<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns:fn="http://www.w3.org/2005/02/xpath-functions">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" href="../../../../doc/otp_doc.css" type="text/css">
<title>Erlang -- public_key Release Notes</title>
</head>
<body bgcolor="white" text="#000000" link="#0000ff" vlink="#ff00ff" alink="#ff0000"><div id="container">
<script id="js" type="text/javascript" language="JavaScript" src="../../../../doc/js/flipmenu/flipmenu.js"></script><script id="js2" type="text/javascript" src="../../../../doc/js/erlresolvelinks.js"></script><script language="JavaScript" type="text/javascript">
<!--
function getWinHeight() {
var myHeight = 0;
if( typeof( window.innerHeight ) == 'number' ) {
//Non-IE
myHeight = window.innerHeight;
} else if( document.documentElement && ( document.documentElement.clientWidth ||
document.documentElement.clientHeight ) ) {
//IE 6+ in 'standards compliant mode'
myHeight = document.documentElement.clientHeight;
} else if( document.body && ( document.body.clientWidth || document.body.clientHeight ) ) {
//IE 4 compatible
myHeight = document.body.clientHeight;
}
return myHeight;
}
function setscrollpos() {
var objf=document.getElementById('loadscrollpos');
document.getElementById("leftnav").scrollTop = objf.offsetTop - getWinHeight()/2;
}
function addEvent(obj, evType, fn){
if (obj.addEventListener){
obj.addEventListener(evType, fn, true);
return true;
} else if (obj.attachEvent){
var r = obj.attachEvent("on"+evType, fn);
return r;
} else {
return false;
}
}
addEvent(window, 'load', setscrollpos);
//--></script><div id="leftnav"><div class="innertube">
<img alt="Erlang logo" src="../../../../doc/erlang-logo.png"><br><small><a href="users_guide.html">User's Guide</a><br><a href="index.html">Reference Manual</a><br><a href="release_notes.html">Release Notes</a><br><a href="../pdf/public_key-0.17.pdf">PDF</a><br><a href="../../../../doc/index.html">Top</a></small><p><strong>public_key</strong><br><strong>Release Notes</strong><br><small>Version 0.17</small></p>
<br><a href="javascript:openAllFlips()">Expand All</a><br><a href="javascript:closeAllFlips()">Contract All</a><p><small><strong>Chapters</strong></small></p>
<ul class="flipMenu" imagepath="../../../../doc/js/flipmenu"><li id="loadscrollpos" title="public_key Release Notes" expanded="true">public_key Release Notes<ul>
<li><a href="notes.html">
Top of chapter
</a></li>
<li title="Public_Key 0.17"><a href="notes.html#id63303">Public_Key 0.17</a></li>
<li title="Public_Key 0.16"><a href="notes.html#id57324">Public_Key 0.16</a></li>
<li title="Public_Key 0.15"><a href="notes.html#id57373">Public_Key 0.15</a></li>
<li title="Public_Key 0.14"><a href="notes.html#id59568">Public_Key 0.14</a></li>
<li title="Public_Key 0.13"><a href="notes.html#id62423">Public_Key 0.13</a></li>
<li title="Public_Key 0.12"><a href="notes.html#id62453">Public_Key 0.12</a></li>
<li title="Public_Key 0.11"><a href="notes.html#id62484">Public_Key 0.11</a></li>
<li title="Public_Key 0.10"><a href="notes.html#id62515">Public_Key 0.10</a></li>
<li title="Public_Key 0.9"><a href="notes.html#id62545">Public_Key 0.9</a></li>
<li title="Public_Key 0.8"><a href="notes.html#id62628">Public_Key 0.8</a></li>
<li title="Public_Key 0.7"><a href="notes.html#id62697">Public_Key 0.7</a></li>
<li title="Public_Key 0.6"><a href="notes.html#id62751">Public_Key 0.6</a></li>
<li title="Public_Key 0.5"><a href="notes.html#id62792">Public_Key 0.5</a></li>
<li title="Public_Key 0.4"><a href="notes.html#id62831">Public_Key 0.4</a></li>
<li title="Public_Key 0.3"><a href="notes.html#id62862">Public_Key 0.3</a></li>
<li title="Public_Key 0.2"><a href="notes.html#id62918">Public_Key 0.2</a></li>
<li title="Public_Key 0.1"><a href="notes.html#id64412">Public_Key 0.1</a></li>
</ul>
</li></ul>
</div></div>
<div id="content">
<div class="innertube">
<h1>1 public_key Release Notes</h1>
<h3><a name="id63303">1.1
Public_Key 0.17</a></h3>
<h4>Fixed Bugs and Malfunctions</h4>
<ul>
<li>
<p>
ssh_decode now handles comments, at the end of the line,
containing withe spaces correctly</p>
<p>
Own Id: OTP-9361</p>
</li>
<li>
<p>
Add missing references to sha224 and sha384</p>
<p>
Own Id: OTP-9362 Aux Id: seq12116 </p>
</li>
</ul>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
public_key now supports PKCS-10 and includes exprimental
support for PKCS-7</p>
<p>
Own Id: OTP-10509 Aux Id: kunagi-291 [202] </p>
</li>
</ul>
<h3><a name="id57324">1.2
Public_Key 0.16</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
Add crypto and public_key support for the hash functions
SHA224, SHA256, SHA384 and SHA512 and also hmac and
rsa_sign/verify support using these hash functions.
