aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_tls1.erl
AgeCommit message (Collapse)Author
2012-08-22ssl: TLS 1.2: fix hash and signature handlingAndreas Schultz
with TLS 1.2 the hash and signature on a certify message can differ from the defaults. So we have to make sure to always use the hash and signature algorithm indicated in the handshake message
2012-08-22ssl: Add crypto support check (TLS 1.2 require sha256 support)Ingela Anderton Andin
2012-08-22ssl: Make signature handling version dependantAndreas Schultz
TLS 1.2 introduces changes on how signatures are calculate and encoded. This makes the signature handling version aware
2012-08-22ssl: Fix PRF logicIngela Anderton Andin
2012-08-22ssl: Add TLS 1.2 cipher suitesAndreas Schultz
2012-08-22ssl: Implement and activate PRFs for TLS 1.1 and 1.2Andreas Schultz
2012-08-22ssl: make PRF function selectableAndreas Schultz
TLS 1.2 allows to negotiate the used PRF, additional the default PRF uses a different hash. This change make the PRF selectable and hardwires the PRF for TLS < 1.2
2012-08-22ssl: Calculate handshake hash only when neededAndreas Schultz
TLS/SSL version before 1.2 always used a MD5/SHA combination for the handshake hashes. With TLS 1.2 the default hash is SHA256 and it is possible to negotiate a different hash. This change delays the calculation of the handshake hashes until they are really needed. At that point the hash to use should be known. For now MD5/SHA is still hard coded.
2012-03-30Update copyright yearsBjörn-Egil Dahlberg
2012-03-05Some protocols (e.g. EAP-PEAP, EAP-TLS, EAP-TTLS) that use TLS asAndreas Schultz
transport layer need to generate additional application specific key material. One way to generate such material is to use the TLS PRF and key material from the TLS session itself. This change makes it possible to use a TLS sessions PRF either with the session internal or caller supplied key material to generate additional key material.
2010-12-17Cleaned up meaningless code discovered thanks to coverIngela Anderton Andin
2010-11-30Fixed guard and test caseIngela Anderton Andin
Data to sign and verify should be inputed as binaries. Also cleaned up and moved some dialyzer specs.
2010-11-18Added alert in stream cipher case.Ingela Anderton Andin
Also changed alert to BAD_RECORD_MAC as: "differentiating between bad_record_mac and decryption_failed alerts may permit certain attacks against CBC mode as used in TLS [CBCATT]. It is preferable to uniformly use the bad_record_mac alert to hide the specific type of the error." Also cleaned up the code and changed a few other alert reasons in according to alert descriptions in the TLS RFC 4346. And added function terminate_alert/3 so that we can differentiate between a crash in ssl (a bug in our code) and a crash in the application using ssl.
2010-10-20Correct handling of client certificate verify messageIngela Anderton Andin
When checking the client certificate verify message the server used the wrong algorithm identifier to determine the signing algorithm, causing a function clause error in the public_key application when the key-exchange algorithm and the public key algorithm of the client certificate happen to differ.
2010-06-22Added more -spec definitions.Ingela Anderton Andin
2010-06-22Refreshed documentation to reflect the change of default implementation.Ingela Anderton Andin
Started to improve code documentation by using -spec directive, and some small refactorings to avoid ugly code.
2010-06-07OTP-8587 DSA key supportIngela Anderton Andin
New ssl now support client/server-certificates signed by dsa keys.
2010-05-21Decision not to support DH and export cipher suites.Ingela Anderton Andin
2010-03-25OTP-7046 Support for Diffie-Hellman keyexchangeIngela Anderton Andin
2009-11-20The R13B03 release.OTP_R13B03Erlang/OTP
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-29 06:54:04 +0000