aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
AgeCommit message (Collapse)Author
2019-02-08ssl: RenameIngela Anderton Andin
2019-02-08ssl: Fix crash when sending AlertsPéter Dimitrov
Change-Id: Ia84c71214b5379baec3455f0e416a9ea73584750
2019-02-08ssl: Fix dialyzer warningPéter Dimitrov
Change-Id: I87f2111cd557a0000cfd8ab4d50f4e58787bf104
2019-02-08ssl: Improve TLS 1.3 statemPéter Dimitrov
- Store FinishedKey in cipher_state. - Implement state 'wait_finished'. - Calculate traffic secrets in 'wait_finished' after Finished received from client and go to state 'Connection'. - Drop 'change_cipher_spec' messages (middlebox compatibility mode). - Extend tests of 1-RTT. Change-Id: Id69619ec5da053ffaaef75378678a27afeef6916
2019-02-08ssl: Move diffie_hellman_params to handshake_envIngela Anderton Andin
2019-02-08ssl: Move and rename psk_identity state record fieldIngela Anderton Andin
2019-02-08ssl: Move premaster_secret to handshake_envIngela Anderton Andin
2019-02-08ssl: Make flight_state DTLS specificIngela Anderton Andin
flight_state is used to handle retransmission timers for DTLS over udp
2019-02-08ssl: Add private_key to connection_envIngela Anderton Andin
2019-02-08ssl: Remove unused record fieldIngela Anderton Andin
2019-02-08ssl: Add erl_dist_handle to connection_envIngela Anderton Andin
2019-02-08ssl: Add negotiated_version to connection_envIngela Anderton Andin
2019-02-08ssl: Add key exchange items to handshake_envIngela Anderton Andin
2019-02-08ssl: Add hashsign_algorithm and cert_hashsign_algorithm to handshake_envIngela Anderton Andin
2019-02-08ssl: Add downgrade handling to connection_envIngela Anderton Andin
Remove duplicate handsake history handling form ssl_config function. Later we might refactor to avoid duplication in TLS and DTLS code, but handshake history does not belong in ssl_config function.
2019-02-08ssl: Create connection_envIngela Anderton Andin
2019-02-08ssl: Handle renegotiation and extensions in handshake_envIngela Anderton Andin
2019-02-05Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/doc/src/ssl.xml lib/ssl/src/ssl.erl lib/ssl/src/ssl_cipher_format.erl lib/ssl/src/tls_handshake.erl
2019-02-05Merge branch 'ingela/ssl/alert-return/OTP-15423' into maintIngela Anderton Andin
* ingela/ssl/alert-return/OTP-15423: ssl: Use specs to generate type documentation ssl: Enhance error handling
2019-02-05Merge branch 'maint'Ingela Anderton Andin
2019-02-05ssl: Use specs to generate type documentationIngela Anderton Andin
2019-02-04ssl: Enhance error handlingIngela Anderton Andin
2019-02-01ssl: Remove unintended matchIngela Anderton Andin
2019-01-30Merge branch 'peterdmv/ssl/improve-logging'Péter Dimitrov
* peterdmv/ssl/improve-logging: ssl: Improve ssl_logger Change-Id: I3b181ed527ce210af6c4a7576576fa522fb20767
2019-01-30Merge branch 'peterdmv/ssl/server-send-finished'Péter Dimitrov
* peterdmv/ssl/server-send-finished: ssl: Fix dialyzer warnings ssl: Add 'Finished' ssl: Use HKDF hash function in Transcript-Hash ssl: Improve test of 1-RTT handshake ssl: Update certificate_verify ssl: Update function build_content ssl: Fix encoding of the Certificate message ssl: Add EncryptedExtensions ssl: Fix encoding of empty extensions ssl: Fix key schedule and traffic keys ssl: Encode/decode CertificateVerify Change-Id: Ie525de276ca4ebd9f9fb0fbdc9dc3822f91834e0
2019-01-30Merge branch 'maint'Ingela Anderton Andin
2019-01-30Merge pull request #2109 from IngelaAndin/ingela/ssl/active-checkIngela Andin
ssl: Correct check for delayed close due to undliverd data
2019-01-30Merge branch 'maint'Péter Dimitrov
* maint: ssl: Improve openssl interop tests Change-Id: I5eec73687e9693ab5b08953c5e3db0d09cfd1690
2019-01-30Merge branch 'peterdmv/ssl/improve_openssl_interop_tests' into maintPéter Dimitrov
* peterdmv/ssl/improve_openssl_interop_tests: ssl: Improve openssl interop tests Change-Id: I65b63ddb8c8948d246e341f8c821b3b499507cb6
2019-01-29ssl: Improve ssl_loggerPéter Dimitrov