Thanks to Andreas Schultz for making a prototype.</p>
<p>
Own Id: OTP-9908</p>
</li>
<li>
<p>
Optimize RSA private key handling in <span class="code">crypto</span> and
<span class="code">public_key</span>.</p>
<p>
Own Id: OTP-10065</p>
</li>
</ul>
<h3><a name="id57373">1.3
Public_Key 0.15</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
Changed ssh implementation to use the public_key
application for all public key handling. This is also a
first step for enabling a callback API for supplying
public keys and handling keys protected with password
phrases. </p>
<p>
Additionally the test suites where improved so that they
do not copy the users keys to test server directories as
this is a security liability. Also ipv6 and file access
issues found in the process has been fixed.</p>
<p>
This change also solves OTP-7677 and OTP-7235</p>
<p>
This changes also involves some updates to public_keys
ssh-functions.</p>
<p>
Own Id: OTP-9911</p>
</li>
</ul>
<h3><a name="id59568">1.4
Public_Key 0.14</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
public_key, ssl and crypto now supports PKCS-8</p>
<p>
Own Id: OTP-9312</p>
</li>
<li>
<p>
The asn1 decoder/encoder now uses a runtime nif from the
asn1 application if it is available.</p>
<p>
Own Id: OTP-9414</p>
</li>
</ul>
<h3><a name="id62423">1.5
Public_Key 0.13</a></h3>
<h4>Fixed Bugs and Malfunctions</h4>
<ul>
<li>
<p>
replace "a ssl" with "an ssl" reindent
pkix_path_validation/3 Trivial documentation fixes
(Thanks to Christian von Roques )</p>
<p>
Own Id: OTP-9464</p>
</li>
</ul>
<h3><a name="id62453">1.6
Public_Key 0.12</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
The public_key application now supports encode/decode of
ssh public-key files.</p>
<p>
Own Id: OTP-9144</p>
</li>
</ul>
<h3><a name="id62484">1.7
Public_Key 0.11</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
Allows the public_key module to decode and encode RSA and
DSA keys encoded using the SubjectPublicKeyInfo format.
