Merge branch 'ia/ssl-and-public_key-doc-and-dialyzer-fixes' into dev

* ia/ssl-and-public_key-doc-and-dialyzer-fixes:
  Fixed guard and test case
  Fixed broken links in the documentation and dialyzer warnings

13 files changed, 48 insertions, 49 deletions

diff --git a/lib/public_key/src/pubkey_cert.erl b/lib/public_key/src/pubkey_cert.erl
index c8953c6818..fadb993ed9 100644
--- a/lib/public_key/src/pubkey_cert.erl
+++ b/lib/public_key/src/pubkey_cert.erl
@@ -164,7 +164,7 @@ validate_signature(OtpCert, DerCert, Key, KeyParams,
 	    verify_fun(OtpCert, {bad_cert, invalid_signature}, UserState, VerifyFun)
     end.
 %%--------------------------------------------------------------------
--spec validate_names(#'OTPCertificate'{}, list(), list(),
+-spec validate_names(#'OTPCertificate'{}, no_constraints | list(), list(),
 		     term(), term(), fun())-> term().
 %%
 %% Description: Validate Subject Alternative Name.
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index 095a6ff0e0..30398df9cc 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -213,10 +213,13 @@ decrypt_private(CipherText,
 				crypto:mpint(D)], Padding).
 
 %%--------------------------------------------------------------------
--spec decrypt_public(CipherText :: binary(), rsa_public_key()) -> 
+-spec decrypt_public(CipherText :: binary(), rsa_public_key() | rsa_private_key()) ->
 			    PlainText :: binary().
--spec decrypt_public(CipherText :: binary(), rsa_public_key(), 
+-spec decrypt_public(CipherText :: binary(), rsa_public_key() | rsa_private_key(),
 		     public_crypt_options()) -> PlainText :: binary().
+%% NOTE: The rsa_private_key() is not part of the documented API it is
+%% here for testing purposes, in a real situation this is not a relevant
+%% thing to do.
 %%
 %% Description: Public key decryption using the public key.
 %%--------------------------------------------------------------------
@@ -232,10 +235,14 @@ decrypt_public(CipherText,#'RSAPrivateKey'{modulus = N, publicExponent = E},
     decrypt_public(CipherText, N,E, Options).
 
 %%--------------------------------------------------------------------
--spec encrypt_public(PlainText :: binary(), rsa_public_key()) ->  
+-spec encrypt_public(PlainText :: binary(), rsa_public_key() | rsa_private_key()) ->
 			    CipherText :: binary().
--spec encrypt_public(PlainText :: binary(), rsa_public_key(), 
+-spec encrypt_public(PlainText :: binary(), rsa_public_key() | rsa_private_key(),
 		     public_crypt_options()) ->  CipherText :: binary().
+
+%% NOTE: The rsa_private_key() is not part of the documented API it is
+%% here for testing purposes, in a real situation this is not a relevant
+%% thing to do.
 %%
 %% Description: Public key encryption using the public key.
 %%--------------------------------------------------------------------
@@ -280,8 +287,8 @@ encrypt_private(PlainText, #'RSAPrivateKey'{modulus = N,
 sign(PlainText, DigestType,  #'RSAPrivateKey'{modulus = N,  publicExponent = E,
 					      privateExponent = D}) 
   when is_binary(PlainText),
-       DigestType == md5;
-       DigestType == sha ->
+       (DigestType == md5 orelse
+	DigestType == sha) ->
     
     crypto:rsa_sign(DigestType, sized_binary(PlainText), [crypto:mpint(E),
 							  crypto:mpint(N),
@@ -571,11 +578,9 @@ validate(DerCert, #path_validation_state{working_issuer_name = Issuer,
 
     pubkey_cert:prepare_for_next_cert(OtpCert, ValidationState).
 
-sized_binary(Binary) when is_binary(Binary) ->
+sized_binary(Binary) ->
     Size = size(Binary),
-    <<?UINT32(Size), Binary/binary>>;
-sized_binary(List) ->
-    sized_binary(list_to_binary(List)).
+    <<?UINT32(Size), Binary/binary>>.
 
