey'],
-	public_key:pem_entry_decode(PemEntry, Password)
+				      PKey =:= 'DSAPrivateKey' orelse
+				      PKey =:= 'PrivateKeyInfo'
+		     ],
+	private_key(public_key:pem_entry_decode(PemEntry, Password))
     catch 
 	Error:Reason ->
 	    handle_file_error(?LINE, Error, Reason, KeyFile, ekeyfile,
 			      erlang:get_stacktrace()) 
     end;
 
+%% First two clauses are for backwards compatibility
 init_private_key(_,{rsa, PrivateKey}, _, _,_) ->
-    public_key:der_decode('RSAPrivateKey', PrivateKey);
+    init_private_key('RSAPrivateKey', PrivateKey);
 init_private_key(_,{dsa, PrivateKey},_,_,_) ->
-    public_key:der_decode('DSAPrivateKey', PrivateKey).
+    init_private_key('DSAPrivateKey', PrivateKey);
+init_private_key(_,{Asn1Type, PrivateKey},_,_,_) ->
+    private_key(init_private_key(Asn1Type, PrivateKey)).
+
+init_private_key(Asn1Type, PrivateKey) ->
+    public_key:der_decode(Asn1Type, PrivateKey).
+
+private_key(#'PrivateKeyInfo'{privateKeyAlgorithm =
+				 #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'rsaEncryption'},
+			     privateKey = Key}) ->
+    public_key:der_decode('RSAPrivateKey', iolist_to_binary(Key));
+
+private_key(#'PrivateKeyInfo'{privateKeyAlgorithm =
+				 #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-dsa'},
+			     privateKey = Key}) ->
+    public_key:der_decode('DSAPrivateKey', iolist_to_binary(Key));
+private_key(Key) ->
+    Key.
 
 -spec(handle_file_error(_,_,_,_,_,_) -> no_return()).
 handle_file_error(Line, Error, {badmatch, Reason}, File, Throw, Stack) ->
author	Ingela Anderton Andin <[email protected]>	2011-10-19 10:08:25 +0200
committer	Ingela Anderton Andin <[email protected]>	2011-11-01 16:54:41 +0100
commit	1564b5853f286c97a7c9e1d6715d3c6f10bea50f (patch)
tree	b28f6c1ba414a4747f8c8d52d80783e266fa9d5a /lib/ssl/src
parent	b211df3a0cca478822d57836dac3dd6452aab32a (diff)
download	otp-1564b5853f286c97a7c9e1d6715d3c6f10bea50f.tar.gz otp-1564b5853f286c97a7c9e1d6715d3c6f10bea50f.tar.bz2 otp-1564b5853f286c97a7c9e1d6715d3c6f10bea50f.zip