Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-01-23 | ssl: Reenable padding check for TLS-1.0 and provide backwards compatible | Ingela Anderton Andin | |
disable option Conflicts: lib/ssl/src/ssl_cipher.erl lib/ssl/src/ssl_record.erl lib/ssl/src/tls_record.erl lib/ssl/test/ssl_cipher_SUITE.erl | |||
2013-06-04 | ssl: Structural perarparation to support DTLS | Ingela Anderton Andin | |
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl | |||
2013-01-11 | ssl: CTify test cases | Ingela Anderton Andin | |
2012-08-31 | Update copyright years | Björn-Egil Dahlberg | |
2012-08-22 | ssl: Update ssl_cipher_SUITE for TLS 1.1 and TLS 1.2 | Andreas Schultz | |
now that we handle TLS 1.1+ records correctly, the test suite have to take that into account. | |||
2011-11-15 | Removed compiler warnings | Ingela Anderton Andin | |
2011-10-24 | fix handling of block_decipher/5 failure | Andreas Schultz | |
A wrong decryption key would cause a badmatch in generic_block_cipher_from_bin/2. The try in block_decipher/5 was probably intendend to deal with that, but was misplace for this. Additionaly, generating a failure alert erly, without computing the record MAC, creates vector for a timing attack on CBC padding (for details check TLS 1.2 RFC 5246, Sect. 6.2.3.2.). This attach vector and the counter meassure applies to all SSL/TLS versions. As a counter messure, compute the MAC even when decryption or padding checks fail. A invalid padding will force a MAC failure by intentionaly invalidating the content. |