When pem_entry_encode is called on an RSA or DSA public
key type, the key is wrapped in the SubjectPublicKeyInfo
format.</p>
<p>
Own Id: OTP-9061</p>
</li>
</ul>
<h3><a name="id62515">1.8
Public_Key 0.10</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
Improved dialyzer specs.</p>
<p>
Own Id: OTP-8964</p>
</li>
</ul>
<h3><a name="id62545">1.9
Public_Key 0.9</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
Updated ssl to ignore CA certs that violate the asn1-spec
for a certificate, and updated public key asn1 spec to
handle inherited DSS-params.</p>
<p>
Own Id: OTP-7884</p>
</li>
<li>
<p>
Changed ssl implementation to retain backwards
compatibility for old option {verify, 0} that shall be
equivalent to {verify, verify_none}, also separate the
cases unknown ca and selfsigned peer cert, and restored
return value of deprecated function
public_key:pem_to_der/1.</p>
<p>
Own Id: OTP-8858</p>
</li>
<li>
<p>
Better handling of v1 and v2 certificates. V1 and v2
certificates does not have any extensions so then
validate_extensions should just accept that there are
none and not end up in missing_basic_constraints clause.</p>
<p>
Own Id: OTP-8867</p>
</li>
<li>
<p>
Changed the verify fun so that it differentiate between
the peer certificate and CA certificates by using
valid_peer or valid as the second argument to the verify
fun. It may not always be trivial or even possible to
know when the peer certificate is reached otherwise.</p>
<p>
*** POTENTIAL INCOMPATIBILITY ***</p>
<p>
Own Id: OTP-8873</p>
</li>
</ul>
<h3><a name="id62628">1.10
Public_Key 0.8</a></h3>
<h4>Fixed Bugs and Malfunctions</h4>
<ul>
<li>
<p>
Handling of unknown CA certificates was changed in ssl
and public_key to work as intended.</p>
<p>
Own Id: OTP-8788</p>
</li>
</ul>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
Revise the public_key API - Cleaned up and documented the
public_key API to make it useful for general use, also
changed ssl to use the new API.</p>
<p>
Own Id: OTP-8722</p>
</li>
<li>
<p>
Added the functionality so that the verification fun will
be called when a certificate is considered valid by the
path validation to allow access to each certificate in
the path to the user application. Also try to verify
subject-AltName, if unable to verify it let the
application verify it.</p>
<p>
Own Id: OTP-8825</p>
</li>
</ul>
<h3><a name="id62697">1.11
Public_Key 0.7</a></h3>
<h4>Fixed Bugs and Malfunctions</h4>
<ul>
<li>
<p>
Certificates without any extensions could not be handled
by public_key.</p>
<p>
Own Id: OTP-8626</p>
</li>
</ul>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
Code cleanup and minor bugfixes.</p>
<p>
Own Id: OTP-8649</p>
</li>
</ul>
<h3><a name="id62751">1.12
Public_Key 0.6</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
Support for Diffie-Hellman. ssl-3.11 requires
public_key-0.6.</p>
<p>
Own Id: OTP-7046</p>
</li>
<li>
<p>
Moved extended key usage test for ssl values to ssl.</p>
<p>
Own Id: OTP-8553 Aux Id: seq11541, OTP-8554 </p>
</li>
</ul>
<h3><a name="id62792">1.13
Public_Key 0.5</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>Added <span class="code">public_key:pkix_transform/2</span> to enable
ssl to send CA list during Certificate Request.</p>
<p><span class="code">NOTE</span>: SSL (new_ssl) requires public_key-0.5.
ssl usage.</p>
<p>Own Id: OTP-8372</p>
</li>
</ul>
<h3><a name="id62831">1.14
Public_Key 0.4</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
The documentation is now built with open source tools
(xsltproc and fop) that exists on most platforms. One
visible change is that the frames are removed.</p>
<p>
Own Id: OTP-8250</p>
</li>
</ul>
<h3><a name="id62862">1.15
Public_Key 0.3</a></h3>
<h4>Fixed Bugs and Malfunctions</h4>
<ul>
<li>
<p>
Unknown attributes in certificates are left encoded
instead of crashing. Patch by Will "wglozer" thanks.</p>
<p>
Own Id: OTP-8100</p>
</li>
</ul>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
Allow public_key:pem_to_der/[1,2] to take a binary as
argument in addition to a filename. Patch by Geoff Cant,
thanks.</p>
<p>
Own Id: OTP-8142</p>
</li>
</ul>
<h3><a name="id62918">1.16
Public_Key 0.2</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
X509 certificate handling has been extended and improved
as a result of more extensive testing of both the ssl
and public_key application. Even more extensions of the
certificate handling is yet to be implemented.</p>
<p>
Own Id: OTP-7860</p>
</li>
</ul>
<h3><a name="id64412">1.17
Public_Key 0.1</a></h3>
<h4>Improvements and New Features</h4>
<ul>
<li>
<p>
First version.</p>
<p>
Own Id: OTP-7637</p>
</li>
</ul>
</div>
<div class="footer">
<hr>
<p>Copyright © 2008-2012 Ericsson AB, All Rights Reserved</p>
</div>
</div>
</div></body>
</html>
