diff options
| author | Ingela Anderton Andin <[email protected]> | 2013-04-19 15:47:47 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2013-05-08 10:39:19 +0200 |
| commit | 826ff38deec221e306b2f4a9ee529fae1dbbedf7 (patch) | |
| tree | 360f3e365e3d36c0ee579c02c0d4e5c509779d18 /lib/ssl/src/ssl_handshake.erl | |
| parent | dfd9c13f882ef199dfcb830823cb12d83bcc4f10 (diff) | |
| download | otp-826ff38deec221e306b2f4a9ee529fae1dbbedf7.tar.gz otp-826ff38deec221e306b2f4a9ee529fae1dbbedf7.tar.bz2 otp-826ff38deec221e306b2f4a9ee529fae1dbbedf7.zip | |
ssl & public_key: Improved handling ECDH keys
Diffstat (limited to 'lib/ssl/src/ssl_handshake.erl')
| -rw-r--r-- | lib/ssl/src/ssl_handshake.erl | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl index f736de3327..cde3e6fc66 100644 --- a/lib/ssl/src/ssl_handshake.erl +++ b/lib/ssl/src/ssl_handshake.erl @@ -418,7 +418,7 @@ key_exchange(client, _Version, {dh, <<?UINT32(Len), PublicKey:Len/binary>>}) -> dh_public = PublicKey} }; -key_exchange(client, _Version, {ecdh, {_,_,ECPublicKey}}) -> +key_exchange(client, _Version, {ecdh, #'ECPrivateKey'{publicKey = {0, ECPublicKey}}}) -> #client_key_exchange{ exchange_keys = #client_ec_diffie_hellman_public{ dh_public = ECPublicKey} @@ -461,7 +461,8 @@ key_exchange(server, Version, {dh, {<<?UINT32(Len), PublicKey:Len/binary>>, _}, enc_server_key_exchange(Version, ServerDHParams, HashSign, ClientRandom, ServerRandom, PrivateKey); -key_exchange(server, Version, {ecdh, {ECCurve, _, ECPublicKey}, HashSign, ClientRandom, ServerRandom, +key_exchange(server, Version, {ecdh, #'ECPrivateKey'{publicKey = {0, ECPublicKey}, + parameters = ECCurve}, HashSign, ClientRandom, ServerRandom, PrivateKey}) -> ServerECParams = #server_ecdh_params{curve = ECCurve, public = ECPublicKey}, enc_server_key_exchange(Version, ServerECParams, HashSign, @@ -1513,10 +1514,10 @@ enc_server_key(#server_dh_params{dh_p = P, dh_g = G, dh_y = Y}) -> GLen = byte_size(G), YLen = byte_size(Y), <<?UINT16(PLen), P/binary, ?UINT16(GLen), G/binary, ?UINT16(YLen), Y/binary>>; -enc_server_key(#server_ecdh_params{curve = ECCurve, public = ECPubKey}) -> +enc_server_key(#server_ecdh_params{curve = {namedCurve, ECCurve}, public = ECPubKey}) -> %%TODO: support arbitrary keys KLen = size(ECPubKey), - <<?BYTE(?NAMED_CURVE_TYPE), ?UINT16((ssl_tls1:ec_nid2curve_id(ECCurve))), + <<?BYTE(?NAMED_CURVE_TYPE), ?UINT16((ssl_tls1:ec_nid2curve_id(pubkey_cert_records:namedCurves(ECCurve)))), ?BYTE(KLen), ECPubKey/binary>>; enc_server_key(#server_psk_params{hint = PskIdentityHint}) -> Len = byte_size(PskIdentityHint), |