diff options
Diffstat (limited to 'lib/public_key/doc/src/cert_records.xml')
| -rw-r--r-- | lib/public_key/doc/src/cert_records.xml | 76 |
1 files changed, 57 insertions, 19 deletions
diff --git a/lib/public_key/doc/src/cert_records.xml b/lib/public_key/doc/src/cert_records.xml index ad4f5812cb..f01f7dbaf5 100644 --- a/lib/public_key/doc/src/cert_records.xml +++ b/lib/public_key/doc/src/cert_records.xml @@ -5,7 +5,7 @@ <header> <copyright> <year>2008</year> - <year>2011</year> + <year>2013</year> <holder>Ericsson AB, All Rights Reserved</holder> </copyright> <legalnotice> @@ -34,10 +34,12 @@ <file>cert_records.xml</file> </header> - <p>This chapter briefly describes erlang records derived from asn1 - specifications used to handle X509 certificates. The intent is to - describe the data types and not to specify the meaning of each - component for this we refer you to RFC 5280. + <p>This chapter briefly describes erlang records derived from ASN1 + specifications used to handle <c> X509 certificates</c> and <c>CertificationRequest</c>. + The intent is to describe the data types and not to specify the meaning of each + component for this we refer you to <url + href="http://www.ietf.org/rfc/rfc5280.txt">RFC 5280</url> and + <url href="http://www.rsa.com/rsalabs/node.asp?id=2124">PKCS-10</url>. </p> <p>Use the following include directive to get access to the @@ -45,7 +47,7 @@ <code> -include_lib("public_key/include/public_key.hrl"). </code> - <p>The used asn1 specifications are available <c>asn1</c> subdirectory + <p>The used ASN1 specifications are available <c>asn1</c> subdirectory of the application <c>public_key</c>. </p> @@ -59,7 +61,7 @@ follows here.</p> <p><c>oid() - a tuple of integers - as generated by the asn1 compiler.</c></p> + as generated by the ASN1 compiler.</c></p> <p><c>time() = uct_time() | general_time()</c></p> @@ -98,7 +100,7 @@ #'Certificate'{ tbsCertificate, % #'TBSCertificate'{} signatureAlgorithm, % #'AlgorithmIdentifier'{} - signature % {0, binary()} - asn1 compact bitstring + signature % {0, binary()} - ASN1 compact bitstring }. #'TBSCertificate'{ @@ -116,7 +118,7 @@ #'AlgorithmIdentifier'{ algorithm, % oid() - parameters % asn1_der_encoded() + parameters % der_encoded() }. </code> @@ -124,7 +126,7 @@ #'OTPCertificate'{ tbsCertificate, % #'OTPTBSCertificate'{} signatureAlgorithm, % #'SignatureAlgorithm' - signature % {0, binary()} - asn1 compact bitstring + signature % {0, binary()} - ASN1 compact bitstring }. #'OTPTBSCertificate'{ @@ -134,7 +136,7 @@ issuer, % {rdnSequence, [#AttributeTypeAndValue'{}]} validity, % #'Validity'{} subject, % {rdnSequence, [#AttributeTypeAndValue'{}]} - subjectPublicKeyInfo, % #'SubjectPublicKeyInfo'{} + subjectPublicKeyInfo, % #'OTPSubjectPublicKeyInfo'{} issuerUniqueID, % binary() | asn1_novalue subjectUniqueID, % binary() | asn1_novalue extensions % [#'Extension'{}] @@ -287,7 +289,7 @@ oid names see table below. Ex: ?'id-dsa-with-sha1'</p> #'Extension'{ extnID, % id_extensions() | oid() critical, % boolean() - extnValue % asn1_der_encoded() + extnValue % der_encoded() }. </code> @@ -369,7 +371,7 @@ oid names see table below. Ex: ?'id-dsa-with-sha1'</p> <row> <cell align="left" valign="middle">id-ce-cRLDistributionPoints</cell> - <cell align="left" valign="middle">#'DistributionPoint'{}</cell> + <cell align="left" valign="middle">[#'DistributionPoint'{}]</cell> </row> <row> @@ -458,7 +460,7 @@ oid names see table below. Ex: ?'id-dsa-with-sha1'</p> #'Attribute'{ type, % oid() - values % [asn1_der_encoded()] + values % [der_encoded()] }). #'BasicConstraints'{ @@ -483,9 +485,10 @@ oid names see table below. Ex: ?'id-dsa-with-sha1'</p> }). #'DistributionPoint'{ - distributionPoint, % general_name() | [#AttributeTypeAndValue{}] + distributionPoint, % {fullName, [general_name()]} | {nameRelativeToCRLIssuer, + [#AttributeTypeAndValue{}]} reasons, % [dist_reason()] - cRLIssuer % general_name() + cRLIssuer % [general_name()] }). </code> @@ -527,7 +530,7 @@ oid names see table below. Ex: ?'id-dsa-with-sha1'</p> #'CertificateList'{ tbsCertList, % #'TBSCertList{} signatureAlgorithm, % #'AlgorithmIdentifier'{} - signature % {0, binary()} - asn1 compact bitstring + signature % {0, binary()} - ASN1 compact bitstring }). #'TBSCertList'{ @@ -586,7 +589,8 @@ oid names see table below. Ex: ?'id-dsa-with-sha1'</p> <code> #'IssuingDistributionPoint'{ - distributionPoint, % general_name() | [#AttributeTypeAndValue'{}] + distributionPoint, % {fullName, [general_name()]} | {nameRelativeToCRLIssuer, + [#AttributeTypeAndValue'{}]} onlyContainsUserCerts, % boolean() onlyContainsCACerts, % boolean() onlySomeReasons, % [dist_reason()] @@ -630,6 +634,40 @@ oid names see table below. Ex: ?'id-dsa-with-sha1'</p> aACompromise </c></p> </section> - + + <section> + <marker id="PKCS10"></marker> + <title>PKCS#10 Certification Request</title> + <code> +#'CertificationRequest'{ + certificationRequestInfo #'CertificationRequestInfo'{}, + signatureAlgorithm #'CertificationRequest_signatureAlgorithm'{}}. + signature {0, binary()} - ASN1 compact bitstring + } + +#'CertificationRequestInfo'{ + version atom(), + subject {rdnSequence, [#AttributeTypeAndValue'{}]} , + subjectPKInfo #'CertificationRequestInfo_subjectPKInfo'{}, + attributes [#AttributeTypeAndValue'{}] + } + +#'CertificationRequestInfo_subjectPKInfo'{ + algorithm #'CertificationRequestInfo_subjectPKInfo_algorithm'{} + subjectPublicKey {0, binary()} - ASN1 compact bitstring + } + +#'CertificationRequestInfo_subjectPKInfo_algorithm'{ + algorithm = oid(), + parameters = der_encoded() +} + +#'CertificationRequest_signatureAlgorithm'{ + algorithm = oid(), + parameters = der_encoded() + } + </code> + </section> + </section> </chapter> |