[Ericsson AB]

ssl_pkix

MODULE

ssl_pkix

MODULE SUMMARY

Decoding of PKIX certificates with representation in Erlang.

DESCRIPTION

This module provides decoding of PKIX certificates either provided as files or as binaries.

EXPORTS

decode_cert(Bin) -> {ok, Cert} | {error, Reason}
decode_cert(Bin, Opts) -> {ok, Cert} | {error, Reason}

Types:

Bin = binary()
Opts = [pkix | ssl | subject]
Cert = term()

decode_cert(Bin) is equivalent to decode_cert(Bin, []).

The form of the returned certificate depends on the options.

If the options list is empty the certificate is returned as a DER encoded binary, i.e. {ok, Bin} is returned, where Bin> is the provided input.

The options pkix and ssl imply that the certificate is returned as a parsed ASN.1 structure in the form of an Erlang term.

The ssl option gives a more elaborate return structure, with more explicit information. In particular object identifiers are replaced by atoms.

The options pkix, and ssl are mutually exclusive.

The option subject implies that only the subject's distinguished name part of the certificate is returned. It can only be used together with the option pkix or the option ssl.

decode_cert_file(File) -> {ok, Cert} | {error, Reason}
decode_cert_file(File, Opts) -> {ok, Cert} | {error, Reason}

Types:

File = path()
Opts = [pem | pkix | ssl | subject]
Cert = term()

decode_cert_file(File) is equivalent to decode_cert_file(File, []).

The form of the returned certificate depends on the options.

If the options list is empty the certificate is returned as a DER encoded binary, i.e. the contents of the input File is returned as a binary.

The options pkix and ssl implies that the certificate is returned as a parsed ASN.1 structure in the form of an Erlang term.

The ssl option gives a more elaborate return structure, with more explicit information. In particular object identifiers are replaced by atoms.

The options pkix, and ssl are mutually exclusive.

The option subject implies that only the subject's distinguished name part of the peer certificate is returned. It can only be used together with the option pkix or the option ssl.


ssl 3.10.1
Copyright © 1991-2009 Ericsson AB