diff --git a/lib/services/csr.ex b/lib/services/csr.ex index 13dc780..2612d19 100644 --- a/lib/services/csr.ex +++ b/lib/services/csr.ex @@ -22,6 +22,16 @@ defmodule CA.CSR do {ca_key, ca} end + def read_ca_public() do + {:ok, ca_bin} = :file.read_file "ca.pem" + list = String.split(ca_bin, "\n", trim: true) + list = :lists.reverse(tl(:lists.reverse(tl(list)))) + bin = :base64.decode(:erlang.iolist_to_binary(list)) + :io.format '~p~n', [:asn1rt_nif.decode_ber_tlv bin] + {:ok, _cader} = :"DSTU-Cert".decode(:Certificate, bin) + bin + end + def server(name) do {ca_key, ca} = read_ca() dn = "/C=UA/L=Київ/O=SYNRC/CN=" <> name diff --git a/lib/services/http/get.ex b/lib/services/http/get.ex index fbb2218..56e0811 100644 --- a/lib/services/http/get.ex +++ b/lib/services/http/get.ex @@ -1,5 +1,13 @@ defmodule CA.EST.Get do import Plug.Conn + def get(conn, [], "Authority", [], "ROOT") do + body = :base64.encode(CA.CSR.read_ca_public()) + conn |> put_resp_content_type("application/pkcs7-mime") + |> put_resp_header("Content-Transfer-Encoding", "base64") + |> put_resp_header("Content-Length", :erlang.integer_to_binary(:erlang.size(body))) + |> resp(200, body) + |> send_resp() + end def get(conn, [], "Authority", [], "ABAC") do body = :base64.encode(CA.EST.csrattributes()) conn |> put_resp_content_type("application/csrattrs") diff --git a/mix.exs b/mix.exs index 1cc70d6..3af7b13 100644 --- a/mix.exs +++ b/mix.exs @@ -4,7 +4,7 @@ defmodule CA.Mixfile do def project() do [ app: :ca, - version: "5.10.3", + version: "5.10.4", description: "CA CXC 138 21 Certificate Authority", package: [ name: :ca, diff --git a/priv/kep/DSTU-Cert.asn1 b/priv/kep/DSTU-Cert.asn1 index 06dbd23..d96289a 100644 --- a/priv/kep/DSTU-Cert.asn1 +++ b/priv/kep/DSTU-Cert.asn1 @@ -46,12 +46,6 @@ DirectoryString ::= CHOICE { id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt (2) ds (5) 4} -AlgorithmIdentifier ::= SEQUENCE { - algorithm OBJECT IDENTIFIER, - parameters ANY } --- DEFINED BY algorithm OPTIONAL - - Validity ::= SEQUENCE { notBefore Time, notAfter Time}