diff options
| author | Andreas Schultz <[email protected]> | 2012-06-15 17:52:30 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2012-08-22 14:00:44 +0200 |
| commit | fc4c828438e99afe47f7531101a1561decc3cf37 (patch) | |
| tree | 4ccfe12e216687d3e4e8677130a293c94064aba9 /lib/ssl/src/ssl_connection.erl | |
| parent | 7dcf8182fb71d594d639c26aeedadef253be1733 (diff) | |
| download | otp-fc4c828438e99afe47f7531101a1561decc3cf37.tar.gz otp-fc4c828438e99afe47f7531101a1561decc3cf37.tar.bz2 otp-fc4c828438e99afe47f7531101a1561decc3cf37.zip | |
ssl: Add TLS version to ssl_handshake:key_exchange/3
TLS 1.2 changed the way digital signatures are
done. key_exchange/3 needs to pass the version
to it.
Diffstat (limited to 'lib/ssl/src/ssl_connection.erl')
| -rw-r--r-- | lib/ssl/src/ssl_connection.erl | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 965b396353..94d129de6f 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1446,7 +1446,7 @@ key_exchange(#state{role = server, key_algorithm = Algo, SecParams = ConnectionState#connection_state.security_parameters, #security_parameters{client_random = ClientRandom, server_random = ServerRandom} = SecParams, - Msg = ssl_handshake:key_exchange(server, {dh, Keys, Params, + Msg = ssl_handshake:key_exchange(server, Version, {dh, Keys, Params, Algo, ClientRandom, ServerRandom, PrivateKey}), @@ -1465,7 +1465,7 @@ key_exchange(#state{role = client, premaster_secret = PremasterSecret, socket = Socket, transport_cb = Transport, tls_handshake_history = Handshake0} = State) -> - Msg = rsa_key_exchange(PremasterSecret, PublicKeyInfo), + Msg = rsa_key_exchange(Version, PremasterSecret, PublicKeyInfo), {BinMsg, ConnectionStates, Handshake} = encode_handshake(Msg, Version, ConnectionStates0, Handshake0), Transport:send(Socket, BinMsg), @@ -1481,22 +1481,22 @@ key_exchange(#state{role = client, when Algorithm == dhe_dss; Algorithm == dhe_rsa; Algorithm == dh_anon -> - Msg = ssl_handshake:key_exchange(client, {dh, DhPubKey}), + Msg = ssl_handshake:key_exchange(client, Version, {dh, DhPubKey}), {BinMsg, ConnectionStates, Handshake} = encode_handshake(Msg, Version, ConnectionStates0, Handshake0), Transport:send(Socket, BinMsg), State#state{connection_states = ConnectionStates, tls_handshake_history = Handshake}. -rsa_key_exchange(PremasterSecret, PublicKeyInfo = {Algorithm, _, _}) +rsa_key_exchange(Version, PremasterSecret, PublicKeyInfo = {Algorithm, _, _}) when Algorithm == ?rsaEncryption; Algorithm == ?md2WithRSAEncryption; Algorithm == ?md5WithRSAEncryption; Algorithm == ?sha1WithRSAEncryption -> - ssl_handshake:key_exchange(client, + ssl_handshake:key_exchange(client, Version, {premaster_secret, PremasterSecret, PublicKeyInfo}); -rsa_key_exchange(_, _) -> +rsa_key_exchange(_, _, _) -> throw (?ALERT_REC(?FATAL,?HANDSHAKE_FAILURE)). request_client_cert(#state{ssl_options = #ssl_options{verify = verify_peer}, |