aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_cipher.erl
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2010-11-12 12:04:58 +0100
committerIngela Anderton Andin <[email protected]>2010-11-12 12:04:58 +0100
commit49f6d49d77adb123800f5ff7b7726a8aecb3a87c (patch)
tree34af4f57091cac8d80b294c07b503bbac4f796f0 /lib/ssl/src/ssl_cipher.erl
parent7bfe74c3aca1a676a989d33e27059b59bad083c5 (diff)
parent7400f4e990c0e33c0b1f1638f055a2a7c76b4fa3 (diff)
downloadotp-49f6d49d77adb123800f5ff7b7726a8aecb3a87c.tar.gz
otp-49f6d49d77adb123800f5ff7b7726a8aecb3a87c.tar.bz2
otp-49f6d49d77adb123800f5ff7b7726a8aecb3a87c.zip
Merge branch 'ia/ssl-decryption-error/OTP-8930' into dev
* ia/ssl-decryption-error/OTP-8930: Added "DECRYPTION_FAILED ALERT" for block decipher failure.
Diffstat (limited to 'lib/ssl/src/ssl_cipher.erl')
-rw-r--r--lib/ssl/src/ssl_cipher.erl30
1 files changed, 15 insertions, 15 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 9824e17fcd..175d589931 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -164,22 +164,22 @@ decipher(?AES, HashSz, CipherState, Fragment, Version) ->
block_decipher(Fun, #cipher_state{key=Key, iv=IV} = CipherState0,
HashSz, Fragment, Version) ->
- ?DBG_HEX(Key),
- ?DBG_HEX(IV),
- ?DBG_HEX(Fragment),
- T = Fun(Key, IV, Fragment),
- ?DBG_HEX(T),
- GBC = generic_block_cipher_from_bin(T, HashSz),
- case is_correct_padding(GBC, Version) of
- true ->
- Content = GBC#generic_block_cipher.content,
- Mac = GBC#generic_block_cipher.mac,
- CipherState1 = CipherState0#cipher_state{iv=next_iv(Fragment, IV)},
- {Content, Mac, CipherState1};
- false ->
- ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
+ try Fun(Key, IV, Fragment) of
+ Text ->
+ GBC = generic_block_cipher_from_bin(Text, HashSz),
+ case is_correct_padding(GBC, Version) of
+ true ->
+ Content = GBC#generic_block_cipher.content,
+ Mac = GBC#generic_block_cipher.mac,
+ CipherState1 = CipherState0#cipher_state{iv=next_iv(Fragment, IV)},
+ {Content, Mac, CipherState1};
+ false ->
+ ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
+ end
+ catch
+ _:_ ->
+ ?ALERT_REC(?FATAL, ?DECRYPTION_FAILED)
end.
-
%%--------------------------------------------------------------------
-spec suites(tls_version()) -> [cipher_suite()].
%%