aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2019-01-16Merge branch 'maint'Rickard Green
* maint: Updated OTP version Prepare release
2019-01-16Merge branch 'maint-21' into maintRickard Green
* maint-21: Updated OTP version Prepare release
2019-01-16Merge branch 'maint'Ingela Anderton Andin
2019-01-16ssl: Cuddle testsIngela Anderton Andin
2019-01-15Prepare releaseErlang/OTP
2019-01-15Merge branch 'peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477' into ↵Erlang/OTP
maint-21 * peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477: ssl: Fix encoding/decoding of the SRP extension
2019-01-15Merge branch 'ingela/ssl/enhance-error-handling/OTP-15505' into maint-21Erlang/OTP
* ingela/ssl/enhance-error-handling/OTP-15505: ssl: Cuddle test cases ssl: Fix test case ssl: Fix two invalid gen_statem returns
2019-01-15Merge branch 'lukas/ssl/benchmark_basic_test'Lukas Larsson
* lukas/ssl/benchmark_basic_test: inets: Decrease benchmark TC timeout inets: Fix crypto:rand_bytes usage in benchmarks ssl: Only run a basic fast test in test cycle
2019-01-15ssl: Only run a basic fast test in test cycleLukas Larsson
Some of the slower machines takes 20-30 minutes to run one iteration of the payload test.
2019-01-15Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/ssl.erl
2019-01-14ssl: Add value 'save' to reuse_sessions and reuse_session client optionIngela Anderton Andin
We want to be able to save a specific session to reuse, and make sure it is reusable immediatly when the connection has been established. Add client option {reuse_session, SessionID::binary()} We also do not want clients to save sessions that it did not verify. Additionaly change behaviour of the client and server to not save sessions if reuse_session is set to false.
2019-01-14ssl: Client shall only save verified sessionsIngela Anderton Andin
Modernize test case option handling
2019-01-14ssl: Uncomplicate test codeIngela Anderton Andin
No need for this test case to set a specific cipher suite. An appropriate cipher suite will be negotiated and it will of course be the same for clients with the same configuration.
2019-01-14ssl: Modernize test suiteIngela Anderton Andin
2019-01-11ssl: Skip TLS 1.3 suites if crypto lacks supportPéter Dimitrov
TLS 1.3 test suites requires TLS 1.3 support in crypto that is openssl 1.1.1 or later shall be available. This commit tests support for RSASSA-PSS signature algorithm and x448 Diffie-Hellman key agreement. Change-Id: I003ab376339b003fbbd3d0a66e10c368a16023ad
2019-01-11ssl: Update testcase 'encode_decode_srp'Péter Dimitrov
Change-Id: I16dccce4a0a8980fe0f888969945aef8ed38a9bc
2019-01-11ssl: Fix dialyzer warningsPéter Dimitrov
Change-Id: I9269825c833d1461369828a9228f384ccf2543a9
2019-01-11ssl: Improve AEAD encode/decodePéter Dimitrov
- Update calculation of nonce and additional data - Update cipher_aead, decipher_aead - Add test for TLS 1.3 encode/decode Change-Id: Id0a5cc68d8746079fb42c0192c0c64405f6d7a72
2019-01-11ssl: Refactor state 'negotiated'Péter Dimitrov
Change-Id: I1a2e9b1b639cae0d78b6d25d7b6e761a2d90b7b1
2019-01-11ssl: Add 'CertificateVerify'Péter Dimitrov
Change-Id: Iab7148f609b4965cd1a815d04507a59cc1b8fb5f
2019-01-11ssl: Add support for x25519 and x448 in ECDHPéter Dimitrov
Change-Id: I206b851fc616c53475f4a2935f6f52baf8f3e1e6
2019-01-11ssl: Implement transcript_hash for TLS 1.3Péter Dimitrov
Change-Id: I03be63e9f436f60cdaee6583c930f235fd5eb24c
2019-01-11ssl: Fix encoding/decoding of supported_versionsPéter Dimitrov
Encode length of supported_versions in one octet instead of two. Change-Id: If24b38f3d2a40f0aa7152bb05bc0392efca6454c
2019-01-11ssl: Check if RSASSA-PSS is supported by cryptoPéter Dimitrov
Filter all rsa_pss_rsae and rsa_pss_pss signature schemes if rsa_pkcs1_pss_padding is not supported by crypto. Change-Id: Ie6d7ca3736011c71462eac925055f831777f9c9d
