diff options
| author | Linus Nordberg <linus@nordu.net> | 2016-01-19 16:55:12 +0100 |
|---|---|---|
| committer | Linus Nordberg <linus@nordu.net> | 2016-08-18 14:46:26 +0200 |
| commit | 748d1d453480df3108d1465b8c4b8893ca97c52b (patch) | |
| tree | 5b77904aa8d00830ef6359b117da4c07a0a15adb | |
| parent | fcba73af863920411aa62dbc66793f95ee6cc1f6 (diff) | |
Add compatibility layer for digging around in non-public data structures.
| -rw-r--r-- | src/compat.erl | 29 | ||||
| -rw-r--r-- | src/x509.erl | 7 |
2 files changed, 31 insertions, 5 deletions
diff --git a/src/compat.erl b/src/compat.erl new file mode 100644 index 0000000..bc3101d --- /dev/null +++ b/src/compat.erl @@ -0,0 +1,29 @@ +-module(compat). +-export([unpack_issuer/1, unpack_signature/1]). +-include_lib("public_key/include/public_key.hrl"). + +unpack_issuer(Issuer) -> + unpack_issuer(erlang:system_info(otp_release), Issuer). +unpack_signature(Signature) -> + unpack_signature(erlang:system_info(otp_release), Signature). + +%% @doc Dig out alg, params and key from issuer. +unpack_issuer(17, Issuer) -> + #'SubjectPublicKeyInfo'{ + algorithm = #'AlgorithmIdentifier'{algorithm = Alg, parameters = Params}, + subjectPublicKey = {0, Key}} = Issuer, + {Alg, Params, Key}; +unpack_issuer(18, Issuer) -> + #'SubjectPublicKeyInfo'{ + algorithm = #'AlgorithmIdentifier'{algorithm = Alg, parameters = Params}, + subjectPublicKey = Key} = Issuer, + {Alg, Params, Key}. + +%% @doc Unpack a #'Certificate'.signature, return the signature. +unpack_signature(17, Signature) -> + {_, Sig} = Signature, + Sig; +unpack_signature(18, Signature) -> + Signature. + + diff --git a/src/x509.erl b/src/x509.erl index 279d9b9..2d4cffa 100644 --- a/src/x509.erl +++ b/src/x509.erl @@ -171,10 +171,7 @@ signed_by_p(SubjectDer, IssuerDer) -> end. verify_sig(IssuerSPKI, {DigestOrPlainText, DigestType, Signature}) -> - %% Dig out alg, params and key from issuer. - #'SubjectPublicKeyInfo'{ - algorithm = #'AlgorithmIdentifier'{algorithm = Alg, parameters = Params}, - subjectPublicKey = {0, Key0}} = IssuerSPKI, + {Alg, Params, Key0} = compat:unpack_issuer(IssuerSPKI), KeyType = pubkey_cert_records:supportedPublicKeyAlgorithms(Alg), IssuerKey = case KeyType of @@ -196,7 +193,7 @@ verify_sig(IssuerSPKI, {DigestOrPlainText, DigestType, Signature}) -> %% Code from pubkey_cert:extract_verify_data/2. extract_verify_data(Cert, DerCert) -> PlainText = encoded_tbs_cert(DerCert), - {_, Sig} = Cert#'Certificate'.signature, + Sig = compat:unpack_signature(Cert#'Certificate'.signature), SigAlgRecord = Cert#'Certificate'.signatureAlgorithm, SigAlg = SigAlgRecord#'AlgorithmIdentifier'.algorithm, try |