| Age | Commit message (Collapse) | Author |
|---|
|
* raimo/ssl/tls_dist-profiling:
Improve benchmark
Implement print on other node
Fix compiler warnings
|
|
|
|
* ingela/ssl/test-cuddle-ssl_basic_SUITE:
ssl: Correct test case
|
|
Conflicts:
lib/ssl/src/dtls_connection.erl
lib/ssl/src/ssl_connection.erl
lib/ssl/src/tls_connection.erl
|
|
When internaly using active N, bugs in shutdown implementation where reveled.
|
|
Make next_record an internal help function to next_event and avoid
duplicate calls to tls_socket:setopts for setting the active option.
|
|
|
|
|
|
|
|
* maint:
crypto: Split function in otp_test_engine
crypto: Update test engine with fake rsa support
Correct typo in logger formatter docs
|
|
We need to test the Engine interface not only for loading, key retrieval and hashing,
so it is complemented with a fake rsa method to check sign/verify also.
|
|
* lukas/ssl/dist_benchmarks:
stdlib: Adjust binary bench to be faster
ssl: Add scheduler utilization benchmark of plain/tls dist
ssl: Link to tstsrvr to group_leader in test
ssl: Add some benchmarks to test
|
|
|
|
If the check_ssl_node_up call is made by an rpc:call the
calling process will terminate and thus the tstsrvr loop
would terminate too early. We instead link with the group
leader so that the look still terminates, but only if
the parent node does.
|
|
The ssl benchmarks tend to break when doing other
changes in ssl, so we add some of the benchmarks to
be run as part of normal testing.
|
|
Replace hardcoded max size in 'choose' function with the
length of supported groups.
Change-Id: I4ac595cfee2c3cf0c9d9e1cffd0988940130a0d6
|
|
Change-Id: Ie7409675dd7a35825f32822df259286bbb95fd62
|
|
|
|
|
|
* ingela/ssl/key-derive/OTP-15374:
ssl: Add key derivation functions for TLS-1.3
|
|
|
|
|
|
|
|
|
|
with handshake
Fix of commit 68d9244ae33e5eea36250c3bb9ffe046a4db5647
|
|
|
|
|
|
|
|
|
|
Implement TLS 1.3 state machine skeleton
|
|
|
|
- Updated message generators:
ClientHello, ServerHello and EncryptedExtensions
- Fixed encoding of the extensions 'signature_algorithms' and
'signature_algorithms_cert'
- Updated empty extension definitions
Change-Id: I9415e2d022744b9ed4667d20aee2553637ed49f8
|
|
other purposes than handshaking
|
|
Implement Signature Algorithms (TLS 1.3)
|
|
Change-Id: Ie60b2a2651ea975cebd0ccf0c7e2953f89986463
|
|
Implement handling of the signature algorithms extension described by
RFC 8446. This commit updates the behavior of legacy TLS versions to
align them with RFC 8446 (TLS 1.3) and RFC 5246 (TLS 1.2).
- TLS 1.0/1.1 clients validate the client certificate against the
certificate_type field of the CertificateRequest message.
- TLS 1.2 client verifies the hash/signature algorithm pair of the
client certificate when processing a CertificateRequest. Old
behavior only checked the signature algorithms.
- TLS 1.2 server verifies that the server certificate is signed by
a hash/signature algorithm pair that appears in the
"singature_algorithms" or "signature_algorithms_cert" (RFC 8446)
extensions of the ClientHello.
Change-Id: I3e0a0d7408984f5e5b1233968934fe34d64eb2b7
|
|
|
|
If the socket option is set to {packet, 1|2|3|4} sender process needs to
add a packet length header. If packet is changed with ssl:setopts/2 this needs
to be communicated to tls_sender.
|
|
Conflicts:
lib/ssl/src/ssl_connection.erl
lib/ssl/src/tls_connection.erl
|
|
With the new TLS sender process, solving ERL-622, TLS ALERTs sent in
the connection state must be encrypted and sent by the TLS sender
process. This to make sure that the correct encryption state is used
to encode the ALERTS. Care must also be taken to ensure a graceful
close down behavior both for normal shutdown and downgrading from TLS
to TCP.
The original TR ERL-738 is verified by cowboy tests, and close down
behavior by our tests. However we alas have not been able to yet
create a minimal test case for the originating problem.
Also it seems it has become less likely that we run in to the TCP
delivery problem, that is the guarantee is only on transport level,
not application level. Keep work around function in ssl_test_lib but
we can have better test as long as we do not get to much wobbling
tests.
|
|
As TLS 1.3 introduces more extensions in other places than in hello messages
we like to have generalize extension handling encode/decode with some
hello wrappers.
Also extend property tests of handshake encod/decode
|
|
|
|
|
|
|
|
|
|
* peterdmv/ssl/property_test_client_hello:
ssl: Property test hello extensions
Change-Id: I78f5cdef8702141b78e9123efe34e381a5e5d12c
|
|
|
|
If the peer sends an incomplete chain that we can reconstruct with
our known CA-certs it will be accepted.
We will assume that the peer honors the protocol and sends an orded
chain, however if validation fails we will try to order the chain in
case it was unorded. Will also handle that extraneous cert where present.
See Note form RFC 8446
Note: Prior to TLS 1.3, "certificate_list" ordering required each
certificate to certify the one immediately preceding it; however,
some implementations allowed some flexibility. Servers sometimes
send both a current and deprecated intermediate for transitional
purposes, and others are simply configured incorrectly, but these
cases can nonetheless be validated properly. For maximum
compatibility, all implementations SHOULD be prepared to handle
potentially extraneous certificates and arbitrary orderings from any
TLS version, with the exception of the end-entity certificate which
MUST be first.
|
|
Extend test generators with ClientHello extensions:
- TLS 1.2: supported_version
- TLs 1.3: supported_version and signature_scheme_list
Change-Id: I43356a2a921edade124eceb004f20411c7e92619
|
|
|
