From fbe15664033aecd247aa3ee7446562639c10a0f4 Mon Sep 17 00:00:00 2001 From: Wil Tan Date: Wed, 6 Jan 2010 04:10:10 +1100 Subject: Send CA list during Certificate Request in new_ssl When requesting for client certificate, an SSL/TLS server may send a list of the distinguished names of acceptable certificate authorities. OpenSSL does this by default. --- lib/public_key/src/pubkey_cert_records.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/public_key') diff --git a/lib/public_key/src/pubkey_cert_records.erl b/lib/public_key/src/pubkey_cert_records.erl index 36b7c47a9c..7f9f3c84f4 100644 --- a/lib/public_key/src/pubkey_cert_records.erl +++ b/lib/public_key/src/pubkey_cert_records.erl @@ -23,7 +23,7 @@ -include("public_key.hrl"). --export([decode_cert/2, encode_cert/1, encode_tbs_cert/1]). +-export([decode_cert/2, encode_cert/1, encode_tbs_cert/1, transform/2]). -export([old_decode_cert/2, old_encode_cert/1]). %% Debugging and testing new code. -- cgit v1.2.3 From fe93630eaef3c403edda47e0531dbd5c11c2aa4a Mon Sep 17 00:00:00 2001 From: Dan Gudmundsson Date: Wed, 13 Jan 2010 13:20:18 +0100 Subject: Added a public_key:pkix_transform/2 instead and used it from ssl. --- lib/public_key/src/public_key.erl | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'lib/public_key') diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl index b0b0b7a832..b7d0d8c286 100644 --- a/lib/public_key/src/public_key.erl +++ b/lib/public_key/src/public_key.erl @@ -30,7 +30,7 @@ sign/2, sign/3, verify_signature/3, verify_signature/4, verify_signature/5, pem_to_der/1, pem_to_der/2, - pkix_decode_cert/2, pkix_encode_cert/1, + pkix_decode_cert/2, pkix_encode_cert/1, pkix_transform/2, pkix_is_self_signed/1, pkix_is_fixed_dh_cert/1, pkix_issuer_id/2, pkix_is_issuer/2, pkix_normalize_general_name/1, @@ -161,6 +161,20 @@ pkix_decode_cert(BinCert, Type) -> pkix_encode_cert(Cert) -> pubkey_cert_records:encode_cert(Cert). +%%-------------------------------------------------------------------- +%% Function: pkix_transform(CertPart, Op) -> TransformedCertPart +%% +%% CertPart = pkix part data +%% Op = encode | decode +%% +%% Description: Transform parts of a pkix certificate between 'plain' format +%% and the internal 'otp' format, see pkix_decode_cert/2. +%% Decode transforms from 'plain' to 'otp' and encode from 'otp' to 'plain' +%% format. +%%-------------------------------------------------------------------- +pkix_transform(CertPart, Op) -> + pubkey_cert_records:transform(CertPart, Op). + %%-------------------------------------------------------------------- %% Function: pkix_path_validation(TrustedCert, CertChain, Options) -> %% {ok, {{algorithm(), public_key(), public_key_params()} policy_tree()}} | -- cgit v1.2.3