aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/public_key/src/public_key.erl16
-rw-r--r--lib/ssl/src/ssl_handshake.erl2
2 files changed, 16 insertions, 2 deletions
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index b0b0b7a832..b7d0d8c286 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -30,7 +30,7 @@
sign/2, sign/3,
verify_signature/3, verify_signature/4, verify_signature/5,
pem_to_der/1, pem_to_der/2,
- pkix_decode_cert/2, pkix_encode_cert/1,
+ pkix_decode_cert/2, pkix_encode_cert/1, pkix_transform/2,
pkix_is_self_signed/1, pkix_is_fixed_dh_cert/1,
pkix_issuer_id/2,
pkix_is_issuer/2, pkix_normalize_general_name/1,
@@ -162,6 +162,20 @@ pkix_encode_cert(Cert) ->
pubkey_cert_records:encode_cert(Cert).
%%--------------------------------------------------------------------
+%% Function: pkix_transform(CertPart, Op) -> TransformedCertPart
+%%
+%% CertPart = pkix part data
+%% Op = encode | decode
+%%
+%% Description: Transform parts of a pkix certificate between 'plain' format
+%% and the internal 'otp' format, see pkix_decode_cert/2.
+%% Decode transforms from 'plain' to 'otp' and encode from 'otp' to 'plain'
+%% format.
+%%--------------------------------------------------------------------
+pkix_transform(CertPart, Op) ->
+ pubkey_cert_records:transform(CertPart, Op).
+
+%%--------------------------------------------------------------------
%% Function: pkix_path_validation(TrustedCert, CertChain, Options) ->
%% {ok, {{algorithm(), public_key(), public_key_params()} policy_tree()}} |
%% {error, Reason}
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index e502c21df4..07a9f644fa 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -864,7 +864,7 @@ certificate_authorities(CertDbRef) ->
Authorities = certificate_authorities_from_db(CertDbRef),
Enc = fun(#'OTPCertificate'{tbsCertificate=TBSCert}) ->
OTPSubj = TBSCert#'OTPTBSCertificate'.subject,
- Subj = pubkey_cert_records:transform(OTPSubj, encode),
+ Subj = public_key:pkix_transform(OTPSubj, encode),
{ok, DNEncoded} = 'OTP-PUB-KEY':encode('Name', Subj),
DNEncodedBin = iolist_to_binary(DNEncoded),
DNEncodedLen = byte_size(DNEncodedBin),