aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key/src
AgeCommit message (Collapse)Author
2017-11-22Merge branch 'hans/public_key/verify_hostname_ip_address_maint20/OTP-14653' ↵Erlang/OTP
into maint-20 * hans/public_key/verify_hostname_ip_address_maint20/OTP-14653: public_key: verify ip (both v4 and v6) public_key: Added IP4 address checks to hostname_verification tests
2017-11-22public_key: verify ip (both v4 and v6)Hans Nilsson
2017-11-09public_key: Fix dialyzer specIngela Anderton Andin
2017-11-09public_key, ssl: Handles keys so that APIs are preserved correctlyIngela Anderton Andin
2017-09-20public_key, ssl: Provide certitifate test data generation function in public_keyIngela Anderton Andin
The ssl application uses the new function in many of its test cases.
2017-09-19Merge pull request #1564 from goertzenator/ecpkparameter_fixIngela Andin
fix ERL-481 ecpkParameters representation OTP-14621
2017-09-12public_key: Deprecated random function replacedHans Nilsson
2017-09-12public_key: clearify random set bounderys in commentsHans Nilsson
2017-09-11fix ERL-481 ecpkParameters representationDaniel Goertzen
- type spec ecpk_parameters() added to represent DER-encodable ecpkParameters - type spec ecpk_parameters_api() added to represent ecpkParameters provided by the user through public_key API functions - API is now more generous in its input, and more strict in its output. - update to public key records documentation - add tests, including tests against EC key with explicit curve parameters - also fixes ERL-480
2017-07-25RSAPrivateKey version is set to 'two-prime', as stated in documentation, and ↵Konstantinos Kallas
not 0
2017-07-10Merge branch 'ingela/public_key/ssl/CRL-error-propagation/OTP-14236' into maintIngela Anderton Andin
* ingela/public_key/ssl/CRL-error-propagation/OTP-14236: ssl: Try to make asn1 decode errors of certificates as specific as possible ssl,public_key: Provide details for CRL check failiures when revokation state can not be determined ssl: Enhance error logging
2017-07-07ssl,public_key: Provide details for CRL check failiures when revokation ↵Ingela Anderton Andin
state can not be determined
2017-07-07public_key: Update for new crypto:sign and crypto:verify from PR838Hans Nilsson
2017-06-12Fix type on line 872willemdj
I assume that it is a typo?
2017-05-22ssh: fix the rsa-sha2-* hostkey verify errorHans Nilsson
2017-05-04Update copyright yearRaimo Niskanen
2017-04-26ssh: Implement signature algorithms rsa-sha2-*. draft-ietf-curdle-rsa-sha2Hans Nilsson
2017-04-12public_key: Public RSA key is present in private keyIngela Anderton Andin
Change the return value from {#'RSAPublicKey'{}, #'RSAPrivateKey'{}} to #'RSAPrivateKey'{} This conforms to the #'ECPrivateKey'{} return value. Note that DH key will be returned as {Public::integer(), Private::integer()} as there is no key structure (record) only two integers. Maybe we would like to add extraction functions for the public key from the private ones later.
2017-03-23ssl, public_key: Add functionality for generating X509 cert test dataIngela Anderton Andin
For now this functionality is located in ssl. And existing public_key function is extended. However some of the functionality may be moved to public_key in a later stage.
