View Source Public_Key Application
The Public Key application deals with public-key related file formats,
digital signatures, and X-509
certificates. It handles
validation of certificate paths and certificate revocation lists
(CRLs) and other functions for handling of certificates, keys and
CRLs. It is a library application that does not read or write files,
it expects or returns file contents or partial file contents as
binaries. Except for the functions public-key:cacerts_load/0,
public-key:cacerts_load/1, and public-key:cacerts_get/0
that reads files.
Supported PKIX functionality
- Supports RFC 5280 - Internet X.509 Public-Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. Certificate policies supported since OTP-26.2
- Supports PKCS-1 - RSA Cryptography Standard
- Supports DSS - Digital Signature Standard (DSA - Digital Signature Algorithm)
- Supports PKCS-3 - Diffie-Hellman Key Agreement Standard
- Supports PKCS-5 - Password-Based Cryptography Standard
- Supports AES - Use of the Advanced Encryption Standard (AES) Algorithm in Cryptographic Message Syntax (CMS)
- Supports PKCS-8 - Private-Key Information Syntax Standard
- Supports PKCS-10 - Certification Request Syntax Standard
Dependencies
The public_key application uses the Crypto application to perform
cryptographic operations and the ASN-1 application to handle PKIX-ASN-1
specifications, hence these applications must be loaded for the public_key
application to work. In an embedded environment this means they must be started
with application:start/[1,2] before the public_key application is started.
Error Logger and Event Handlers
The public_key application is a library application and does not use the error
logger. The functions will either succeed or fail with a runtime error.