Merge branch 'ia/ssl/PSK-SRP' into maint

* ia/ssl/PSK-SRP:
  ssl: Use new SRP crypto API
  crypto: New SRP API
  CRYPTO: add algorithms/0 function that returns a list off compiled in crypto algorithms
  ssl: Add option to list all available ciper suites and enhanced documentation
  SSL: add documentation for PSK and SRP ciphers options
  SSL: enable hash_size values for sha224, sha384 and sha512
  SSL: add tests for PSK and SRP ciphers
  SSL: add TLS-SRP (RFC 5054) cipher suites
  CRYPTO: add support for RFC-2945 SRP-3 and RFC-5054 SRP-6a authentication
  crypto: Refactor mod_exp_nif
  SSL: add TLS PSK (RFC 4279 and RFC 5487) cipher suites

1 files changed, 105 insertions, 0 deletions

diff --git a/lib/ssl/src/ssl_cipher.hrl b/lib/ssl/src/ssl_cipher.hrl
index 0f439f8ed5..90d3704efd 100644
--- a/lib/ssl/src/ssl_cipher.hrl
+++ b/lib/ssl/src/ssl_cipher.hrl
@@ -250,4 +250,109 @@
 %% hello extension data as they should.
 -define(TLS_EMPTY_RENEGOTIATION_INFO_SCSV, <<?BYTE(16#00), ?BYTE(16#FF)>>).
 
