[erlang-patches] TLS: add PSK and SRP cipher suites

Andreas Schultz <>
Fri Oct 12 10:27:06 CEST 2012


Hi Henrik,

When I rebased my changes to the current master, a change crept in that
shouldn't have:

https://github.com/erlang/otp/commit/747ce9191f4dc7558e12e2b6e5696396392ffbd8

I have removed it from my tree and pushed it.

Andreas

----- Original Message -----
> Thanks, I will refetch!
> On 10/11/2012 12:49 PM, Andreas Schultz wrote:
> > Hi,
> >
> > I have pushed a change that should fix the compile error. The
> > buffer has
> > a fixed length now.
> >
> > https://github.com/RoadRunnr/otp/commit/ad73b09d948d0414132bfca2f67ff0de729fa7b2
> > https://github.com/RoadRunnr/otp/commit/ad73b09d948d0414132bfca2f67ff0de729fa7b2.patch
> >
> > Andreas
> >
> > ----- Original Message -----
> >> Does not compile on Windows.
> >>
> >> Function SHA1_Update_PAD in crypto.c is not correct. Arrays with
> >> dynamic
> >> size is not supported by the C standard we use.
> >> Use a static array instead, presuming that there is a reasonable
> >> upper
> >> limit of its size.
> >>
> >> /Sverker, Erlang/OTP
> >>
> >>
> >>
> >> Henrik Nord wrote:
> >>> Hi
> >>>
> >>> I have added your branch to 'master'pu' for testing.
> >>> Thank you for your contribution!
> >>>
> >>> On 10/04/2012 06:29 PM, Andreas Schultz wrote:
> >>>    
> >>>> Hi,
> >>>>
> >>>> Tree is rebased onto latest master.
> >>>>
> >>>> Andreas
> >>>>
> >>>> ----- Original Message -----
> >>>>      
> >>>>> Would you be so kind as to rebase this branch upon the latest
> >>>>> 'master'
> >>>>>
> >>>>> Thank you for your contribution!
> >>>>>
> >>>>>
> >>>>>
> >>>>> On 09/26/2012 07:19 PM, Andreas Schultz wrote:
> >>>>>        
> >>>>>> Hi,
> >>>>>>
> >>>>>> I have implemented the more interesting parts of RFC 4279, RFC
> >>>>>> 5487
> >>>>>> and RFC 5054 (aka TLS PSK and SRP ciphers). The use and
> >>>>>> usefulness
> >>>>>> of those ciphers is rather limited, the one notable exception
> >>>>>> being
> >>>>>> the eID server protocol for German national identity cards
> >>>>>> (nPA).
> >>>>>>
> >>>>>> The test suite can only verify some PSK suites against openssl
> >>>>>> as
> >>>>>> currently no openssl version supports them all. There is patch
> >>>>>> that add some to openssl, but it has not been  incorporated
> >>>>>> into
> >>>>>> upstream. GNU-TLS implements some more (but not all) PSK
> >>>>>> suites
> >>>>>> and I have manually tested interoperability.
> >>>>>>
> >>>>>> Patch info:
> >>>>>>
> >>>>>> git fetch git://github.com/RoadRunnr/otp.git
> >>>>>> tls-psk-srp-suites
> >>>>>>
> >>>>>> https://github.com/RoadRunnr/otp/compare/master...tls-psk-srp-suites
> >>>>>> https://github.com/RoadRunnr/otp/compare/master...tls-psk-srp-suites.patch
> >>>>>>
> >>>>>> Regards
> >>>>>> Andreas
> >>>>>>          
> >>>>> --
> >>>>> /Henrik Nord Erlang/OTP
> >>>>>
> >>>>>
> >>>>>        
> >>>    
> >>
> 
> --
> /Henrik Nord Erlang/OTP
> 
> 

-- 
-- 
Dipl. Inform.
Andreas Schultz

email: 
phone: +49-391-819099-224
mobil: +49-170-2226073

------------------ managed broadband access ------------------

Travelping GmbH               phone:           +49-391-8190990
Roentgenstr. 13               fax:           +49-391-819099299
D-39108 Magdeburg             email:       
GERMANY                       web:   http://www.travelping.com

Company Registration: HRB21276 Handelsregistergericht Chemnitz
Geschaeftsfuehrer: Holger Winkelmann | VAT ID No.: DE236673780
--------------------------------------------------------------


More information about the erlang-patches mailing list