aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key/doc/src/public_key.xml
AgeCommit message (Collapse)Author
2017-09-22public_key: Add app (ssl) to marker in seelalso tagHans Nilsson
2017-09-20public_key, ssl: Provide certitifate test data generation function in public_keyIngela Anderton Andin
The ssl application uses the new function in many of its test cases.
2017-07-10Merge branch 'ingela/public_key/ssl/CRL-error-propagation/OTP-14236' into maintIngela Anderton Andin
* ingela/public_key/ssl/CRL-error-propagation/OTP-14236: ssl: Try to make asn1 decode errors of certificates as specific as possible ssl,public_key: Provide details for CRL check failiures when revokation state can not be determined ssl: Enhance error logging
2017-07-07ssl,public_key: Provide details for CRL check failiures when revokation ↵Ingela Anderton Andin
state can not be determined
2017-07-07public_key: doc for new sign/4 and verify/5Hans Nilsson
2017-05-04Update copyright yearRaimo Niskanen
2017-04-12public_key: Public RSA key is present in private keyIngela Anderton Andin
Change the return value from {#'RSAPublicKey'{}, #'RSAPrivateKey'{}} to #'RSAPrivateKey'{} This conforms to the #'ECPrivateKey'{} return value. Note that DH key will be returned as {Public::integer(), Private::integer()} as there is no key structure (record) only two integers. Maybe we would like to add extraction functions for the public key from the private ones later.
2017-03-13Merge branch 'wiml/crypto/rsa-generate-key/ERL-165/PR-1299/OTP-14140'Hans Nilsson
2017-03-09public_key: RSA key gen documentationHans Nilsson
2017-02-14public_key: generate a list of ssh fingerprints on requestHans Nilsson
2017-01-25public_key: pkix_verify_hostname (RFC 6125)Hans Nilsson
2016-12-07Update copyright-yearErlang/OTP
2016-11-22public_key: ssh host key fingerprint generator addedHans Nilsson
2016-06-16public_key: Fix Xmllint errorsIngela Anderton Andin
2016-06-14Merge branch 'legoscia/ssl_crl_hash_dir-bis/PR-982/OTP-13530'Ingela Anderton Andin
* legoscia/ssl_crl_hash_dir-bis/PR-982/OTP-13530: Skip crl_hash_dir_expired test for LibreSSL Add ssl_crl_hash_dir module Function for generating OpenSSL-style name hashes Add public_key:pkix_match_dist_point Improve formatting for crl_{check,cache} options Add issuer arg to ssl_crl_cache_api lookup callback Conflicts: lib/public_key/test/public_key_SUITE.erl
2016-06-03public_key: Create application manual page that is man(6)Ingela Anderton Andin
2016-04-25public_key: Remove use of crypto:rand_bytes/1Ingela Anderton Andin
public_key use cases are cryptographical so use crypto:strong_rand_bytes/1 instead.
2016-04-05Function for generating OpenSSL-style name hashesMagnus Henoch
OpenSSL has functions to generate short (eight hex digits) hashes of issuers of certificates and CRLs. These hashes are used by the "c_rehash" script to populate directories of CA certificates and CRLs, e.g. in the Apache web server. Adding this function lets an Erlang program find the right CRL for a given certificate in such a directory.
2016-04-01Add public_key:pkix_match_dist_pointMagnus Henoch
2016-03-10public_key: Handle PEM encoded EC public keysIngela Anderton Andin
Also add missing test for PEM encoded private EC keys.
2016-02-19Fix public_key documentation typosMagnus Henoch
2015-11-05ssh, public_key: updates after doc reviewHans Nilsson
2015-11-04ssh, public_key: random selection of diffie-hellman moduliHans Nilsson
Also tool (public_key:gen_moduli_hrl) to convert an openssh moduli file to erlang format.
