1 public_key Release Notes

1.1  Public_Key 0.11

Improvements and New Features

  • Allows the public_key module to decode and encode RSA and DSA keys encoded using the SubjectPublicKeyInfo format. When pem_entry_encode is called on an RSA or DSA public key type, the key is wrapped in the SubjectPublicKeyInfo format.

    Own Id: OTP-9061

1.2  Public_Key 0.10

Improvements and New Features

  • Improved dialyzer specs.

    Own Id: OTP-8964

1.3  Public_Key 0.9

Improvements and New Features

  • Updated ssl to ignore CA certs that violate the asn1-spec for a certificate, and updated public key asn1 spec to handle inherited DSS-params.

    Own Id: OTP-7884

  • Changed ssl implementation to retain backwards compatibility for old option {verify, 0} that shall be equivalent to {verify, verify_none}, also separate the cases unknown ca and selfsigned peer cert, and restored return value of deprecated function public_key:pem_to_der/1.

    Own Id: OTP-8858

  • Better handling of v1 and v2 certificates. V1 and v2 certificates does not have any extensions so then validate_extensions should just accept that there are none and not end up in missing_basic_constraints clause.

    Own Id: OTP-8867

  • Changed the verify fun so that it differentiate between the peer certificate and CA certificates by using valid_peer or valid as the second argument to the verify fun. It may not always be trivial or even possible to know when the peer certificate is reached otherwise.

    *** POTENTIAL INCOMPATIBILITY ***

    Own Id: OTP-8873

1.4  Public_Key 0.8

Fixed Bugs and Malfunctions

  • Handling of unknown CA certificates was changed in ssl and public_key to work as intended.

    Own Id: OTP-8788

Improvements and New Features

  • Revise the public_key API - Cleaned up and documented the public_key API to make it useful for general use, also changed ssl to use the new API.

    Own Id: OTP-8722

  • Added the functionality so that the verification fun will be called when a certificate is considered valid by the path validation to allow access to each certificate in the path to the user application. Also try to verify subject-AltName, if unable to verify it let the application verify it.

    Own Id: OTP-8825

1.5  Public_Key 0.7

Fixed Bugs and Malfunctions

  • Certificates without any extensions could not be handled by public_key.

    Own Id: OTP-8626

Improvements and New Features

  • Code cleanup and minor bugfixes.

    Own Id: OTP-8649

1.6  Public_Key 0.6

Improvements and New Features

  • Support for Diffie-Hellman. ssl-3.11 requires public_key-0.6.

    Own Id: OTP-7046

  • Moved extended key usage test for ssl values to ssl.

    Own Id: OTP-8553 Aux Id: seq11541, OTP-8554

1.7  Public_Key 0.5

Improvements and New Features

  • Added public_key:pkix_transform/2 to enable ssl to send CA list during Certificate Request.

    NOTE: SSL (new_ssl) requires public_key-0.5. ssl usage.

    Own Id: OTP-8372

1.8  Public_Key 0.4

Improvements and New Features

  • The documentation is now built with open source tools (xsltproc and fop) that exists on most platforms. One visible change is that the frames are removed.

    Own Id: OTP-8250

1.9  Public_Key 0.3

Fixed Bugs and Malfunctions

  • Unknown attributes in certificates are left encoded instead of crashing. Patch by Will "wglozer" thanks.

    Own Id: OTP-8100

Improvements and New Features

  • Allow public_key:pem_to_der/[1,2] to take a binary as argument in addition to a filename. Patch by Geoff Cant, thanks.

    Own Id: OTP-8142

1.10  Public_Key 0.2

Improvements and New Features

  • X509 certificate handling has been extended and improved as a result of more extensive testing of both the ssl and public_key application. Even more extensions of the certificate handling is yet to be implemented.

    Own Id: OTP-7860

1.11  Public_Key 0.1

Improvements and New Features

  • First version.

    Own Id: OTP-7637