From 291875a15a8097b61905b40a4d4385a6268db651 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 29 Feb 2016 15:35:26 +0100 Subject: public_key: An encapsulated PEM header shall be followed by a blank line RFC 1421 Privacy Enhancement for Electronic Mail February 1993 Encapsulated Message Pre-Encapsulation Boundary (Pre-EB) -----BEGIN PRIVACY-ENHANCED MESSAGE----- Encapsulated Header Portion (Contains encryption control fields inserted in plaintext. Examples include "DEK-Info:" and "Key-Info:". Note that, although these control fields have line-oriented representations similar to RFC 822 header fields, the set of fields valid in this context is disjoint from those used in RFC 822 processing.) Blank Line (Separates Encapsulated Header from subsequent Encapsulated Text Portion) Encapsulated Text Portion (Contains message data encoded as specified in Section 4.3.) Post-Encapsulation Boundary (Post-EB) -----END PRIVACY-ENHANCED MESSAGE----- --- lib/public_key/src/pubkey_pem.erl | 2 +- lib/public_key/test/public_key_SUITE.erl | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) (limited to 'lib/public_key') diff --git a/lib/public_key/src/pubkey_pem.erl b/lib/public_key/src/pubkey_pem.erl index 6a722b0525..d163004c7c 100644 --- a/lib/public_key/src/pubkey_pem.erl +++ b/lib/public_key/src/pubkey_pem.erl @@ -103,7 +103,7 @@ encode_pem_entry({'PrivateKeyInfo', Der, EncParams}) -> [StartStr, "\n", b64encode_and_split(EncDer), "\n", pem_end(StartStr) ,"\n\n"]; encode_pem_entry({Type, Der, {Cipher, Salt}}) -> StartStr = pem_start(Type), - [StartStr,"\n", pem_decrypt(),"\n", pem_decrypt_info(Cipher, Salt),"\n", + [StartStr,"\n", pem_decrypt(),"\n", pem_decrypt_info(Cipher, Salt),"\n\n", b64encode_and_split(Der), "\n", pem_end(StartStr) ,"\n\n"]. decode_pem_entries([], Entries) -> diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl index 5e677f31d6..ea5e036a7e 100644 --- a/lib/public_key/test/public_key_SUITE.erl +++ b/lib/public_key/test/public_key_SUITE.erl @@ -189,6 +189,8 @@ encrypted_pem(Config) when is_list(Config) -> erl_make_certs:der_to_pem(DesKeyFile, [Entry1]), [{'RSAPrivateKey', _, {"DES-CBC", Salt1}} =Entry2] = erl_make_certs:pem_to_der(DesKeyFile), + {ok, Pem} = file:read_file(DesKeyFile), + check_encapsulated_header(Pem), true = check_entry_type(public_key:pem_entry_decode(Entry2, "4567efgh"), 'RSAPrivateKey'). @@ -826,6 +828,15 @@ check_entry_type(#'Certificate'{}, 'Certificate') -> check_entry_type(_,_) -> false. +check_encapsulated_header(Pem) when is_binary(Pem)-> + check_encapsulated_header( binary:split(Pem, <<"\n">>, [global])); +check_encapsulated_header([<<"DEK-Info: DES-CBC,FB7577791A9056A1">>, <<>> | _]) -> + true; +check_encapsulated_header([ _ | Rest]) -> + check_encapsulated_header(Rest); +check_encapsulated_header([]) -> + false. + strip_ending_newlines(Bin) -> string:strip(binary_to_list(Bin), right, 10). -- cgit v1.2.3