aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/test/ssl_handshake_SUITE.erl
AgeCommit message (Collapse)Author
2019-01-11ssl: Update testcase 'encode_decode_srp'Péter Dimitrov
Change-Id: I16dccce4a0a8980fe0f888969945aef8ed38a9bc
2019-01-11ssl: Process "supported_versions" before decodingPéter Dimitrov
Change-Id: I465760b7001692367c68839219745e40abafdfa8
2019-01-09ssl: Fix srp testcase faultPéter Dimitrov
Fix testcase fault introduced by the forward merge of peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477. Change-Id: Ia4290265d5c59b6d50f4e5b60b41d5f05fd14278
2019-01-08Merge branch 'maint'Péter Dimitrov
* maint: ssl: Fix encoding/decoding of the SRP extension Change-Id: I3b5887cf01b1a538c65d0c66da4d4ccf7793478d
2019-01-08ssl: Fix encoding/decoding of the SRP extensionPéter Dimitrov
The encoded value of the SRP extension length was bigger than the actual length of the extension. This could cause interoperability problems with third party SSL implementations. This commit corrects the encoding and decoding of the SRP extension length. Change-Id: I78d118faab7f5d02b755a7d1e2e8561b86f5a15c
2018-11-16ssl: Implement the 'key_share' extensionPéter Dimitrov
Change-Id: Ie7409675dd7a35825f32822df259286bbb95fd62
2018-11-01ssl: Fix failing property testsPéter Dimitrov
- Updated message generators: ClientHello, ServerHello and EncryptedExtensions - Fixed encoding of the extensions 'signature_algorithms' and 'signature_algorithms_cert' - Updated empty extension definitions Change-Id: I9415e2d022744b9ed4667d20aee2553637ed49f8
2018-10-15ssl: Test hash/signature algorithm selectionPéter Dimitrov
Change-Id: Ie60b2a2651ea975cebd0ccf0c7e2953f89986463
2018-10-15ssl: Implement Signature Algorithms (TLS 1.3)Péter Dimitrov
Implement handling of the signature algorithms extension described by RFC 8446. This commit updates the behavior of legacy TLS versions to align them with RFC 8446 (TLS 1.3) and RFC 5246 (TLS 1.2). - TLS 1.0/1.1 clients validate the client certificate against the certificate_type field of the CertificateRequest message. - TLS 1.2 client verifies the hash/signature algorithm pair of the client certificate when processing a CertificateRequest. Old behavior only checked the signature algorithms. - TLS 1.2 server verifies that the server certificate is signed by a hash/signature algorithm pair that appears in the "singature_algorithms" or "signature_algorithms_cert" (RFC 8446) extensions of the ClientHello. Change-Id: I3e0a0d7408984f5e5b1233968934fe34d64eb2b7
2018-09-27ssl: Generalize extensions handlingIngela Anderton Andin
As TLS 1.3 introduces more extensions in other places than in hello messages we like to have generalize extension handling encode/decode with some hello wrappers. Also extend property tests of handshake encod/decode
2018-09-12ssl: Handle incomplete and unorded chainsIngela Anderton Andin
If the peer sends an incomplete chain that we can reconstruct with our known CA-certs it will be accepted. We will assume that the peer honors the protocol and sends an orded chain, however if validation fails we will try to order the chain in case it was unorded. Will also handle that extraneous cert where present. See Note form RFC 8446 Note: Prior to TLS 1.3, "certificate_list" ordering required each certificate to certify the one immediately preceding it; however, some implementations allowed some flexibility. Servers sometimes send both a current and deprecated intermediate for transitional purposes, and others are simply configured incorrectly, but these cases can nonetheless be validated properly. For maximum compatibility, all implementations SHOULD be prepared to handle potentially extraneous certificates and arbitrary orderings from any TLS version, with the exception of the end-entity certificate which MUST be first.
