aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_handshake.hrl
AgeCommit message (Collapse)Author
2013-11-06Add SSL Server Name Indication (SNI) client supportJulien Barbot
See RFC 6066 section 3
2013-10-14ssl: Honor TLS client ECC extensionIngela Anderton Andin
Also the server should only send ECC point formats extension not ECC curve extension.
2013-09-10ssl: Refactor to provide common handshake functions for TLS/DTLSIngela Anderton Andin
Common functions will be located in ssl_handshake.erl while specific functions will be located in tls_handshake.erl and dtls_handshake.erl
2013-06-04ssl: Structural perarparation to support DTLSIngela Anderton Andin
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl
2013-05-08ssl & public_key: Use standard nameIngela Anderton Andin
2013-05-08crypto: Deprecate functions, update doc and specsIngela Anderton Andin
2013-05-08SSL: add Elliptic Curve support for ssl appAndreas Schultz
2013-03-28SSL: add TLS-SRP (RFC 5054) cipher suitesAndreas Schultz
2013-03-28SSL: add TLS PSK (RFC 4279 and RFC 5487) cipher suitesAndreas Schultz
2013-01-17SSL: simplify server key encoding, decoding and signature handlingAndreas Schultz
server key encoding depends to the negotiated key exchange. Before the encoding was limited to diffie-hellman keys. This changes allows to select the key structure to decode and verify. It also consolidates the transport encoding of the parameters into one place.
2012-09-20ssl: Dialyzer fixes and code cleaningIngela Anderton Andin
Types in a record where wrongly type specified, did not include undefined. Make them comments for now, maybe we will specify internal records with dialyzer types later, but as the other record fields are not specified at the moment, with dialyzer types, make the code consistent.
2012-09-20ssl: Changed default behaviour of next protocol negotiation to makeIngela Anderton Andin
more "sense" (be true to the specification).
2012-09-20ssl: Support for SSL Next Protocol NegotiationBen Murphy
* http://technotes.googlecode.com/git/nextprotoneg.html
2012-08-23ssl: Clean up of code thanks to dialyzerIngela Anderton Andin
2012-08-22ssl: Add Signature Algorithms hello extension from TLS 1.2Andreas Schultz
This is also avoids triggering some bugs in OpenSSL.
2012-08-22ssl: Make signature handling version dependantAndreas Schultz
TLS 1.2 introduces changes on how signatures are calculate and encoded. This makes the signature handling version aware
2012-08-22ssl: Fix PRF logicIngela Anderton Andin
2012-08-22ssl: Calculate handshake hash only when neededAndreas Schultz
TLS/SSL version before 1.2 always used a MD5/SHA combination for the handshake hashes. With TLS 1.2 the default hash is SHA256 and it is possible to negotiate a different hash. This change delays the calculation of the handshake hashes until they are really needed. At that point the hash to use should be known. For now MD5/SHA is still hard coded.
2011-03-24Implemented encode/decode support for ssh public key filesIngela Anderton Andin
2010-12-16Cache invaldation first version does not break old test casesIngela Anderton Andin
2010-11-30Fixed guard and test caseIngela Anderton Andin
Data to sign and verify should be inputed as binaries. Also cleaned up and moved some dialyzer specs.
2010-05-11OTP-8568 RFC -5746Ingela Anderton Andin
New ssl now supports secure renegotiation as described by RFC 5746.
2010-03-25OTP-7046 Support for Diffie-Hellman keyexchangeIngela Anderton Andin
2009-11-20The R13B03 release.OTP_R13B03Erlang/OTP