Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-03-25 | ssl: Improve type specs | Ingela Anderton Andin | |
Conflicts: lib/ssl/src/dtls_record.erl | |||
2014-03-25 | ssl: Refactor and start implementing dtls_connection.erl | Ingela Anderton Andin | |
2013-12-02 | ssl: Refactor handshake and record handling | Ingela Anderton Andin | |
2013-10-14 | ssl: Honor TLS client ECC extension | Ingela Anderton Andin | |
Also the server should only send ECC point formats extension not ECC curve extension. | |||
2013-09-10 | ssl: Refactor TLS/DTLS record handling | Ingela Anderton Andin | |
2013-09-10 | ssl: Dialyzer fixes | Ingela Anderton Andin | |
2013-09-10 | ssl: DTLS record handling | Ingela Anderton Andin | |
Also refactor so that TLS and DTLS can have common functions when possible. | |||
2013-09-02 | ssl: Handle signature_algorithm field in digitally_signed properly | Ingela Anderton Andin | |
with proper defaults Added ssl_ECC_SUITE | |||
2013-06-07 | ssl: Fix dialyzer warnings | Ingela Anderton Andin | |
2013-05-20 | ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0 | Ingela Anderton Andin | |
2013-05-08 | ssl: Only send ECC-hello extension if ECC-cipher suites are advertised | Ingela Anderton Andin | |
2013-05-08 | ssl & crypto: Generalize the remaining crypto API | Ingela Anderton Andin | |
2013-05-08 | ssl & public_key: Use new crypto API functions | Ingela Anderton Andin | |
2013-05-08 | crypto: Deprecate functions, update doc and specs | Ingela Anderton Andin | |
2013-05-08 | SSL: add Elliptic Curve support for ssl app | Andreas Schultz | |
2013-05-08 | SSL: filter TLS cipher suites for supported algorithms | Andreas Schultz | |
2013-03-28 | SSL: enable hash_size values for sha224, sha384 and sha512 | Andreas Schultz | |
Some of the PSK and SRP ciphers default to sha384, this enables hash_size for that cipher. It also adds sha512 and sha224 to be prepared for further cipher enhancements. | |||
2013-03-28 | SSL: add TLS-SRP (RFC 5054) cipher suites | Andreas Schultz | |
2013-03-28 | SSL: add TLS PSK (RFC 4279 and RFC 5487) cipher suites | Andreas Schultz | |
2013-03-13 | public_key & ssl: Add support for ISO oids 1.3.14.3.2.29 and 1.3.14.3.2.27 | Ingela Anderton Andin | |
Some certificates may use these OIDs instead of the ones defined by PKIX/PKCS standard. Refactor code so that all handling of the "duplicate" oids is done by public_key. Update algorithm information in documentation. | |||
2012-08-23 | ssl: Clean up of code thanks to dialyzer | Ingela Anderton Andin | |
2012-08-22 | ssl: Use crypto:strong_rand_bytes if possible | Ingela Anderton Andin | |
2012-08-22 | ssl: Add Signature Algorithms hello extension from TLS 1.2 | Andreas Schultz | |
This is also avoids triggering some bugs in OpenSSL. | |||
2012-08-22 | ssl: IDEA cipher is deprecated by TLS 1.2 | Ingela Anderton Andin | |
As we did not yet support IDEA ciphers and they have now become deprecated we skip supporting them altogether. | |||
2012-08-22 | ssl: Make signature handling version dependant | Andreas Schultz | |
TLS 1.2 introduces changes on how signatures are calculate and encoded. This makes the signature handling version aware | |||
2012-08-22 | ssl: Fix PRF logic | Ingela Anderton Andin | |
2012-08-22 | ssl: Add TLS 1.2 cipher suites | Andreas Schultz | |
2012-08-22 | ssl: make PRF function selectable | Andreas Schultz | |
TLS 1.2 allows to negotiate the used PRF, additional the default PRF uses a different hash. This change make the PRF selectable and hardwires the PRF for TLS < 1.2 | |||
2012-08-22 | ssl: Add TLS 1.2 block cipher IV handling | Andreas Schultz | |