2018-08-10Merge branch 'maint-20' into maintRickard Green
* maint-20: Updated OTP version Update release notes Update version numbers crypto: Fix crash in compute_key(ecdh, ...) on badarg Relax add_table_copy restriction Fixed #Ref ordering bug Test #Ref ordering in lists and ets Do NOT disc_load from ram_copies when master_node is set ssl: Make sure that a correct cipher suite is selected ssl: Correct handling of empty server SNI extension
2018-07-02ssl: Correct handling of empty server SNI extensionIngela Anderton Andin
2018-06-18Update copyright yearHenrik Nord
2018-03-09ssl: Remove interoperability option v2_hello_compatibleIngela Anderton Andin
2017-05-04Update copyright yearRaimo Niskanen
2017-02-08ssl: Avoid SSL/TLS hello format confusionIngela Anderton Andin
Valid SSL 3.0 or TLS hellos might accidentally match SSL 2.0 format (and sometimes the other way around before inspecting data) so we need to match SSL 3.0 and TLS first and only match SSL 2.0 hellos when flag to support it is set.
2016-12-07Update copyright-yearErlang/OTP
2016-09-07ssl: Make sure tests get a clean startIngela Anderton Andin
2016-06-03ssl: Add option to phase out support for sslv2 client helloIngela Anderton Andin
ssl servers can recognize sslv2 client hellos to interop with clients that support higher version of SSL/TLS but also offers sslv2 Conflicts: lib/ssl/src/tls_connection.erl
2016-05-20ssl: Remove use of test_server config macroIngela Anderton Andin
2016-04-06ssl: Add option signature_algsIngela Anderton Andin
In TLS-1.2 The signature algorithm and the hash function algorithm used to produce the digest that is used when creating the digital signature may be negotiated through the signature algorithm extension RFC 5246. We want to make these algorithm pairs configurable. In connections using lower versions of TLS these algorithms are implicit defined and can not be negotiated or configured. DTLS is updated to not cause dialyzer errors, but needs to get a real implementation later.
2015-06-23Merge branch 'ia/ssl/modern-timetrap'Ingela Anderton Andin
* ia/ssl/modern-timetrap: ssl: Make init functions fail if make_certs:all fails ssl: Avoid sleep ssl: modernize timetrap handling
2015-06-22ssl: Make init functions fail if make_certs:all failsIngela Anderton Andin
2015-06-22ssl: modernize timetrap handlingIngela Anderton Andin
Watchdog is legacy test_server use only ct:timetrap/1
2015-06-18Change license text to APLv2Bruce Yinhe
2015-06-15ssl: Remove unnecessary suite callbackIngela Anderton Andin
The test cases does not use any hooks and including the ts_install_cth trips up the test case setup on some platforms cuasing the test cases to fail with {error, enoent}
2015-04-21ssl: Add unit test caseIngela Anderton Andin
2014-09-24ssl: Servers may include an empty SNI-extensionIngela Anderton Andin
2014-06-05added SNI decode test to SSL handshake suiteAndrás Veres-Szentkirályi
2014-04-23ssl: Refactor so that there is only one source for the default hashsign valuesIngela Anderton Andin
Also fix DTLS call to supply its corresponding TLS version
2014-04-23ssl: always pass negotiated version when selecting hashsignDanil Zagoskin
Negotiated version is now always passed to ssl_handshake:select_hashsign because ssl_handshake:select_cert_hashsign has different rsa defaults on tlsv1.2 and older versions.
2014-04-23ssl: TLSv1.2: proper default sign algo for RSADanil Zagoskin
2014-03-14Add test for unknown elliptic curve supported by clientDanil Zagoskin
When TLS client sends a Supported Elliptic Curves Client Hello Extension containing an unknown curve enum value, a server crashes with a function_clause instead of just ignoring specified unknown curve.
2013-11-06Add SSL Server Name Indication (SNI) client supportJulien Barbot
See RFC 6066 section 3
2013-09-10ssl: Refactor to provide common handshake functions for TLS/DTLSIngela Anderton Andin
Common functions will be located in ssl_handshake.erl while specific functions will be located in tls_handshake.erl and dtls_handshake.erl
2013-06-04ssl: Structural perarparation to support DTLSIngela Anderton Andin
Also phase in tls module as main API instead of ssl. To make API clearer. As TLS is the new protocol name. Maybe keep some API functions in ssl
2013-01-11ssl: CTify test casesIngela Anderton Andin
2012-08-31Update copyright yearsBjörn-Egil Dahlberg
2012-08-22ssl: Add TLS version to dec_hs/2Andreas Schultz
TLS 1.2 changes the layout of several handshake records. This adds the TLS version to dec_hs/2 so it can decode those.
2011-09-27fix unknown ssl extension parsing by changing length from bits to bytesBen Murphy