Skip to content

Latest commit

 

History

History
222 lines (146 loc) · 6.79 KB

CHANGELOG.md

File metadata and controls

222 lines (146 loc) · 6.79 KB

Changelog

v0.8.8 (2023-08-30)

Fixes

  • Avoid Logger.warn deprecation warning on recent Elixir versions

v0.8.7 (2023-05-31)

Fixes

  • Compatibility with Elixir 1.15

v0.8.6 (2023-04-04)

Fixes

  • Compatibility with Erlang/OTP 25.3

v0.8.5 (2022-05-25)

Fixes

  • [X509.Test.Server] Use :ssl.handshake/3 if available

v0.8.4 (2022-03-01)

Fixes

  • [X509.RDNSequence] Fix handling of surname attribute

v0.8.3 (2021-06-07)

Enhancements

  • [X509.PublicKey] Support 'engine' reference for private keys in derive/1
  • [X509.CSR] Support 'engine' reference for private keys in new/2,3
  • [X509.CSR] Add :public_key option for new/3

v0.8.2 (2020-11-05)

Fixes

  • Support for Elixir v1.11

v0.8.1 (2020-02-29)

Fixes

  • [X509.Certificate] Support both 'plain' and 'otp' rdnSequence records
  • [X509.CSR] Support both 'plain' and 'otp' rdnSequence records

v0.8.0 (2019-12-09)

Enhancements

  • [X509.CSR] Add support for extension requests

v0.7.0 (2019-07-15)

Enhancements

  • [X509.Certificate.Template] Add OCSP responder template
  • [X509.Certificate.Extension] Add support for Authority Information Access and OCSP Nocheck extensions

Fixes

  • [X509.RDNSequence] Handle teletexString encoding (7-bit only, for now)
  • [X509.PrivateKey] Documentation fixes

v0.6.0 (2019-06-18)

Enhancements

  • [X509.PrivateKey] Allow encryption of PEM output
  • [X509.Test.Suite] Include 'localhost' in all certifictes
  • [X509.Test.Suite] Generate client certificate and associated key
  • [X509.Test.Server] Add 'client-cert' endpoint for testing with client certificate
  • [x509.gen.suite Mix task] Add --force option
  • [x509.gen.suite Mix task] Add --password option
  • [x509.gen.suite Mix task] Generate 'ca_and_chain.pem' file
  • [x509.gen.selfsigned Mix task] Add --force option

v0.5.4 (2019-04-15)

Enhancements

  • [X509.RDNSequence] Relax length restriction on countryName attribute

v0.5.3 (2019-03-14)

Fixes

  • [X509.RDNSequence] Support more attribute types in to_string/1

v0.5.2 (2019-02-21)

Enhancements

  • [X509.Certificate] Add version/1, subject/2 and issuer/2
  • [X509.RDNSequence] Add get_attr/2

v0.5.1 (2019-01-03)

Fixes

  • [X509.Certificate.Validity] The record type returned for GeneralizedTime, used for dates from 2050 forward, was not recognized by OTP, causing certificate creation and encoding to fail (#24)

v0.5.0 (2018-11-27)

Enhancements

  • [X509.CRL] New module for generating and parsing Certificate Revocation Lists (CRLs)
  • [X509.CRL.Entry] New module: CRL entries
  • [X509.CRL.Extension] New module: CRL extensions
  • [X509.Certificate.Extension] Add support for the CRL Distribution Point extension
  • [X509.Test.Suite] New module for generating test suites for TLS client testing
  • [X509.Test.Server] New module: simple server for hosting test suites
  • Add x509.gen.suite Mix task
  • Add x509.test_server Mix task

Fixes

  • [X509.Certificate.Validity] The days_from_now/2 function used to calculate the not_after timestamp relative to the not_before value (including the backdate_seconds shift); it is now set relative to the current time

v0.4.0 (2018-10-19)

Breaking changes

All from_der and from_pem functions now return an :error tuple on failure instead of nil, and wrap their result in a :ok tuple in case of success. The only exception is the from_pem function in X509, which returns a (possibly empty) list.

  • [X509] Removed to_der/1, to_pem/1 and from_der/2
  • [X509.Certificate] Changed the return values of from_der/1 and from_pem/1,2, as described above

Enhancements

  • Add x509.gen.selfsigned Mix task
  • The various from_pem and from_pem! functions are now more lenient: they scan for the first PEM entry of an appropriate type instead of requiring that it be the only entry
  • [X509.Certificate] Add serial/1 to extract a certificate's serial number
  • [X509.Certificate.Template] The length of randomly generated serial numbers can now be specified using a {:random, n} tuple in the :serial field, where n is the length in bytes; the default is {:random, 8}, equivalent to the previous default

Fixes

  • [X509.Certificate] Fixed the typespec for second parameter of from_der!/2, from_der/2, from_pem!/2 and from_pem/2
  • [X509.Certificate] Extract the correct RDN from issuer certificate (#13)
  • [X509.Certificate.Extensions] subject_key_identifier/1 returned an AKI record rather than SKI record for ECC keys (#10)
  • [X509.PublicKey] Documentation: corrected the default value for the wrap option for RSA keys in to_der/1 and to_pem/1

v0.3.0 (2018-09-22)

This release paves the way for some changes in the way PEM and DER decoding works. Eventually there will be six functions in each module, as implemented in X509.CSR in this version. The generic functions in the X509 module will eventually be removed, with the exception of theX509.from_pem/2 function, which returns a (possibly filtered) list of entities found in the PEM string.

In the next version, all from_der and from_pem functions (except for the one in X509) will return :ok / :error tuples, so please update existing code to use the new from_der! and from_pem! functions instead: their return value on success will always be just the module's primary record type.

Breaking changes

  • [X509.Certificate] from_der/2 and from_pem/2 now return nil in case of failure, for consistency with the current behaviour of other modules; use the new from_der!/2 and from_pem!/2 to get the old behaviour of raising an exception

Enhancements

  • [X509.Certificate] Add from_der!/2 and from_pem!/2
  • [X509.CSR] Add to_der/1, to_pem/1, from_der!/1, from_der/1, from_pem!/1 and from_pem/1
  • [X509.PrivateKey] Add from_der!/2 and from_pem!/2
  • [X509.PublicKey] Add from_der!/2 and from_pem!/2
  • Support Elixir v1.7 and ExDoc v0.19

Deprecations

The to_der, to_pem and from_der functions in the X509 top-level module have been deprecated. Please use their entity-specific functions in the appropriate module instead. The deprecated functions will be removed in an upcoming release, prior to v1.0.

v0.2.0 (2018-07-24)

Breaking changes

  • [X509.Certificate] Primary type has been changed from :Certificate to :OTPCertificate; the new/[4,5] and self_signed/[2,3] functions now return an :OTPCertificate record

Enhancements

  • [X509] to_der and to_pem now delegate now support :OTPCertificate records, by delegating to X509.Certificate
  • [X509.Certificate] Added certificate-specific implementations of to_der, to_pem, from_der and from_pem

v0.1.0 (2018-07-02)

First public release