The public_key application now supports encode/decode of ssh public-key files.
Own Id: OTP-9144
Allows the public_key module to decode and encode RSA and DSA keys encoded using the SubjectPublicKeyInfo format. When pem_entry_encode is called on an RSA or DSA public key type, the key is wrapped in the SubjectPublicKeyInfo format.
Own Id: OTP-9061
Improved dialyzer specs.
Own Id: OTP-8964
Updated ssl to ignore CA certs that violate the asn1-spec for a certificate, and updated public key asn1 spec to handle inherited DSS-params.
Own Id: OTP-7884
Changed ssl implementation to retain backwards compatibility for old option {verify, 0} that shall be equivalent to {verify, verify_none}, also separate the cases unknown ca and selfsigned peer cert, and restored return value of deprecated function public_key:pem_to_der/1.
Own Id: OTP-8858
Better handling of v1 and v2 certificates. V1 and v2 certificates does not have any extensions so then validate_extensions should just accept that there are none and not end up in missing_basic_constraints clause.
Own Id: OTP-8867
Changed the verify fun so that it differentiate between the peer certificate and CA certificates by using valid_peer or valid as the second argument to the verify fun. It may not always be trivial or even possible to know when the peer certificate is reached otherwise.
*** POTENTIAL INCOMPATIBILITY ***
Own Id: OTP-8873
Handling of unknown CA certificates was changed in ssl and public_key to work as intended.
Own Id: OTP-8788
Revise the public_key API - Cleaned up and documented the public_key API to make it useful for general use, also changed ssl to use the new API.
Own Id: OTP-8722
Added the functionality so that the verification fun will be called when a certificate is considered valid by the path validation to allow access to each certificate in the path to the user application. Also try to verify subject-AltName, if unable to verify it let the application verify it.
Own Id: OTP-8825
Certificates without any extensions could not be handled by public_key.
Own Id: OTP-8626
Code cleanup and minor bugfixes.
Own Id: OTP-8649
Support for Diffie-Hellman. ssl-3.11 requires public_key-0.6.
Own Id: OTP-7046
Moved extended key usage test for ssl values to ssl.
Own Id: OTP-8553 Aux Id: seq11541, OTP-8554
Added
Own Id: OTP-8372
The documentation is now built with open source tools (xsltproc and fop) that exists on most platforms. One visible change is that the frames are removed.
Own Id: OTP-8250
Unknown attributes in certificates are left encoded instead of crashing. Patch by Will "wglozer" thanks.
Own Id: OTP-8100
Allow public_key:pem_to_der/[1,2] to take a binary as argument in addition to a filename. Patch by Geoff Cant, thanks.
Own Id: OTP-8142
X509 certificate handling has been extended and improved as a result of more extensive testing of both the ssl and public_key application. Even more extensions of the certificate handling is yet to be implemented.
Own Id: OTP-7860
First version.
Own Id: OTP-7637