6 files changed, 38 insertions, 97 deletions
diff --git a/lib/public_key/asn1/PKCS-7.asn1 b/lib/public_key/asn1/PKCS-7.asn1
index e76f928acb..e9c188be39 100644
--- a/lib/public_key/asn1/PKCS-7.asn1
+++ b/lib/public_key/asn1/PKCS-7.asn1
@@ -124,7 +124,7 @@ SignerInfoAuthenticatedAttributes ::= CHOICE {
 
 -- Also defined in X.509
 -- Redeclared here as a parameterized type
-AlgorithmIdentifierPKSC-7 {ALGORITHM:IOSet} ::= SEQUENCE {
+AlgorithmIdentifierPKCS-7 {ALGORITHM:IOSet} ::= SEQUENCE {
    algorithm   ALGORITHM.&id({IOSet}),
    parameters  ALGORITHM.&Type({IOSet}{@algorithm}) OPTIONAL
 }
@@ -146,21 +146,21 @@ CRLSequence ::=
   SEQUENCE OF CertificateList
 
 ContentEncryptionAlgorithmIdentifier ::=
-  AlgorithmIdentifierPKSC-7 {{ContentEncryptionAlgorithms}}
+  AlgorithmIdentifierPKCS-7 {{ContentEncryptionAlgorithms}}
 
 ContentEncryptionAlgorithms ALGORITHM ::= {
   ...  -- add any application-specific algorithms here
 }
 
 DigestAlgorithmIdentifier ::=
-  AlgorithmIdentifierPKSC-7 {{DigestAlgorithms}}
+  AlgorithmIdentifierPKCS-7 {{DigestAlgorithms}}
 
 DigestAlgorithms ALGORITHM ::= {
    ...  -- add any application-specific algorithms here
 }
 
 DigestEncryptionAlgorithmIdentifier ::=
-  AlgorithmIdentifierPKSC-7 {{DigestEncryptionAlgorithms}}
+  AlgorithmIdentifierPKCS-7 {{DigestEncryptionAlgorithms}}
 
 DigestEncryptionAlgorithms ALGORITHM ::= {
   ...  -- add any application-specific algorithms here
@@ -182,7 +182,7 @@ IssuerAndSerialNumber ::= SEQUENCE {
 }
 
 KeyEncryptionAlgorithmIdentifier ::=
-  AlgorithmIdentifierPKSC-7 {{KeyEncryptionAlgorithms}}
+  AlgorithmIdentifierPKCS-7 {{KeyEncryptionAlgorithms}}
 
 KeyEncryptionAlgorithms ALGORITHM ::= {
   ...  -- add any application-specific algorithms here
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index dea35bc390..7284da0499 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -95,10 +95,12 @@
       <p><c>| {#'PBEParameter{}, digest_type()} | #'PBES2-params'{}}</c></p>
       </item>
       
-      <tag><c>public_key() =</c></tag>
+      <tag><marker id="type-public_key"/>
+      <c>public_key() =</c></tag>
       <item><p><c>rsa_public_key() | dsa_public_key() | ec_public_key()</c></p></item>
       
-      <tag><c>private_key() =</c></tag>
+      <tag><marker id="type-private_key"/>
+      <c>private_key() =</c></tag>
       <item><p><c>rsa_private_key() | dsa_private_key() | ec_private_key()</c></p></item>
 
       <tag><c>rsa_public_key() =</c></tag>
diff --git a/lib/public_key/src/pubkey_cert.erl b/lib/public_key/src/pubkey_cert.erl
index c433a96585..c0d7b9be8e 100644
--- a/lib/public_key/src/pubkey_cert.erl
+++ b/lib/public_key/src/pubkey_cert.erl
@@ -371,23 +371,23 @@ match_name(directoryName, DirName,  [PermittedName | Rest]) ->
     match_name(fun is_rdnSeq/2, DirName, PermittedName, Rest);
 
 match_name(uniformResourceIdentifier, URI,  [PermittedName | Rest]) ->
-    case split_uri(URI) of
-	incomplete ->
-	    false;
-	{_, _, Host, _, _} ->
-	    PN = case split_uri(PermittedName) of
-		     {_, _, PNhost, _, _} -> PNhost;
+    case uri_string:normalize(URI, [return_map]) of
+	#{host := Host} ->
+	    PN = case uri_string:normalize(PermittedName, [return_map]) of
+		     #{host := PNhost} -> PNhost;
 		     _X -> PermittedName
 		 end,
-	    match_name(fun is_valid_host_or_domain/2, Host, PN, Rest)
+	    match_name(fun is_valid_host_or_domain/2, Host, PN, Rest);
+        _ ->
+            false
     end;
 
 match_name(emailAddress, Name, [PermittedName | Rest]) ->
     Fun = fun(Email, PermittedEmail) ->
-		  is_valid_email_address(Email, PermittedEmail,
-				   string:tokens(PermittedEmail,"@"))
-	  end,
-     match_name(Fun, Name, PermittedName, Rest);
+                  is_valid_email_address(Email, PermittedEmail,
+                                         string:tokens(PermittedEmail,"@"))
+          end,
+    match_name(Fun, Name, PermittedName, Rest);
 
 match_name(dNSName, Name, [PermittedName | Rest]) ->
     Fun = fun(Domain, [$.|Domain]) -> true;
@@ -868,75 +868,12 @@ is_valid_subject_alt_name({otherName, #'AnotherName'{}}) ->
 is_valid_subject_alt_name({_, _}) ->
     false.
 
