From 006f45a738a6612958381b2fcbf48586c008d911 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Tue, 26 Feb 2013 15:52:18 +0100
Subject: public_key & ssl: Add support for ISO oids  1.3.14.3.2.29 and
 1.3.14.3.2.27

Some certificates may use these OIDs instead of the ones defined by
PKIX/PKCS standard.

Refactor code so that all handling of the "duplicate" oids is done by
public_key.

Update algorithm information in documentation.
---
 lib/public_key/doc/src/public_key.xml | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

(limited to 'lib/public_key/doc/src/public_key.xml')

diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index 5864de2d57..84300f6e65 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -48,7 +48,7 @@
       <item>Supports <url href="http://www.ietf.org/rfc/rfc5280.txt">RFC 5280 </url> -
       Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile </item>
       <item>Supports <url href="http://www.rsa.com/rsalabs/node.asp?id=2125"> PKCS-1 </url> - RSA Cryptography Standard </item>
-      <item>Supports <url href="http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf"> DSA</url>- Digital Signature Algorithm</item>
+      <item>Supports <url href="http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf"> DSS</url>- Digital Signature Standard (DSA - Digital Signature Algorithm)</item>
       <item>Supports <url href="http://www.rsa.com/rsalabs/node.asp?id=2126"> PKCS-3 </url> - Diffie-Hellman Key Agreement Standard </item>
       <item>Supports <url href="http://www.rsa.com/rsalabs/node.asp?id=2127"> PKCS-5</url> - Password-Based Cryptography Standard </item>
       <item>Supports <url href="http://www.rsa.com/rsalabs/node.asp?id=2130"> PKCS-8</url> - Private-Key Information Syntax Standard</item>
@@ -72,8 +72,10 @@
     
     <code> -include_lib("public_key/include/public_key.hrl"). </code>
 
-    <p><em>Data Types </em></p> 
+    <p><em>Data Types </em></p>
     
+    <p><code>oid() - a tuple of integers as generated by the ASN1 compiler.</code></p>
+
     <p><code>boolean() = true | false</code></p>
 
     <p><code>string() = [bytes()]</code></p>
@@ -491,6 +493,21 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} |
     </desc> 
   </func> 
 
+  <func>
+    <name>pkix_sign_types(AlgorithmId) -> {DigestType, SignatureType}</name>
+    <fsummary>Translates signature algorithm oid to erlang digest and signature algorithm types.</fsummary>
+    <type>
+      <v>AlgorithmId = oid()</v>
+      <d>Signature oid from a certificate or a certificate revocation list</d>
+      <v>DigestType = rsa_digest_type() | dss_digest_type() </v>
+      <v>SignatureType = rsa | dsa</v>
+    </type>
+    <desc>
+      <p>Translates signature algorithm oid to erlang digest and signature types.
+      </p>
+    </desc>
+  </func>
+
   <func>  
     <name>pkix_verify(Cert, Key) -> boolean()</name>
     <fsummary> Verify pkix x.509 certificate signature.</fsummary>
-- 
cgit v1.2.3