7 files changed, 41 insertions, 19 deletions

diff --git a/lib/public_key/asn1/README b/lib/public_key/asn1/README
index 5fb8cf9725..2a880e2d51 100644
--- a/lib/public_key/asn1/README
+++ b/lib/public_key/asn1/README
@@ -46,6 +46,6 @@ diff -r1.1 PKIXAttributeCertificate.asn1
 ---
 >                 version        AttCertVersion,  -- version is v2
 
-4. Defenitions of publuic keys from PKCS-1.asn1 present in
+4. Definitions of public keys from PKCS-1.asn1 present in
 PKIX1Algorithms88.asn1 where removed as we take them directly from
 PKCS-1.asn1
\ No newline at end of file
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index d60d91cd83..b3ce49e2ca 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -63,7 +63,7 @@
     <p><code>pki_asn1_type() = 'Certificate' | 'RSAPrivateKey'| 'RSAPublicKey'
     'DSAPrivateKey' | 'DSAPublicKey' | 'DHParameter' | 'SubjectPublicKeyInfo'</code></p>
     
-    <p><code>pem_entry () = {pki_asn1_type(), binary() %% DER or encrypted DER
+    <p><code>pem_entry () = {pki_asn1_type(), binary(), %% DER or encrypted DER
           not_encrypted | {"DES-CBC" | "DES-EDE3-CBC",  crypto:rand_bytes(8)}}.</code></p>
     
     <p><code>rsa_public_key()  = #'RSAPublicKey'{}</code></p>
@@ -72,8 +72,6 @@
 
     <p><code>dsa_public_key() = {integer(),  #'Dss-Parms'{}} </code></p>
 
-    <p><code>rsa_private_key() = #'RSAPrivateKey'{} </code></p>
-    
     <p><code>dsa_private_key() = #'DSAPrivateKey'{}</code></p>
     
     <p><code> public_crypt_options() = [{rsa_pad, rsa_padding()}]. </code></p>
@@ -81,7 +79,7 @@
     <p><code> rsa_padding() =  'rsa_pkcs1_padding' | 'rsa_pkcs1_oaep_padding'
     | 'rsa_no_padding'</code></p>
     
-    <p><code> rsa_digest_type()  = 'md5' | 'sha' </code></p>
+    <p><code> rsa_digest_type()  = 'md2' | 'md5' | 'sha' </code></p>
 
     <p><code> dss_digest_type()  = 'none' | 'sha' </code></p>
 
@@ -149,7 +147,7 @@
     <name>der_decode(Asn1type, Der) -> term()</name>
     <fsummary> Decodes a public key asn1 der encoded entity.</fsummary>
     <type>
-      <v>Asn1Type = atom() -</v>
+      <v>Asn1Type = atom()</v>
       <d> ASN.1 type present in the public_key applications
       asn1 specifications.</d>
       <v>Der = der_encoded()</v>
@@ -166,7 +164,8 @@
       <v>Asn1Type = atom()</v>
       <d> Asn1 type present in the public_key applications
 	 ASN.1 specifications.</d>
-      <v>Entity = term() - The erlang representation of <c> Asn1Type</c></v>
+      <v>Entity = term()</v>
+      <d>The erlang representation of <c>Asn1Type</c></d>
   </type> 
   <desc> 
     <p> Encodes a public key entity with ASN.1 DER encoding.</p>
@@ -218,12 +217,13 @@
     <fsummary> Creates a pem entry that can be fed to pem_encode/1.</fsummary>
     <type>
       <v>Asn1Type = pki_asn1_type()</v>
-      <v>Entity = term() - The Erlang representation of
+      <v>Entity = term()</v>
+      <d>The Erlang representation of
       <c>Asn1Type</c>.  If <c>Asn1Type</c> is 'SubjectPublicKeyInfo'
       then <c>Entity</c> must be either an rsa_public_key() or a
       dsa_public_key() and this function will create the appropriate
       'SubjectPublicKeyInfo' entry.
-      </v>
+      </d>
       <v>CipherInfo = {"DES-CBC" | "DES-EDE3-CBC",  crypto:rand_bytes(8)}</v>
       <v>Password = string()</v> 
   </type> 
@@ -281,7 +281,7 @@
   <desc> 
     <p>Der encodes a pkix x509 certificate or part of such a
     certificate. This function must be used for encoding certificates or parts of certificates
-    that are decoded/created on the otp format, whereas for the plain format this
+    that are decoded/created in the otp format, whereas for the plain format this
     function will directly call der_encode/2. </p> 
   </desc> 
   </func>
diff --git a/lib/public_key/src/pubkey_cert.erl b/lib/public_key/src/pubkey_cert.erl
index 5ab9642279..61082a1ec5 100644
--- a/lib/public_key/src/pubkey_cert.erl
+++ b/lib/public_key/src/pubkey_cert.erl
@@ -38,7 +38,7 @@
 %%====================================================================
 
 %%--------------------------------------------------------------------
--spec verify_data(DER::binary()) -> {md5 | sha,  binary(), binary()}.
+-spec verify_data(DER::binary()) -> {md2 | md5 | sha,  binary(), binary()}.
 %%
 %% Description: Extracts data from DerCert needed to call public_key:verify/4.
 %%--------------------------------------------------------------------	 
@@ -378,6 +378,8 @@ digest_type(?sha1WithRSAEncryption) ->
     sha;
 digest_type(?md5WithRSAEncryption) ->
     md5;
+digest_type(?md2WithRSAEncryption) ->
+    md2;
 digest_type(?'id-dsa-with-sha1') ->
     sha.
 