-is_ip_address(Address) ->
-    case inet_parse:address(Address) of
-	{ok, _} ->
-	    true;
-	_ ->
-	    false
-    end.
-
-is_fully_qualified_name(_Name) ->
-    true.
-
 is_valid_uri(AbsURI) -> 
-    case split_uri(AbsURI) of
-	incomplete ->
-	    false;
-	{StrScheme, _, Host, _, _} ->
-	    case string:to_lower(StrScheme) of
-		Scheme when Scheme =:= "http"; Scheme =:= "ftp" ->
-		    is_valid_host(Host);
-		_ ->
-		    false
-	    end
-    end.
-
-is_valid_host(Host) ->
-    case is_ip_address(Host) of
-	true ->
-	    true;   
-	false -> 
-	    is_fully_qualified_name(Host)
-    end.
-
-%% Could have a more general split URI in stdlib? Maybe when
-%% regexs are improved. Needed also in inets!
-split_uri(Uri) ->
-    case split_uri(Uri, ":", {error, no_scheme}, 1, 1) of
-	{error, no_scheme} ->
-	    incomplete;
-	{StrScheme, "//" ++ URIPart} ->
-	    {Authority, PathQuery} = 
-		split_auth_path(URIPart),
-	    {UserInfo, HostPort} = 
-		split_uri(Authority, "@", {"", Authority}, 1, 1),
-	    {Host, Port} = 
-		split_uri(HostPort, ":", {HostPort, dummy_port}, 1, 1),
-	    {StrScheme, UserInfo, Host, Port, PathQuery}
-    end.
-
-split_auth_path(URIPart) ->
-    case split_uri(URIPart, "/", URIPart, 1, 0) of
-	Split = {_, _} ->
-	    Split;
-	URIPart ->
-	    case split_uri(URIPart, "\\?", URIPart, 1, 0) of
-		Split = {_, _} ->
-		    Split;
-		URIPart ->
-		    {URIPart,""}
-	    end
-    end.
-
-split_uri(UriPart, SplitChar, NoMatchResult, SkipLeft, SkipRight) ->
-    case re:run(UriPart, SplitChar) of
-	{match,[{Start, _}]} ->
-	    StrPos = Start + 1,
-	    {string:substr(UriPart, 1, StrPos - SkipLeft),
-	     string:substr(UriPart, StrPos + SkipRight, length(UriPart))}; 
-	nomatch ->
-	    NoMatchResult
+    case uri_string:normalize(AbsURI, [return_map]) of
+        #{scheme := _} ->
+            true;
+        _ ->
+            false
     end.
 
 is_rdnSeq({rdnSequence,[]}, {rdnSequence,[none]}) -> 
diff --git a/lib/public_key/src/pubkey_ssh.erl b/lib/public_key/src/pubkey_ssh.erl
index a7d018e440..02c061efc9 100644
--- a/lib/public_key/src/pubkey_ssh.erl
+++ b/lib/public_key/src/pubkey_ssh.erl
@@ -38,6 +38,8 @@
 -define(Empint(X),  (mpint(X))/binary ).
 -define(Estring(X), (string(X))/binary ).
 
+-define(b64enc(X), base64:encode(iolist_to_binary(X)) ).
+-define(b64mime_dec(X), base64:mime_decode(iolist_to_binary(X)) ).
 
 %% Max encoded line length is 72, but conformance examples use 68
 %% Comment from rfc 4716: "The following are some examples of public
@@ -163,7 +165,7 @@ rfc4716_decode_line(Line, Lines, Acc) ->
 	    rfc4716_decode_lines(Lines, [{string_decode(Tag), unicode_decode(Value)} | Acc]);
 	_ ->
 	    {Body, Rest} = join_entry([Line | Lines], []),
-	    {lists:reverse(Acc), rfc4716_pubkey_decode(base64:mime_decode(Body)), Rest}
+	    {lists:reverse(Acc), rfc4716_pubkey_decode(?b64mime_dec(Body)), Rest}
     end.
 
 join_entry([<<"---- END SSH2 PUBLIC KEY ----", _/binary>>| Lines], Entry) ->
@@ -257,11 +259,11 @@ decode_comment(Comment) ->
 
 openssh_pubkey_decode(Type,  Base64Enc) ->
     try
-        <<?DEC_BIN(Type,_TL), Bin/binary>> = base64:mime_decode(Base64Enc),
+        <<?DEC_BIN(Type,_TL), Bin/binary>> = ?b64mime_dec(Base64Enc),
 	ssh2_pubkey_decode(Type,  Bin)
     catch
 	_:_ ->
-	    {Type, base64:mime_decode(Base64Enc)}
+	    {Type, ?b64mime_dec(Base64Enc)}
     end.
 
