Age | Commit message (Collapse) | Author |
|
Change-Id: Ia84c71214b5379baec3455f0e416a9ea73584750
|
|
Change-Id: I87f2111cd557a0000cfd8ab4d50f4e58787bf104
|
|
- Store FinishedKey in cipher_state.
- Implement state 'wait_finished'.
- Calculate traffic secrets in 'wait_finished' after Finished
received from client and go to state 'Connection'.
- Drop 'change_cipher_spec' messages (middlebox compatibility mode).
- Extend tests of 1-RTT.
Change-Id: Id69619ec5da053ffaaef75378678a27afeef6916
|
|
|
|
|
|
|
|
flight_state is used to handle retransmission timers for DTLS over udp
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Remove duplicate handsake history handling form
ssl_config function. Later we might refactor to avoid
duplication in TLS and DTLS code, but handshake history
does not belong in ssl_config function.
|
|
|
|
|
|
Conflicts:
lib/ssl/doc/src/ssl.xml
lib/ssl/src/ssl.erl
lib/ssl/src/ssl_cipher_format.erl
lib/ssl/src/tls_handshake.erl
|
|
* ingela/ssl/alert-return/OTP-15423:
ssl: Use specs to generate type documentation
ssl: Enhance error handling
|
|
|
|
|
|
|
|
|
|
* peterdmv/ssl/improve-logging:
ssl: Improve ssl_logger
Change-Id: I3b181ed527ce210af6c4a7576576fa522fb20767
|
|
* peterdmv/ssl/server-send-finished:
ssl: Fix dialyzer warnings
ssl: Add 'Finished'
ssl: Use HKDF hash function in Transcript-Hash
ssl: Improve test of 1-RTT handshake
ssl: Update certificate_verify
ssl: Update function build_content
ssl: Fix encoding of the Certificate message
ssl: Add EncryptedExtensions
ssl: Fix encoding of empty extensions
ssl: Fix key schedule and traffic keys
ssl: Encode/decode CertificateVerify
Change-Id: Ie525de276ca4ebd9f9fb0fbdc9dc3822f91834e0
|
|
|
|
Improve API and delay creation of map arguments for ?LOG_DEBUG
macro.
Change-Id: I6956112fe64e599d33d83dfdd710cad53b8449e1
|
|
Change-Id: Icc6c1433dba8d35f81162ef8100292bf2ba53c71
|
|
Implement Finished message on the server side.
Change-Id: Ie0d054ac80f7eb47797273e1878990335112e923
|
|
Two hash functions needed to create the CertificateVerify message.
One for creating the Transcript-Hash and another for the digital
signature. Transcript-Hash uses the HKDF hash of the
selected cipher suite, the digital signature uses the hash
defined by the selected signature scheme.
Change-Id: Ife68ec123682d9aaf42c6b46cc2608e1df8be8d6
|
|
Change-Id: I6adacc846f938d1ca1eb1a798780cc804b501a71
|
|
Change-Id: I91c5866f1400c3ad9c7eab1292c3ceb32a482c70
|
|
Fix encoding of extensions in CertificateEntries.
Change-Id: I776a2210d2aa51cde3be5e0bc87d9beb8d63825c
|
|
Send empty EncryptedExtensions after ServerHello.
Update ssl logger.
Change-Id: Id57fdb52c360a1125ac1a735ee37c433bfb69a0a
|
|
Change-Id: Ia18cda4e2b43dc863a24ac4838718adc788b08b1
|
|
Fix key schedule and traffic key calculation.
Add test for the server side calculation of shared secrets and
traffic keys.
Change-Id: Ia955e5e8787f3851bdb3170723e6586bdf4548ca
|
|
Implement encoding/decoding of CertificateVerify.
Update property tests with CertificateVerify.
Refactor state handling function: 'do_negotiated'.
Change-Id: Ifa066076960120717ddb472dc45fcc7a16a517d0
|
|
Could cause connection processes not terminate when they should
|
|
Conflicts:
lib/ssl/src/tls_connection.erl
|
|
* ingela/ssl/continue-optimize/OTP-15445:
ssl: If possible assemble several received application data records
|
|
|
|
Conflicts:
lib/ssl/src/ssl_connection.erl
lib/ssl/src/ssl_connection.hrl
lib/ssl/src/tls_connection.erl
|
|
We want to decrease the size of the outer state tuple, and gain
ease of understanding by better grouping. This is the first step
of creating a hs_env (handshake environment) part of the state.
This change will be performed gradually to reduce merge conflicts
complexity and risk of introducing errors.
|
|
|
|
|
|
Could cause ssl to claim to support 3des_ede_cbc when cryptolib does not
|
|
Conflicts:
lib/ssl/src/ssl.erl
|
|
We want to be able to save a specific session to reuse, and make sure
it is reusable immediatly when the connection has been established.
Add client option {reuse_session, SessionID::binary()}
We also do not want clients to save sessions that it did not verify.
Additionaly change behaviour of the client and server to not save sessions
if reuse_session is set to false.
|
|
Modernize test case option handling
|
|
|
|
Change-Id: I9269825c833d1461369828a9228f384ccf2543a9
|