From e5776f33e6aa8ea99b14d3fd0525e9117bbe698a Mon Sep 17 00:00:00 2001
From: Magnus Henoch <magnus@erlang-solutions.com>
Date: Mon, 21 Mar 2016 14:57:10 +0000
Subject: Add public_key:pkix_match_dist_point

---
 lib/public_key/doc/src/public_key.xml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'lib/public_key/doc/src')

diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index 6923066da7..becb5338e0 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -727,6 +727,23 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
      </desc> 
  </func>
    
+  <func>
+    <name>pkix_match_dist_point(CRL, DistPoint) -> boolean()</name>
+    <fsummary>Checks whether the given distribution point matches the
+    Issuing Distribution Point of the CRL.</fsummary>
+
+    <type>
+      <v>CRL = der_encoded() | #'CertificateList'{} </v>
+      <v>DistPoint = #'DistributionPoint'{}</v>
+    </type>
+    <desc>
+      <p>Checks whether the given distribution point matches the
+      Issuing Distribution Point of the CRL, as described in RFC 5280.
+      If the CRL doesn't have an Issuing Distribution Point extension,
+      the distribution point always matches.</p>
+    </desc>
+  </func>
+
   <func>
     <name>pkix_sign(#'OTPTBSCertificate'{}, Key) -> der_encoded()</name>
     <fsummary>Signs certificate.</fsummary>
-- 
cgit v1.2.3


From ee2178b073e936760b405b338e473236a5df94ca Mon Sep 17 00:00:00 2001
From: Magnus Henoch <magnus@erlang-solutions.com>
Date: Tue, 8 Dec 2015 18:16:36 +0000
Subject: Function for generating OpenSSL-style name hashes

OpenSSL has functions to generate short (eight hex digits) hashes of
issuers of certificates and CRLs.  These hashes are used by the
"c_rehash" script to populate directories of CA certificates and CRLs,
e.g. in the Apache web server.  Adding this function lets an Erlang
program find the right CRL for a given certificate in such a
directory.
---
 lib/public_key/doc/src/public_key.xml | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'lib/public_key/doc/src')

diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index becb5338e0..96901ed516 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -863,7 +863,26 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
     <p>Verifies a digital signature.</p>
   </desc> 
   </func>
-  
+
+  <func>
+    <name>short_name_hash(Name) -> string()</name>
+    <type>
+      <v>Name = issuer_name()</v>
+    </type>
+    <desc>
+      <p>Generates a short hash of an issuer name.  The hash is
+      returned as a string containing eight hexadecimal digits.</p>
+
+      <p>The return value of this function is the same as the result
+      of the commands <c>openssl crl -hash</c> and
+      <c>openssl x509 -issuer_hash</c>, when passed the issuer name of
+      a CRL or a certificate, respectively.  This hash is used by the
+      <c>c_rehash</c> tool to maintain a directory of symlinks to CRL
+      files, in order to facilitate looking up a CRL by its issuer
+      name.</p>
+    </desc>
+  </func>
+
 </funcs>
 
 </erlref>
-- 
cgit v1.2.3