aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_record.erl
AgeCommit message (Collapse)Author
2019-04-02ssl: Fix Chacha20 IV length and nonce calculationPéter Dimitrov
This commit fixes the IV length (12 bytes) and the calculation of the nonce for the Chacha20-Poly1305 ciphers. Change-Id: I4c9efc0bf012bc287c84c7b62c252ecf49ffe32f
2019-03-29ssl: Add support AES_CCM cipher suites form RFC 6655Ingela Anderton Andin
2019-03-21Revert "ssl: Correct handling of crypto exception handling."Ingela Anderton Andin
This reverts commit 884503bc69157d2a3c6bd72389b4e2a800f97fb6.
2019-03-20ssl: Correct handling of crypto exception handling.Ingela Anderton Andin
Documentation was incorrect, and new specs provided dialyzer errors.
2019-02-21Merge branch 'maint'Raimo Niskanen
* maint: Inline local function Optimize binary matching Clean up module boundaries Remove redundant return of CipherState Use iovec() internally in send path Small binary handling optimizations Optimize read_application_data with Okasaki queue Try to optimize decode_cipher_text/3 Optimize application data aggregation Optimize TLS record parsing with Okasaki queue Cache strong_random_bytes for IV Optimize padding Produce less garbage in encrypt loop Reorganize #data{} Tidy up state machine Add server GC info to bench results Conflicts: lib/ssl/src/ssl_cipher.erl lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_connection.hrl lib/ssl/src/ssl_logger.erl lib/ssl/src/ssl_record.erl lib/ssl/src/ssl_record.hrl lib/ssl/src/tls_connection.erl lib/ssl/src/tls_record.erl lib/ssl/src/tls_sender.erl
2019-02-14Clean up module boundariesRaimo Niskanen
Improve the abstraction between the ssl_connection module and dtls_connection, tls_connection and tls_sender, as well as towards the lower level tls_record and ssl_record modules. Remove some dead code.
2019-02-13Remove redundant return of CipherStateRaimo Niskanen
2019-02-13Small binary handling optimizationsRaimo Niskanen
2019-02-13Produce less garbage in encrypt loopRaimo Niskanen
2019-01-28ssl: Encode/decode CertificateVerifyPéter Dimitrov
Implement encoding/decoding of CertificateVerify. Update property tests with CertificateVerify. Refactor state handling function: 'do_negotiated'. Change-Id: Ifa066076960120717ddb472dc45fcc7a16a517d0
2019-01-11ssl: Improve AEAD encode/decodePéter Dimitrov
- Update calculation of nonce and additional data - Update cipher_aead, decipher_aead - Add test for TLS 1.3 encode/decode Change-Id: Id0a5cc68d8746079fb42c0192c0c64405f6d7a72
2018-10-23Merge branch 'maint'Ingela Anderton Andin
2018-10-23ssl: Correct length to be used in additional data in CHACHA20_POLY1305 cipherIngela Anderton Andin
2018-10-22Merge branch 'maint'Ingela Anderton Andin
2018-10-19ssl: Refactor AEAD ciphersIngela Anderton Andin
TLS-1.3 needs to handle AEAD inputs diffrently than previous versions. Refactor code to facilitate TLS-1.3 additions. Change CHACHA20_POLY1305 NONCE to match RFC 7905. This will be important later when we fix interop with TLS compatible crypto invocation.
2018-09-06ssl: Correct compression decodingIngela Anderton Andin
Property testing revealed an decoding error of "compression_methods" in the client hello. As we do not implement any compression methods this has no practical impact.
2018-06-18Update copyright yearHenrik Nord
2018-03-13ssl: Correct some specsHans Bolinder
2017-11-16ssl: Align code of TLS/DTLS record handlingIngela Anderton Andin
2017-09-30dtls: Compleate DTLS renegotiate implementationIngela Anderton Andin
2017-05-04Update copyright yearRaimo Niskanen
2017-04-13ssl, dtls: Refactor so that DTLS records are handled correctly together with ↵Ingela Anderton Andin
AEAD handling
2017-02-14Fixed typos in lib/sslAndrew Dryga
2016-12-05ssl: Implement DTLS state machineIngela Anderton Andin
Beta DTLS, not production ready. Only very basically tested, and not everything in the SPEC is implemented and some things are hard coded that should not be, so this implementation can not be consider secure. Refactor "TLS connection state" and socket handling, to facilitate DTLS implementation. Create dtls "listner" (multiplexor) process that spawns DTLS connection process handlers. Handle DTLS fragmentation. Framework for handling retransmissions. Replay Detection is not implemented yet. Alerts currently always handled as in TLS.