+%%% PSK Cipher Suites RFC 4279
+
+%%      TLS_PSK_WITH_RC4_128_SHA              = { 0x00, 0x8A };
+-define(TLS_PSK_WITH_RC4_128_SHA, <<?BYTE(16#00), ?BYTE(16#8A)>>).
+
+%%      TLS_PSK_WITH_3DES_EDE_CBC_SHA         = { 0x00, 0x8B };
+-define(TLS_PSK_WITH_3DES_EDE_CBC_SHA, <<?BYTE(16#00), ?BYTE(16#8B)>>).
+
+%%      TLS_PSK_WITH_AES_128_CBC_SHA          = { 0x00, 0x8C };
+-define(TLS_PSK_WITH_AES_128_CBC_SHA, <<?BYTE(16#00), ?BYTE(16#8C)>>).
+
+%%      TLS_PSK_WITH_AES_256_CBC_SHA          = { 0x00, 0x8D };
+-define(TLS_PSK_WITH_AES_256_CBC_SHA, <<?BYTE(16#00), ?BYTE(16#8D)>>).
+
+%%      TLS_DHE_PSK_WITH_RC4_128_SHA          = { 0x00, 0x8E };
+-define(TLS_DHE_PSK_WITH_RC4_128_SHA, <<?BYTE(16#00), ?BYTE(16#8E)>>).
+
+%%      TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA     = { 0x00, 0x8F };
+-define(TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, <<?BYTE(16#00), ?BYTE(16#8F)>>).
+
+%%      TLS_DHE_PSK_WITH_AES_128_CBC_SHA      = { 0x00, 0x90 };
+-define(TLS_DHE_PSK_WITH_AES_128_CBC_SHA, <<?BYTE(16#00), ?BYTE(16#90)>>).
+
+%%      TLS_DHE_PSK_WITH_AES_256_CBC_SHA      = { 0x00, 0x91 };
+-define(TLS_DHE_PSK_WITH_AES_256_CBC_SHA, <<?BYTE(16#00), ?BYTE(16#91)>>).
+
+%%      TLS_RSA_PSK_WITH_RC4_128_SHA          = { 0x00, 0x92 };
+-define(TLS_RSA_PSK_WITH_RC4_128_SHA, <<?BYTE(16#00), ?BYTE(16#92)>>).
+
+%%      TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA     = { 0x00, 0x93 };
+-define(TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, <<?BYTE(16#00), ?BYTE(16#93)>>).
+
+%%      TLS_RSA_PSK_WITH_AES_128_CBC_SHA      = { 0x00, 0x94 };
+-define(TLS_RSA_PSK_WITH_AES_128_CBC_SHA, <<?BYTE(16#00), ?BYTE(16#94)>>).
+
+%%      TLS_RSA_PSK_WITH_AES_256_CBC_SHA      = { 0x00, 0x95 };
+-define(TLS_RSA_PSK_WITH_AES_256_CBC_SHA, <<?BYTE(16#00), ?BYTE(16#95)>>).
+
+%%% TLS 1.2 PSK Cipher Suites RFC 5487
+
+%%      TLS_PSK_WITH_AES_128_CBC_SHA256       = {0x00,0xAE};
+-define(TLS_PSK_WITH_AES_128_CBC_SHA256, <<?BYTE(16#00), ?BYTE(16#AE)>>).
+
+%%      TLS_PSK_WITH_AES_256_CBC_SHA384       = {0x00,0xAF};
+-define(TLS_PSK_WITH_AES_256_CBC_SHA384, <<?BYTE(16#00), ?BYTE(16#AF)>>).
+
+%%      TLS_PSK_WITH_NULL_SHA256              = {0x00,0xB0};
+-define(TLS_PSK_WITH_NULL_SHA256, <<?BYTE(16#00), ?BYTE(16#B0)>>).
+
+%%      TLS_PSK_WITH_NULL_SHA384              = {0x00,0xB1};
+-define(TLS_PSK_WITH_NULL_SHA384, <<?BYTE(16#00), ?BYTE(16#B1)>>).
+
+%%      TLS_DHE_PSK_WITH_AES_128_CBC_SHA256   = {0x00,0xB2};
+-define(TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, <<?BYTE(16#00), ?BYTE(16#B2)>>).
+
+%%      TLS_DHE_PSK_WITH_AES_256_CBC_SHA384   = {0x00,0xB3};
+-define(TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, <<?BYTE(16#00), ?BYTE(16#B3)>>).
+
+%%      TLS_DHE_PSK_WITH_NULL_SHA256          = {0x00,0xB4};
+-define(TLS_DHE_PSK_WITH_NULL_SHA256, <<?BYTE(16#00), ?BYTE(16#B4)>>).
+
+%%      TLS_DHE_PSK_WITH_NULL_SHA384          = {0x00,0xB5};
+-define(TLS_DHE_PSK_WITH_NULL_SHA384, <<?BYTE(16#00), ?BYTE(16#B5)>>).
+
+%%      TLS_RSA_PSK_WITH_AES_128_CBC_SHA256   = {0x00,0xB6};
+-define(TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, <<?BYTE(16#00), ?BYTE(16#B6)>>).
+
+%%      TLS_RSA_PSK_WITH_AES_256_CBC_SHA384   = {0x00,0xB7};
+-define(TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, <<?BYTE(16#00), ?BYTE(16#B7)>>).
+
+%%      TLS_RSA_PSK_WITH_NULL_SHA256          = {0x00,0xB8};
+-define(TLS_RSA_PSK_WITH_NULL_SHA256, <<?BYTE(16#00), ?BYTE(16#B8)>>).
+
+%%      TLS_RSA_PSK_WITH_NULL_SHA384          = {0x00,0xB9};
+-define(TLS_RSA_PSK_WITH_NULL_SHA384, <<?BYTE(16#00), ?BYTE(16#B9)>>).
+
+%%% SRP Cipher Suites RFC 5054
+
+%%      TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA     = { 0xC0,0x1A };
+-define(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA, <<?BYTE(16#C0), ?BYTE(16#1A)>>).
+
+%%      TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1B };
+-define(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, <<?BYTE(16#C0), ?BYTE(16#1B)>>).
+
+%%      TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1C };
+-define(TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, <<?BYTE(16#C0), ?BYTE(16#1C)>>).
+
+%%      TLS_SRP_SHA_WITH_AES_128_CBC_SHA      = { 0xC0,0x1D };
+-define(TLS_SRP_SHA_WITH_AES_128_CBC_SHA, <<?BYTE(16#C0), ?BYTE(16#1D)>>).
+
+%%      TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA  = { 0xC0,0x1E };
+-define(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, <<?BYTE(16#C0), ?BYTE(16#1E)>>).
+
+%%      TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA  = { 0xC0,0x1F };
+-define(TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, <<?BYTE(16#C0), ?BYTE(16#1F)>>).
+
+%%      TLS_SRP_SHA_WITH_AES_256_CBC_SHA      = { 0xC0,0x20 };
+-define(TLS_SRP_SHA_WITH_AES_256_CBC_SHA, <<?BYTE(16#C0), ?BYTE(16#20)>>).
+
+%%      TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA  = { 0xC0,0x21 };
+-define(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, <<?BYTE(16#C0), ?BYTE(16#21)>>).
+
+%%      TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA  = { 0xC0,0x22 };
+-define(TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, <<?BYTE(16#C0), ?BYTE(16#22)>>).
+
 -endif. % -ifdef(ssl_cipher).