-
Notifications
You must be signed in to change notification settings - Fork 10
/
template.ex
58 lines (54 loc) · 1.53 KB
/
template.ex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
defmodule ATECC508A.Certificate.Template do
defstruct [
:signer_id,
:template_id,
:chain_id,
:sn_source,
:device_sn,
:certificate_sn,
extensions: []
]
alias X509.Certificate.Extension
@type t :: %__MODULE__{
signer_id: 0..65535,
template_id: 0..15,
chain_id: 0..15,
sn_source: ATECC508A.sn_source(),
device_sn: ATECC508A.serial_number() | nil,
certificate_sn: binary() | nil,
extensions: [Extension.t()]
}
@spec signer(X509.PublicKey.t()) :: t()
def signer(public_key) do
%__MODULE__{
signer_id: 0,
template_id: 1,
chain_id: 0,
sn_source: :public_key,
device_sn: nil,
extensions: [
Extension.basic_constraints(true, 0),
Extension.key_usage([:digitalSignature, :keyCertSign, :cRLSign]),
Extension.ext_key_usage([:serverAuth, :clientAuth]),
Extension.subject_key_identifier(public_key),
Extension.authority_key_identifier(public_key)
]
}
end
@spec device(ATECC508A.serial_number(), X509.PublicKey.t()) :: t()
def device(device_sn, signer_public_key) do
%__MODULE__{
signer_id: 0,
template_id: 0,
chain_id: 0,
sn_source: :device_sn,
device_sn: device_sn,
extensions: [
Extension.basic_constraints(false),
Extension.key_usage([:digitalSignature, :keyEncipherment]),
Extension.ext_key_usage([:clientAuth]),
Extension.authority_key_identifier(signer_public_key)
]
}
end
end