ssl: Move diffie_hellman_params to handshake_env

author: Ingela Anderton Andin <[email protected]> 2019-02-07 21:15:41 +0100
committer: Ingela Anderton Andin <[email protected]> 2019-02-08 09:23:08 +0100
commit: d56923ffbef7801e93a4a298ce9a7bd990410d42 (patch)
tree: 53c91bc37a24bc01d12320974bbfd88a6451839a
parent: fd17b2ec302f8324b26a2cb87cd9cc3705a9e61f (diff)
download: otp-d56923ffbef7801e93a4a298ce9a7bd990410d42.tar.gz
otp-d56923ffbef7801e93a4a298ce9a7bd990410d42.tar.bz2
otp-d56923ffbef7801e93a4a298ce9a7bd990410d42.zip
2 files changed, 13 insertions, 13 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 5510235b04..e4715ba329 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -608,6 +608,7 @@ handle_session(#server_hello{cipher_suite = CipherSuite,
 -spec ssl_config(#ssl_options{}, client | server, #state{}) -> #state{}.
 %%--------------------------------------------------------------------
 ssl_config(Opts, Role, #state{static_env = InitStatEnv0, 
+                              handshake_env = HsEnv,
                               connection_env = CEnv} = State0) ->
     {ok, #{cert_db_ref := Ref, 
            cert_db_handle := CertDbHandle, 
@@ -630,8 +631,8 @@ ssl_config(Opts, Role, #state{static_env = InitStatEnv0,
                                 crl_db = CRLDbHandle,
                                 session_cache = CacheHandle
                                },
+                 handshake_env = HsEnv#handshake_env{diffie_hellman_params = DHParams},
                  connection_env = CEnv#connection_env{private_key = Key},
-                 diffie_hellman_params = DHParams,
                  ssl_options = Opts}.
 
 %%====================================================================
@@ -1418,7 +1419,6 @@ format_status(terminate, [_, StateName, State]) ->
 					       handshake_env =  ?SECRET_PRINTOUT,
                                                connection_env = ?SECRET_PRINTOUT,
 					       session =  ?SECRET_PRINTOUT,
-					       diffie_hellman_params = ?SECRET_PRINTOUT,
 					       diffie_hellman_keys =  ?SECRET_PRINTOUT,
 					       srp_params = ?SECRET_PRINTOUT,
 					       srp_keys =  ?SECRET_PRINTOUT,
@@ -1640,7 +1640,7 @@ certify_client_key_exchange(#encrypted_premaster_secret{premaster_secret= EncPMS
         end,    
     calculate_master_secret(PremasterSecret, State, Connection, certify, cipher);
 certify_client_key_exchange(#client_diffie_hellman_public{dh_public = ClientPublicDhKey},
-			    #state{diffie_hellman_params = #'DHParameter'{} = Params,
+			    #state{handshake_env = #handshake_env{diffie_hellman_params = #'DHParameter'{} = Params},
 				   diffie_hellman_keys = {_, ServerDhPrivateKey}} = State,
 			    Connection) ->
     PremasterSecret = ssl_handshake:premaster_secret(ClientPublicDhKey, ServerDhPrivateKey, Params),
@@ -1657,7 +1657,7 @@ certify_client_key_exchange(#client_psk_identity{} = ClientKey,
     PremasterSecret = ssl_handshake:premaster_secret(ClientKey, PSKLookup),
     calculate_master_secret(PremasterSecret, State0, Connection, certify, cipher);
 certify_client_key_exchange(#client_dhe_psk_identity{} = ClientKey,
-			    #state{diffie_hellman_params = #'DHParameter'{} = Params,
+			    #state{handshake_env = #handshake_env{diffie_hellman_params = #'DHParameter'{} = Params},
 				   diffie_hellman_keys = {_, ServerDhPrivateKey},
 				   ssl_options = 
 				       #ssl_options{user_lookup_fun = PSKLookup}} = State0,
@@ -1707,10 +1707,10 @@ certify_server(#state{static_env = #static_env{cert_db = CertDbHandle,
 key_exchange(#state{static_env = #static_env{role = server}, key_algorithm = rsa} = State,_) ->
     State;
 key_exchange(#state{static_env = #static_env{role = server}, key_algorithm = Algo,
-		    handshake_env = #handshake_env{hashsign_algorithm = HashSignAlgo},
+		    handshake_env = #handshake_env{diffie_hellman_params = #'DHParameter'{} = Params,
+                                                   hashsign_algorithm = HashSignAlgo},
                     connection_env = #connection_env{negotiated_version = Version,
                                                      private_key = PrivateKey},
-		    diffie_hellman_params = #'DHParameter'{} = Params,
 		    connection_states = ConnectionStates0} = State0, Connection)
   when Algo == dhe_dss;
        Algo == dhe_rsa;
@@ -1775,10 +1775,10 @@ key_exchange(#state{static_env = #static_env{role = server}, key_algorithm = psk
     Connection:queue_handshake(Msg, State0);
 key_exchange(#state{static_env = #static_env{role = server}, key_algorithm = dhe_psk,
 		    ssl_options = #ssl_options{psk_identity = PskIdentityHint},
-		    handshake_env = #handshake_env{hashsign_algorithm = HashSignAlgo},                                        
+		    handshake_env = #handshake_env{diffie_hellman_params = #'DHParameter'{} = Params,
+                                                   hashsign_algorithm = HashSignAlgo},                                        
                     connection_env = #connection_env{negotiated_version = Version,
                                                      private_key = PrivateKey},
-		    diffie_hellman_params = #'DHParameter'{} = Params,
 		    connection_states = ConnectionStates0
 		   } = State0, Connection) ->
     DHKeys = public_key:generate_key(Params),
@@ -2755,12 +2755,12 @@ handle_sni_extension(#sni{hostname = Hostname}, #state{static_env = #static_env{
                                         cert_db = CertDbHandle,
                                         crl_db = CRLDbHandle,
                                         session_cache = CacheHandle
-                                       },
+                             },
                connection_env = CEnv#connection_env{private_key = Key},
-               diffie_hellman_params = DHParams,
                ssl_options = NewOptions,
-               handshake_env = HsEnv#handshake_env{sni_hostname = Hostname}
-	     }
+               handshake_env = HsEnv#handshake_env{sni_hostname = Hostname,
+                                                   diffie_hellman_params = DHParams}
+              }
     end.
 
