aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_cipher.erl
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2016-05-31 10:56:10 +0200
committerIngela Anderton Andin <[email protected]>2016-05-31 10:56:10 +0200
commit962b25f3b2879a48a8cd0596ffad862beb82d4d9 (patch)
treed6c1b9bcb667e7f0134d0002c3406190ce3b8584 /lib/ssl/src/ssl_cipher.erl
parent1a212675c4217bbedfab1e181a88b2fbe4cfa9c4 (diff)
parentd56242c69f84d7612aebd045255c41d85cbb1794 (diff)
downloadotp-962b25f3b2879a48a8cd0596ffad862beb82d4d9.tar.gz
otp-962b25f3b2879a48a8cd0596ffad862beb82d4d9.tar.bz2
otp-962b25f3b2879a48a8cd0596ffad862beb82d4d9.zip
Merge branch 'binarin/better-ssl-diagnostics/PR-1060/ERL-774/OTP-13632'
* binarin/better-ssl-diagnostics/PR-1060/ERL-774/OTP-13632: ssl: Remove error logger reports ssl: Better error handling of keys rejected by crypto Improve SSL diagnostics
Diffstat (limited to 'lib/ssl/src/ssl_cipher.erl')
-rw-r--r--lib/ssl/src/ssl_cipher.erl8
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index dc0a0c2cc4..e935c033c7 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -214,7 +214,7 @@ decipher(?RC4, HashSz, CipherState = #cipher_state{state = State0}, Fragment, _,
%% alerts may permit certain attacks against CBC mode as used in
%% TLS [CBCATT]. It is preferable to uniformly use the
%% bad_record_mac alert to hide the specific type of the error."
- ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
+ ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC, decryption_failed)
end;
decipher(?DES, HashSz, CipherState, Fragment, Version, PaddingCheck) ->
@@ -272,7 +272,7 @@ block_decipher(Fun, #cipher_state{key=Key, iv=IV} = CipherState0,
%% alerts may permit certain attacks against CBC mode as used in
%% TLS [CBCATT]. It is preferable to uniformly use the
%% bad_record_mac alert to hide the specific type of the error."
- ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
+ ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC, decryption_failed)
end.
aead_ciphertext_to_state(chacha20_poly1305, SeqNo, _IV, AAD0, Fragment, _Version) ->
@@ -296,11 +296,11 @@ aead_decipher(Type, #cipher_state{key = Key, iv = IV} = CipherState,
Content when is_binary(Content) ->
{Content, CipherState};
_ ->
- ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
+ ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC, decryption_failed)
end
catch
_:_ ->
- ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
+ ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC, decryption_failed)
end.
%%--------------------------------------------------------------------