diff options
| author | Ingela Anderton Andin <[email protected]> | 2013-04-04 09:38:46 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2013-04-04 09:38:46 +0200 |
| commit | b8e72765305590eb7c89166ce261843d54c9bcde (patch) | |
| tree | 1a2660241dccee3694a3c33d8f6e9969fb903030 /lib/ssl/src/ssl_handshake.hrl | |
| parent | 8dba74ac7ff331a2c4870cc64b62dd4f168533eb (diff) | |
| parent | 3f031c72a496e5b2af7fa9f07e25aec621dcf8f3 (diff) | |
| download | otp-b8e72765305590eb7c89166ce261843d54c9bcde.tar.gz otp-b8e72765305590eb7c89166ce261843d54c9bcde.tar.bz2 otp-b8e72765305590eb7c89166ce261843d54c9bcde.zip | |
Merge branch 'ia/ssl/PSK-SRP' into maint
* ia/ssl/PSK-SRP:
ssl: Use new SRP crypto API
crypto: New SRP API
CRYPTO: add algorithms/0 function that returns a list off compiled in crypto algorithms
ssl: Add option to list all available ciper suites and enhanced documentation
SSL: add documentation for PSK and SRP ciphers options
SSL: enable hash_size values for sha224, sha384 and sha512
SSL: add tests for PSK and SRP ciphers
SSL: add TLS-SRP (RFC 5054) cipher suites
CRYPTO: add support for RFC-2945 SRP-3 and RFC-5054 SRP-6a authentication
crypto: Refactor mod_exp_nif
SSL: add TLS PSK (RFC 4279 and RFC 5487) cipher suites
Diffstat (limited to 'lib/ssl/src/ssl_handshake.hrl')
| -rw-r--r-- | lib/ssl/src/ssl_handshake.hrl | 51 |
1 files changed, 50 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl_handshake.hrl b/lib/ssl/src/ssl_handshake.hrl index 2414d5b666..1fbb88f5f6 100644 --- a/lib/ssl/src/ssl_handshake.hrl +++ b/lib/ssl/src/ssl_handshake.hrl @@ -48,6 +48,7 @@ compression_method, cipher_suite, master_secret, + srp_username, is_resumable, time_stamp }). @@ -99,6 +100,7 @@ cipher_suites, % cipher_suites<2..2^16-1> compression_methods, % compression_methods<1..2^8-1>, renegotiation_info, + srp, % srp username to send hash_signs, % supported combinations of hashes/signature algos next_protocol_negotiation = undefined % [binary()] }). @@ -128,6 +130,10 @@ -define(KEY_EXCHANGE_RSA, 0). -define(KEY_EXCHANGE_DIFFIE_HELLMAN, 1). +-define(KEY_EXCHANGE_PSK, 2). +-define(KEY_EXCHANGE_DHE_PSK, 3). +-define(KEY_EXCHANGE_RSA_PSK, 4). +-define(KEY_EXCHANGE_SRP, 5). -record(server_rsa_params, { rsa_modulus, %% opaque RSA_modulus<1..2^16-1> @@ -139,7 +145,23 @@ dh_g, %% opaque DH_g<1..2^16-1> dh_y %% opaque DH_Ys<1..2^16-1> }). - + +-record(server_psk_params, { + hint + }). + +-record(server_dhe_psk_params, { + hint, + dh_params + }). + +-record(server_srp_params, { + srp_n, %% opaque srp_N<1..2^16-1> + srp_g, %% opaque srp_g<1..2^16-1> + srp_s, %% opaque srp_s<1..2^8-1> + srp_b %% opaque srp_B<1..2^16-1> + }). + -record(server_key_exchange, { exchange_keys }). @@ -209,6 +231,24 @@ dh_public }). +-record(client_psk_identity, { + identity + }). + +-record(client_dhe_psk_identity, { + identity, + dh_public + }). + +-record(client_rsa_psk_identity, { + identity, + exchange_keys + }). + +-record(client_srp_public, { + srp_a + }). + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%% Certificate verify - RFC 4346 section 7.4.8 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% @@ -235,6 +275,15 @@ }). %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% SRP RFC 5054 section 2.8.1. +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +-define(SRP_EXT, 12). + +-record(srp, { + username + }). + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% Signature Algorithms RFC 5746 section 7.4.1.4.1. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -define(SIGNATURE_ALGORITHMS_EXT, 13). |