Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-09-10 | ssl: Add DTLS handshake primitivs. | Andreas Schultz | |
This code is to 99 % written by Andreas Schultz only some small changes to start integrating with OTPs DTLS solution. | |||
2013-09-02 | ssl: Do not advertise support for algorithms not supported by crypto | Ingela Anderton Andin | |
2013-09-02 | ssl: Skip second length indicator in EC extensions | Ingela Anderton Andin | |
We have no need to care about the value of this length indicator so we do not need to match it or verify it, it is unnecessary work. | |||
2013-09-02 | ssl: Handle signature_algorithm field in digitally_signed properly | Ingela Anderton Andin | |
with proper defaults Added ssl_ECC_SUITE | |||
2013-08-28 | ssl: Make the ssl manager name for erlang distribution over SSL/TLS | Ingela Anderton Andin | |
relative to the module name of the ssl_manager. This can be beneficial when making tools that rename modules for internal processing in the tool. | |||
2013-08-23 | Merge branch 'maint-r16' into maint | Fredrik Gustafsson | |
2013-08-23 | Merge branch 'maint-r15' into maint-r16 | Fredrik Gustafsson | |
Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_lib/http_transport.erl lib/inets/src/inets_app/inets.appup.src lib/inets/vsn.mk lib/ssl/doc/src/notes.xml lib/ssl/src/ssl.appup.src lib/ssl/src/ssl.erl lib/ssl/src/ssl_internal.hrl lib/ssl/src/tls_connection.erl lib/ssl/vsn.mk | |||
2013-08-21 | [inets, ssl]: make log_alert configurable as option in ssl, SSLLogLevel ↵ | Fredrik Gustafsson | |
added as option to inets conf file | |||
2013-08-12 | Merge branch 'ia/ssl/header-bug/OTP-11230' into maint | Ingela Anderton Andin | |
* ia/ssl/header-bug/OTP-11230: ssl: Revert faulty header option fix | |||
2013-08-08 | ssl: Revert faulty header option fix | Ingela Anderton Andin | |
The code was changed in the belife that it made it inet compatible. However the testing is a bit hairy as the inet option is acctualy broken, now the tests are corrected and the header option should work in the same broken way as inet again, preferably use the bitsyntax instead. | |||
2013-08-07 | ssl: Setopts during renegotiation caused the renegotiation to be unsuccessful. | Ingela Anderton Andin | |
If calling setopts during a renegotiation the FSM state might change during the handling of the setopts messages, this is now handled correctly. | |||
2013-06-10 | Merge branch 'ia/public_key/crypto/prepare-for-release' into maint | Ingela Anderton Andin | |
* ia/public_key/crypto/prepare-for-release: public_key & ssl: Add ASN-1 dependency crypto & public_key: prepare for release | |||
2013-06-10 | Merge branch 'ia/ssl/public_key/warnings' into maint | Ingela Anderton Andin | |
* ia/ssl/public_key/warnings: ssl: Correct rebase mistakes | |||
2013-06-07 | public_key & ssl: Add ASN-1 dependency | Ingela Anderton Andin | |
As the ASN-1 application relies on a nif in R16 for decodeing (that was not the case in R15), public_key currently has a runtime dependency on ASN-1. Hopefully we will be able to remove this dependency again in the future. | |||
2013-06-07 | ssl: Fix dialyzer warnings | Ingela Anderton Andin | |
2013-06-07 | ssl: Correct rebase mistakes | Ingela Anderton Andin | |
2013-06-05 | ssl: Prepare for release | Ingela Anderton Andin | |
2013-06-04 | ssl: Structural perarparation to support DTLS | Ingela Anderton Andin | |
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl | |||
2013-06-04 | ssl: Rename ssl_certificate_db to ssl_pkix_db for clarity | Ingela Anderton Andin | |
Conflicts: lib/ssl/src/ssl.app.src lib/ssl/src/ssl_manager.erl | |||
2013-05-28 | ssl: Do not advertise EC ciphers if crypto support is insufficient | Ingela Anderton Andin | |
2013-05-24 | ssl: Remove unused `srp_parameters` type spec | Klaus Trainer | |