Improve API and delay creation of map arguments for ?LOG_DEBUG macro. Change-Id: I6956112fe64e599d33d83dfdd710cad53b8449e1
2019-01-29ssl: Improve openssl interop testsPéter Dimitrov
openssl 1.1.x changed the default ECC curves that made testcases fail in the ECC suite. openssl s_server and s_client sent 'Illegal Parameter' alert when the CertificateVerify (client) or ServerKeyExchange (server) message was signed with a curve that was not present in openssl's default ECC curve list (x25519, secp256r1, secp521r1, secp384r1, brainpoolP256r1, brainpoolP384r1, brainpool512r1). This commit changes the default curve of make_ec_cert_chains to 'secp256r1' and explicitly configures the default curve in those testcases where the default curve of the ssl application is expected. Change-Id: I81ebe1a30b8f863b0e2836b1dad3d8bc767cc47e
2019-01-28ssl: Fix dialyzer warningsPéter Dimitrov
Change-Id: Icc6c1433dba8d35f81162ef8100292bf2ba53c71
2019-01-28ssl: Add 'Finished'Péter Dimitrov
Implement Finished message on the server side. Change-Id: Ie0d054ac80f7eb47797273e1878990335112e923
2019-01-28ssl: Use HKDF hash function in Transcript-HashPéter Dimitrov
Two hash functions needed to create the CertificateVerify message. One for creating the Transcript-Hash and another for the digital signature. Transcript-Hash uses the HKDF hash of the selected cipher suite, the digital signature uses the hash defined by the selected signature scheme. Change-Id: Ife68ec123682d9aaf42c6b46cc2608e1df8be8d6
2019-01-28ssl: Improve test of 1-RTT handshakePéter Dimitrov
Change-Id: Iaffe5d6e402448f1da5e37b0e55829fa72af310d
2019-01-28ssl: Update certificate_verifyPéter Dimitrov
Change-Id: I6adacc846f938d1ca1eb1a798780cc804b501a71
2019-01-28ssl: Update function build_contentPéter Dimitrov
Change-Id: I91c5866f1400c3ad9c7eab1292c3ceb32a482c70
2019-01-28ssl: Fix encoding of the Certificate messagePéter Dimitrov
Fix encoding of extensions in CertificateEntries. Change-Id: I776a2210d2aa51cde3be5e0bc87d9beb8d63825c
2019-01-28ssl: Add EncryptedExtensionsPéter Dimitrov
Send empty EncryptedExtensions after ServerHello. Update ssl logger. Change-Id: Id57fdb52c360a1125ac1a735ee37c433bfb69a0a
2019-01-28ssl: Fix encoding of empty extensionsPéter Dimitrov
Change-Id: Ia18cda4e2b43dc863a24ac4838718adc788b08b1
2019-01-28ssl: Fix key schedule and traffic keysPéter Dimitrov
Fix key schedule and traffic key calculation. Add test for the server side calculation of shared secrets and traffic keys. Change-Id: Ia955e5e8787f3851bdb3170723e6586bdf4548ca
2019-01-28ssl: Encode/decode CertificateVerifyPéter Dimitrov
Implement encoding/decoding of CertificateVerify. Update property tests with CertificateVerify. Refactor state handling function: 'do_negotiated'. Change-Id: Ifa066076960120717ddb472dc45fcc7a16a517d0
2019-01-24ssl: Correct check for delayed close due to undliverd dataIngela Anderton Andin
Could cause connection processes not terminate when they should
2019-01-23Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/tls_connection.erl
2019-01-23Merge branch 'ingela/ssl/continue-optimize/OTP-15445' into maintIngela Anderton Andin
* ingela/ssl/continue-optimize/OTP-15445: ssl: If possible assemble several received application data records
2019-01-22ssl: If possible assemble several received application data recordsIngela Anderton Andin
2019-01-22Merge branch 'maint'Ingela Anderton Andin
Conflicts: lib/ssl/src/ssl_connection.erl lib/ssl/src/ssl_connection.hrl lib/ssl/src/tls_connection.erl
2019-01-22ssl: Create hs_envIngela Anderton Andin
We want to decrease the size of the outer state tuple, and gain ease of understanding by better grouping. This is the first step of creating a hs_env (handshake environment) part of the state. This change will be performed gradually to reduce merge conflicts complexity and risk of introducing errors.
2019-01-22ssl: Remove unnecessary iolist_to_binaryIngela Anderton Andin
2019-01-22Merge branch 'maint'Ingela Anderton Andin
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-16 05:43:46 +0000