From af68c9d17e99254c216c16a01167d95023cbd1cd Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Thu, 24 Aug 2017 17:59:31 +0200
Subject: public_key, ssl: Provide certitifate test data generation function in
 public_key

The ssl application uses the new function in many of its test cases.
---
 lib/public_key/src/public_key.erl | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

(limited to 'lib/public_key/src/public_key.erl')

diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index 9a61184f8a..cc01b61433 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -58,11 +58,13 @@
 	 pkix_match_dist_point/2,
 	 pkix_crl_verify/2,
 	 pkix_crl_issuer/1,
-	 short_name_hash/1
+	 short_name_hash/1,
+         pkix_test_data/1
 	]).
 
 -export_type([public_key/0, private_key/0, pem_entry/0,
-	      pki_asn1_type/0, asn1_type/0, ssh_file/0, der_encoded/0]).
+	      pki_asn1_type/0, asn1_type/0, ssh_file/0, der_encoded/0,
+              key_params/0, digest_type/0]).
 
 -type public_key()           ::  rsa_public_key() | dsa_public_key() | ec_public_key().
 -type private_key()          ::  rsa_private_key() | dsa_private_key() | ec_private_key().
@@ -75,6 +77,8 @@
 -type ecpk_parameters_api() :: ecpk_parameters() | #'ECParameters'{} | {namedCurve, Name::atom()}.
 -type ec_public_key()        :: {#'ECPoint'{}, ecpk_parameters_api()}.
 -type ec_private_key()       :: #'ECPrivateKey'{}.
+-type key_params()           :: #'DHParameter'{} | {namedCurve, oid()} | #'ECParameters'{} | 
+                                {rsa, Size::integer(), PubExp::integer()}. 
 -type der_encoded()          :: binary().
 -type pki_asn1_type()        ::  'Certificate' | 'RSAPrivateKey' | 'RSAPublicKey'
 			       | 'DSAPrivateKey' | 'DSAPublicKey' | 'DHParameter'
@@ -102,6 +106,7 @@
 -type crl_reason()           ::  unspecified | keyCompromise | cACompromise | affiliationChanged | superseded
 			       | cessationOfOperation | certificateHold | privilegeWithdrawn |  aACompromise.
 -type oid()                  :: tuple().
+-type chain_type()           :: server_chain | client_chain.
 
 -define(UINT32(X), X:32/unsigned-big-integer).
 -define(DER_NULL, <<5, 0>>).
@@ -1027,6 +1032,22 @@ short_name_hash({rdnSequence, _Attributes} = Name) ->
     <<HashValue:32/little, _/binary>> = crypto:hash(sha, HashThis),
     string:to_lower(string:right(integer_to_list(HashValue, 16), 8, $0)).
 
+
+%%--------------------------------------------------------------------
+-spec pkix_test_data(#{chain_type() := pubkey_cert:chain_opts()}) ->
+                            pubkey_cert:test_config().
+
+%% Description: Generates OpenSSL-style hash of a name.
+%%--------------------------------------------------------------------
+
+pkix_test_data(#{client_chain := ClientChain0,
+                 server_chain := ServerChain0}) ->
+    Default = #{intermediates => []},
+    ClientChain = maps:merge(Default, ClientChain0),
+    ServerChain = maps:merge(Default, ServerChain0),
+    pubkey_cert:gen_test_certs(#{client_chain => ClientChain,
+                                 server_chain => ServerChain}).
+
 %%--------------------------------------------------------------------
 %%% Internal functions
 %%--------------------------------------------------------------------
-- 
cgit v1.2.3