aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key/src/public_key.erl
AgeCommit message (Collapse)Author
2014-02-06public_key: Export some dialyzer typesIngela Anderton Andin
Move dilayzer types from include file to erl file and use -export_type
2013-12-02ssl, public_key: Dialyzer fixesIngela Anderton Andin
2013-08-29Allow public_key:pem_entry_decode/2) to handle AES-128-CBC ciphered keysSimon Cornish
Private keys generated by modern versions of ssh-keygen are ciphered with AES-128-CBC instead of DES-EDE3-CBC. Since DES-EDE3-CBC ciphered keys are handled, and the underlying support for AES-128-CBC is already present, it seems a bug of omission that AES-128-CBC ciphered keys are not.
2013-06-07ssl: Correct rebase mistakesIngela Anderton Andin
2013-05-24crypto, public_key & ssl: Make more functions accept integer keysSverker Eriksson
2013-05-20crypto,public_key,ssl: Change return value of crypto:generate_key(ecdh,..)Sverker Eriksson
to conform with the return value of the other types.
2013-05-08ssl & public_key: Use standard nameIngela Anderton Andin
2013-05-08ssl & public_key: Use new crypto API functionsIngela Anderton Andin
2013-05-08crypto: Deprecate functions, update doc and specsIngela Anderton Andin
2013-05-08ssl, crypto: Eliminate remaining mpint and EC resource key from APIIngela Anderton Andin
2013-05-08ssl, public_key, crypto: General generate_key and compute_key functionsIngela Anderton Andin
2013-05-08ssl & public_key: API refinementIngela Anderton Andin
Change API so public_key:generate_key/compute_key are only called with "public_key arguments" otherwhise crypto functions can be called explicitly.
2013-05-08public_key: use new cryptoIngela Anderton Andin
2013-05-08crypto, public_key: Switch places of ecdh_compute_key argumentsSverker Eriksson
2013-05-08crypto, public_key & ssl: Change API to hide resource format for EC KEYSverker Eriksson
2013-05-08ssl & public_key: Improved handling ECDH keysIngela Anderton Andin
2013-05-08ssl & public_key: New public_key API for DH/ECDH/SRP keysIngela Anderton Andin
2013-05-08public_key: Eliminate mpints in rsa_public/private_encrypt/decryptIngela Anderton Andin
2013-05-08public_key: Use new crypto API functions sign and verifyIngela Anderton Andin
2013-05-08PUBLIC_KEY: add support for Elliptic Curves to public_key appAndreas Schultz
2013-03-13public_key & ssl: Add support for ISO oids 1.3.14.3.2.29 and 1.3.14.3.2.27Ingela Anderton Andin
Some certificates may use these OIDs instead of the ones defined by PKIX/PKCS standard. Refactor code so that all handling of the "duplicate" oids is done by public_key. Update algorithm information in documentation.
2013-01-25Update copyright yearsBjörn-Egil Dahlberg
2013-01-18Fixed specsFredrik Gustafsson
2013-01-11public_key: Document pkix_path_validation/3 and pkix_crls_validate/3Ingela Anderton Andin
2013-01-11All basic test cases passIngela Anderton Andin
2012-08-22public_key: Add sha224 to RSA sign/verifySverker Eriksson
2012-08-22public_key: Align the interface of sign and verify with cryptoSverker Eriksson
2012-08-22public_key: Generalised APIIngela Anderton Andin
2012-08-22public_key: Add rsa and dss hash signing supportAndreas Schultz
2012-04-20public_key: Use optimized RSA private key handlingSverker Eriksson
by providing extra redundant information to crypto.
2011-12-09Converted pk12 test suite files to pem and adjusted our frameworkIngela Anderton Andin
to deal with changes to the pkits suite.
2011-11-01Clean up of public_key code adding specs and documentationSverker Eriksson
2011-11-01Additions to crypto and public_key needed for full PKCS-8 supportIngela Anderton Andin
2011-11-01Add PKCS-8 support to public_keyIngela Anderton Andin
2011-09-21Revert "Support md2WithRSAEncryption certificates in public_key"Sverker Eriksson
This reverts commit c7e5f7576e213060cbb332be64a7c3798f6a2cc2.
2011-09-06Support md2WithRSAEncryption certificates in public_keyChristian von Roques
2011-08-08reindent pkix_path_validation/3Christian von Roques
2011-03-24Implemented encode/decode support for ssh public key filesIngela Anderton Andin
2011-02-14Improved support for RSA and DSA public keysSeth Falcon
This patch allows the public_key module to decode and encode RSA and DSA keys encoded using the SubjectPublicKeyInfo format. When pem_entry_encode is called on an RSA or DSA public key type, the key is wrapped in the SubjectPublicKeyInfo format.
2010-11-30Fixed guard and test caseIngela Anderton Andin
Data to sign and verify should be inputed as binaries. Also cleaned up and moved some dialyzer specs.
2010-11-29Fixed broken links in the documentation and dialyzer warningsIngela Anderton Andin
2010-10-01Merge branch 'maint-r14' into devIngela Anderton Andin
Conflicts: lib/public_key/src/pubkey_cert.erl
2010-09-29Merge branch 'ia/ssl-and-public_key/verify_fun_peer_awarness/OTP-8873' into ↵Erlang/OTP
maint-r14 * ia/ssl-and-public_key/verify_fun_peer_awarness/OTP-8873: Peer awarness
2010-09-29Peer awarnessIngela Anderton Andin
Changed the verify fun so that it differentiate between the peer certificate and CA certificates by using valid_peer or valid as the second argument to the verify fun. It may not always be trivial or even possible to know when the peer certificate is reached otherwise.
2010-09-27Merge branch 'ia/ssl-and-public_key/backwards-compatibility/OTP-8858' into devIngela Anderton Andin
* ia/ssl-and-public_key/backwards-compatibility/OTP-8858: Backwards compatibility Conflicts: lib/ssl/src/ssl_certificate_db.erl Use short INFO-message. Debugging information can be fairly easily recreated so we do not want to clutter the logs.
2010-09-24Backwards compatibilityIngela Anderton Andin
Changed implementation to retain backwards compatibility for old option {verify, 0} that shall be equivalent to {verify, verify_none}, also separate the cases unknown CA and selfsigned peer cert, and restored return value of deprecated function public_key:pem_to_der/1.
2010-09-15Corrected and added dialyzer specsIngela Anderton Andin
2010-09-10Improved certificate extension handlingIngela Anderton Andin
Added the functionality so that the verification fun will be called when a certificate is considered valid by the path validation to allow access to eachs certificate in the path to the user application. Removed clause that only check that a extension is not critical, it does alter the verification rusult only withholds information from the application. Try to verify subject-AltName, if unable to verify it let application try.
2010-09-06Handling of path validation errors by the applicationIngela Anderton Andin
Changed the behavior of the verify_fun option so that the application can be responsible for handling path validation errors even on the server side. Also replaced the not yet documented validate_extensions_fun to be handled by the verify_fun instead. If the verify callback fun returns {fail, Reason}, the verification process is immediately stopped and an alert is sent to the peer and the TLS/SSL handshake is terminated. If the verify callback fun returns {valid, UserState}, the verification process is continued. If the verify callback fun always returns {valid, UserState}, the TLS/SSL handshake will not be terminated with respect to verification failures and the connection will be established. The verify callback fun will also be able to verify application specific extensions.
2010-09-01Empty certificate chainIngela Anderton Andin
Handling of unkown CA certificats was changed in ssl and public_key to work as intended. In the process of doing this some test cases has been corrected as they where wrong but happened to work together with the incorrect unknown CA handling.
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 15:26:36 +0000