2017-03-13Merge branch 'wiml/crypto/rsa-generate-key/ERL-165/PR-1299/OTP-14140'Hans Nilsson
2017-03-09public_key: Bugfix public_key:generate_key({namedCurve,OID})Hans Nilsson
2017-03-09public_key: updated crypto dependence in .app.srcHans Nilsson
2017-03-09public_key: New -spec for public_key:generate_key/1Hans Nilsson
2017-03-09public_key: Add RSA to public_key:generate_key/1Hans Nilsson
2017-02-16Merge branch 'maint'Hans Nilsson
2017-02-14public_key: generate a list of ssh fingerprints on requestHans Nilsson
2017-01-26Merge branch 'maint'Hans Nilsson
2017-01-25public_key: pkix_verify_hostname (RFC 6125)Hans Nilsson
2016-12-16public_key: Use maps instead of dictBjörn-Egil Dahlberg
2016-12-07Update copyright-yearErlang/OTP
2016-11-22public_key: ssh host key fingerprint generator addedHans Nilsson
2016-06-14Merge branch 'legoscia/ssl_crl_hash_dir-bis/PR-982/OTP-13530'Ingela Anderton Andin
* legoscia/ssl_crl_hash_dir-bis/PR-982/OTP-13530: Skip crl_hash_dir_expired test for LibreSSL Add ssl_crl_hash_dir module Function for generating OpenSSL-style name hashes Add public_key:pkix_match_dist_point Improve formatting for crl_{check,cache} options Add issuer arg to ssl_crl_cache_api lookup callback Conflicts: lib/public_key/test/public_key_SUITE.erl
2016-06-03public_key: Support more general name typesIngela Anderton Andin
2016-04-13Merge branch 'henrik/update-copyrightyear'Henrik Nord
* henrik/update-copyrightyear: update copyright-year
2016-04-05Function for generating OpenSSL-style name hashesMagnus Henoch
OpenSSL has functions to generate short (eight hex digits) hashes of issuers of certificates and CRLs. These hashes are used by the "c_rehash" script to populate directories of CA certificates and CRLs, e.g. in the Apache web server. Adding this function lets an Erlang program find the right CRL for a given certificate in such a directory.
2016-04-01Add public_key:pkix_match_dist_pointMagnus Henoch
2016-03-15update copyright-yearHenrik Nord
2016-03-10public_key: Handle PEM encoded EC public keysIngela Anderton Andin
Also add missing test for PEM encoded private EC keys.
2016-02-29public_key: An encapsulated PEM header shall be followed by a blank lineIngela Anderton Andin
RFC 1421 Privacy Enhancement for Electronic Mail February 1993 Encapsulated Message Pre-Encapsulation Boundary (Pre-EB) -----BEGIN PRIVACY-ENHANCED MESSAGE----- Encapsulated Header Portion (Contains encryption control fields inserted in plaintext. Examples include "DEK-Info:" and "Key-Info:". Note that, although these control fields have line-oriented representations similar to RFC 822 header fields, the set of fields valid in this context is disjoint from those used in RFC 822 processing.) Blank Line (Separates Encapsulated Header from subsequent Encapsulated Text Portion) Encapsulated Text Portion (Contains message data encoded as specified in Section 4.3.) Post-Encapsulation Boundary (Post-EB) -----END PRIVACY-ENHANCED MESSAGE-----
2015-11-05ssh, public_key: updates after doc reviewHans Nilsson
2015-11-04ssh, public_key: random selection of diffie-hellman moduliHans Nilsson
Also tool (public_key:gen_moduli_hrl) to convert an openssh moduli file to erlang format.
2015-10-16public_key: add/update -spec for ssh functionsHans Nilsson
2015-10-16ssh, public_key: use pubkey encode/decode in app public_keyHans Nilsson
2015-10-16ssh, public_key: Change EC Public Key representation to what was intendedHans Nilsson
2015-10-08public_key: Add ssh2 ECDSA pub key handling + test caseHans Nilsson
Added encode/decode for ecdsa public keys in openssh and rfc4716 format. This is for the ssh public key algorithm ecdsa-sha2-*.
2015-06-18Change license text to APLv2Bruce Yinhe
2015-04-20public_key: Reject bad signatures as early as possibleIngela Anderton Andin
Erlang bitstring type only uses as many bits as required, and does not use padding to create complete bytes as ASN1 compact_bitstring did. crypto:verify/5 will now fail, for some incorrect signatures as it expects complete bytes which an incorrect signature may not have. Instead of catching the failing crypto function and then returning false we check the input and reject it right away.
2015-04-20public_key: Remove legacy switch compact_bit_stringIngela Anderton Andin
* E.I bitstrings will not be decode as {Unused, Binary}, they are now Erlang bitstrings. * Also the compact_bit_string implies the legacy_erlang_types switch - So removing the switch will also make OCTET STRING values be represented as binaries. - Undecoded open type will now be wrapped in a asn1_OPENTYPE tuple. We need to handle this in pubkey_pbe.erl, maybe this can be eliminated later by updating/refreshing ASN1-specs. This will change some values in records returned by the public_key API making this change a potentiall incompatibility.
2015-03-13public_key: dialyzer fixesIngela Anderton Andin
2015-03-09public_key: Improve CRL handling supportIngela Anderton Andin