2016-09-05ssl: Refactor to use maps for the connection statesIngela Anderton Andin
2016-06-13dtls: add implementation for msg sequenceAndreas Schultz
Conflicts: lib/ssl/src/dtls_connection.erl lib/ssl/src/ssl_record.erl
2016-06-13dtls: rework handshake flight encodeingAndreas Schultz
The MSS might change between sending the a flight and possible resend. We therefore have to be able to fragment the records differently for resent. Encoding and fragmenting of handshake record therefor needs to be done independently. With this change the handshake is encoded to it's full length first, then queued to a flight. The fragmentation is handled during assembly of the flights datagram. Conflicts: lib/ssl/src/dtls_connection.erl
2016-05-26ssl: Add BEAST mitigation selection optionKenneth Lakin
Some legacy TLS 1.0 software does not tolerate the 1/n-1 content split BEAST mitigation technique. This commit adds a beast_mitigation SSL option (defaulting to one_n_minus_one) to select or disable the BEAST mitigation technique. Valid option values are (one_n_minus_one | zero_n | disabled).
2016-04-25ssl: Remove use of crypto:rand_bytes/1Ingela Anderton Andin
ssl already used crypto:strong_rand_bytes/1 for most operations as its use cases are mostly cryptographical. Now crypto:strong_rand_bytes/1 will be used everywhere. However crypto:rand_bytes/1 was used as fallback if crypto:strong_rand_bytes/1 throws low_entropy, this will no longer be the case. This is a potential incompatibility. The fallback was introduced a long time ago for interoperability reasons. Now days this should not be a problem, and if it is, the security compromise is not acceptable anyway.
2016-03-15update copyright-yearHenrik Nord
2016-02-05ssl: Big handshake messages needs to be fragmented on TLS record levelIngela Anderton Andin
2015-06-18Change license text to APLv2Bruce Yinhe
2015-01-23ssl: Reenable padding check for TLS-1.0 and provide backwards compatibleIngela Anderton Andin
disable option
2014-09-03ssl: implement AES128-GCM suitesAndreas Schultz
2014-04-17ssl: Correct decryption error handlingIngela Anderton Andin
2014-03-25ssl: Improve type specsIngela Anderton Andin
Conflicts: lib/ssl/src/dtls_record.erl
2014-03-25ssl: Refactor and start implementing dtls_connection.erlIngela Anderton Andin
2013-12-02ssl: Refactor handshake and record handlingIngela Anderton Andin
2013-09-10ssl: Refactor TLS/DTLS record handlingIngela Anderton Andin
2013-09-10ssl: DTLS record handlingIngela Anderton Andin
Also refactor so that TLS and DTLS can have common functions when possible.
2013-06-04ssl: Structural perarparation to support DTLSIngela Anderton Andin
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl
2013-05-20ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0Ingela Anderton Andin
2013-05-08ssl: Make better use of the crypto APIIngela Anderton Andin
Use the functions in crypto that we want to keep in the API.
2013-03-05ssl: Check that negotiated version is a supported version.Ingela Anderton Andin
2012-12-20ssl: Make TLS-1.2 default versionIngela Anderton Andin
2012-08-22ssl: TLS-1.1 and TLS-1.2 support should not be default until R16Ingela Anderton Andin
2012-08-22ssl: Enable TLS 1.2Andreas Schultz
2012-08-22ssl: Enable mac_hash for TLS 1.2Andreas Schultz
2012-08-22ssl: Fix PRF logicIngela Anderton Andin
2012-08-22ssl: Consider TLS version when building cipher blocksAndreas Schultz
With TLS 1.2 the handling of the IV in cipher blocks changed. This prepares ssl_cipher:cipher/5 for that change by passing the TLS version into it and allowing generic_block_cipher_from_bin/4 to overload the IV.
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 04:28:58 +0000