Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-05-21 | PKCS8 encoder must be symmetrical to PKCS8 decoder, thus it has to be in ↵ | Maxim Fedorov | |
der_encode, and not pem_encode as it was in original implementation | |||
2018-05-21 | Use DER_NULL macro instead or <<5,0>> | Maxim Fedorov | |
2018-05-21 | PKCS8 handling improvements: | Maxim Fedorov | |
* added PKCS8 encoder for DSA, RSA and EC private keys * added tests (full loop, PKCS8 decode/encode operations) * rewritten private key decoder to be more Erlang-y | |||
2018-05-21 | public_key: PKCS8 (Private-Key Information Syntax Standard) encoded private ↵ | Maxim Fedorov | |
key support This patch adds support for RSA, DSA and EC private keys encoded using PKCS8 format. Test *.pem files are made with converting existing *.pem files using openssl: openssl pkcs8 -in ... -out ... -topk8 -nocrypt | |||
2018-02-13 | public_key: Use uri_string | Péter Dimitrov | |
- Remove dependency to inets Change-Id: I5f59d21079a068d9ec5e13da26007150d8bc6b04 | |||
2017-12-01 | Facilitate test certs with common root | Raimo Niskanen | |
2017-10-21 | public_key: Handle formatting of ECC params from DER to crypto API | Ingela Anderton Andin | |
Solves ERL-482 | |||
2017-10-17 | Merge branch 'ingela/ssl/extend-hostname-check/OTP-14632/OTP-14655' into maint | Ingela Anderton Andin | |
* ingela/ssl/extend-hostname-check/OTP-14632/OTP-14655: ssl: Fix test cases to work on all test platforms public_key: Fix dialyzer spec ssl: Sessions must be registered with SNI if exists ssl: Extend hostname check to fallback to checking IP-address public_key, ssl: Handles keys so that APIs are preserved correctly | |||
2017-10-13 | public_key: Fix dialyzer spec | Ingela Anderton Andin | |
2017-10-12 | public_key: Remove extra unused element in internal pubkey_ssh:encode/2 | Hans Nilsson | |
2017-10-12 | public_key: Fix bug in pkix_verify_hostname with IP addresses | Hans Nilsson | |
An IP address could in some circomstances be converted to a list and then to_lower was applied to it. So {$A,1,1,1} was changed to {$a,1,1,1} which of course didn't match.... | |||
2017-10-02 | public_key: verify ip (both v4 and v6) | Hans Nilsson | |
2017-09-20 | public_key, ssl: Provide certitifate test data generation function in public_key | Ingela Anderton Andin | |
The ssl application uses the new function in many of its test cases. | |||
2017-09-11 | fix ERL-481 ecpkParameters representation | Daniel Goertzen | |
- type spec ecpk_parameters() added to represent DER-encodable ecpkParameters - type spec ecpk_parameters_api() added to represent ecpkParameters provided by the user through public_key API functions - API is now more generous in its input, and more strict in its output. - update to public key records documentation - add tests, including tests against EC key with explicit curve parameters - also fixes ERL-480 | |||
2017-07-25 | RSAPrivateKey version is set to 'two-prime', as stated in documentation, and ↵ | Konstantinos Kallas | |
not 0 | |||
2017-07-10 | Merge branch 'ingela/public_key/ssl/CRL-error-propagation/OTP-14236' into maint | Ingela Anderton Andin | |
* ingela/public_key/ssl/CRL-error-propagation/OTP-14236: ssl: Try to make asn1 decode errors of certificates as specific as possible ssl,public_key: Provide details for CRL check failiures when revokation state can not be determined ssl: Enhance error logging | |||
2017-07-07 | ssl,public_key: Provide details for CRL check failiures when revokation ↵ | Ingela Anderton Andin | |
state can not be determined | |||
2017-07-07 | public_key: Update for new crypto:sign and crypto:verify from PR838 | Hans Nilsson | |
2017-06-12 | Fix type on line 872 | willemdj | |
I assume that it is a typo? | |||
2017-05-04 | Update copyright year | Raimo Niskanen | |
2017-04-26 | ssh: Implement signature algorithms rsa-sha2-*. draft-ietf-curdle-rsa-sha2 | Hans Nilsson | |
2017-04-12 | public_key: Public RSA key is present in private key | Ingela Anderton Andin | |