 update_ssl_options_from_sni(OrigSSLOptions, SNIHostname) ->
diff --git a/lib/ssl/src/ssl_connection.hrl b/lib/ssl/src/ssl_connection.hrl
index 27d414d351..97faa36c77 100644
--- a/lib/ssl/src/ssl_connection.hrl
+++ b/lib/ssl/src/ssl_connection.hrl
@@ -69,6 +69,7 @@
                         hashsign_algorithm = {undefined, undefined},
                         cert_hashsign_algorithm = {undefined, undefined},
                         %% key exchange
+                        diffie_hellman_params:: #'DHParameter'{} | undefined | secret_printout(),
                         public_key_info      :: ssl_handshake:public_key_info() | 'undefined',
                         premaster_secret     :: binary() | secret_printout() | 'undefined',
                         server_psk_identity         :: binary() | 'undefined' % server psk identity hint
@@ -108,7 +109,6 @@
                 %% Used only in HS
                 client_certificate_requested = false :: boolean(),
                 key_algorithm         :: ssl:key_algo(),
-                diffie_hellman_params:: #'DHParameter'{} | undefined | secret_printout(),
                 diffie_hellman_keys  :: {PublicKey :: binary(), PrivateKey :: binary()} | #'ECPrivateKey'{} |  undefined |  secret_printout(),
                 srp_params           :: #srp_user{} | secret_printout() | 'undefined',
                 srp_keys             ::{PublicKey :: binary(), PrivateKey :: binary()} | secret_printout() | 'undefined',
author	Ingela Anderton Andin <[email protected]>	2019-02-07 21:15:41 +0100
committer	Ingela Anderton Andin <[email protected]>	2019-02-08 09:23:08 +0100
commit	d56923ffbef7801e93a4a298ce9a7bd990410d42 (patch)
tree	53c91bc37a24bc01d12320974bbfd88a6451839a
parent	fd17b2ec302f8324b26a2cb87cd9cc3705a9e61f (diff)
download	otp-d56923ffbef7801e93a4a298ce9a7bd990410d42.tar.gz otp-d56923ffbef7801e93a4a298ce9a7bd990410d42.tar.bz2 otp-d56923ffbef7801e93a4a298ce9a7bd990410d42.zip