 %%--------------------------------------------------------------------
 %%% Deprecated functions
diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl
index 81e01f3a02..88cfbcf2b6 100644
--- a/lib/public_key/test/public_key_SUITE.erl
+++ b/lib/public_key/test/public_key_SUITE.erl
@@ -249,10 +249,8 @@ sign_verify(Config) when is_list(Config) ->
     true = public_key:pkix_verify(Cert2, {Y, #'Dss-Parms'{p=P, q=Q, g=G}}),
     
     %% RSA sign
-    Msg0 = lists:duplicate(5, "Foo bar 100"),
-    Msg  = list_to_binary(Msg0),
+    Msg = list_to_binary(lists:duplicate(5, "Foo bar 100")),
 
-    RSASign = public_key:sign(Msg0, sha, PrivateRSA),
     RSASign = public_key:sign(Msg, sha, PrivateRSA),
     true = public_key:verify(Msg, sha, RSASign, PublicRSA), 
     false = public_key:verify(<<1:8, Msg/binary>>, sha, RSASign, PublicRSA), 
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index 511f1e0bb2..ec272379bb 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -218,12 +218,12 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} |
 	application is encountered. Additionally it will be called
 	when a certificate is considered valid by the path validation
 	to allow access to each certificate in the path to the user
-	application. Note that the it will differentiate between
-	the peer certificate and CA certificates by using valid_peer
-	or valid as the second argument to the verify fun.
-	See
-	<seealso marker="public_key:application">public_key(3)</seealso>
-	for definition of #'OTPCertificate'{} and #'Extension'{}.</p>
+	application. Note that the it will differentiate between the
+	peer certificate and CA certificates by using valid_peer or
+	valid as the second argument to the verify fun.  See <seealso
+	marker="public_key:cert_records">the public_key User's
+	Guide</seealso> for definition of #'OTPCertificate'{} and
+	#'Extension'{}.</p>
 
 	<p>If the verify callback fun returns {fail, Reason}, the
 	verification process is immediately stopped and an alert is
diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl
index 5571fb01f6..8c0c2bfa5d 100644
--- a/lib/ssl/src/ssl_certificate.erl
+++ b/lib/ssl/src/ssl_certificate.erl
@@ -28,7 +28,6 @@
 -include("ssl_handshake.hrl").
 -include("ssl_alert.hrl").
 -include("ssl_internal.hrl").
--include("ssl_debug.hrl").
 -include_lib("public_key/include/public_key.hrl"). 
 
 -export([trusted_cert_and_path/2,
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 1c8bbbaf06..72f02a4362 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -29,7 +29,6 @@
 -include("ssl_record.hrl").
 -include("ssl_cipher.hrl").
 -include("ssl_alert.hrl").
--include("ssl_debug.hrl").
 -include_lib("public_key/include/public_key.hrl").
 
 -export([security_parameters/2, suite_definition/1,
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index ce90d22c09..6c9ac65b64 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -29,7 +29,6 @@
 
 -behaviour(gen_fsm).
 
--include("ssl_debug.hrl").
 -include("ssl_handshake.hrl").
 -include("ssl_alert.hrl").
 -include("ssl_record.hrl").
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 7082a23fd0..c7a1c4965d 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -28,7 +28,6 @@
 -include("ssl_cipher.hrl").
 -include("ssl_alert.hrl").
 -include("ssl_internal.hrl").
--include("ssl_debug.hrl").
 -include_lib("public_key/include/public_key.hrl").
 
 -export([master_secret/4, client_hello/5, server_hello/4, hello/4,
diff --git a/lib/ssl/src/ssl_handshake.hrl b/lib/ssl/src/ssl_handshake.hrl
index 74fba3786c..68a7802ef2 100644
--- a/lib/ssl/src/ssl_handshake.hrl
+++ b/lib/ssl/src/ssl_handshake.hrl
@@ -26,6 +26,13 @@
 -ifndef(ssl_handshake).
 -define(ssl_handshake, true).
 
+-include_lib("public_key/include/public_key.hrl").
+
+-type algo_oid()          :: ?'rsaEncryption' | ?'id-dsa'.
+-type public_key()        :: #'RSAPublicKey'{} | integer().
+-type public_key_params() :: #'Dss-Parms'{} | term().
+-type public_key_info()   :: {algo_oid(), public_key(), public_key_params()}.
+
 -record(session, {
 	  session_id,
 	  peer_certificate,
diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl
index 4148032cb7..43a85c2d9d 100644
--- a/lib/ssl/src/ssl_internal.hrl
+++ b/lib/ssl/src/ssl_internal.hrl
@@ -25,6 +25,24 @@
 
 -include_lib("public_key/include/public_key.hrl"). 
 
