Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-06-18 | Change license text to APLv2 | Bruce Yinhe | |
2015-04-20 | public_key: Reject bad signatures as early as possible | Ingela Anderton Andin | |
Erlang bitstring type only uses as many bits as required, and does not use padding to create complete bytes as ASN1 compact_bitstring did. crypto:verify/5 will now fail, for some incorrect signatures as it expects complete bytes which an incorrect signature may not have. Instead of catching the failing crypto function and then returning false we check the input and reject it right away. | |||
2015-04-20 | public_key: Remove legacy switch compact_bit_string | Ingela Anderton Andin | |
* E.I bitstrings will not be decode as {Unused, Binary}, they are now Erlang bitstrings. * Also the compact_bit_string implies the legacy_erlang_types switch - So removing the switch will also make OCTET STRING values be represented as binaries. - Undecoded open type will now be wrapped in a asn1_OPENTYPE tuple. We need to handle this in pubkey_pbe.erl, maybe this can be eliminated later by updating/refreshing ASN1-specs. This will change some values in records returned by the public_key API making this change a potentiall incompatibility. | |||
2015-03-13 | public_key: dialyzer fixes | Ingela Anderton Andin | |
2015-03-09 | public_key: Improve CRL handling support | Ingela Anderton Andin | |
2014-08-27 | public_key: Fix spec and documentation for pkix_crls_validate | Ingela Anderton Andin | |
2014-08-27 | public_key: Fix spec and documentation for PBES | Ingela Anderton Andin | |
2014-08-25 | public_key: Add encodeing functionality for PBES1 and PBES2 | Ingela Anderton Andin | |
2014-08-22 | public_key: Add PBES1 decoding support | Ingela Anderton Andin | |
2014-08-08 | public_key: Correct ASN1-type EcpkParameters in PEM handling | Ingela Anderton Andin | |
2014-03-26 | ssl, pubkey: Code and test adjustments | Hans Nilsson | |
2014-03-26 | Rework IDP validation according to the RFC, fix public_key tests | Andrew Thompson | |
2014-03-26 | Various improvements to CRL handling | Andrew Thompson | |
* Handle v1 CRLs, with no extensions. * Compare the IDP on a CRL correctly, if present * Don't try to double-decode altnames Tests are also included, and the make_certs testing tool in the SSL application has been greatly extended. | |||
2014-03-25 | pubkey: Fixed unicode conversion | Hans Nilsson | |
2014-03-20 | Introduce runtime_dependencies in .app files | Rickard Green | |
Most dependencies introduced are exactly the dependencies to other applications found by xref. That is, there might be real dependencies missing. There might also be pure debug dependencies listed that probably should be removed. Each application has to be manually inspected in order to ensure that all real dependencies are listed. All dependencies introduced are to application versions used in OTP 17.0. This since the previously used version scheme wasn't designed for this, and in order to minimize the work of introducing the dependencies. | |||
2014-02-18 | Fix library application appup files | Tobias Schlager | |
As discussed in issue #240 *all* OTP library applications use the '.*' wildcard as up and down version. This makes library applications always up- and downgradeable. Using the wildcard version obsoletes all maintenance tasks regarding library applications' appup files. Additionally, it prevents upgrade problems caused by automatically included application dependencies when using reltool to create releases. Missing copyright headers are now consistently present. | |||
2014-02-06 | public_key: Export some dialyzer types | Ingela Anderton Andin | |
Move dilayzer types from include file to erl file and use -export_type | |||
2014-01-13 | public_key: add brainpool elliptic curves (RFC-5639) | Andreas Schultz | |
2013-12-02 | Merge branch 'maint' | Ingela Anderton Andin | |
2013-12-02 | ssl, public_key: Dialyzer fixes | Ingela Anderton Andin | |
2013-11-15 | Merge branch 'maint' | Fredrik Gustafsson | |
2013-11-07 | public_key: Workaround for incorrectly encoded utf8 emailAddress | Andrew Bennett | |
