Bram Verburg
Bram Verburg
Thanks, I saw that. I'm not sure yet: for reading I currently rely on `:public_key`'s built-in support, which means no AES-256 support. If I were to do something beyond what...
Some extensions are already decoded by Erlang's `:public_key`, such as those mentioned at the top of this ticket, I just haven't added convenience functions to `X509.Certificate.Extension` for them yet. You...
> @voltone thanks for the answer! However, I meant _custom_ extensions, e.g. _not_ standard extensions. I want to create my own extensions for client certificates. I'll test around throughout the...
> If that really works out also using the public_key API then this would be sufficient for me. It should. Let's say you have a macro that defines the OID...
> What does {16, [{4, Value}]} actually represent? Which is the ASN.1 tag number? This is basically a Sequence (tag value 16) with a single element of type Octet String...
> Hmmm are you sure about the top level type being always a sequence? What I can find just always speaks about 'DER encoded'. I thought it was a convention...
Essentially these fingerprints are always some hash over the DER encoded certificate. The question is which hash, and how to represent it: hex (lowercase or uppercase?), base64 (regular or url-safe?...
Thanks, I finally had some time to play with this. Unfortunately it seems many of the `:public_key` types I was referencing in the typespecs are actually not exported, even though...
True, the existing functions around Validity are primarily about creating validity records. I am working on a major rewrite, where much of the core functionality is handled by Erlang modules,...
Actually, there is already an undocumented `X509.DateTime.to_datetime/1`: ```elixir iex(3)> {:Validity, not_before, not_after} = X509.Certificate.validity(cert) {:Validity, {:utcTime, '181001172413Z'}, {:utcTime, '191130233419Z'}} iex(4)> X509.DateTime.to_datetime(not_before) ~U[2018-10-01 17:24:13Z] iex(5)> DateTime.compare(DateTime.utc_now(), X509.DateTime.to_datetime(not_after)) :gt ``` Don't tell...