aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key/src/pubkey_pem.erl
diff options
context:
space:
mode:
Diffstat (limited to 'lib/public_key/src/pubkey_pem.erl')
-rw-r--r--lib/public_key/src/pubkey_pem.erl63
1 files changed, 9 insertions, 54 deletions
diff --git a/lib/public_key/src/pubkey_pem.erl b/lib/public_key/src/pubkey_pem.erl
index f19aab0533..910473d629 100644
--- a/lib/public_key/src/pubkey_pem.erl
+++ b/lib/public_key/src/pubkey_pem.erl
@@ -43,8 +43,6 @@
-include("public_key.hrl").
-export([encode/1, decode/1, decipher/2, cipher/3]).
-%% Backwards compatibility
-%%-export([decode_key/2]).
-define(ENCODED_LINE_LENGTH, 64).
@@ -69,26 +67,22 @@ encode(PemEntries) ->
encode_pem_entries(PemEntries).
%%--------------------------------------------------------------------
--spec decipher({pki_asn1_type(), DerEncrypted::binary(), term()},
- %%{Cipher :: string(),
- %%Salt :: binary()}},
- string()) -> Der::binary().
+-spec decipher({pki_asn1_type(), DerEncrypted::binary(),
+ {Cipher :: string(), Salt :: iodata() | #'PBES2-params'{}}},
+ string()) -> Der::binary().
%%
%% Description: Deciphers a decrypted pem entry.
%%--------------------------------------------------------------------
decipher({_, DecryptDer, {Cipher, KeyDevParams}}, Password) ->
- %%decode_key(DecryptDer, Password, Cipher, Salt).
pubkey_pbe:decode(DecryptDer, Password, Cipher, KeyDevParams).
%%--------------------------------------------------------------------
--spec cipher(Der::binary(), term(),
-%%{Cipher :: string(), Hash::atom(), Salt :: binary()} ,
+-spec cipher(Der::binary(), {Cipher :: string(), Salt :: iodata() | #'PBES2-params'{}} ,
string()) -> binary().
%%
%% Description: Ciphers a PEM entry
%%--------------------------------------------------------------------
cipher(Der, {Cipher, KeyDevParams}, Password)->
- %%encode_key(Der, Password, Cipher, Salt).
pubkey_pbe:encode(Der, Password, Cipher, KeyDevParams).
%%--------------------------------------------------------------------
@@ -100,7 +94,7 @@ encode_pem_entries(Entries) ->
encode_pem_entry({Type, Der, not_encrypted}) ->
StartStr = pem_start(Type),
[StartStr, "\n", b64encode_and_split(Der), "\n", pem_end(StartStr) ,"\n\n"];
-encode_pem_entry({Type, Der, {Cipher, {_, Salt}}}) ->
+encode_pem_entry({Type, Der, {Cipher, Salt}}) ->
StartStr = pem_start(Type),
[StartStr,"\n", pem_decrypt(),"\n", pem_decrypt_info(Cipher, Salt),"\n",
b64encode_and_split(Der), "\n", pem_end(StartStr) ,"\n\n"].
@@ -126,7 +120,7 @@ decode_pem_entry(Start, [<<"Proc-Type: 4,ENCRYPTED", _/binary>>, Line | Lines])
Decoded = base64:mime_decode(Cs),
[_, DekInfo0] = string:tokens(binary_to_list(Line), ": "),
[Cipher, Salt] = string:tokens(DekInfo0, ","),
- {Type, Decoded, {Cipher, {salt, unhex(Salt)}}};
+ {Type, Decoded, {Cipher, unhex(Salt)}};
decode_pem_entry(Start, Lines) ->
Type = asn1_type(Start),
Cs = erlang:iolist_to_binary(Lines),
@@ -140,9 +134,9 @@ decode_pem_entry(Start, Lines) ->
decode_encrypted_private_keyinfo(Der) ->
#'EncryptedPrivateKeyInfo'{encryptionAlgorithm = AlgorithmInfo,
- encryptedData = Data} = public_key:der_decode('EncryptedPrivateKeyInfo', Der),
- DecryptParams = pubkey_pbe:decrypt_parameters(AlgorithmInfo),
-
+ encryptedData = Data} =
+ public_key:der_decode('EncryptedPrivateKeyInfo', Der),
+ DecryptParams = pubkey_pbe:decrypt_parameters(AlgorithmInfo),
{'PrivateKeyInfo', iolist_to_binary(Data), DecryptParams}.
split_bin(Bin) ->
@@ -176,37 +170,6 @@ join_entry([<<"-----END ", _/binary>>| Lines], Entry) ->
join_entry([Line | Lines], Entry) ->
join_entry(Lines, [Line | Entry]).
-%% decode_key(Data, Password, "DES-CBC", Salt) ->
-%% Key = password_to_key(Password, Salt, 8),
-%% IV = Salt,
-%% crypto:des_cbc_decrypt(Key, IV, Data);
-%% decode_key(Data, Password, "DES-EDE3-CBC", Salt) ->
-%% Key = password_to_key(Password, Salt, 24),
-%% IV = Salt,
-%% <<Key1:8/binary, Key2:8/binary, Key3:8/binary>> = Key,
-%% crypto:des_ede3_cbc_decrypt(Key1, Key2, Key3, IV, Data).
-
-%% encode_key(Data, Password, "DES-CBC", Salt) ->
-%% Key = password_to_key(Password, Salt, 8),
-%% IV = Salt,
-%% crypto:des_cbc_encrypt(Key, IV, Data);
-%% encode_key(Data, Password, "DES-EDE3-CBC", Salt) ->
-%% Key = password_to_key(Password, Salt, 24),
-%% IV = Salt,
-%% <<Key1:8/binary, Key2:8/binary, Key3:8/binary>> = Key,
-%% crypto:des_ede3_cbc_encrypt(Key1, Key2, Key3, IV, Data).
-
-%% password_to_key(Data, Salt, KeyLen) ->
-%% <<Key:KeyLen/binary, _/binary>> =
-%% password_to_key(<<>>, Data, Salt, KeyLen, <<>>),
-%% Key.
-
-%% password_to_key(_, _, _, Len, Acc) when Len =< 0 ->
-%% Acc;
-%% password_to_key(Prev, Data, Salt, Len, Acc) ->
-%% M = crypto:md5([Prev, Data, Salt]),
-%% password_to_key(M, Data, Salt, Len - size(M), <<Acc/binary, M/binary>>).
-
unhex(S) ->
unhex(S, []).
@@ -273,11 +236,3 @@ pem_decrypt() ->
pem_decrypt_info(Cipher, Salt) ->
io_lib:format("DEK-Info: ~s,~s", [Cipher, lists:flatten(hexify(Salt))]).
-
-%%--------------------------------------------------------------------
-%%% Deprecated
-%%--------------------------------------------------------------------
-%% decode_key({_Type, Bin, not_encrypted}, _) ->
-%% Bin;
-%% decode_key({_Type, Bin, {Chipher,Salt}}, Password) ->
-%% decode_key(Bin, Password, Chipher, Salt).