X509 v0.5.1 X509.CSR View Source

Implements PKCS#10 Certificate Signing Requests (CSRs), formally known by their ASN.1 type CertificationRequest.

Link to this section Summary

Types

t()

:CertificationRequest record , as used in Erlang’s :public_key module

Functions

Attempts to parse a CSR in DER (binary) format. Raises in case of failure

Parses a CSR in DER (binary) format

Attempts to parse a CSR in PEM format. Raises in case of failure

Parses a CSR in PEM format

Returns a :CertificationRequest record for the given key pair and subject

Extracts the public key from the CSR

Returns the Subject field of the CSR

Converts a CSR to DER (binary) format

Converts a CSR to PEM format

Verifies whether a CSR has a valid signature

Link to this section Types

:CertificationRequest record , as used in Erlang’s :public_key module

Link to this section Functions

Link to this function from_der!(der) View Source (since 0.3.0)
from_der!(binary()) :: t() | no_return()

Attempts to parse a CSR in DER (binary) format. Raises in case of failure.

Link to this function from_der(der) View Source (since 0.3.0)
from_der(binary()) :: {:ok, t()} | {:error, :malformed}

Parses a CSR in DER (binary) format.

Returns an :ok tuple in case of success, or an :error tuple in case of failure. Possible error reasons are:

  • :malformed - the data could not be decoded as a CSR
Link to this function from_pem!(pem) View Source (since 0.3.0)
from_pem!(String.t()) :: t() | no_return()

Attempts to parse a CSR in PEM format. Raises in case of failure.

Processes the first PEM entry of type CERTIFICATE REQUEST found in the input.

Link to this function from_pem(pem) View Source (since 0.3.0)
from_pem(String.t()) :: {:ok, t()} | {:error, :malformed | :not_found}

Parses a CSR in PEM format.

Processes the first PEM entry of type CERTIFICATE REQUEST found in the input. Returns an :ok tuple in case of success, or an :error tuple in case of failure. Possible error reasons are:

  • :not_found - no PEM entry of type CERTIFICATE REQUEST was found
  • :malformed - the entry could not be decoded as a CSR
Link to this function new(private_key, subject, opts \\ []) View Source

Returns a :CertificationRequest record for the given key pair and subject.

Supports RSA and EC private keys. The public key is extracted from the private key and encoded, together with the subject, in the CSR. The CSR is then signed with the private key, using a configurable hash algorithm.

The default hash algorithm is :sha256. An alternative algorithm can be specified using the :hash option. Possible values include :sha224, :sha256, :sha384, :sha512.

Older hash algorithms, supported for compatibility with older software only, include :md5 (RSA only) and :sha. The use of these algorithms is discouraged.

Link to this function public_key(arg) View Source
public_key(t()) :: X509.PublicKey.t()

Extracts the public key from the CSR.

Returns the Subject field of the CSR.

Link to this function to_der(csr) View Source (since 0.3.0)
to_der(t()) :: binary()

Converts a CSR to DER (binary) format.

Link to this function to_pem(csr) View Source (since 0.3.0)
to_pem(t()) :: String.t()

Converts a CSR to PEM format.

Verifies whether a CSR has a valid signature.