Author: Daniel Barney <[email protected]> Date: Thu Oct 25 14:33:11 2012 -0600 Most common browsers are lax in thier handling of how the emailAddress field is encoded. RFC 3280 section 4.1.2.6 defines the encoding as IA5String, however browsers will also handle certificates with the emailAddress field encoded as UTF8String. This fix allows the emailAddress to be decoded as both an IA5String and an UTF8String. Reviewed by: Andrew Bennett <[email protected]> | |||
2013-09-02 | Merge branch 'maint' | Fredrik Gustafsson | |
2013-08-29 | Allow public_key:pem_entry_decode/2) to handle AES-128-CBC ciphered keys | Simon Cornish | |
Private keys generated by modern versions of ssh-keygen are ciphered with AES-128-CBC instead of DES-EDE3-CBC. Since DES-EDE3-CBC ciphered keys are handled, and the underlying support for AES-128-CBC is already present, it seems a bug of omission that AES-128-CBC ciphered keys are not. | |||
2013-06-12 | Update copyright years | Björn-Egil Dahlberg | |
2013-06-10 | Merge remote-tracking branch 'upstream/maint' | Ingela Anderton Andin | |
2013-06-10 | Merge branch 'ia/public_key/crypto/prepare-for-release' into maint | Ingela Anderton Andin | |
* ia/public_key/crypto/prepare-for-release: public_key & ssl: Add ASN-1 dependency crypto & public_key: prepare for release | |||
2013-06-10 | Merge remote-tracking branch 'upstream/maint' | Ingela Anderton Andin | |
2013-06-07 | public_key & ssl: Add ASN-1 dependency | Ingela Anderton Andin | |
As the ASN-1 application relies on a nif in R16 for decodeing (that was not the case in R15), public_key currently has a runtime dependency on ASN-1. Hopefully we will be able to remove this dependency again in the future. | |||
2013-06-07 | ssl: Correct rebase mistakes | Ingela Anderton Andin | |
2013-05-28 | Merge remote-tracking branch 'upstream/maint' | Ingela Anderton Andin | |
Conflicts: bootstrap/lib/stdlib/ebin/beam_lib.beam lib/public_key/test/erl_make_certs.erl | |||
2013-05-24 | crypto, public_key & ssl: Make more functions accept integer keys | Sverker Eriksson | |
2013-05-20 | crypto,public_key,ssl: Change return value of crypto:generate_key(ecdh,..) | Sverker Eriksson | |
to conform with the return value of the other types. | |||
2013-05-20 | public_key: Remove use of deprecated crypto functions | Ingela Anderton Andin | |
2013-05-08 | Merge remote-tracking branch 'upstream/maint' | Ingela Anderton Andin | |
Conflicts: lib/crypto/doc/src/crypto_app.xml | |||
2013-05-08 | ssl & public_key: Use standard name | Ingela Anderton Andin | |
2013-05-08 | ssl & public_key: Use new crypto API functions | Ingela Anderton Andin | |
2013-05-08 | crypto: Deprecate functions, update doc and specs | Ingela Anderton Andin | |
2013-05-08 | ssl, crypto: Eliminate remaining mpint and EC resource key from API | Ingela Anderton Andin | |
2013-05-08 | ssl, public_key, crypto: General generate_key and compute_key functions | Ingela Anderton Andin | |
2013-05-08 | ssl & public_key: API refinement | Ingela Anderton Andin | |
Change API so public_key:generate_key/compute_key are only called with "public_key arguments" otherwhise crypto functions can be called explicitly. | |||
2013-05-08 | public_key: use new crypto | Ingela Anderton Andin | |
2013-05-08 | crypto, public_key: Switch places of ecdh_compute_key arguments | Sverker Eriksson | |
2013-05-08 | crypto, public_key & ssl: Change API to hide resource format for EC KEY | Sverker Eriksson | |
2013-05-08 | ssl & public_key: Improved handling ECDH keys | Ingela Anderton Andin | |
2013-05-08 | ssl & public_key: New public_key API for DH/ECDH/SRP keys | Ingela Anderton Andin | |
2013-05-08 | public_key: Eliminate mpints in rsa_public/private_encrypt/decrypt | Ingela Anderton Andin | |
2013-05-08 | public_key: Use new crypto API functions sign and verify | Ingela Anderton Andin | |
2013-05-08 | PUBLIC_KEY: add support for Elliptic Curves to public_key app | Andreas Schultz | |
2013-03-13 | public_key & ssl: Add support for ISO oids 1.3.14.3.2.29 and 1.3.14.3.2.27 | Ingela Anderton Andin | |
Some certificates may use these OIDs instead of the ones defined by PKIX/PKCS standard. Refactor code so that all handling of the "duplicate" oids is done by public_key. Update algorithm information in documentation. |