aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl.erl
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2018-01-29 14:37:30 +0100
committerIngela Anderton Andin <[email protected]>2018-02-05 15:03:53 +0100
commit2ce6be54915587d2c14f95b9f65197bd8c86554e (patch)
tree734748b00e6879dd5f6acd869cdca36d10c455bf /lib/ssl/src/ssl.erl
parent7ba4144d71899fa7eb9e1f35c50e3633772aa283 (diff)
downloadotp-2ce6be54915587d2c14f95b9f65197bd8c86554e.tar.gz
otp-2ce6be54915587d2c14f95b9f65197bd8c86554e.tar.bz2
otp-2ce6be54915587d2c14f95b9f65197bd8c86554e.zip
ssl: Uses aead as mac value in AEAD cipher suites
Authenticated encryption (AE) and authenticated encryption with associated data (AEAD, variant of AE) is a form of encryption which simultaneously provides confidentiality, integrity, and authenticity assurances on the data. This is more logical value then null that was used, this happened to work as the AEAD property was derived form other data, but it is confusing!
Diffstat (limited to 'lib/ssl/src/ssl.erl')
-rw-r--r--lib/ssl/src/ssl.erl12
1 files changed, 11 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index 49634ad3a5..575b4e2e11 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -1268,9 +1268,19 @@ tuple_to_map({Kex, Cipher, Mac}) ->
tuple_to_map({Kex, Cipher, Mac, Prf}) ->
#{key_exchange => Kex,
cipher => Cipher,
- mac => Mac,
+ mac => tuple_to_map_mac(Cipher, Mac),
prf => Prf}.
+%% Backwards compatible
+tuple_to_map_mac(aes_128_gcm, _) ->
+ aead;
+tuple_to_map_mac(aes_256_gcm, _) ->
+ aead;
+tuple_to_map_mac(chacha20_poly1305, _) ->
+ aead;
+tuple_to_map_mac(_, MAC) ->
+ MAC.
+
handle_eccs_option(Value, Version) when is_list(Value) ->
{_Major, Minor} = tls_version(Version),
try tls_v1:ecc_curves(Minor, Value) of