As the file 'lib/ssl/src/ssl_srp_primes.hrl' only contains a specification of a `srp_parameters` type that isn't exported and also isn't referenced anywhere (neither in the code nor in the documentation), the type specification (and hence the file as well) can be removed. | |||
2013-05-20 | ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0 | Ingela Anderton Andin | |
2013-05-20 | ssl: Remove use of deprecated crypto functions | Ingela Anderton Andin | |
2013-05-08 | ssl: Fix dialyzer spec | Ingela Anderton Andin | |
2013-05-08 | ssl: Only send ECC-hello extension if ECC-cipher suites are advertised | Ingela Anderton Andin | |
2013-05-08 | ssl & public_key: Use standard name | Ingela Anderton Andin | |
2013-05-08 | ssl & crypto: Generalize the remaining crypto API | Ingela Anderton Andin | |
2013-05-08 | ssl & public_key: Use new crypto API functions | Ingela Anderton Andin | |
2013-05-08 | crypto: Deprecate functions, update doc and specs | Ingela Anderton Andin | |
2013-05-08 | ssl: Fix Curve selection | Ingela Anderton Andin | |
2013-05-08 | ssl, crypto: Eliminate remaining mpint and EC resource key from API | Ingela Anderton Andin | |
2013-05-08 | ssl, public_key, crypto: General generate_key and compute_key functions | Ingela Anderton Andin | |
2013-05-08 | ssl: Improve extention handling | Ingela Anderton Andin | |
2013-05-08 | ssl & public_key: API refinement | Ingela Anderton Andin | |
Change API so public_key:generate_key/compute_key are only called with "public_key arguments" otherwhise crypto functions can be called explicitly. | |||
2013-05-08 | ssl: Remove dependency on internal public_key function | Ingela Anderton Andin | |
Avoid unneccessary conversion as the input format is an oid (according to ASN1 spec) we do not need to handle it as an atom in ssl. | |||
2013-05-08 | ssl & public_key: Improved handling ECDH keys | Ingela Anderton Andin | |
2013-05-08 | ssl & public_key: New public_key API for DH/ECDH/SRP keys | Ingela Anderton Andin | |
2013-05-08 | ssl: Make better use of the crypto API | Ingela Anderton Andin | |
Use the functions in crypto that we want to keep in the API. | |||
2013-05-08 | SSL: add Elliptic Curve support for ssl app | Andreas Schultz | |
2013-05-08 | SSL: filter TLS cipher suites for supported algorithms | Andreas Schultz | |
2013-04-12 | fix srp_anon ciphers suites requiring certificates to work. | Andreas Schultz | |
This problem was not caught by the test suites since all PSK and SRP suites where always tested with certificates. Split those tests into test with and without certificates. | |||
2013-04-03 | ssl: Use new SRP crypto API | Ingela Anderton Andin | |
2013-04-03 | ssl: Add option to list all available ciper suites and enhanced documentation | Ingela Anderton Andin | |
2013-03-28 | SSL: enable hash_size values for sha224, sha384 and sha512 | Andreas Schultz | |
Some of the PSK and SRP ciphers default to sha384, this enables hash_size for that cipher. It also adds sha512 and sha224 to be prepared for further cipher enhancements. | |||
2013-03-28 | SSL: add TLS-SRP (RFC 5054) cipher suites | Andreas Schultz | |
2013-03-28 | SSL: add TLS PSK (RFC 4279 and RFC 5487) cipher suites | Andreas Schultz | |
2013-03-25 | Added comment about proxy certificates | Fredrik Gustafsson | |
2013-03-21 | Fix ssl_connection to support reading proxy/chain certificates | Valentin Kuznetsov | |
2013-03-13 | public_key & ssl: Add support for ISO oids 1.3.14.3.2.29 and 1.3.14.3.2.27 | Ingela Anderton Andin | |
Some certificates may use these OIDs instead of the ones defined by PKIX/PKCS standard. Refactor code so that all handling of the "duplicate" oids is done by public_key. Update algorithm information in documentation. | |||
2013-03-06 | ssl: Handle next protocol negotiation when reusing a session. | Ingela Anderton Andin | |