public_key
API module for public key infrastructure.
This module provides functions to handle public key infrastructure from RFC 3280 - X.509 certificates (will later be upgraded to RFC 5280) and some parts of the PKCS-standard. Currently this application is mainly used by the new ssl implementation. The API is yet under construction and only a few of the functions are currently documented and thereby supported.
COMMON DATA TYPES
Note!
All records used in this manual are generated from asn1 specifications and are documented in the User's Guide. See Public key records and X.509 Certificate records.
Use the following include directive to get access to the records and constant macros described here and in the User's Guide.
-include_lib("public_key/include/public_key.hrl").
Data Types
boolean() = true | false
string = [bytes()]
asn1_der_encoded() = binary() | [bytes()]
der_bin() = binary()
oid() - a tuple of integers
as generated by the asn1 compiler.
public_key() = rsa_public_key() | dsa_public_key()
rsa_public_key() = #'RSAPublicKey'{}
rsa_private_key() = #'RSAPrivateKey'{}
dsa_public_key() = integer()
public_key_params() = dsa_key_params()
dsa_key_params() = #'Dss-Parms'{}
private_key() = rsa_private_key() | dsa_private_key()
rsa_private_key() = #'RSAPrivateKey'{}
dsa_private_key() = #'DSAPrivateKey'{}
x509_certificate() = "#Certificate{}"
x509_tbs_certificate() = #'TBSCertificate'{}
Functions
decode_private_key(KeyInfo) ->
decode_private_key(KeyInfo, Password) -> {ok, PrivateKey} | {error, Reason}
KeyInfo = {KeyType, der_bin(), ChipherInfo}
KeyType = rsa_private_key | dsa_private_key
ChipherInfo = opaque() | no_encryption
Password = string()
PrivateKey = private_key()
Reason = term()
Decodes an asn1 der encoded private key.
pem_to_der(File) -> {ok, [Entry]}
File = path()
Password = string()
Entry = {entry_type(), der_bin(), CipherInfo}
ChipherInfo = opaque() | no_encryption
entry_type() = cert | cert_req | rsa_private_key | dsa_private_key | dh_params
Reads a PEM file and translates it into its asn1 der encoded parts.
pkix_decode_cert(Cert, Type) -> {ok, DecodedCert} | {error, Reason}
Cert = asn1_der_encoded()
Type = plain | otp
DecodeCert = x509_certificate()
Reason = term()
Decodes an asn1 encoded pkix certificate.