aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/test
AgeCommit message (Collapse)Author
2018-05-15ssl: Correct key_usage checkIngela Anderton Andin
The Key Usage extension is described in section 4.2.1.3 of X.509, with the following possible flags: KeyUsage ::= BIT STRING { digitalSignature (0), nonRepudiation (1), -- recent editions of X.509 have -- renamed this bit to contentCommitment keyEncipherment (2), dataEncipherment (3), keyAgreement (4), keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) } In SSL/TLS, when the server certificate contains a RSA key, then: either a DHE or ECDHE cipher suite is used, in which case the RSA key is used for a signature (see section 7.4.3 of RFC 5246: the "Server Key Exchange" message); this exercises the digitalSignature key usage; or "plain RSA" is used, with a random value (the 48-byte pre-master secret) being encrypted by the client with the server's public key (see section 7.4.7.1 of RFC 5246); this is right in the definition of the keyEncipherment key usage flag. dataEncipherment does not apply, because what is encrypted is not directly meaningful data, but a value which is mostly generated randomly and used to derive symmetric keys. keyAgreement does not apply either, because that one is for key agreement algorithms which are not a case of asymmetric encryption (e.g. Diffie-Hellman). The keyAgreement usage flag would appear in a certificate which contains a DH key, not a RSA key. nonRepudiation is not used, because whatever is signed as part of a SSL/TLS key exchange cannot be used as proof for a third party (there is nothing in a SSL/TLS tunnel that the client could record and then use to convince a judge when tring to sue the server itself; the data which is exchanged within the tunnel is not signed by the server). When a ECDSA key is used then "keyAgreement" flag is needed for beeing ECDH "capable" (as opposed to ephemeral ECDHE)
2018-05-02ssl: Exclude DTLS tests for one more OpenSSL version for nowIngela Anderton Andin
2018-05-02ssl: Use sane input dataIngela Anderton Andin
2018-05-02ssl: Make sure help function works from all parts of test suiteIngela Anderton Andin
Depending on context trap_exit flag may be set or not. So always set trap_exit and consume the EXIT signal and then set it back.
2018-04-30ssl: Avoid hardcoding of cipher suites and fix ECDH suite handlingIngela Anderton Andin
ECDH suite handling did not use the EC parameters form the certs as expected.
2018-04-30ssl: Run all test case combinationsIngela Anderton Andin
Fix test case code to use keyAgreement for ECDH_ECDSA
2018-04-28ssl: Update tests to reflect sslv3 is not supported by defaultIngela Anderton Andin
2018-04-27Merge branch 'raimo/better-TLS-distribution/OTP-14969'Raimo Niskanen
* raimo/better-TLS-distribution/OTP-14969: Fix distro CRL test cases short vs long names Allow check for node name Move check ip to before SSL handshake Check client IP from server Parse cert primarily for host names Open for host and node allow list Create plug-in for distro cert nodes Rewrite TLS dist to handle node names in certs Improve node allowed check
2018-04-27Merge branch 'ingela/ssl/test-cuddle'Ingela Anderton Andin
* ingela/ssl/test-cuddle: ssl: Handle EXIT messages from test code correctly
2018-04-27Fix distro CRL test cases short vs long namesRaimo Niskanen
2018-04-26ssl: Proper handling of clients that choose to send an emptyIngela Anderton Andin
answer to a certificate request Solves ERL-599
2018-04-26Allow check for node nameRaimo Niskanen
2018-04-26Move check ip to before SSL handshakeRaimo Niskanen
2018-04-26Check client IP from serverRaimo Niskanen
2018-04-24ssl: Add new API functionsIngela Anderton Andin
2018-04-24ssl: Prepare to replace ssl:ssl_accept with ssl:handshakeIngela Anderton Andin
2018-04-24Parse cert primarily for host namesRaimo Niskanen
2018-04-20Create plug-in for distro cert nodesRaimo Niskanen
2018-04-19Rewrite TLS dist to handle node names in certsRaimo Niskanen
2018-03-27ssl: Cleaner test setup to avoid unintentional test case dependenciesIngela Anderton Andin
2018-03-27ssl: Correct ECC suite and DTLS ECC handlingIngela Anderton Andin
When test handling was corrected it was obvious that DTLS ECC handling was not compleated.