 
@@ -292,12 +294,12 @@ do_encode(Type, Key, Attributes) ->
 
 rfc4716_encode(Key, [],[]) ->
     iolist_to_binary([begin_marker(),"\n",
-			     split_lines(base64:encode(ssh2_pubkey_encode(Key))),
+			     split_lines(?b64enc(ssh2_pubkey_encode(Key))),
 			     "\n", end_marker(), "\n"]);
 rfc4716_encode(Key, [], [_|_] = Acc) ->
     iolist_to_binary([begin_marker(), "\n",
 			     lists:reverse(Acc),
-			     split_lines(base64:encode(ssh2_pubkey_encode(Key))),
+			     split_lines(?b64enc(ssh2_pubkey_encode(Key))),
 			     "\n", end_marker(), "\n"]);
 rfc4716_encode(Key, [ Header | Headers], Acc) ->
     LinesStr = rfc4716_encode_header(Header),
@@ -326,7 +328,7 @@ rfc4716_encode_value(Value) ->
 
 openssh_encode(openssh_public_key, Key, Attributes) ->
     Comment = proplists:get_value(comment, Attributes, ""),
-    Enc = base64:encode(ssh2_pubkey_encode(Key)),
+    Enc = ?b64enc(ssh2_pubkey_encode(Key)),
     iolist_to_binary([key_type(Key), " ",  Enc,  " ", Comment, "\n"]);
 
 openssh_encode(auth_keys, Key, Attributes) ->
@@ -351,10 +353,10 @@ openssh_encode(known_hosts, Key, Attributes) ->
     end.
 
 openssh_ssh2_auth_keys_encode(undefined, Key, Comment) ->
-    iolist_to_binary([key_type(Key)," ",  base64:encode(ssh2_pubkey_encode(Key)), line_end(Comment)]);
+    iolist_to_binary([key_type(Key)," ",  ?b64enc(ssh2_pubkey_encode(Key)), line_end(Comment)]);
 openssh_ssh2_auth_keys_encode(Options, Key, Comment) ->
     iolist_to_binary([comma_list_encode(Options, []), " ",
-			     key_type(Key)," ", base64:encode(ssh2_pubkey_encode(Key)), line_end(Comment)]).
+			     key_type(Key)," ", ?b64enc(ssh2_pubkey_encode(Key)), line_end(Comment)]).
 
 openssh_ssh1_auth_keys_encode(undefined, Bits,
 			      #'RSAPublicKey'{modulus = N, publicExponent = E},
@@ -369,7 +371,7 @@ openssh_ssh1_auth_keys_encode(Options, Bits,
 
 openssh_ssh2_know_hosts_encode(Hostnames, Key, Comment) ->
     iolist_to_binary([comma_list_encode(Hostnames, []), " ",
-			     key_type(Key)," ",  base64:encode(ssh2_pubkey_encode(Key)), line_end(Comment)]).
+			     key_type(Key)," ",  ?b64enc(ssh2_pubkey_encode(Key)), line_end(Comment)]).
 
 openssh_ssh1_known_hosts_encode(Hostnames, Bits,
 				#'RSAPublicKey'{modulus = N, publicExponent = E},
diff --git a/lib/public_key/src/public_key.app.src b/lib/public_key/src/public_key.app.src
index dbd732c384..5833141e87 100644
--- a/lib/public_key/src/public_key.app.src
+++ b/lib/public_key/src/public_key.app.src
@@ -14,7 +14,7 @@
    {applications, [asn1, crypto, kernel, stdlib]},
    {registered, []},
    {env, []},
-   {runtime_dependencies, ["stdlib-2.0","kernel-3.0","erts-6.0","crypto-3.8",
+   {runtime_dependencies, ["stdlib-3.5","kernel-3.0","erts-6.0","crypto-3.8",
 			   "asn1-3.0"]}
    ]
 }.
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index 034126655c..931901640a 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -1456,7 +1456,7 @@ ascii_to_lower(String) ->
 verify_hostname_extract_fqdn_default({dns_id,S}) ->
     S;
 verify_hostname_extract_fqdn_default({uri_id,URI}) ->
-    {ok,{https,_,Host,_,_,_}} = http_uri:parse(URI),
+    #{scheme := "https", host := Host} = uri_string:normalize(URI, [return_map]),
     Host.