aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src
AgeCommit message (Collapse)Author
2019-02-05ssl: Use specs to generate type documentationIngela Anderton Andin
2019-02-04ssl: Enhance error handlingIngela Anderton Andin
2019-02-01ssl: Remove unintended matchIngela Anderton Andin
2019-01-30Merge branch 'peterdmv/ssl/improve-logging'Péter Dimitrov
* peterdmv/ssl/improve-logging: ssl: Improve ssl_logger Change-Id: I3b181ed527ce210af6c4a7576576fa522fb20767
2019-01-30Merge branch 'peterdmv/ssl/server-send-finished'Péter Dimitrov
* peterdmv/ssl/server-send-finished: ssl: Fix dialyzer warnings ssl: Add 'Finished' ssl: Use HKDF hash function in Transcript-Hash ssl: Improve test of 1-RTT handshake ssl: Update certificate_verify ssl: Update function build_content ssl: Fix encoding of the Certificate message ssl: Add EncryptedExtensions ssl: Fix encoding of empty extensions ssl: Fix key schedule and traffic keys ssl: Encode/decode CertificateVerify Change-Id: Ie525de276ca4ebd9f9fb0fbdc9dc3822f91834e0
2019-01-30Merge branch 'maint'Ingela Anderton Andin
2019-01-29ssl: Improve ssl_loggerPéter Dimitrov
Improve API and delay creation of map arguments for ?LOG_DEBUG macro. Change-Id: I6956112fe64e599d33d83dfdd710cad53b8449e1
2019-01-28ssl: Fix dialyzer warningsPéter Dimitrov
Change-Id: Icc6c1433dba8d35f81162ef8100292bf2ba53c71
2019-01-28ssl: Add 'Finished'Péter Dimitrov
Implement Finished message on the server side. Change-Id: Ie0d054ac80f7eb47797273e1878990335112e923
2019-01-28ssl: Use HKDF hash function in Transcript-HashPéter Dimitrov
Two hash functions needed to create the CertificateVerify message. One for creating the Transcript-Hash and another for the digital signature. Transcript-Hash uses the HKDF hash of the selected cipher suite, the digital signature uses the hash defined by the selected signature scheme. Change-Id: Ife68ec123682d9aaf42c6b46cc2608e1df8be8d6
2019-01-28ssl: Update certificate_verifyPéter Dimitrov
Change-Id: I6adacc846f938d1ca1eb1a798780cc804b501a71
2019-01-28ssl: Update function build_contentPéter Dimitrov
Change-Id: I91c5866f1400c3ad9c7eab1292c3ceb32a482c70
2019-01-28ssl: Fix encoding of the Certificate messagePéter Dimitrov
Fix encoding of extensions in CertificateEntries. Change-Id: I776a2210d2aa51cde3be5e0bc87d9beb8d63825c
2019-01-28ssl: Add EncryptedExtensionsPéter Dimitrov
Send empty EncryptedExtensions after ServerHello. Update ssl logger. Change-Id: Id57fdb52c360a1125ac1a735ee37c433bfb69a0a
2019-01-28ssl: Fix encoding of empty extensionsPéter Dimitrov
Change-Id: Ia18cda4e2b43dc863a24ac4838718adc788b08b1
2019-01-28ssl: Fix key schedule and traffic keysPéter Dimitrov
Fix key schedule and traffic key calculation. Add test for the server side calculation of shared secrets and traffic keys. Change-Id: Ia955e5e8787f3851bdb3170723e6586bdf4548ca
2019-01-28ssl: Encode/decode CertificateVerifyPéter Dimitrov
Implement encoding/decoding of CertificateVerify. Update property tests with CertificateVerify. Refactor state handling function: 'do_negotiated'. Change-Id: Ifa066076960120717ddb472dc45fcc7a16a517d0
2019-01-24ssl: Correct check for delayed close due to undliverd dataIngela Anderton Andin
Could cause connection processes not terminate when they should
2019-01-23Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/tls_connection.erl
2019-01-23Merge branch 'ingela/ssl/continue-optimize/OTP-15445' into maintIngela Anderton Andin
* ingela/ssl/continue-optimize/OTP-15445: ssl: If possible assemble several received application data records
2019-01-22ssl: If possible assemble several received application data recordsIngela Anderton Andin
2019-01-22Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_connection.hrl lib/ssl/src/tls_connection.erl
2019-01-22ssl: Create hs_envIngela Anderton Andin
We want to decrease the size of the outer state tuple, and gain ease of understanding by better grouping. This is the first step of creating a hs_env (handshake environment) part of the state. This change will be performed gradually to reduce merge conflicts complexity and risk of introducing errors.
