Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
server key encoding depends to the negotiated key exchange. Before
the encoding was limited to diffie-hellman keys. This changes allows
to select the key structure to decode and verify. It also consolidates
the transport encoding of the parameters into one place.
|
|
Types in a record where wrongly type specified, did not include
undefined. Make them comments for now, maybe we will specify internal
records with dialyzer types later, but as the other record fields are
not specified at the moment, with dialyzer types, make the code
consistent.
|
|
more "sense" (be true to the specification).
|
|
* http://technotes.googlecode.com/git/nextprotoneg.html
|
|
|
|
This is also avoids triggering some bugs in OpenSSL.
|
|
TLS 1.2 introduces changes on how signatures
are calculate and encoded. This makes the
signature handling version aware
|
|
|
|
TLS/SSL version before 1.2 always used a MD5/SHA combination
for the handshake hashes. With TLS 1.2 the default hash is
SHA256 and it is possible to negotiate a different hash.
This change delays the calculation of the handshake
hashes until they are really needed. At that point the hash
to use should be known.
For now MD5/SHA is still hard coded.
|
|
|
|
|
|
Data to sign and verify should be inputed as binaries.
Also cleaned up and moved some dialyzer specs.
|
|
New ssl now supports secure renegotiation as described by RFC 5746.
|
|
|
|
|