rename CSR attr management

synrc · Nov 13, 2024 · c594a57 · c594a57
1 parent 0362374
commit c594a57
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 14 deletions.
diff --git a/lib/oid/rdn.ex b/lib/oid/rdn.ex
@@ -1,14 +1,14 @@
 defmodule CA.RDN do
   @moduledoc "CA RDN OIDs."
 
-  def subj({:rdnSequence, attrs}) do
+  def encodeAttrs({:rdnSequence, attrs}) do
       {:rdnSequence, :lists.map(fn
           [{t,oid,{:uTF8String,x}}]   -> [{t,oid,:asn1rt_nif.encode_ber_tlv({12, :erlang.iolist_to_binary(x)})}]
           [{t,oid,x}] when is_list(x) -> [{t,oid,:asn1rt_nif.encode_ber_tlv({19, :erlang.iolist_to_binary(x)})}]
           [{t,oid,x}] -> [{t,oid,x}] end, attrs)}
   end
 
-  def unsubj({:rdnSequence, attrs}) do
+  def decodeAttrs({:rdnSequence, attrs}) do
       {:rdnSequence, :lists.map(fn [{t,oid,x}] when is_binary(x) ->
            case :asn1rt_nif.decode_ber_tlv(x) do
                 {{12,a},_} -> [{t,oid,{:uTF8String,a}}]
@@ -28,25 +28,25 @@ defmodule CA.RDN do
 
   def parseSubj(csr) do
       {:CertificationRequest, {:CertificationRequestInfo, v, subj, x, y}, b, c} = csr
-      {:CertificationRequest, {:CertificationRequestInfo, v, subj(subj), x, y}, b, c}
+      {:CertificationRequest, {:CertificationRequestInfo, v, encodeAttrs(subj), x, y}, b, c}
   end
 
   def parseUnSubj(csr) do
       {:CertificationRequest, {:CertificationRequestInfo, v, subj, x, y}, b, c} = csr
-      {:CertificationRequest, {:CertificationRequestInfo, v, unsubj(subj), x, y}, b, c}
+      {:CertificationRequest, {:CertificationRequestInfo, v, decodeAttrs(subj), x, y}, b, c}
   end
 
-  def convertOTPtoPKIX(cert) do
+  def decodeAttrsCert(cert) do
       {:Certificate,{:TBSCertificate,:v3,a,ai,rdn1,v,rdn2,{p1,{p21,p22,_pki},p3},b,c,ext},ai,code} =
          :public_key.pkix_decode_cert(:public_key.pkix_encode(:OTPCertificate, cert, :otp), :plain)
-      {:Certificate,{:TBSCertificate,:v3,a,ai,unsubj(rdn1),v,unsubj(rdn2),
+      {:Certificate,{:TBSCertificate,:v3,a,ai,decodeAttrs(rdn1),v,decodeAttrs(rdn2),
            {p1,{p21,p22,{:namedCurve,{1,3,132,0,34}}},p3},b,c,ext},ai,code}
   end
 
-  def convertOTPtoPKIX_subj(cert) do
+  def encodeAttrsCert(cert) do
       {:Certificate,{:TBSCertificate,:v3,a,ai,rdn1,v,rdn2,{p1,{p21,p22,pki},p3},b,c,ext},ai,code} =
          :public_key.pkix_decode_cert(:public_key.pkix_encode(:OTPCertificate, cert, :otp), :plain)
-      {:Certificate,{:TBSCertificate,:v3,a,ai,subj(rdn1),v,subj(rdn2),
+      {:Certificate,{:TBSCertificate,:v3,a,ai,encodeAttrs(rdn1),v,encodeAttrs(rdn2),
            {p1,{p21,p22,pki},p3},b,c,ext},ai,code}
   end
 

diff --git a/lib/services/cmp.ex b/lib/services/cmp.ex
@@ -108,7 +108,7 @@ defmodule CA.CMP do
 
       [ CA."CertResponse"(certReqId: 0,
           certifiedKeyPair: CA."CertifiedKeyPair"(certOrEncCert:
-             {:certificate, {:x509v3PKCert, CA.RDN.convertOTPtoPKIX(cert)}}),
+             {:certificate, {:x509v3PKCert, CA.RDN.decodeAttrsCert(cert)}}),
                  status: CA."PKIStatusInfo"(status: 0))
       ]
   end
@@ -133,7 +133,7 @@ defmodule CA.CMP do
       subject = X509.CSR.subject(csr)
      :logger.info 'P10CR from ~tp~n', [CA.RDN.rdn(subject)]
       true = X509.CSR.valid?(CA.RDN.parseSubj(csr))
-      cert = X509.Certificate.new(X509.CSR.public_key(csr), CA.RDN.subj(subject), ca, ca_key,
+      cert = X509.Certificate.new(X509.CSR.public_key(csr), CA.RDN.encodeAttrs(subject), ca, ca_key,
          extensions: [subject_alt_name: X509.Certificate.Extension.subject_alt_name(["synrc.com"]) ])
 
       reply = case Keyword.get(CA.RDN.rdn(subject), :cn) do

diff --git a/lib/services/crt.ex b/lib/services/crt.ex
@@ -142,8 +142,8 @@ defmodule CA.CRT do
       [ resourceType: :Certificate,
         version: ver,
         signatureAlgorithm: CA.AT.code(alg),
-        subject: CA.RDN.rdn(CA.RDN.unsubj(issuee)),
-        issuer:  CA.RDN.rdn(CA.RDN.unsubj(issuer)),
+        subject: CA.RDN.rdn(CA.RDN.decodeAttrs(issuee)),
+        issuer:  CA.RDN.rdn(CA.RDN.decodeAttrs(issuer)),
         serial: :base64.encode(CA.EST.integer(serial)),
         validity: [from: nb, to: na],
         publicKey: decodePublicKey(agreement, params, publicKey),

diff --git a/lib/services/csr.ex b/lib/services/csr.ex
@@ -80,7 +80,7 @@ defmodule CA.CSR do
       {:ok, ca_bin} = :file.read_file "#{CA.CSR.dir(profile)}/ca.pem"
       {:ok, ca} = X509.Certificate.from_pem ca_bin
 #     {:ok, bin} = :"PKIX1Explicit-2009".encode(:Certificate, CA.RDN.convertOTPtoPKIX(ca))
-      {:ok, bin} = :"PKIX1Explicit88".encode(:Certificate, CA.RDN.convertOTPtoPKIX_subj(ca))
+      {:ok, bin} = :"PKIX1Explicit88".encode(:Certificate, CA.RDN.encodeAttrsCert(ca))
       bin
   end
 

diff --git a/lib/services/http/post.ex b/lib/services/http/post.ex
@@ -19,7 +19,7 @@ defmodule CA.EST.Post do
       :logger.info 'HTTP P10CR from ~tp template ~tp profile ~p~n', [CA.RDN.rdn(subject), template, CA.RDN.profile(csr)]
 
       true = X509.CSR.valid?(CA.RDN.parseSubj(csr))
-      cert = X509.Certificate.new(X509.CSR.public_key(csr), CA.RDN.subj(subject), ca, ca_key,
+      cert = X509.Certificate.new(X509.CSR.public_key(csr), CA.RDN.encodeAttrs(subject), ca, ca_key,
          extensions: [subject_alt_name: X509.Certificate.Extension.subject_alt_name(["synrc.com"]) ])
 
       reply = case Keyword.get(CA.RDN.rdn(subject), :cn) do