From 4f4bf872831b12cac8913e8a62e35725d0173b0d Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 6 Oct 2017 17:15:52 +0200
Subject: public_key, ssl: Handles keys so that APIs are preserved correctly

---
 lib/public_key/src/pubkey_cert.erl | 13 ++++++++++---
 lib/ssl/test/x509_test.erl         | 15 ++++++---------
 2 files changed, 16 insertions(+), 12 deletions(-)

(limited to 'lib')

diff --git a/lib/public_key/src/pubkey_cert.erl b/lib/public_key/src/pubkey_cert.erl
index 13833830a7..76fd0f8133 100644
--- a/lib/public_key/src/pubkey_cert.erl
+++ b/lib/public_key/src/pubkey_cert.erl
@@ -1144,7 +1144,7 @@ issuer(Contact, Role, Name) ->
   subject(Contact, Role ++ Name).
 
 subject(Contact, Name) ->
-    Opts = [{email, Contact ++ "@erlang.org"},
+    Opts = [{email, Contact ++ "@example.org"},
 	    {name,  Name},
 	    {city, "Stockholm"},
 	    {country, "SE"},
@@ -1223,12 +1223,12 @@ cert_chain(Role, IssuerCert, IssuerKey, [PeerOpts], _, Acc) ->
     Key = gen_key(proplists:get_value(key, PeerOpts, default_key_gen())),
     Cert = cert(Role, public_key:pkix_decode_cert(IssuerCert, otp), 
                 IssuerKey, Key, "admin", " Peer cert", PeerOpts, peer),
-    [{Cert, Key}, {IssuerCert, IssuerKey} | Acc];
+    [{Cert, encode_key(Key)}, {IssuerCert, encode_key(IssuerKey)} | Acc];
 cert_chain(Role, IssuerCert, IssuerKey, [CAOpts | Rest], N, Acc) ->
     Key = gen_key(proplists:get_value(key, CAOpts, default_key_gen())),
     Cert = cert(Role, public_key:pkix_decode_cert(IssuerCert, otp), IssuerKey, Key, "webadmin", 
                 " Intermidiate CA " ++ integer_to_list(N), CAOpts, ca),
-    cert_chain(Role, Cert, Key, Rest, N+1, [{IssuerCert, IssuerKey} | Acc]).
+    cert_chain(Role, Cert, Key, Rest, N+1, [{IssuerCert, encode_key(IssuerKey)} | Acc]).
 
 cert(Role, #'OTPCertificate'{tbsCertificate = #'OTPTBSCertificate'{subject = Issuer}}, 
      PrivKey, Key, Contact, Name, Opts, Type) ->
@@ -1311,3 +1311,10 @@ add_default_extensions(Defaults0, Exts) ->
                                end, Defaults0),
     Exts ++ Defaults.
 
+encode_key(#'RSAPrivateKey'{} = Key) ->
+    {'RSAPrivateKey', public_key:der_encode('RSAPrivateKey', Key)};
+encode_key(#'ECPrivateKey'{} = Key) ->
+    {'ECPrivateKey', public_key:der_encode('ECPrivateKey', Key)};
+encode_key(#'DSAPrivateKey'{} = Key) ->
+    {'DSAPrivateKey', public_key:der_encode('DSAPrivateKey', Key)}.
+
diff --git a/lib/ssl/test/x509_test.erl b/lib/ssl/test/x509_test.erl
index 031fad1216..fea01efdaf 100644
--- a/lib/ssl/test/x509_test.erl
+++ b/lib/ssl/test/x509_test.erl
@@ -64,15 +64,12 @@ do_gen_pem_config_files(Config, CertFile, KeyFile, CAFile) ->
 cert_entry(Cert) ->
     {'Certificate', Cert, not_encrypted}.
 
-key_entry(Key = #'RSAPrivateKey'{}) ->
-    Der = public_key:der_encode('RSAPrivateKey', Key),
-    {'RSAPrivateKey', Der, not_encrypted};
-key_entry(Key = #'DSAPrivateKey'{}) ->
-    Der =  public_key:der_encode('DSAPrivateKey', Key),
-    {'DSAPrivateKey', Der, not_encrypted};
-key_entry(Key = #'ECPrivateKey'{}) ->
-    Der =  public_key:der_encode('ECPrivateKey', Key),
-    {'ECPrivateKey', Der, not_encrypted}.
+key_entry({'RSAPrivateKey', DERKey}) ->
+    {'RSAPrivateKey', DERKey, not_encrypted};
+key_entry({'DSAPrivateKey', DERKey}) ->
+    {'DSAPrivateKey', DERKey, not_encrypted};
+key_entry({'ECPrivateKey', DERKey}) ->
+    {'ECPrivateKey', DERKey, not_encrypted}.
 
 ca_entries(CAs) ->
     [{'Certificate', CACert, not_encrypted} || CACert <- CAs].
-- 
cgit v1.2.3