Skip to content

public_key: Add support for ExtensionRequest #10031

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 15, 2025
Merged

public_key: Add support for ExtensionRequest #10031

merged 1 commit into from
Jul 15, 2025

Conversation

@IngelaAndin
Copy link
Contributor

@IngelaAndin IngelaAndin commented Jul 7, 2025
edited
Loading

Add modern ASN-1 specs to be able to retain support for ExtensionRequest from legacy PKCS-9 spec.

This can open up for further support being added later.

Closes #10028

@github-actions
Copy link
Contributor

github-actions bot commented Jul 7, 2025
edited
Loading

CT Test Results

  2 files   17 suites   4m 43s ⏱️
287 tests 283 ✅ 4 💤 0 ❌
303 runs  299 ✅ 4 💤 0 ❌

Results for commit 5f88033.

♻️ This comment has been updated with latest results.

To speed up review, make sure that you have read Contributing to Erlang/OTP and that all checks pass.

See the TESTING and DEVELOPMENT HowTo guides for details about how to run test locally.

Artifacts

// Erlang/OTP Github Action Bot

@IngelaAndin IngelaAndin mentioned this pull request Jul 7, 2025
Closed
@jhogberg jhogberg added the team:PS Assigned to OTP team PS label Jul 7, 2025
@IngelaAndin IngelaAndin self-assigned this Jul 7, 2025
@IngelaAndin IngelaAndin force-pushed the ingela/public_key/include-modernized-PKCS-9-ExtensionRequest/OTP-19703 branch 3 times, most recently from c29bdd7 to 94ebbb9 Compare July 8, 2025 20:04
@IngelaAndin IngelaAndin added the testing currently being tested, tag is used by OTP internal CI label Jul 9, 2025
@IngelaAndin IngelaAndin force-pushed the ingela/public_key/include-modernized-PKCS-9-ExtensionRequest/OTP-19703 branch from 94ebbb9 to 086bf9d Compare July 10, 2025 11:10
@IngelaAndin IngelaAndin requested a review from Copilot July 10, 2025 11:11
Copilot AI reviewed Jul 10, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces support for the legacy PKCS-9 ExtensionRequest by adding modern ASN.1 modules and wiring up encode/decode fallbacks.

  • Add new ASN.1 specs: EnrollmentMessageSyntax-2009 and PKIXCRMF-2009
  • Update public_key.erl to handle 'ExtensionReq'/'ExtensionRequest' in der_encode/der_decode
  • Extend tests, application config, include files, and Makefiles to build and verify the new support

Reviewed Changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
lib/public_key/test/public_key_SUITE.erl Added pkix_extensionreq tests for DER-encode of ExtensionReq
lib/public_key/src/public_key.erl Implemented der_encode/der_decode fallbacks for ExtensionRequest
lib/public_key/src/public_key.app.src Included new ASN.1 modules in application definition
lib/public_key/include/public_key.hrl Updated PKCS-9 comment for pkcs-9-at-extensionRequest OID
lib/public_key/asn1/Makefile Added EnrollmentMessageSyntax-2009 and PKIXCRMF-2009 to build list
lib/public_key/asn1/EnrollmentMessageSyntax-2009.asn1 New ASN.1 specification for ExtensionReq
lib/public_key/asn1/PKIXCRMF-2009.asn1 New ASN.1 specification to support CRMF components
Comments suppressed due to low confidence (2)

lib/public_key/test/public_key_SUITE.erl:1580

  • The test currently only verifies DER-encode behavior. Add a complementary assertion invoking public_key:der_decode('ExtensionRequest', Expected) and matching its result to the expected term to ensure decode support is covered.
    Expected = <<48,0>>,

lib/public_key/src/public_key.erl:581

  • [nitpick] Add a brief function-level comment above this clause to document that 'ExtensionRequest' is mapped to 'ExtensionReq' for backwards compatibility, aiding future maintainers.
der_decode('ExtensionRequest', Value) ->

@IngelaAndin IngelaAndin force-pushed the ingela/public_key/include-modernized-PKCS-9-ExtensionRequest/OTP-19703 branch 2 times, most recently from cbb64ab to 63bf05b Compare July 10, 2025 11:37
@IngelaAndin IngelaAndin requested a review from u3s July 10, 2025 11:38
@IngelaAndin IngelaAndin removed the testing currently being tested, tag is used by OTP internal CI label Jul 10, 2025
@IngelaAndin IngelaAndin force-pushed the ingela/public_key/include-modernized-PKCS-9-ExtensionRequest/OTP-19703 branch 2 times, most recently from 08f69df to 965949e Compare July 11, 2025 07:19
@IngelaAndin IngelaAndin added the testing currently being tested, tag is used by OTP internal CI label Jul 11, 2025
u3s
u3s previously approved these changes Jul 14, 2025
View reviewed changes
@IngelaAndin IngelaAndin force-pushed the ingela/public_key/include-modernized-PKCS-9-ExtensionRequest/OTP-19703 branch from 965949e to 9f1fbe4 Compare July 14, 2025 15:12
@IngelaAndin IngelaAndin requested a review from u3s July 14, 2025 15:13
u3s
u3s reviewed Jul 15, 2025
View reviewed changes
lib/public_key/src/public_key.erl Outdated
error:{badmatch, {error, _}} = Error ->
erlang:error(Error)
end;
%% Bakwards compatibility
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

global typo, which you fixed above not here. run grep please.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@u3s I did, maybe it was that it was the first word here so that it started with B and not b ! Fixed anyhow please re-approve.

u3s
u3s previously approved these changes Jul 15, 2025
View reviewed changes
@IngelaAndin
public_key: Add support for ExtensionRequest
5f88033 
Add modern ASN-1 specs to be able to retain support
for ExtensionRequest from legacy PKCS-9 spec.

This can open up for further support of EnrollmentMessageSyntax-2009 being added later.

Also add some missing backwards compatibility
for X520CommonName and legacy AttributeTypeAndValue

Closes erlang#10028
@IngelaAndin IngelaAndin force-pushed the ingela/public_key/include-modernized-PKCS-9-ExtensionRequest/OTP-19703 branch from 9f1fbe4 to 5f88033 Compare July 15, 2025 09:31
@IngelaAndin IngelaAndin requested a review from u3s July 15, 2025 10:45
@IngelaAndin IngelaAndin merged commit bdf2c56 into erlang:maint Jul 15, 2025
25 of 26 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@u3s u3s u3s approved these changes

Assignees

@IngelaAndin IngelaAndin

Labels

team:PS Assigned to OTP team PS testing currently being tested, tag is used by OTP internal CI

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@IngelaAndin @u3s @jhogberg