From 006f45a738a6612958381b2fcbf48586c008d911 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Tue, 26 Feb 2013 15:52:18 +0100
Subject: public_key & ssl: Add support for ISO oids  1.3.14.3.2.29 and
 1.3.14.3.2.27

Some certificates may use these OIDs instead of the ones defined by
PKIX/PKCS standard.

Refactor code so that all handling of the "duplicate" oids is done by
public_key.

Update algorithm information in documentation.
---
 lib/ssl/src/ssl_certificate.erl | 21 ++-------------------
 lib/ssl/src/ssl_cipher.erl      |  8 ++++----
 2 files changed, 6 insertions(+), 23 deletions(-)

(limited to 'lib/ssl/src')

diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl
index 86f5617b54..01a7cd93b5 100644
--- a/lib/ssl/src/ssl_certificate.erl
+++ b/lib/ssl/src/ssl_certificate.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2007-2012. All Rights Reserved.
+%% Copyright Ericsson AB 2007-2013. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -37,8 +37,7 @@
 	 is_valid_extkey_usage/2,
 	 is_valid_key_usage/2,
 	 select_extension/2,
-	 extensions_list/1,
-	 signature_type/1
+	 extensions_list/1
 	]).
  
 %%====================================================================
@@ -166,22 +165,6 @@ extensions_list(asn1_NOVALUE) ->
 extensions_list(Extensions) ->
     Extensions.
 
-%%--------------------------------------------------------------------
--spec signature_type(term()) -> rsa | dsa .
-%%
-%% Description: 
-%%--------------------------------------------------------------------
-signature_type(RSA) when RSA == ?sha1WithRSAEncryption;
-			 RSA == ?md5WithRSAEncryption;
-			 RSA == ?sha224WithRSAEncryption;
-			 RSA == ?sha256WithRSAEncryption;
-			 RSA == ?sha384WithRSAEncryption;
-			 RSA == ?sha512WithRSAEncryption
-			 ->
-    rsa;
-signature_type(?'id-dsa-with-sha1') ->
-    dsa.
-
 %%--------------------------------------------------------------------
 %%% Internal functions
 %%--------------------------------------------------------------------
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 567690a413..d91e2a89a0 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2007-2012. All Rights Reserved.
+%% Copyright Ericsson AB 2007-2013. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -483,10 +483,10 @@ filter(undefined, Ciphers) ->
 filter(DerCert, Ciphers) ->
     OtpCert = public_key:pkix_decode_cert(DerCert, otp),
     SigAlg = OtpCert#'OTPCertificate'.signatureAlgorithm,
-    case ssl_certificate:signature_type(SigAlg#'SignatureAlgorithm'.algorithm) of
-	rsa ->
+    case public_key:pkix_sign_types(SigAlg#'SignatureAlgorithm'.algorithm) of
+	{_, rsa} ->
 	    filter_rsa(OtpCert, Ciphers -- dsa_signed_suites());
-	dsa ->
+	{_, dsa} ->
 	    Ciphers -- rsa_signed_suites()
     end.
 	
-- 
cgit v1.2.3