2019-01-11ssl: Reorder default signature schemesPéter Dimitrov
Change-Id: I54ef4f946c64510ca6df073aefc30c0b28723b3b
2019-01-11ssl: Create server 'Certificate' messagePéter Dimitrov
Create a TLS 1.3 'Certificate' message in the 'negotiated' state. Change-Id: I03115de2353324f8533146ba19809064da6b0866
2019-01-11ssl: Calculate handshake traffic keysPéter Dimitrov
Change-Id: Ifdf8978c58c15313e8a7973cff97dda3458f7721
2019-01-11ssl: Add tests for TLS 1.3Péter Dimitrov
Change-Id: I23a2faa5f07836333c9b50af388162d2bbb9a246
2019-01-11ssl: Fix handling of signature algorithmsPéter Dimitrov
Change-Id: I5cc6b470ea19e32dd5516a86fe6750c5b51d5368
2019-01-11ssl: Process "supported_versions" before decodingPéter Dimitrov
Change-Id: I465760b7001692367c68839219745e40abafdfa8
2019-01-11ssl: Update cipher suite formatting in ssl_loggerPéter Dimitrov
Change-Id: Icea7ba523b15d7db4c816f542a16fc92eb6b38ad
2019-01-11ssl: Fix cipher suite selectionPéter Dimitrov
Accept only TLS 1.3 ciphers when TLS 1.3 is selected. Change-Id: I4e934d344f52208263ffdeb31c357dd5727472b9
2019-01-11ssl: Comment usage of 'state' in TLS 1.3Péter Dimitrov
Change-Id: I284faa415c97eb533df0a7e5777fe5d929010e56
2019-01-11ssl: Implement TLS 1.3 key schedulePéter Dimitrov
Change-Id: I0454890c604f47cffd3bd83c217ff571f73965fb
2019-01-11ssl: Update HKDF-Expand-Label functionPéter Dimitrov
Change-Id: I08dbfb38b198ef24798a85d8bcf498d697123fad
2019-01-11Merge branch 'peterdmv/ssl/fix-failing-srp-tc'Péter Dimitrov
* peterdmv/ssl/fix-failing-srp-tc: ssl: Fix srp testcase fault Change-Id: I0d7bf24e16bec0b61d385a6cd2ef81f334b9e397
2019-01-10Merge branch 'maint'Péter Dimitrov
* maint: ssl: Fix CRL suite with openssl-1.1.1a Change-Id: I18ffe894158e8881af20bba6f6a60b85063b937c
2019-01-10Merge branch 'peterdmv/ssl/fix-crl-suite' into maintPéter Dimitrov
* peterdmv/ssl/fix-crl-suite: ssl: Fix CRL suite with openssl-1.1.1a Change-Id: I2847107b6cf0210c3002c016a6ba49288505d06f
2019-01-10Merge branch 'maint'Ingela Anderton Andin
2019-01-10ssl: Add renegotiation test case to OpenSSL sanity checkIngela Anderton Andin
2019-01-10ssl: Better stream handlingIngela Anderton Andin
Remove rizzo rests that made incorrect assumptions
2019-01-09ssl: Fix CRL suite with openssl-1.1.1aPéter Dimitrov
Later versions of openssl do not support negative integers for CRL due time (used for negative testing). As a workaround this commit implements a function that can set CRL due time in seconds and makes the testcase 'crl_hash_dir_expired' sleep for one second. Change-Id: I2ef8b3c6ee545bd09170fa6027cb9ca38cfb42c0
2019-01-09ssl: Fix srp testcase faultPéter Dimitrov
Fix testcase fault introduced by the forward merge of peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477. Change-Id: Ia4290265d5c59b6d50f4e5b60b41d5f05fd14278
2019-01-08Merge branch 'maint'Péter Dimitrov
* maint: ssl: Fix encoding/decoding of the SRP extension Change-Id: I3b5887cf01b1a538c65d0c66da4d4ccf7793478d
2019-01-08ssl: Cuddle test casesIngela Anderton Andin
Cipher test case also needed updating to handle streams correctly We should not rizzo test chacha20_poly1305 Conflicts: lib/ssl/test/ssl_basic_SUITE.erl
2019-01-08ssl: Fix test caseIngela Anderton Andin
packet raw is a stream, test code manged it packet oriented in the function active_raw.
2019-01-08Merge branch 'peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477' into maintPéter Dimitrov
* peterdmv/ssl/fix-srp-encode-decode/ERL-790/OTP-15477: ssl: Fix encoding/decoding of the SRP extension Change-Id: Iee3276a60041a2c04c89385b2de2edb1cd81babd
2019-01-08ssl: Fix two invalid gen_statem returnsLoïc Hoguin
2019-01-08Merge branch 'maint'Ingela Anderton Andin
2019-01-08Merge pull request #2070 from essen/fix-ssl-shutdown-crashIngela Andin
ssl: Fix two invalid gen_statem returns OTP-15505
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 23:27:41 +0000