Erlang
 » 
Erlang Patches

public_key API improvement

View: New views
2 Messages — Rating Filter:   Alert me  

public_key API improvement

by Geoff Cant-3 :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message


Hi all, I've just been investigating the new public_key suite for use in
one of our projects. It looks very useful, but I have a possible API
improvement to share:

public_key:pem_to_der/1,2 require that the PEM data come from a file on
disk. I'd like to be able to operate on PEM data from non-file sources,
so I've extended the API to accept a binary full of PEM data as well.


diff --git a/lib/public_key/src/pubkey_pem.erl b/lib/public_key/src/pubkey_pem.erl
index 1c68a46..abd46fa 100644
--- a/lib/public_key/src/pubkey_pem.erl
+++ b/lib/public_key/src/pubkey_pem.erl
@@ -40,7 +40,7 @@
 
 -module(pubkey_pem).
 
--export([read_file/1, read_file/2, write_file/2]).
+-export([read_file/1, read_file/2, write_file/2, decode/2]).
 -export([decode_key/2]).
 
 -define(ENCODED_LINE_LENGTH, 64).
@@ -53,8 +53,7 @@ read_file(File) ->
 
 read_file(File, Passwd) ->
     {ok, Bin} = file:read_file(File),
-    Result = decode_file(split_bin(Bin), Passwd),    
-    Result.
+    decode(Bin, Passwd).
 
 write_file(File, Ds) ->
     file:write_file(File, encode_file(Ds)).
@@ -64,6 +63,9 @@ decode_key({_Type, Bin, not_encrypted}, _) ->
 decode_key({_Type, Bin, {Chipher,Salt}}, Password) ->
     decode_key(Bin, Password, Chipher, Salt).
 
+decode(Bin, Passwd) ->
+    decode_file(split_bin(Bin), Passwd).
+
 %%--------------------------------------------------------------------
 %%% Internal functions
 %%--------------------------------------------------------------------
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index abfeb8d..b0b0b7a 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -109,9 +109,12 @@ encrypt_private(PlainText, Key, Options)  ->
     pubkey_crypto:encrypt_private(PlainText, Key, Padding).
 
 %%--------------------------------------------------------------------
-%% Function: pem_to_der(File) ->
-%%           pem_to_der(File, Password) -> {ok, [Entry]} | {error, Reason}
+%% Function: pem_to_der(CertSource) ->
+%%           pem_to_der(CertSource, Password) -> {ok, [Entry]} |
+%%                                               {error, Reason}
 %%
+%%      CertSource = File | CertData
+%%      CertData = binary()
 %% File = path()
 %% Password = string()
 %% Entry = {entry_type(), der_bin(), ChipherInfo}
@@ -120,17 +123,19 @@ encrypt_private(PlainText, Key, Options)  ->
 %% entry_type() = cert | cert_req | rsa_private_key | dsa_private_key
 %%      dh_params
 %%
-%% Description: Read and decode PEM file and returns entries as asn1
-%% der encoded entities. Currently supported entry types are
-%% certificates, certificate requests, rsa private keys and dsa
-%% private keys. In the case of a key entry ChipherInfo will be
+%% Description: decode PEM binary data or a PEM file and return
+%% entries as asn1 der encoded entities. Currently supported entry
+%% types are certificates, certificate requests, rsa private keys and
+%% dsa private keys. In the case of a key entry ChipherInfo will be
 %% used by decode_private_key/2 if the key is protected by a password.
 %%--------------------------------------------------------------------
-pem_to_der(File) ->
-    pubkey_pem:read_file(File).
+pem_to_der(CertSource) ->
+    pem_to_der(CertSource, no_passwd).
 
-pem_to_der(File, Password) ->
-    pubkey_pem:read_file(File, Password).
+pem_to_der(File, Password) when is_list(File) ->
+    pubkey_pem:read_file(File, Password);
+pem_to_der(PemBin, Password) when is_binary(PemBin) ->
+    pubkey_pem:decode(PemBin, Password).
 
 %%--------------------------------------------------------------------
 %% Function: pkix_decode_cert(BerCert, Type) -> {ok, Cert} | {error, Reason}


The new tree is available from
http://github.com/mfoemmel/erlang-otp/commits/pubkey_api_improvement

Cheers,
--
Geoff Cant



________________________________________________________________
erlang-patches mailing list. See http://www.erlang.org/faq.html
erlang-patches (at) erlang.org

Re: public_key API improvement

by Dan Gudmundsson :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Thanks, added.
/Dan

Geoff Cant wrote:

> Hi all, I've just been investigating the new public_key suite for use in
> one of our projects. It looks very useful, but I have a possible API
> improvement to share:
>
> public_key:pem_to_der/1,2 require that the PEM data come from a file on
> disk. I'd like to be able to operate on PEM data from non-file sources,
> so I've extended the API to accept a binary full of PEM data as well.
>
>
>
> ------------------------------------------------------------------------
>
>
> The new tree is available from
> http://github.com/mfoemmel/erlang-otp/commits/pubkey_api_improvement
>
> Cheers,
>
>
> ------------------------------------------------------------------------
>
>
> ________________________________________________________________
> erlang-patches mailing list. See http://www.erlang.org/faq.html
> erlang-patches (at) erlang.org

________________________________________________________________
erlang-patches mailing list. See http://www.erlang.org/faq.html
erlang-patches (at) erlang.org

Free embeddable forum powered by Nabble Forum Help