voltone
commented
5 years ago Thanks, I saw that. I'm not sure yet: for reading I currently rely on :public_key's built-in support, which means no AES-256 support. If I were to do something beyond what :public_key supports, users might get confused by the inconsistent behaviour: X509 might read/write a keys with AES256 encryption, but those can't be used with :public_key or :ssl...
Not sure if this helps you or not, but emj and I extracted the pkcs5 implementation from hex and put it in a package https://github.com/hexpm/pbcs