<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html xmlns:fn="http://www.w3.org/2005/02/xpath-functions"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" href="../../../../doc/otp_doc.css" type="text/css"> <title>Erlang -- public_key</title> </head> <body bgcolor="white" text="#000000" link="#0000ff" vlink="#ff00ff" alink="#ff0000"><div id="container"> <script id="js" type="text/javascript" language="JavaScript" src="../../../../doc/js/flipmenu/flipmenu.js"></script><script id="js2" type="text/javascript" src="../../../../doc/js/erlresolvelinks.js"></script><script language="JavaScript" type="text/javascript"> <!-- function getWinHeight() { var myHeight = 0; if( typeof( window.innerHeight ) == 'number' ) { //Non-IE myHeight = window.innerHeight; } else if( document.documentElement && ( document.documentElement.clientWidth || document.documentElement.clientHeight ) ) { //IE 6+ in 'standards compliant mode' myHeight = document.documentElement.clientHeight; } else if( document.body && ( document.body.clientWidth || document.body.clientHeight ) ) { //IE 4 compatible myHeight = document.body.clientHeight; } return myHeight; } function setscrollpos() { var objf=document.getElementById('loadscrollpos'); document.getElementById("leftnav").scrollTop = objf.offsetTop - getWinHeight()/2; } function addEvent(obj, evType, fn){ if (obj.addEventListener){ obj.addEventListener(evType, fn, true); return true; } else if (obj.attachEvent){ var r = obj.attachEvent("on"+evType, fn); return r; } else { return false; } } addEvent(window, 'load', setscrollpos); //--></script><div id="leftnav"><div class="innertube"> <img alt="Erlang logo" src="../../../../doc/erlang-logo.png"><br><small><a href="users_guide.html">User's Guide</a><br><a href="index.html">Reference Manual</a><br><a href="release_notes.html">Release Notes</a><br><a href="../pdf/public_key-0.5.pdf">PDF</a><br><a href="../../../../doc/index.html">Top</a></small><p><strong>public_key</strong><br><strong>Reference Manual</strong><br><small>Version 0.5</small></p> <br><a href="javascript:openAllFlips()">Expand All</a><br><a href="javascript:closeAllFlips()">Contract All</a><p><small><strong>Table of Contents</strong></small></p> <ul class="flipMenu"><li id="loadscrollpos" title="public_key " expanded="true">public_key<ul> <li><a href="public_key.html"> Top of manual page </a></li> <li title="decode_private_key-1"><a href="public_key.html#decode_private_key-1">decode_private_key/1</a></li> <li title="decode_private_key-2"><a href="public_key.html#decode_private_key-2">decode_private_key/2</a></li> <li title="pem_to_der-1"><a href="public_key.html#pem_to_der-1">pem_to_der/1</a></li> <li title="pkix_decode_cert-2"><a href="public_key.html#pkix_decode_cert-2">pkix_decode_cert/2</a></li> </ul> </li></ul> </div></div> <div id="content"> <div class="innertube"> <!-- refpage --><center><h1>public_key</h1></center> <h3>MODULE</h3> <div class="REFBODY">public_key</div> <h3>MODULE SUMMARY</h3> <div class="REFBODY"> API module for public key infrastructure.</div> <h3>DESCRIPTION</h3> <div class="REFBODY"><p> <p>This module provides functions to handle public key infrastructure from RFC 3280 - X.509 certificates (will later be upgraded to RFC 5280) and some parts of the PKCS-standard. Currently this application is mainly used by the new ssl implementation. The API is yet under construction and only a few of the functions are currently documented and thereby supported. </p> </p></div> <h3><a name="id2257742">COMMON DATA TYPES </a></h3> <div class="REFBODY"> <div class="note"> <div class="label">Note</div> <div class="content"><p><p>All records used in this manual are generated from asn1 specifications and are documented in the User's Guide. See <span class="bold_code"><a href="public_key_records.html">Public key records</a></span> and <span class="bold_code"><a href="cert_records.html">X.509 Certificate records</a></span>. </p></p></div> </div> <p>Use the following include directive to get access to the records and constant macros described here and in the User's Guide.</p> <div class="example"><pre> -include_lib("public_key/include/public_key.hrl"). </pre></div> <p><strong>Data Types </strong></p> <p><span class="code">boolean() = true | false</span></p> <p><span class="code">string = [bytes()]</span></p> <p><span class="code">asn1_der_encoded() = binary() | [bytes()]</span></p> <p><span class="code">der_bin() = binary() </span></p> <p><span class="code">oid() - a tuple of integers as generated by the asn1 compiler.