Age | Commit message (Collapse) | Author |
|
* maint-20:
Updated OTP version
Update release notes
Update version numbers
public_key: verify ip (both v4 and v6)
public_key: Added IP4 address checks to hostname_verification tests
ssl: Fix test cases to work on all test platforms
public_key: Fix dialyzer spec
ssl: Sessions must be registered with SNI if exists
ssl: Extend hostname check to fallback to checking IP-address
public_key, ssl: Handles keys so that APIs are preserved correctly
ssl: Use ?FUNCTION_NAME
ssl: Prepare for release
ssl: Countermeasurements for Bleichenbacher attack
Conflicts:
lib/public_key/doc/src/public_key.xml
lib/public_key/test/public_key_SUITE.erl
lib/public_key/test/public_key_SUITE_data/pkix_verify_hostname_subjAltName_IP.pem
lib/public_key/test/public_key_SUITE_data/verify_hostname_ip.conf
lib/ssl/src/dtls_connection.erl
lib/ssl/src/ssl_connection.erl
lib/ssl/src/ssl_handshake.erl
|
|
|
|
|
|
|
|
|
|
* lars/doc-cleanup/OTP-14475:
[edoc] Remove unused module otpsgml_layout.erl
Remove unused files from the documentation build
|
|
|
|
|
|
|
|
|
|
The ssl application uses the new function in many of its test cases.
|
|
- type spec ecpk_parameters() added to represent DER-encodable ecpkParameters
- type spec ecpk_parameters_api() added to represent ecpkParameters provided by the user through public_key
API functions
- API is now more generous in its input, and more strict in its output.
- update to public key records documentation
- add tests, including tests against EC key with explicit curve parameters
- also fixes ERL-480
|
|
* ingela/public_key/ssl/CRL-error-propagation/OTP-14236:
ssl: Try to make asn1 decode errors of certificates as specific as possible
ssl,public_key: Provide details for CRL check failiures when revokation state can not be determined
ssl: Enhance error logging
|
|
state can not be determined
|
|
|
|
|
|
This reverts commit eaf8ca41dfa4850437ad270d3897399c9358ced0.
|
|
|
|
This reverts commit dc57404252c47520f352834ad9be45ad684f96c9.
|
|
|
|
|
|
Change the return value from {#'RSAPublicKey'{}, #'RSAPrivateKey'{}} to #'RSAPrivateKey'{}
This conforms to the #'ECPrivateKey'{} return value.
Note that DH key will be returned as {Public::integer(), Private::integer()}
as there is no key structure (record) only two integers.
Maybe we would like to add extraction functions for the public key from
the private ones later.
|
|
* maint:
Updated OTP version
Prepare release
Conflicts:
OTP_VERSION
lib/typer/doc/src/notes.xml
lib/typer/vsn.mk
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* legoscia/ssl_crl_hash_dir-bis/PR-982/OTP-13530:
Skip crl_hash_dir_expired test for LibreSSL
Add ssl_crl_hash_dir module
Function for generating OpenSSL-style name hashes
Add public_key:pkix_match_dist_point
Improve formatting for crl_{check,cache} options
Add issuer arg to ssl_crl_cache_api lookup callback
Conflicts:
lib/public_key/test/public_key_SUITE.erl
|
|
|
|
This reverts commit e020f75c10410a6943cd055bfa072a2641eab7da.
|
|
|
|
This reverts commit bd64ad8e15d66e48b36dbe3584315dd5cfc8b59a.
|
|
|
|
|
|
public_key use cases are cryptographical so use
crypto:strong_rand_bytes/1 instead.
|
|
* henrik/update-copyrightyear:
update copyright-year
|
|
OpenSSL has functions to generate short (eight hex digits) hashes of
issuers of certificates and CRLs. These hashes are used by the
"c_rehash" script to populate directories of CA certificates and CRLs,
e.g. in the Apache web server. Adding this function lets an Erlang
program find the right CRL for a given certificate in such a
directory.
|
|
|
|
* ia/public_key/EC-public_key/OTP-13408:
public_key: Handle PEM encoded EC public keys
|
|
|
|
|
|
Also add missing test for PEM encoded private EC keys.
|