diff options
| author | Ingela Anderton Andin <[email protected]> | 2013-05-08 10:43:24 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2013-05-08 10:43:24 +0200 |
| commit | 705e3b1137ebb2cfa1e729c9a4cf44638270f7e5 (patch) | |
| tree | 800665a97cec32d894b822b0c9d3b4eeb7d51f8e /lib/ssl/src/ssl.erl | |
| parent | 8e00f4ce7a49b2fd1da7e481dc0985703e4131a5 (diff) | |
| parent | 19d511a10d5e258b8f2f876f7c12ffbf35174d89 (diff) | |
| download | otp-705e3b1137ebb2cfa1e729c9a4cf44638270f7e5.tar.gz otp-705e3b1137ebb2cfa1e729c9a4cf44638270f7e5.tar.bz2 otp-705e3b1137ebb2cfa1e729c9a4cf44638270f7e5.zip | |
Merge branch 'ia/ssl/public_key/crypto/elliptic_curve/OTP-11009' into maint
* ia/ssl/public_key/crypto/elliptic_curve/OTP-11009: (39 commits)
ssl: Fix dialyzer spec
crypto: Remove debug printouts
ssl: Only send ECC-hello extension if ECC-cipher suites are advertised
ssl & public_key: Use standard name
ssl & crypto: Generalize the remaining crypto API
public_key: Add new API functions to the documentation
ssl & public_key: Use new crypto API functions
crypto: New API for ciphers
crypto: Deprecate functions, update doc and specs
ssl: Fix Curve selection
ssl, crypto: Eliminate remaining mpint and EC resource key from API
ssl, public_key, crypto: General generate_key and compute_key functions
crypto: Add generic functions generate_key and compute_key
crypto: Change ecdh_compute_key to have 3 arguments
ssl: Improve extention handling
ssl: test case fix
ssl & public_key: API refinement
public_key: use new crypto
crypto: Fix ec_key resource to be upgradeable
crypto: Combine ec_key_new into ecdh_generate_key
...
Diffstat (limited to 'lib/ssl/src/ssl.erl')
| -rw-r--r-- | lib/ssl/src/ssl.erl | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index 70f3b4f050..f52862729a 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -364,11 +364,11 @@ cipher_suites() -> cipher_suites(erlang) -> Version = ssl_record:highest_protocol_version([]), - [suite_definition(S) || S <- ssl_cipher:suites(Version)]; + [suite_definition(S) || S <- cipher_suites(Version, [])]; cipher_suites(openssl) -> Version = ssl_record:highest_protocol_version([]), - [ssl_cipher:openssl_suite_name(S) || S <- ssl_cipher:suites(Version)]; + [ssl_cipher:openssl_suite_name(S) || S <- cipher_suites(Version, [])]; cipher_suites(all) -> Version = ssl_record:highest_protocol_version([]), @@ -739,6 +739,7 @@ validate_option(key, {KeyType, Value}) when is_binary(Value), KeyType == dsa; %% Backwards compatibility KeyType == 'RSAPrivateKey'; KeyType == 'DSAPrivateKey'; + KeyType == 'ECPrivateKey'; KeyType == 'PrivateKeyInfo' -> {KeyType, Value}; @@ -947,21 +948,22 @@ emulated_options([], Inet,Emulated) -> {Inet, Emulated}. cipher_suites(Version, []) -> - ssl_cipher:suites(Version); + ssl_cipher:filter_suites(ssl_cipher:suites(Version)); cipher_suites(Version, [{_,_,_,_}| _] = Ciphers0) -> %% Backwards compatibility Ciphers = [{KeyExchange, Cipher, Hash} || {KeyExchange, Cipher, Hash, _} <- Ciphers0], - cipher_suites(Version, Ciphers); + ssl_cipher:filter_suites(cipher_suites(Version, Ciphers)); cipher_suites(Version, [{_,_,_}| _] = Ciphers0) -> Ciphers = [ssl_cipher:suite(C) || C <- Ciphers0], - cipher_suites(Version, Ciphers); + ssl_cipher:filter_suites(cipher_suites(Version, Ciphers)); cipher_suites(Version, [Cipher0 | _] = Ciphers0) when is_binary(Cipher0) -> - Supported = ssl_cipher:suites(Version) + Supported0 = ssl_cipher:suites(Version) ++ ssl_cipher:anonymous_suites() ++ ssl_cipher:psk_suites(Version) ++ ssl_cipher:srp_suites(), - case [Cipher || Cipher <- Ciphers0, lists:member(Cipher, Supported)] of + Supported1 = ssl_cipher:filter_suites(Supported0), + case [Cipher || Cipher <- Ciphers0, lists:member(Cipher, Supported1)] of [] -> - Supported; + Supported1; Ciphers -> Ciphers end; |