aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_handshake.hrl
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2013-04-04 09:38:46 +0200
committerIngela Anderton Andin <[email protected]>2013-04-04 09:38:46 +0200
commitb8e72765305590eb7c89166ce261843d54c9bcde (patch)
tree1a2660241dccee3694a3c33d8f6e9969fb903030 /lib/ssl/src/ssl_handshake.hrl
parent8dba74ac7ff331a2c4870cc64b62dd4f168533eb (diff)
parent3f031c72a496e5b2af7fa9f07e25aec621dcf8f3 (diff)
downloadotp-b8e72765305590eb7c89166ce261843d54c9bcde.tar.gz
otp-b8e72765305590eb7c89166ce261843d54c9bcde.tar.bz2
otp-b8e72765305590eb7c89166ce261843d54c9bcde.zip
Merge branch 'ia/ssl/PSK-SRP' into maint
* ia/ssl/PSK-SRP: ssl: Use new SRP crypto API crypto: New SRP API CRYPTO: add algorithms/0 function that returns a list off compiled in crypto algorithms ssl: Add option to list all available ciper suites and enhanced documentation SSL: add documentation for PSK and SRP ciphers options SSL: enable hash_size values for sha224, sha384 and sha512 SSL: add tests for PSK and SRP ciphers SSL: add TLS-SRP (RFC 5054) cipher suites CRYPTO: add support for RFC-2945 SRP-3 and RFC-5054 SRP-6a authentication crypto: Refactor mod_exp_nif SSL: add TLS PSK (RFC 4279 and RFC 5487) cipher suites
Diffstat (limited to 'lib/ssl/src/ssl_handshake.hrl')
-rw-r--r--lib/ssl/src/ssl_handshake.hrl51
1 files changed, 50 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl_handshake.hrl b/lib/ssl/src/ssl_handshake.hrl
index 2414d5b666..1fbb88f5f6 100644
--- a/lib/ssl/src/ssl_handshake.hrl
+++ b/lib/ssl/src/ssl_handshake.hrl
@@ -48,6 +48,7 @@
compression_method,
cipher_suite,
master_secret,
+ srp_username,
is_resumable,
time_stamp
}).
@@ -99,6 +100,7 @@
cipher_suites, % cipher_suites<2..2^16-1>
compression_methods, % compression_methods<1..2^8-1>,
renegotiation_info,
+ srp, % srp username to send
hash_signs, % supported combinations of hashes/signature algos
next_protocol_negotiation = undefined % [binary()]
}).
@@ -128,6 +130,10 @@
-define(KEY_EXCHANGE_RSA, 0).
-define(KEY_EXCHANGE_DIFFIE_HELLMAN, 1).
+-define(KEY_EXCHANGE_PSK, 2).
+-define(KEY_EXCHANGE_DHE_PSK, 3).
+-define(KEY_EXCHANGE_RSA_PSK, 4).
+-define(KEY_EXCHANGE_SRP, 5).
-record(server_rsa_params, {
rsa_modulus, %% opaque RSA_modulus<1..2^16-1>
@@ -139,7 +145,23 @@
dh_g, %% opaque DH_g<1..2^16-1>
dh_y %% opaque DH_Ys<1..2^16-1>
}).
-
+
+-record(server_psk_params, {
+ hint
+ }).
+
+-record(server_dhe_psk_params, {
+ hint,
+ dh_params
+ }).
+
+-record(server_srp_params, {
+ srp_n, %% opaque srp_N<1..2^16-1>
+ srp_g, %% opaque srp_g<1..2^16-1>
+ srp_s, %% opaque srp_s<1..2^8-1>
+ srp_b %% opaque srp_B<1..2^16-1>
+ }).
+
-record(server_key_exchange, {
exchange_keys
}).
@@ -209,6 +231,24 @@
dh_public
}).
+-record(client_psk_identity, {
+ identity
+ }).
+
+-record(client_dhe_psk_identity, {
+ identity,
+ dh_public
+ }).
+
+-record(client_rsa_psk_identity, {
+ identity,
+ exchange_keys
+ }).
+
+-record(client_srp_public, {
+ srp_a
+ }).
+
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%% Certificate verify - RFC 4346 section 7.4.8
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -235,6 +275,15 @@
}).
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%% SRP RFC 5054 section 2.8.1.
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+-define(SRP_EXT, 12).
+
+-record(srp, {
+ username
+ }).
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% Signature Algorithms RFC 5746 section 7.4.1.4.1.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-define(SIGNATURE_ALGORITHMS_EXT, 13).