diff options
| author | Ingela Anderton Andin <[email protected]> | 2018-01-29 14:37:30 +0100 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2018-02-05 15:03:53 +0100 |
| commit | 2ce6be54915587d2c14f95b9f65197bd8c86554e (patch) | |
| tree | 734748b00e6879dd5f6acd869cdca36d10c455bf /lib/ssl/src/ssl.erl | |
| parent | 7ba4144d71899fa7eb9e1f35c50e3633772aa283 (diff) | |
| download | otp-2ce6be54915587d2c14f95b9f65197bd8c86554e.tar.gz otp-2ce6be54915587d2c14f95b9f65197bd8c86554e.tar.bz2 otp-2ce6be54915587d2c14f95b9f65197bd8c86554e.zip | |
ssl: Uses aead as mac value in AEAD cipher suites
Authenticated encryption (AE) and authenticated encryption with
associated data (AEAD, variant of AE) is a form of encryption which
simultaneously provides confidentiality, integrity, and authenticity
assurances on the data.
This is more logical value then null that was used, this happened to
work as the AEAD property was derived form other data, but it is confusing!
Diffstat (limited to 'lib/ssl/src/ssl.erl')
| -rw-r--r-- | lib/ssl/src/ssl.erl | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index 49634ad3a5..575b4e2e11 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -1268,9 +1268,19 @@ tuple_to_map({Kex, Cipher, Mac}) -> tuple_to_map({Kex, Cipher, Mac, Prf}) -> #{key_exchange => Kex, cipher => Cipher, - mac => Mac, + mac => tuple_to_map_mac(Cipher, Mac), prf => Prf}. +%% Backwards compatible +tuple_to_map_mac(aes_128_gcm, _) -> + aead; +tuple_to_map_mac(aes_256_gcm, _) -> + aead; +tuple_to_map_mac(chacha20_poly1305, _) -> + aead; +tuple_to_map_mac(_, MAC) -> + MAC. + handle_eccs_option(Value, Version) when is_list(Value) -> {_Major, Minor} = tls_version(Version), try tls_v1:ecc_curves(Minor, Value) of |