2015-09-11Fix public_key docYuki Ito
2015-06-28Updated documentation to match implementationRed
Line number references are with respect to sources in public_key.erl Changes: - pkix_sign replaced public with private (L510) (Certificates are signed by private keys) - pki_asn1_type() added 'CertificateList' (L73) - pkix_sign_types added ecdsa (L404) - pkix_verify added ec_public_key() (L530) - pkix_is_issuer added 'CertificateList' (L569)
2015-06-18Change license text to APLv2Bruce Yinhe
2015-05-11public_key: Align "=" sign in type declarations to decided policyIngela Anderton Andin
2015-05-07public_key: Align to alphabetical orderIngela Anderton Andin
2015-05-07public_key: Correct application names and typosIngela Anderton Andin
2015-05-07public_key: Change structure to what editor intendedIngela Anderton Andin
2015-05-07Editorial changestmanevik
2015-03-09Merge branch 'mururu/fix-type' into maintZandra Hird
* mururu/fix-type: Fix typos in the public_key doc OTP-12549
2015-03-09public_key: Improve CRL handling supportIngela Anderton Andin
2015-02-24Fix typos in the public_key docYuki Ito
2014-09-11public_key: Fix link errors in documentationIngela Anderton Andin
2014-09-09ssl, public_key: Add new option partial_chainIngela Anderton Andin
Check that the certificate chain ends with a trusted ROOT CA e.i. a self-signed certificate, but provide an option partial_chain to enable the application to define an intermediat CA as trusted. TLS RFC says: "unknown_ca A valid certificate chain or partial chain was received, but the certificate was not accepted because the CA certificate could not be located or couldn't be matched with a known, trusted CA. This message is always fatal." and also states: "certificate_list This is a sequence (chain) of certificates. The sender's certificate MUST come first in the list. Each following certificate MUST directly certify the one preceding it. Because certificate validation requires that root keys be distributed independently, the self-signed certificate that specifies the root certificate authority MAY be omitted from the chain, under the assumption that the remote end must already possess it in order to validate it in any case." X509 RFC says: "The selection of a trust anchor is a matter of policy: it could be the top CA in a hierarchical PKI, the CA that issued the verifier's own certificate(s), or any other CA in a network PKI. The path validation procedure is the same regardless of the choice of trust anchor. In addition, different applications may rely on different trust anchors, or may accept paths that begin with any of a set of trust anchors."
2014-08-27public_key: Fix spec and documentation for pkix_crls_validateIngela Anderton Andin
2014-08-27public_key: Fix spec and documentation for PBESIngela Anderton Andin
2014-08-14public_key: Updated User Guide with ECC recordsIngela Anderton Andin
2014-04-03public_key: Fix typoIngela Anderton Andin
2014-04-02public_key: Document issuer_fun option to pkix_crls_validate/3Ingela Anderton Andin
2014-04-01public_key: Update outdated linksIngela Anderton Andin
2014-02-06public_key(3): fix private_key/0 type definitionTuncer Ayaz
2014-01-28Consistently format public_key(3)Tuncer Ayaz
When documenting public_key/0 and private_key/0, I noticed the inconsistent state of formatting in public_key(3)'s Data Types section. This should be fixed for consistency and readability.
2014-01-28Fix incorrect use of public_key:private_key/0 typeTuncer Ayaz
public_key:private_key/0 was referenced but undefined, and lib/ssl had a local definition of private_key/0. To fix that, make the following changes: * add public_key:private_key/0 type * document public_key/0 and private_key/0 * fix incorrect definitions and references
2014-01-28Fix incorrect proplists type referenceTuncer Ayaz
ssh and public_key were referring to proplists:proplists/0 which does not exist. Fix by using the correct type proplists:proplist/0.
2013-06-10Merge remote-tracking branch 'upstream/maint'Ingela Anderton Andin
2013-06-10Merge branch 'ia/public_key/crypto/prepare-for-release' into maintIngela Anderton Andin
* ia/public_key/crypto/prepare-for-release: public_key & ssl: Add ASN-1 dependency crypto & public_key: prepare for release
2013-06-10Merge remote-tracking branch 'upstream/maint'Ingela Anderton Andin
2013-06-07crypto & public_key: Clearify documentation.Ingela Anderton Andin