summaryrefslogtreecommitdiff
path: root/src/x509.erl
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordberg.se>2014-10-22 16:56:06 +0200
committerLinus Nordberg <linus@nordberg.se>2014-10-23 14:19:25 +0200
commit958fecc4ff012960fd98419ab99da0d131f0d0f7 (patch)
treef69b1ef973bffd9ce6c2962a93130e718e13e337 /src/x509.erl
parent0aeb7d1de8e50dd0fa92e763ce4c8dd3c172dac8 (diff)
Don't use der_encoded().
The type definition seem to have disappeared from public_key.hrl in R17 and I don't know how to conditionally define a type.
Diffstat (limited to 'src/x509.erl')
-rw-r--r--src/x509.erl11
1 files changed, 5 insertions, 6 deletions
diff --git a/src/x509.erl b/src/x509.erl
index aef9ae7..42c6b89 100644
--- a/src/x509.erl
+++ b/src/x509.erl
@@ -6,12 +6,11 @@
-include_lib("public_key/include/public_key.hrl").
--type der_encoded() :: public_key:der_encoded().
-type reason() :: {chain_too_long | root_unknown | chain_broken}.
-define(MAX_CHAIN_LENGTH, 10).
--spec normalise_chain([der_encoded()], [der_encoded()]) -> [der_encoded()].
+-spec normalise_chain([binary()], [binary()]) -> [binary()].
normalise_chain(AcceptableRootCerts, CertChain) ->
case valid_chain_p(AcceptableRootCerts, CertChain, ?MAX_CHAIN_LENGTH) of
{false, Reason} ->
@@ -27,7 +26,7 @@ normalise_chain(AcceptableRootCerts, CertChain) ->
%% is: leaf cert in head, chain in tail. Order of first argument is
%% irrelevant.
--spec valid_chain_p([der_encoded()], [der_encoded()], integer()) ->
+-spec valid_chain_p([binary()], [binary()], integer()) ->
{false, reason()} | {true, list()}.
valid_chain_p(_, _, MaxChainLength) when MaxChainLength =< 0 ->
%% Chain too long.
@@ -55,7 +54,7 @@ valid_chain_p(AcceptableRootCerts, [BottomCert|Rest], MaxChainLength) ->
end.
%% @doc Return list with first
--spec signer(der_encoded(), [der_encoded()]) -> list().
+-spec signer(binary(), [binary()]) -> list().
signer(_Cert, []) ->
notfound;
signer(Cert, [H|T]) ->
@@ -64,7 +63,7 @@ signer(Cert, [H|T]) ->
false -> signer(Cert, T)
end.
--spec signed_by_p(der_encoded(), der_encoded()) -> boolean().
+-spec signed_by_p(binary(), binary()) -> boolean().
signed_by_p(Cert, IssuerCert) ->
%% FIXME: Validate presence and contents (against constraints) of
%% names (subject, subjectAltName, emailAddress) too?
@@ -75,7 +74,7 @@ signed_by_p(Cert, IssuerCert) ->
false
end.
--spec public_key(der_encoded() | #'OTPCertificate'{}) -> public_key:public_key().
+-spec public_key(binary() | #'OTPCertificate'{}) -> public_key:public_key().
public_key(CertDer) when is_binary(CertDer) ->
public_key(public_key:pkix_decode_cert(CertDer, otp));
public_key(#'OTPCertificate'{