diff --git a/lib/public_key/src/public_key.appup.src b/lib/public_key/src/public_key.appup.src
index 4986801dad..18fae54d18 100644
--- a/lib/public_key/src/public_key.appup.src
+++ b/lib/public_key/src/public_key.appup.src
@@ -1,6 +1,12 @@
 %% -*- erlang -*-
 {"%VSN%",
  [
+  {"0.12",
+   [
+    {update, public_key, soft, soft_purge, soft_purge, []},
+    {update, pubkey_cert, soft, soft_purge, soft_purge, []},
+   ]
+  },
  {"0.11",
    [
     {update, public_key, soft, soft_purge, soft_purge, []},
@@ -35,6 +41,12 @@
   }
  ],
  [
+  {"0.12",
+   [
+    {update, public_key, soft, soft_purge, soft_purge, []},
+    {update, pubkey_cert, soft, soft_purge, soft_purge, []},
+   ]
+  },
   {"0.11",
    [
     {update, public_key, soft, soft_purge, soft_purge, []},
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index 2901020e83..940efffcd0 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -55,7 +55,7 @@
 -type rsa_padding()          :: 'rsa_pkcs1_padding' | 'rsa_pkcs1_oaep_padding' 
 			      | 'rsa_no_padding'.
 -type public_crypt_options() :: [{rsa_pad, rsa_padding()}].
--type rsa_digest_type()      :: 'md5' | 'sha'.
+-type rsa_digest_type()      :: 'md2' | 'md5' | 'sha'.
 -type dss_digest_type()      :: 'none' | 'sha'.
 
 -define(UINT32(X), X:32/unsigned-big-integer).
@@ -307,7 +307,8 @@ encrypt_private(PlainText, #'RSAPrivateKey'{modulus = N,
 sign(PlainText, DigestType,  #'RSAPrivateKey'{modulus = N,  publicExponent = E,
 					      privateExponent = D}) 
   when is_binary(PlainText),
-       (DigestType == md5 orelse
+       (DigestType == md2 orelse
+	DigestType == md5 orelse
 	DigestType == sha) ->
     
     crypto:rsa_sign(DigestType, sized_binary(PlainText), [crypto:mpint(E),
@@ -335,7 +336,10 @@ sign(PlainText, sha, #'DSAPrivateKey'{p = P, q = Q, g = G, x = X})
 %%--------------------------------------------------------------------
 verify(PlainText, DigestType, Signature, 
        #'RSAPublicKey'{modulus = Mod, publicExponent = Exp}) 
-  when is_binary (PlainText), DigestType == sha; DigestType == md5 ->
+  when is_binary(PlainText),
+       (DigestType == md2 orelse
+	DigestType == md5 orelse
+	DigestType == sha) ->
     crypto:rsa_verify(DigestType,
 		      sized_binary(PlainText), 
 		      sized_binary(Signature), 
@@ -488,9 +492,10 @@ pkix_path_validation(PathErr, [Cert | Chain], Options0) when is_atom(PathErr)->
 	_:_ ->
 	    {error, Reason}
     end;
-pkix_path_validation(TrustedCert, CertChain, Options) when
-  is_binary(TrustedCert) -> OtpCert = pkix_decode_cert(TrustedCert,
-  otp), pkix_path_validation(OtpCert, CertChain, Options);
+pkix_path_validation(TrustedCert, CertChain, Options)
+  when is_binary(TrustedCert) ->
+    OtpCert = pkix_decode_cert(TrustedCert, otp),
+    pkix_path_validation(OtpCert, CertChain, Options);
 
 pkix_path_validation(#'OTPCertificate'{} = TrustedCert, CertChain, Options)
   when is_list(CertChain), is_list(Options) ->
diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl
index b11e4d092a..a9c198c581 100644
--- a/lib/public_key/test/public_key_SUITE.erl
+++ b/lib/public_key/test/public_key_SUITE.erl
@@ -537,7 +537,10 @@ rsa_sign_verify(Config) when is_list(Config) ->
     false = public_key:verify(Msg, sha, <<1:8, RSASign/binary>>, PublicRSA), 
 
     RSASign1 = public_key:sign(Msg, md5, PrivateRSA),
-    true = public_key:verify(Msg, md5, RSASign1, PublicRSA).
+    true = public_key:verify(Msg, md5, RSASign1, PublicRSA),
+
+    RSASign2 = public_key:sign(Msg, md2, PrivateRSA),
+    true = public_key:verify(Msg, md2, RSASign2, PublicRSA).
     
 %%--------------------------------------------------------------------
 
diff --git a/lib/public_key/vsn.mk b/lib/public_key/vsn.mk
index 3c6b012152..66ac78a65d 100644
--- a/lib/public_key/vsn.mk
+++ b/lib/public_key/vsn.mk
@@ -1 +1 @@
-PUBLIC_KEY_VSN = 0.12
+PUBLIC_KEY_VSN = 0.13