2018-03-16ssl: Handle EXIT messages from test code correctlyIngela Anderton Andin
2018-03-09ssl: Remove interoperability option v2_hello_compatibleIngela Anderton Andin
2018-03-08Merge branch 'ingela/ssl/no-automated-fallback/OTP-14789'Ingela Anderton Andin
2018-03-08ssl: Increase security with safer defaultIngela Anderton Andin
The interoperability option to fallback to insecure renegotiation now has to be explicitly turned on.
2018-03-06Merge branch 'maint'Ingela Anderton Andin
2018-03-06ssl: Fix anonymous suites regression and protocol errorBram Verburg
Anonymous cipher suites were broken altogether, and there was an earlier issue where the server would send a signature in the server key exchange if a certificate was configured, even if an anonymous suite was actually negotiated. Backport of PR-1729
2018-03-06Merge branch 'maint'Anders Svensson
2018-03-05[ssl] Fix hanging test case on outdated lab machineLars Thorsen
2018-02-07Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl lib/ssl/src/ssl_cipher.erl lib/ssl/test/ssl_basic_SUITE.erl lib/ssl/test/ssl_test_lib.erl
2018-02-07ssl: Make sure anonymous suites are handled separatelyIngela Anderton Andin
Preferably customized cipher suites will be based on the default value. But all may be used as base and hence it will be good to handle anonymous suites separately as they are intended for testing purposes.
2018-02-05ssl: Add new API functions for cipher suite handlingIngela Anderton Andin
2018-01-26Merge branch 'maint'Ingela Anderton Andin
2018-01-25Merge branch 'ingela/DTLS-supported'Ingela Anderton Andin
* ingela/DTLS-supported: ssl: Fix typo dtls: Add DTLS handling to utility functions ssl: Document enhancment ssl: Document DTLS
2018-01-25ssl: Check OpenSSL version for DSS (DSA) supportIngela Anderton Andin
LibreSSL-2.6.3 dropped DSS (DSA) support
2018-01-24Merge branch 'maint'Ingela Anderton Andin
2018-01-23ssl: Add record version sanity checkIngela Anderton Andin
2018-01-22Merge branch 'ingela/ssl/no-chacha-default-for-now/ERL-538/OTP-14882'Ingela Anderton Andin
* ingela/ssl/no-chacha-default-for-now/ERL-538/OTP-14882: ssl: Remove chacha ciphers form default for now
2018-01-22ssl: Remove chacha ciphers form default for nowIngela Anderton Andin
We have discovered interoperability problems, ERL-538, that we believe needs to be solved in crypto.
2018-01-19ssl: Remove 3DES cipher suites from defaultIngela Anderton Andin
2018-01-17dtls: Add DTLS handling to utility functionsIngela Anderton Andin
2018-01-16Merge branch 'ingela/ssl/remove-rsa-keyexchange-from-default/OTP-14769'Ingela Anderton Andin
* ingela/ssl/remove-rsa-keyexchange-from-default/OTP-14769: ssl: RSA key exchange is considered broken do not support by default
2018-01-16ssl: RSA key exchange is considered broken do not support by defaultIngela Anderton Andin
2018-01-15Merge branch 'maint'Ingela Anderton Andin
* maint: ssl: Call clean version function
2018-01-15ssl: Call clean version functionIngela Anderton Andin
Make sure tests are run with intended version settings.
2018-01-11Merge branch 'maint'Ingela Anderton Andin
2018-01-11Merge branch 'ingela/ssl/timeout-cuddle' into maintIngela Anderton Andin
* ingela/ssl/timeout-cuddle: ssl: Tune timeouts
2018-01-11ssl: Tune timeoutsIngela Anderton Andin
2018-01-09Merge branch 'maint'Ingela Anderton Andin
2018-01-07dtls: Filter out rc4 for DTLS psk suitesIngela Anderton Andin
Stream ciphers are not valid fro DTLS