[erlang-patches] TLS: add PSK and SRP cipher suites

Andreas Schultz aschultz@REDACTED
Wed Sep 26 19:19:50 CEST 2012


Hi,

I have implemented the more interesting parts of RFC 4279, RFC 5487
and RFC 5054 (aka TLS PSK and SRP ciphers). The use and usefulness
of those ciphers is rather limited, the one notable exception being
the eID server protocol for German national identity cards (nPA).

The test suite can only verify some PSK suites against openssl as
currently no openssl version supports them all. There is patch
that add some to openssl, but it has not been  incorporated into
upstream. GNU-TLS implements some more (but not all) PSK suites
and I have manually tested interoperability.

Patch info:

git fetch git://github.com/RoadRunnr/otp.git tls-psk-srp-suites

https://github.com/RoadRunnr/otp/compare/master...tls-psk-srp-suites
https://github.com/RoadRunnr/otp/compare/master...tls-psk-srp-suites.patch

Regards
Andreas
-- 
Dipl. Inform.
Andreas Schultz

email: as@REDACTED
phone: +49-391-819099-224
mobil: +49-170-2226073

------------------ managed broadband access ------------------

Travelping GmbH               phone:           +49-391-8190990
Roentgenstr. 13               fax:           +49-391-819099299
D-39108 Magdeburg             email:       info@REDACTED
GERMANY                       web:   http://www.travelping.com

Company Registration: HRB21276 Handelsregistergericht Chemnitz
Geschaeftsfuehrer: Holger Winkelmann | VAT ID No.: DE236673780
--------------------------------------------------------------



More information about the erlang-patches mailing list