diff options
| author | Ingela Anderton Andin <[email protected]> | 2010-11-12 12:04:58 +0100 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2010-11-12 12:04:58 +0100 |
| commit | 49f6d49d77adb123800f5ff7b7726a8aecb3a87c (patch) | |
| tree | 34af4f57091cac8d80b294c07b503bbac4f796f0 | |
| parent | 7bfe74c3aca1a676a989d33e27059b59bad083c5 (diff) | |
| parent | 7400f4e990c0e33c0b1f1638f055a2a7c76b4fa3 (diff) | |
| download | otp-49f6d49d77adb123800f5ff7b7726a8aecb3a87c.tar.gz otp-49f6d49d77adb123800f5ff7b7726a8aecb3a87c.tar.bz2 otp-49f6d49d77adb123800f5ff7b7726a8aecb3a87c.zip | |
Merge branch 'ia/ssl-decryption-error/OTP-8930' into dev
* ia/ssl-decryption-error/OTP-8930:
Added "DECRYPTION_FAILED ALERT" for block decipher failure.
| -rw-r--r-- | lib/ssl/src/ssl_cipher.erl | 30 | ||||
| -rw-r--r-- | lib/ssl/src/ssl_internal.hrl | 4 |
2 files changed, 17 insertions, 17 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index 9824e17fcd..175d589931 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -164,22 +164,22 @@ decipher(?AES, HashSz, CipherState, Fragment, Version) -> block_decipher(Fun, #cipher_state{key=Key, iv=IV} = CipherState0, HashSz, Fragment, Version) -> - ?DBG_HEX(Key), - ?DBG_HEX(IV), - ?DBG_HEX(Fragment), - T = Fun(Key, IV, Fragment), - ?DBG_HEX(T), - GBC = generic_block_cipher_from_bin(T, HashSz), - case is_correct_padding(GBC, Version) of - true -> - Content = GBC#generic_block_cipher.content, - Mac = GBC#generic_block_cipher.mac, - CipherState1 = CipherState0#cipher_state{iv=next_iv(Fragment, IV)}, - {Content, Mac, CipherState1}; - false -> - ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC) + try Fun(Key, IV, Fragment) of + Text -> + GBC = generic_block_cipher_from_bin(Text, HashSz), + case is_correct_padding(GBC, Version) of + true -> + Content = GBC#generic_block_cipher.content, + Mac = GBC#generic_block_cipher.mac, + CipherState1 = CipherState0#cipher_state{iv=next_iv(Fragment, IV)}, + {Content, Mac, CipherState1}; + false -> + ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC) + end + catch + _:_ -> + ?ALERT_REC(?FATAL, ?DECRYPTION_FAILED) end. - %%-------------------------------------------------------------------- -spec suites(tls_version()) -> [cipher_suite()]. %% diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl index d2dee4d861..4148032cb7 100644 --- a/lib/ssl/src/ssl_internal.hrl +++ b/lib/ssl/src/ssl_internal.hrl @@ -105,10 +105,10 @@ -type cache_ref() :: term(). -type certdb_ref() :: term(). -type key_algo() :: null | rsa | dhe_rsa | dhe_dss | dh_anon. --type enum_algo() :: integer(). +-type oid() :: tuple(). -type public_key() :: #'RSAPublicKey'{} | integer(). -type public_key_params() :: #'Dss-Parms'{} | term(). --type public_key_info() :: {enum_algo(), public_key(), public_key_params()}. +-type public_key_info() :: {oid(), public_key(), public_key_params()}. -type der_cert() :: binary(). -type private_key() :: #'RSAPrivateKey'{} | #'DSAPrivateKey'{}. -type issuer() :: tuple(). |