</span></p> <p><span class="code">public_key() = rsa_public_key() | dsa_public_key()</span></p> <p><span class="code">rsa_public_key() = #'RSAPublicKey'{}</span></p> <p><span class="code">rsa_private_key() = #'RSAPrivateKey'{} </span></p> <p><span class="code">dsa_public_key() = integer() </span></p> <p><span class="code">public_key_params() = dsa_key_params() </span></p> <p><span class="code">dsa_key_params() = #'Dss-Parms'{} </span></p> <p><span class="code">private_key() = rsa_private_key() | dsa_private_key()</span></p> <p><span class="code">rsa_private_key() = #'RSAPrivateKey'{} </span></p> <p><span class="code">dsa_private_key() = #'DSAPrivateKey'{}</span></p> <p><span class="code">x509_certificate() = "#Certificate{}"</span></p> <p><span class="code">x509_tbs_certificate() = #'TBSCertificate'{} </span></p> </div> <h3>EXPORTS</h3> <p><a name="decode_private_key-1"><span class="bold_code">decode_private_key(KeyInfo) -> </span></a><br><a name="decode_private_key-2"><span class="bold_code">decode_private_key(KeyInfo, Password) -> {ok, PrivateKey} | {error, Reason}</span></a><br></p> <div class="REFBODY"> <p>Types:</p> <div class="REFTYPES"> <span class="bold_code"> KeyInfo = {KeyType, der_bin(), ChipherInfo} </span><br> </div> <div class="REFBODY"> As returned from pem_to_der/1 for private keys</div> <div class="REFTYPES"> <span class="bold_code"> KeyType = rsa_private_key | dsa_private_key </span><br> </div> <div class="REFTYPES"> <span class="bold_code"> ChipherInfo = opaque() | no_encryption </span><br> </div> <div class="REFBODY"> ChipherInfo may contain encryption parameters if the private key is password protected, these are opaque to the user just pass the value returned by pem_to_der/1 to this function.</div> <div class="REFTYPES"> <span class="bold_code"> Password = string() </span><br> </div> <div class="REFBODY">Must be specified if CipherInfo =/= no_encryption</div> <div class="REFTYPES"> <span class="bold_code"> PrivateKey = private_key() </span><br> </div> <div class="REFTYPES"> <span class="bold_code"> Reason = term() </span><br> </div> </div> <div class="REFBODY"><p> <p>Decodes an asn1 der encoded private key.</p> </p></div> <p><a name="pem_to_der-1"><span class="bold_code">pem_to_der(File) -> {ok, [Entry]}</span></a><br></p> <div class="REFBODY"> <p>Types:</p> <div class="REFTYPES"> <span class="bold_code">File = path()</span><br> </div> <div class="REFTYPES"> <span class="bold_code">Password = string()</span><br> </div> <div class="REFTYPES"> <span class="bold_code">Entry = {entry_type(), der_bin(), CipherInfo}</span><br> </div> <div class="REFTYPES"> <span class="bold_code"> ChipherInfo = opaque() | no_encryption </span><br> </div> <div class="REFBODY"> ChipherInfo may contain encryption parameters if the private key is password protected, these will be handled by the function decode_private_key/2. </div> <div class="REFTYPES"> <span class="bold_code">entry_type() = cert | cert_req | rsa_private_key | dsa_private_key | dh_params </span><br> </div> </div> <div class="REFBODY"><p> <p>Reads a PEM file and translates it into its asn1 der encoded parts.</p> </p></div> <p><a name="pkix_decode_cert-2"><span class="bold_code">pkix_decode_cert(Cert, Type) -> {ok, DecodedCert} | {error, Reason}</span></a><br></p> <div class="REFBODY"> <p>Types:</p> <div class="REFTYPES"> <span class="bold_code">Cert = asn1_der_encoded() </span><br> </div> <div class="REFTYPES"> <span class="bold_code">Type = plain | otp</span><br> </div> <div class="REFTYPES"> <span class="bold_code">DecodeCert = x509_certificate() </span><br> </div> <div class="REFBODY">When type is specified as otp the asn1 spec OTP-PKIX.asn1 is used to decode known extensions and enhance the signature field in #'Certificate'{} and '#TBSCertificate'{}. This is currently used by the new ssl implementation but not documented and supported for the public_key application.</div> <div class="REFTYPES"> <span class="bold_code">Reason = term() </span><br> </div> </div> <div class="REFBODY"><p> <p> Decodes an asn1 encoded pkix certificate.</p> </p></div> </div> <div class="footer"> <hr> <p>Copyright © 2008-2010 Ericsson AB, All Rights Reserved</p> </div> </div> </div></body> </html>