3 files changed, 63 insertions, 5 deletions

diff --git a/lib/public_key/doc/src/notes.xml b/lib/public_key/doc/src/notes.xml
index d83dd24f41..d13c9a520a 100644
--- a/lib/public_key/doc/src/notes.xml
+++ b/lib/public_key/doc/src/notes.xml
@@ -35,6 +35,58 @@
     <file>notes.xml</file>
   </header>
 
+<section><title>Public_Key 1.6.7</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    RSA options passed to crypto for encrypt and decrypt with
+	    public or private key.</p>
+          <p>
+	    Own Id: OTP-15754 Aux Id: ERL-878 </p>
+        </item>
+        <item>
+          <p>
+	    Fix dialyzer warnings caused by a faulty type
+	    specification for digest_type().</p>
+          <p>
+	    This change updates digest_type() and the functions
+	    operating with this argument type to accept both 'sha1'
+	    and 'sha' as digest_type().</p>
+          <p>
+	    Own Id: OTP-15776</p>
+        </item>
+      </list>
+    </section>
+
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Add possibility to read PEM files encrypted with old PEM
+	    encryption using AES-256</p>
+          <p>
+	    Own Id: OTP-13726</p>
+        </item>
+        <item>
+          <p>
+	    Relax decoding of certificates to so that "harmless"
+	    third party encoding errors may be accepted but not
+	    created by the public_key application. This adds
+	    acceptance of using an incorrect three character country
+	    code, the PKIX standard use two character country codes.
+	    It is also accepted that the country code is utf8 encoded
+	    but the specification says it should be ASCII.</p>
+          <p>
+	    Own Id: OTP-15687 Aux Id: PR-2162 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Public_Key 1.6.6</title>
 
     <section><title>Improvements and New Features</title>
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index b7589f6653..12bb0b21b0 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -286,7 +286,9 @@
     entries as ASN.1 DER encoded entities.</fsummary>
   <desc> 
     <p>Decodes PEM binary data and returns entries as ASN.1 DER encoded entities.</p>
-    <p>Example <c>{ok, PemBin} = file:read_file("cert.pem").</c></p>
+    <p>Example <c>{ok, PemBin} = file:read_file("cert.pem").
+    PemEntries = public_key:pem_decode(PemBin).    
+    </c></p>
   </desc> 
   </func> 
     
@@ -423,7 +425,7 @@
        <p>Available options:</p>
 
        <taglist>
-	<tag>{verify_fun, fun()}</tag>
+	<tag>{verify_fun, {fun(), InitialUserState::term()}</tag>
 	<item>
 	  <p>The fun must be defined as:</p>
 
@@ -541,7 +543,7 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
 
 	<tag>{undetermined_details, boolean()}</tag>
 	<item>
-	  <p>Defaults to false. When revocation status can not be
+	  <p>Defaults to false. When revocation status cannot be
 	  determined, and this option is set to true, details of why no
 	  CRLs where accepted are included in the return value.</p>
 	</item>
@@ -736,7 +738,7 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
 	  
 	<note><p>
 	Note that the generated certificates and keys does not provide a formally correct PKIX-trust-chain 
-	and they can not be used to achieve real security. This function is provided for testing purposes only.
+	and they cannot be used to achieve real security. This function is provided for testing purposes only.
 </p></note>
     </desc>
   </func>
@@ -813,7 +815,8 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
       <p>The <c>{OtherRefId,term()}</c> is defined by the user and is passed to the <c>match_fun</c>, if defined.
       If the term in <c>OtherRefId</c> is a binary, it will be converted to a string.
       </p>
-      <p>The <c>ip</c> Reference ID takes an <seealso marker="inet:inet#type-ip_address">inet:ip_address()</seealso>
+      <p>The <c>ip</c> Reference ID takes an
+      <seealso marker="kernel:inet#type-ip_address">inet:ip_address()</seealso>
       or an ip address in string format (E.g "10.0.1.1" or "1234::5678:9012") as second element.
       </p>
       <p>The options are:</p>
diff --git a/lib/public_key/doc/src/public_key_app.xml b/lib/public_key/doc/src/public_key_app.xml
index 923a9f1dfb..5f2c50711a 100644
--- a/lib/public_key/doc/src/public_key_app.xml
+++ b/lib/public_key/doc/src/public_key_app.xml
@@ -51,6 +51,9 @@
       Diffie-Hellman Key Agreement Standard </item>
       <item>Supports <url href="http://www.ietf.org/rfc/rfc2898.txt"> PKCS-5</url> - 
       Password-Based Cryptography Standard </item>
+      <item>Supports <url href="http://www.ietf.org/rfc/fc3565.txt"> AES </url> -
+      Use of the Advanced Encryption Standard (AES) Algorithm in Cryptographic Message Syntax (CMS)
+      </item>
       <item>Supports <url href="http://www.ietf.org/rfc/rfc5208.txt"> PKCS-8</url> - 
       Private-Key Information Syntax Standard</item>
       <item>Supports <url href="http://www.ietf.org/rfc/rfc5967.txt"> PKCS-10</url> -