diff options
author | Péter Dimitrov <[email protected]> | 2019-07-01 11:52:21 +0200 |
---|---|---|
committer | Péter Dimitrov <[email protected]> | 2019-07-01 11:52:21 +0200 |
commit | 6ef3015bb340e901b330b42be50f6b38df7bd3b8 (patch) | |
tree | 20c7383a925c4c809a9cb5521573acaaa3e42560 /lib/ssl/src/ssl_cipher.erl | |
parent | 3715839afb532c156771b8daddcba03fb2902502 (diff) | |
parent | 06309ff2294782558ad722e3c181550a6d27ebd1 (diff) | |
download | otp-6ef3015bb340e901b330b42be50f6b38df7bd3b8.tar.gz otp-6ef3015bb340e901b330b42be50f6b38df7bd3b8.tar.bz2 otp-6ef3015bb340e901b330b42be50f6b38df7bd3b8.zip |
Merge branch 'maint'
* maint:
ssl: Update standards compliance
ssl: Test ECDSA certificates in TLS 1.3
ssl: Handle ECDSA signatures in TLS 1.3
Diffstat (limited to 'lib/ssl/src/ssl_cipher.erl')
-rw-r--r-- | lib/ssl/src/ssl_cipher.erl | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index 4da50d2af8..f4a91cac52 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -973,15 +973,25 @@ scheme_to_components(ecdsa_sha1) -> {sha1, ecdsa, undefined}; scheme_to_components({Hash,Sign}) -> {Hash, Sign, undefined}. -%% TODO: Add support for EC and RSA-SSA signatures -signature_algorithm_to_scheme(#'SignatureAlgorithm'{algorithm = ?sha1WithRSAEncryption}) -> - rsa_pkcs1_sha1; +%% TODO: Add support for ed25519, ed448, rsa_pss* signature_algorithm_to_scheme(#'SignatureAlgorithm'{algorithm = ?sha256WithRSAEncryption}) -> rsa_pkcs1_sha256; signature_algorithm_to_scheme(#'SignatureAlgorithm'{algorithm = ?sha384WithRSAEncryption}) -> rsa_pkcs1_sha384; signature_algorithm_to_scheme(#'SignatureAlgorithm'{algorithm = ?sha512WithRSAEncryption}) -> - rsa_pkcs1_sha512. + rsa_pkcs1_sha512; +signature_algorithm_to_scheme(#'SignatureAlgorithm'{algorithm = ?'ecdsa-with-SHA256'}) -> + ecdsa_secp256r1_sha256; +signature_algorithm_to_scheme(#'SignatureAlgorithm'{algorithm = ?'ecdsa-with-SHA384'}) -> + ecdsa_secp384r1_sha384; +signature_algorithm_to_scheme(#'SignatureAlgorithm'{algorithm = ?'ecdsa-with-SHA512'}) -> + ecdsa_secp512r1_sha512; +signature_algorithm_to_scheme(#'SignatureAlgorithm'{algorithm = ?'sha-1WithRSAEncryption'}) -> + rsa_pkcs1_sha1; +signature_algorithm_to_scheme(#'SignatureAlgorithm'{algorithm = ?sha1WithRSAEncryption}) -> + rsa_pkcs1_sha1; +signature_algorithm_to_scheme(#'SignatureAlgorithm'{algorithm = ?'ecdsa-with-SHA1'}) -> + ecdsa_sha1. %% RFC 5246: 6.2.3.2. CBC Block Cipher |