Skip to content

Adjust ASN.1 encoding for OTP 28 #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Adjust ASN.1 encoding for OTP 28 #15

wants to merge 1 commit into from

Conversation

@GalaxyGorilla
Copy link
Member

@GalaxyGorilla GalaxyGorilla commented Nov 18, 2025

'OTP-PUB-KEY' --> 'OTP-PKIX' for OTP 28 or younger.

@GalaxyGorilla
Adjust ASN.1 encoding for OTP 28
6cfe182 
'OTP-PUB-KEY' --> 'OTP-PKIX' for OTP 28 or younger.
ziopio
ziopio reviewed Nov 18, 2025
View reviewed changes
src/grisp_cryptoauth_cert.erl
der_encode_Integer(Int) ->
<<T:8, _L:8, V/binary>> =
element(2, 'OTP-PUB-KEY':encode('CertificateSerialNumber', Int)),
element(2, (pkix_module()):encode('CertificateSerialNumber', Int)),
Copy link
Member

@ziopio ziopio Nov 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By opening an erlang shell you can check this is not supported:

12> 'OTP-PKIX':encode('CertificateSerialNumber', 3333).
{error,{asn1,{{undefined_type,'CertificateSerialNumber'},
              [{'OTP-PKIX',encode_disp,2,
                           [{file,"../src/OTP-PKIX.erl"},{line,221}]},
               {'OTP-PKIX',encode,2,
                           [{file,"../src/OTP-PKIX.erl"},{line,134}]},
               {erl_eval,do_apply,7,[{file,"erl_eval.erl"},{line,924}]},
               {shell,exprs,7,[{file,"shell.erl"},{line,965}]},
               {shell,eval_exprs,7,[{file,"shell.erl"},{line,921}]},
               {shell,eval_loop,4,[{file,"shell.erl"},{line,906}]}]}}}

ziopio
ziopio reviewed Nov 18, 2025
View reviewed changes
src/grisp_cryptoauth_cert.erl
++ [48,48,48,48,48,48,90],
<<T:8, _L:8, V/binary>> =
element(2, 'OTP-PUB-KEY':encode('InvalidityDate', TimeString)),
element(2, (pkix_module()):encode('InvalidityDate', TimeString)),
Copy link
Member

@ziopio ziopio Nov 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This type InvalidityDate seams to be supported by the API

 public_key:der_encode('IvalidityDate', "ergreg").
** exception error: no function clause matching public_key:get_asn1_module('IvalidityDate') (public_key.erl:636)
     in function  public_key:der_encode/2 (public_key.erl:973)
15> public_key:der_encode('InvalidityDate', "ergreg").
** exception error: no case clause matching "ergreg"
     in function  'PKIX1Implicit-2009':'-getenc_CertExtensions/1-fun-0-'/3 (../src/PKIX1Implicit-2009.erl:3128)
     in call from pubkey_cert_records:'-encode_extensions/1-fun-0-'/1 (pubkey_cert_records.erl:488)
     in call from lists:map/2 (lists.erl:2385)
     in call from public_key:der_encode/2 (public_key.erl:970)
16>

Copy link
Member Author

@GalaxyGorilla GalaxyGorilla Nov 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to put a correct InvalidityDate format in there I guess, I'll check how that would look like. But the type is definitely there.

Copy link
Member Author

@GalaxyGorilla GalaxyGorilla Nov 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ugh ...

3> grisp_cryptoauth_cert:der_encode_GeneralizedTime({{2025, 11, 18}, undefined}).
** exception error: no match of right hand side value
                    {asn1,{{undefined_type,'InvalidityDate'},
                           [{'OTP-PKIX',encode_disp,2,
                                        [{file,"../src/OTP-PKIX.erl"},{line,221}]},
                            {'OTP-PKIX',encode,2,
                                        [{file,"../src/OTP-PKIX.erl"},{line,134}]},
                            {grisp_cryptoauth_cert,der_encode_GeneralizedTime,1,
                                                   [{file,"grisp_cryptoauth_cert.erl"},{line,273}]},
                            {erl_eval,do_apply,7,[{file,"erl_eval.erl"},{line,924}]},
                            {shell,exprs,7,[{file,"shell.erl"},{line,965}]},
                            {shell,eval_exprs,7,[{file,"shell.erl"},{line,921}]},
                            {shell,eval_loop,4,[{file,"shell.erl"},{line,906}]}]}}

Copy link
Member

@ziopio ziopio Nov 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah it needs a valid date, but at least public_key:der_encode( seams to support 'IvalidityDate', problem is with the others, expecially EmailAddress and CertificateSerialNumber, we will probably need to do something else for these

@ziopio ziopio mentioned this pull request Nov 20, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ziopio ziopio ziopio left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@GalaxyGorilla @ziopio