Change the return value from {#'RSAPublicKey'{}, #'RSAPrivateKey'{}} to #'RSAPrivateKey'{} This conforms to the #'ECPrivateKey'{} return value. Note that DH key will be returned as {Public::integer(), Private::integer()} as there is no key structure (record) only two integers. Maybe we would like to add extraction functions for the public key from the private ones later. | |||
2017-03-23 | ssl, public_key: Add functionality for generating X509 cert test data | Ingela Anderton Andin | |
For now this functionality is located in ssl. And existing public_key function is extended. However some of the functionality may be moved to public_key in a later stage. | |||
2017-03-13 | Merge branch 'wiml/crypto/rsa-generate-key/ERL-165/PR-1299/OTP-14140' | Hans Nilsson | |
2017-03-09 | public_key: Bugfix public_key:generate_key({namedCurve,OID}) | Hans Nilsson | |
2017-03-09 | public_key: New -spec for public_key:generate_key/1 | Hans Nilsson | |
2017-03-09 | public_key: Add RSA to public_key:generate_key/1 | Hans Nilsson | |
2017-02-16 | Merge branch 'maint' | Hans Nilsson | |
2017-02-14 | public_key: generate a list of ssh fingerprints on request | Hans Nilsson | |
2017-01-26 | Merge branch 'maint' | Hans Nilsson | |
2017-01-25 | public_key: pkix_verify_hostname (RFC 6125) | Hans Nilsson | |
2016-12-16 | public_key: Use maps instead of dict | Björn-Egil Dahlberg | |
2016-12-07 | Update copyright-year | Erlang/OTP | |
2016-11-22 | public_key: ssh host key fingerprint generator added | Hans Nilsson | |
2016-04-05 | Function for generating OpenSSL-style name hashes | Magnus Henoch | |
OpenSSL has functions to generate short (eight hex digits) hashes of issuers of certificates and CRLs. These hashes are used by the "c_rehash" script to populate directories of CA certificates and CRLs, e.g. in the Apache web server. Adding this function lets an Erlang program find the right CRL for a given certificate in such a directory. | |||
2016-04-01 | Add public_key:pkix_match_dist_point | Magnus Henoch | |
2016-03-10 | public_key: Handle PEM encoded EC public keys | Ingela Anderton Andin | |
Also add missing test for PEM encoded private EC keys. | |||
2015-11-04 | ssh, public_key: random selection of diffie-hellman moduli | Hans Nilsson | |
Also tool (public_key:gen_moduli_hrl) to convert an openssh moduli file to erlang format. | |||
2015-10-16 | public_key: add/update -spec for ssh functions | Hans Nilsson | |
2015-10-16 | ssh, public_key: use pubkey encode/decode in app public_key | Hans Nilsson | |
2015-10-16 | ssh, public_key: Change EC Public Key representation to what was intended | Hans Nilsson | |
2015-06-18 | Change license text to APLv2 | Bruce Yinhe | |
2015-04-20 | public_key: Reject bad signatures as early as possible | Ingela Anderton Andin | |
Erlang bitstring type only uses as many bits as required, and does not use padding to create complete bytes as ASN1 compact_bitstring did. crypto:verify/5 will now fail, for some incorrect signatures as it expects complete bytes which an incorrect signature may not have. Instead of catching the failing crypto function and then returning false we check the input and reject it right away. | |||
2015-04-20 | public_key: Remove legacy switch compact_bit_string | Ingela Anderton Andin | |
* E.I bitstrings will not be decode as {Unused, Binary}, they are now Erlang bitstrings. * Also the compact_bit_string implies the legacy_erlang_types switch - So removing the switch will also make OCTET STRING values be represented as binaries. - Undecoded open type will now be wrapped in a asn1_OPENTYPE tuple. We need to handle this in pubkey_pbe.erl, maybe this can be eliminated later by updating/refreshing ASN1-specs. This will change some values in records returned by the public_key API making this change a potentiall incompatibility. | |||
2015-03-13 | public_key: dialyzer fixes | Ingela Anderton Andin | |
2015-03-09 | public_key: Improve CRL handling support | Ingela Anderton Andin | |
2014-08-27 | public_key: Fix spec and documentation for pkix_crls_validate | Ingela Anderton Andin | |
2014-08-27 | public_key: Fix spec and documentation for PBES | Ingela Anderton Andin | |
2014-08-25 | public_key: Add encodeing functionality for PBES1 and PBES2 | Ingela Anderton Andin | |
2014-08-22 | public_key: Add PBES1 decoding support | Ingela Anderton Andin | |