+-type reason()            :: term().
+-type reply()             :: term().
+-type msg()               :: term().
+-type from()              :: term().
+-type host()		  :: string() | tuple().
+-type port_num()	  :: integer().
+-type session_id()        :: 0 | binary().
+-type tls_version()       :: {integer(), integer()}.
+-type tls_atom_version()  :: sslv3 | tlsv1.
+-type cache_ref()         :: term().
+-type certdb_ref()        :: term().
+-type key_algo()          :: null | rsa | dhe_rsa | dhe_dss | dh_anon.
+-type der_cert()          :: binary().
+-type private_key()       :: #'RSAPrivateKey'{} | #'DSAPrivateKey'{}.
+-type issuer()            :: tuple().
+-type serialnumber()      :: integer().
+-type cert_key()          :: {reference(), integer(), issuer()}.
+
 %% basic binary constructors
 -define(BOOLEAN(X),  X:8/unsigned-big-integer).
 -define(BYTE(X),     X:8/unsigned-big-integer).
@@ -93,28 +111,6 @@
 	  active = true
 	 }).
 
--type reason()            :: term().
--type reply()             :: term().
--type msg()               :: term().
--type from()              :: term().
--type host()		  :: string() | tuple().
--type port_num()	  :: integer().
--type session_id()        :: 0 | binary().
--type tls_version()       :: {integer(), integer()}.
--type tls_atom_version()  :: sslv3 | tlsv1.
--type cache_ref()         :: term(). 
--type certdb_ref()        :: term(). 
--type key_algo()          :: null | rsa | dhe_rsa | dhe_dss | dh_anon.
--type oid()               :: tuple().
--type public_key()        :: #'RSAPublicKey'{} | integer().
--type public_key_params() :: #'Dss-Parms'{} | term().
--type public_key_info()   :: {oid(), public_key(), public_key_params()}.
--type der_cert()          :: binary().
--type private_key()       :: #'RSAPrivateKey'{} | #'DSAPrivateKey'{}.
--type issuer()            :: tuple().
--type serialnumber()      :: integer().
--type cert_key()          :: {reference(), integer(), issuer()}.
-
 -endif. % -ifdef(ssl_internal).
 
 
diff --git a/lib/ssl/src/ssl_record.erl b/lib/ssl/src/ssl_record.erl
index e7a2d8ecf1..f1c0073965 100644
--- a/lib/ssl/src/ssl_record.erl
+++ b/lib/ssl/src/ssl_record.erl
@@ -30,7 +30,6 @@
 -include("ssl_alert.hrl").
 -include("ssl_handshake.hrl").
 -include("ssl_cipher.hrl").
--include("ssl_debug.hrl").
 
 %% Connection state handling
 -export([init_connection_states/1, 
diff --git a/lib/ssl/src/ssl_ssl3.erl b/lib/ssl/src/ssl_ssl3.erl
index 18c3f4ed3d..c49f9f1e6d 100644
--- a/lib/ssl/src/ssl_ssl3.erl
+++ b/lib/ssl/src/ssl_ssl3.erl
@@ -25,7 +25,6 @@
 -module(ssl_ssl3).
 
 -include("ssl_cipher.hrl").
--include("ssl_debug.hrl").
 -include("ssl_internal.hrl").
 -include("ssl_record.hrl"). 			% MD5 and SHA
 
diff --git a/lib/ssl/src/ssl_tls1.erl b/lib/ssl/src/ssl_tls1.erl
index 88394b23ba..3784483e9c 100644
--- a/lib/ssl/src/ssl_tls1.erl
+++ b/lib/ssl/src/ssl_tls1.erl
@@ -27,7 +27,6 @@
 -include("ssl_cipher.hrl").
 -include("ssl_internal.hrl").
 -include("ssl_record.hrl"). 			
--include("ssl_debug.hrl").
 
 -export([master_secret/3, finished/3, certificate_verify/2, mac_hash/7, 
 	 setup_keys/6, suites/0]).