2019-01-22ssl: Remove unnecessary iolist_to_binaryIngela Anderton Andin
2019-01-21Merge branch 'maint'Ingela Anderton Andin
2019-01-17ssl: Correct 3des_ede_cbc checkIngela Anderton Andin
Could cause ssl to claim to support 3des_ede_cbc when cryptolib does not
2019-01-15Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/ssl.erl
2019-01-14ssl: Add value 'save' to reuse_sessions and reuse_session client optionIngela Anderton Andin
We want to be able to save a specific session to reuse, and make sure it is reusable immediatly when the connection has been established. Add client option {reuse_session, SessionID::binary()} We also do not want clients to save sessions that it did not verify. Additionaly change behaviour of the client and server to not save sessions if reuse_session is set to false.
2019-01-14ssl: Client shall only save verified sessionsIngela Anderton Andin
Modernize test case option handling
2019-01-14ssl: Modernize test suiteIngela Anderton Andin
2019-01-11ssl: Fix dialyzer warningsPéter Dimitrov
Change-Id: I9269825c833d1461369828a9228f384ccf2543a9
2019-01-11ssl: Improve AEAD encode/decodePéter Dimitrov
- Update calculation of nonce and additional data - Update cipher_aead, decipher_aead - Add test for TLS 1.3 encode/decode Change-Id: Id0a5cc68d8746079fb42c0192c0c64405f6d7a72
2019-01-11ssl: Refactor state 'negotiated'Péter Dimitrov
Change-Id: I1a2e9b1b639cae0d78b6d25d7b6e761a2d90b7b1
2019-01-11ssl: Add 'CertificateVerify'Péter Dimitrov
Change-Id: Iab7148f609b4965cd1a815d04507a59cc1b8fb5f
2019-01-11ssl: Add support for x25519 and x448 in ECDHPéter Dimitrov
Change-Id: I206b851fc616c53475f4a2935f6f52baf8f3e1e6
2019-01-11ssl: Implement transcript_hash for TLS 1.3Péter Dimitrov
Change-Id: I03be63e9f436f60cdaee6583c930f235fd5eb24c
2019-01-11ssl: Fix encoding/decoding of supported_versionsPéter Dimitrov
Encode length of supported_versions in one octet instead of two. Change-Id: If24b38f3d2a40f0aa7152bb05bc0392efca6454c
2019-01-11ssl: Check if RSASSA-PSS is supported by cryptoPéter Dimitrov
Filter all rsa_pss_rsae and rsa_pss_pss signature schemes if rsa_pkcs1_pss_padding is not supported by crypto. Change-Id: Ie6d7ca3736011c71462eac925055f831777f9c9d
2019-01-11ssl: Reorder default signature schemesPéter Dimitrov
Change-Id: I54ef4f946c64510ca6df073aefc30c0b28723b3b
2019-01-11ssl: Create server 'Certificate' messagePéter Dimitrov
Create a TLS 1.3 'Certificate' message in the 'negotiated' state. Change-Id: I03115de2353324f8533146ba19809064da6b0866
2019-01-11ssl: Calculate handshake traffic keysPéter Dimitrov
Change-Id: Ifdf8978c58c15313e8a7973cff97dda3458f7721
2019-01-11ssl: Fix handling of signature algorithmsPéter Dimitrov
Change-Id: I5cc6b470ea19e32dd5516a86fe6750c5b51d5368
2019-01-11ssl: Process "supported_versions" before decodingPéter Dimitrov
Change-Id: I465760b7001692367c68839219745e40abafdfa8
2019-01-11ssl: Update cipher suite formatting in ssl_loggerPéter Dimitrov
Change-Id: Icea7ba523b15d7db4c816f542a16fc92eb6b38ad
2019-01-11ssl: Fix cipher suite selectionPéter Dimitrov
Accept only TLS 1.3 ciphers when TLS 1.3 is selected. Change-Id: I4e934d344f52208263ffdeb31c357dd5727472b9
2019-01-11ssl: Comment usage of 'state' in TLS 1.3Péter Dimitrov
Change-Id: I284faa415c97eb533df0a7e5777fe5d929010e56
2019-01-11ssl: Implement TLS 1.3 key schedulePéter Dimitrov
Change-Id: I0454890c604f47cffd3bd83c217ff571f73965fb
2019-01-11ssl: Update HKDF-Expand-Label functionPéter Dimitrov
Change-Id: I08dbfb38b198ef24798a85d8bcf498d697123fad
2019-01-08Merge branch 'maint'Péter Dimitrov
* maint: ssl: Fix encoding/decoding of the SRP extension Change-Id: I3b5887cf01b1a538c65d0c66da4d4ccf7793478d
2019-01-08Merge branch 'peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477' into maintPéter Dimitrov
* peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477: ssl: Fix encoding/decoding of the SRP extension Change-Id: Iee3276a60041a2c04c89385b2de2edb1cd81babd
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-23 07:40:15 +0000