summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordu.net>2016-01-19 16:55:12 +0100
committerLinus Nordberg <linus@nordu.net>2016-01-19 16:55:12 +0100
commit2284984acf03ee8d5b9c748d0ac6377df9c08c30 (patch)
tree40334c93ce6f9cf7f5b2ed43ecf749779f477e60
parentf1fb5a44dd8f1560040cccaf455d5786326bf264 (diff)
Add compatibility layer for digging around in non-public data structures.
-rw-r--r--src/compat.erl29
-rw-r--r--src/x509.erl7
2 files changed, 31 insertions, 5 deletions
diff --git a/src/compat.erl b/src/compat.erl
new file mode 100644
index 0000000..bc3101d
--- /dev/null
+++ b/src/compat.erl
@@ -0,0 +1,29 @@
+-module(compat).
+-export([unpack_issuer/1, unpack_signature/1]).
+-include_lib("public_key/include/public_key.hrl").
+
+unpack_issuer(Issuer) ->
+ unpack_issuer(erlang:system_info(otp_release), Issuer).
+unpack_signature(Signature) ->
+ unpack_signature(erlang:system_info(otp_release), Signature).
+
+%% @doc Dig out alg, params and key from issuer.
+unpack_issuer(17, Issuer) ->
+ #'SubjectPublicKeyInfo'{
+ algorithm = #'AlgorithmIdentifier'{algorithm = Alg, parameters = Params},
+ subjectPublicKey = {0, Key}} = Issuer,
+ {Alg, Params, Key};
+unpack_issuer(18, Issuer) ->
+ #'SubjectPublicKeyInfo'{
+ algorithm = #'AlgorithmIdentifier'{algorithm = Alg, parameters = Params},
+ subjectPublicKey = Key} = Issuer,
+ {Alg, Params, Key}.
+
+%% @doc Unpack a #'Certificate'.signature, return the signature.
+unpack_signature(17, Signature) ->
+ {_, Sig} = Signature,
+ Sig;
+unpack_signature(18, Signature) ->
+ Signature.
+
+
diff --git a/src/x509.erl b/src/x509.erl
index 279d9b9..2d4cffa 100644
--- a/src/x509.erl
+++ b/src/x509.erl
@@ -171,10 +171,7 @@ signed_by_p(SubjectDer, IssuerDer) ->
end.
verify_sig(IssuerSPKI, {DigestOrPlainText, DigestType, Signature}) ->
- %% Dig out alg, params and key from issuer.
- #'SubjectPublicKeyInfo'{
- algorithm = #'AlgorithmIdentifier'{algorithm = Alg, parameters = Params},
- subjectPublicKey = {0, Key0}} = IssuerSPKI,
+ {Alg, Params, Key0} = compat:unpack_issuer(IssuerSPKI),
KeyType = pubkey_cert_records:supportedPublicKeyAlgorithms(Alg),
IssuerKey =
case KeyType of
@@ -196,7 +193,7 @@ verify_sig(IssuerSPKI, {DigestOrPlainText, DigestType, Signature}) ->
%% Code from pubkey_cert:extract_verify_data/2.
extract_verify_data(Cert, DerCert) ->
PlainText = encoded_tbs_cert(DerCert),
- {_, Sig} = Cert#'Certificate'.signature,
+ Sig = compat:unpack_signature(Cert#'Certificate'.signature),
SigAlgRecord = Cert#'Certificate'.signatureAlgorithm,
SigAlg = SigAlgRecord#'AlgorithmIdentifier'.algorithm,
try