2012-08-22 | ssl: Consider TLS version when building cipher blocks | Andreas Schultz | |
With TLS 1.2 the handling of the IV in cipher blocks changed. This prepares ssl_cipher:cipher/5 for that change by passing the TLS version into it and allowing generic_block_cipher_from_bin/4 to overload the IV. | |||
2011-12-09 | Update copyright years | Björn-Egil Dahlberg | |
2011-12-05 | Fix typos in ssl_cipher.erl | Tuncer Ayaz | |
2011-10-24 | fix handling of block_decipher/5 failure | Andreas Schultz | |
A wrong decryption key would cause a badmatch in generic_block_cipher_from_bin/2. The try in block_decipher/5 was probably intendend to deal with that, but was misplace for this. Additionaly, generating a failure alert erly, without computing the record MAC, creates vector for a timing attack on CBC padding (for details check TLS 1.2 RFC 5246, Sect. 6.2.3.2.). This attach vector and the counter meassure applies to all SSL/TLS versions. As a counter messure, compute the MAC even when decryption or padding checks fail. A invalid padding will force a MAC failure by intentionaly invalidating the content. | |||
2010-11-30 | Fixed guard and test case | Ingela Anderton Andin | |
Data to sign and verify should be inputed as binaries. Also cleaned up and moved some dialyzer specs. | |||
2010-11-18 | Added alert in stream cipher case. | Ingela Anderton Andin | |
Also changed alert to BAD_RECORD_MAC as: "differentiating between bad_record_mac and decryption_failed alerts may permit certain attacks against CBC mode as used in TLS [CBCATT]. It is preferable to uniformly use the bad_record_mac alert to hide the specific type of the error." Also cleaned up the code and changed a few other alert reasons in according to alert descriptions in the TLS RFC 4346. And added function terminate_alert/3 so that we can differentiate between a crash in ssl (a bug in our code) and a crash in the application using ssl. | |||
2010-11-10 | Added "DECRYPTION_FAILED ALERT" for block decipher failure. | Ingela Anderton Andin | |
Also fixed incorrect dialyzer spec. | |||
2010-10-07 | Anonymous cipher suites | Ingela Anderton Andin | |
For testing purposes ssl now also support some anonymous cipher suites when explicitly configured to do so. Also moved session cache tests to its own suite, so that timeout of end_per_testcase when the mnesia is used as session cache will not affect other test cases. | |||
2010-08-24 | Merge branch 'ia/ssl-interop/OTP-8740' into dev | Ingela Anderton Andin | |
* ia/ssl-interop/OTP-8740: Do not check the padding for TLS 1.0 | |||
2010-08-23 | Revise the public_key API | Ingela Anderton Andin | |
Cleaned up and documented the public_key API to make it useful for general use. | |||
2010-08-18 | Do not check the padding for TLS 1.0 | Ingela Anderton Andin | |
For interoperability reasons we do not check the padding in TLS 1.0 as it is not strictly required and breaks interopability with for instance Google. | |||
2010-06-22 | Added more -spec definitions. | Ingela Anderton Andin | |
2010-06-07 | OTP-8587 DSA key support | Ingela Anderton Andin | |
New ssl now support client/server-certificates signed by dsa keys. | |||
2010-05-28 | Added missing padding check. | Ingela Anderton Andin | |
2010-05-21 | Clean up of code | Ingela Anderton Andin | |
2010-05-21 | Decision not to support DH and export cipher suites. | Ingela Anderton Andin | |
2010-05-18 | Commented out currently unsupported code. To be supported or removed in the ↵ | Ingela Anderton Andin | |
future. | |||
2009-11-20 | The R13B03 release.OTP_R13B03 | Erlang/OTP | |