aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src
AgeCommit message (Collapse)Author
2013-06-05ssl: Prepare for releaseIngela Anderton Andin
2013-06-04ssl: Structural perarparation to support DTLSIngela Anderton Andin
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl
2013-06-04ssl: Rename ssl_certificate_db to ssl_pkix_db for clarityIngela Anderton Andin
Conflicts: lib/ssl/src/ssl.app.src lib/ssl/src/ssl_manager.erl
2013-05-28ssl: Do not advertise EC ciphers if crypto support is insufficientIngela Anderton Andin
2013-05-24ssl: Remove unused `srp_parameters` type specKlaus Trainer
As the file 'lib/ssl/src/ssl_srp_primes.hrl' only contains a specification of a `srp_parameters` type that isn't exported and also isn't referenced anywhere (neither in the code nor in the documentation), the type specification (and hence the file as well) can be removed.
2013-05-20ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0Ingela Anderton Andin
2013-05-20ssl: Remove use of deprecated crypto functionsIngela Anderton Andin
2013-05-08ssl: Fix dialyzer specIngela Anderton Andin
2013-05-08ssl: Only send ECC-hello extension if ECC-cipher suites are advertisedIngela Anderton Andin
2013-05-08ssl & public_key: Use standard nameIngela Anderton Andin
2013-05-08ssl & crypto: Generalize the remaining crypto APIIngela Anderton Andin
2013-05-08ssl & public_key: Use new crypto API functionsIngela Anderton Andin
2013-05-08crypto: Deprecate functions, update doc and specsIngela Anderton Andin
2013-05-08ssl: Fix Curve selectionIngela Anderton Andin
2013-05-08ssl, crypto: Eliminate remaining mpint and EC resource key from APIIngela Anderton Andin
2013-05-08ssl, public_key, crypto: General generate_key and compute_key functionsIngela Anderton Andin
2013-05-08ssl: Improve extention handlingIngela Anderton Andin
2013-05-08ssl & public_key: API refinementIngela Anderton Andin
Change API so public_key:generate_key/compute_key are only called with "public_key arguments" otherwhise crypto functions can be called explicitly.
2013-05-08ssl: Remove dependency on internal public_key functionIngela Anderton Andin
Avoid unneccessary conversion as the input format is an oid (according to ASN1 spec) we do not need to handle it as an atom in ssl.
2013-05-08ssl & public_key: Improved handling ECDH keysIngela Anderton Andin
2013-05-08ssl & public_key: New public_key API for DH/ECDH/SRP keysIngela Anderton Andin
2013-05-08ssl: Make better use of the crypto APIIngela Anderton Andin
Use the functions in crypto that we want to keep in the API.
2013-05-08SSL: add Elliptic Curve support for ssl appAndreas Schultz
2013-05-08SSL: filter TLS cipher suites for supported algorithmsAndreas Schultz
2013-04-12fix srp_anon ciphers suites requiring certificates to work.Andreas Schultz
This problem was not caught by the test suites since all PSK and SRP suites where always tested with certificates. Split those tests into test with and without certificates.
2013-04-03ssl: Use new SRP crypto APIIngela Anderton Andin
2013-04-03ssl: Add option to list all available ciper suites and enhanced documentationIngela Anderton Andin
2013-03-28SSL: enable hash_size values for sha224, sha384 and sha512Andreas Schultz
Some of the PSK and SRP ciphers default to sha384, this enables hash_size for that cipher. It also adds sha512 and sha224 to be prepared for further cipher enhancements.
2013-03-28SSL: add TLS-SRP (RFC 5054) cipher suitesAndreas Schultz
2013-03-28SSL: add TLS PSK (RFC 4279 and RFC 5487) cipher suitesAndreas Schultz
2013-03-25Added comment about proxy certificatesFredrik Gustafsson
2013-03-21Fix ssl_connection to support reading proxy/chain certificatesValentin Kuznetsov
2013-03-13public_key & ssl: Add support for ISO oids 1.3.14.3.2.29 and 1.3.14.3.2.27Ingela Anderton Andin
Some certificates may use these OIDs instead of the ones defined by PKIX/PKCS standard. Refactor code so that all handling of the "duplicate" oids is done by public_key. Update algorithm information in documentation.
2013-03-06ssl: Handle next protocol negotiation when reusing a session.Ingela Anderton Andin
2013-03-05ssl: Clean code thanks to dialyzerIngela Anderton Andin
2013-03-05ssl: Check that negotiated version is a supported version.Ingela Anderton Andin
2013-02-21Merge branch 'ia/ssl/econnaborted'Ingela Anderton Andin
* ia/ssl/econnaborted: ssl: Fatal close alert makes more sense than handshake failiure at econnaborted
2013-02-20ssl: Fatal close alert makes more sense than handshake failiure at econnabortedIngela Anderton Andin
2013-02-19ssl: Prepare for R16BIngela Anderton Andin
2013-02-18ssl: Further error handling enhancmentsIngela Anderton Andin
follow up enhancments done in commit e56167dd6ca8d37d26ea7f19933691a3bda41113 Make sure format_error return good strings. Replace confusing legacy atoms with more descriptive atoms.
2013-02-12ssl: Generalize cb_info optionIngela Anderton Andin
2013-01-23ssl: Enhance dialyzer specsKostis Sagonas
2013-01-23ssl: Do not return random valuesKostis Sagonas
2013-01-23ssl: M-x erlang-indent-bufferIngela Anderton Andin
2013-01-23ssl: Remove unnecessary construction of a return valueKostis Sagonas
2013-01-22ssl: Prepare for R16 releaseIngela Anderton Andin
Remove very old and obsolete release notes, update version and appup.
2013-01-22Merge branch 'ia/ssl/incompatible-error-msg/OTP-10451'Ingela Anderton Andin
* ia/ssl/incompatible-error-msg/OTP-10451: ssl: Enhance error handling
2013-01-21Merge branch 'ia/ssl/certtable-clean/OTP-10710'Ingela Anderton Andin
* ia/ssl/certtable-clean/OTP-10710: ssl: Certificates and PEM-cache cleaning fixed to avoid memory leak
2013-01-21Merge branch 'ia/ssl/simplify-addition-of-keyexchange-algorithms/OTP-10709'Ingela Anderton Andin
* ia/ssl/simplify-addition-of-keyexchange-algorithms/OTP-10709: SSL: simplify server key encoding, decoding and signature handling SSL: unify the different implementations signature check implementations
2013-01-21ssl: Enhance error handlingIngela Anderton Andin
Remove filter mechanisms that made error messages backwards compatible with old ssl but hid information about what actually happened. This does not break the documented API however other reason terms may be returned, so code that matches on the reason part of {error, Reason} may fail.