diff options
author | Ingela Anderton Andin <[email protected]> | 2013-12-02 09:52:58 +0100 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2013-12-02 09:52:58 +0100 |
commit | 239ce1c4781fe4fc25c55795573654453887f507 (patch) | |
tree | 256c7436d2d1e24407422fb525e71258fe23334e /lib/ssl/src/ssl_record.erl | |
parent | d3e5761436cfbcb5b53edad9e1140e445ce94bfd (diff) | |
parent | 174b36ae2755b501e2b3152f6b00e9c59a90e848 (diff) | |
download | otp-239ce1c4781fe4fc25c55795573654453887f507.tar.gz otp-239ce1c4781fe4fc25c55795573654453887f507.tar.bz2 otp-239ce1c4781fe4fc25c55795573654453887f507.zip |
Merge branch 'ia/ssl/dtls-refactor-continue/OTP-11292' into maint
* ia/ssl/dtls-refactor-continue/OTP-11292:
ssl: Trap exits
ssl: Refactor connetion handling
ssl: API and supervisor
ssl: Dialyzer fixes
ssl: Test case enhancement
ssl: Refactor API
ssl, public_key: Dialyzer fixes
ssl: Refactor premaster secret handling
ssl: Refactor connection and handshake handling
ssl: Refactor handshake and record handling
Diffstat (limited to 'lib/ssl/src/ssl_record.erl')
-rw-r--r-- | lib/ssl/src/ssl_record.erl | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl_record.erl b/lib/ssl/src/ssl_record.erl index 50a45dc16b..018c8befe0 100644 --- a/lib/ssl/src/ssl_record.erl +++ b/lib/ssl/src/ssl_record.erl @@ -47,7 +47,8 @@ %% Compression -export([compress/3, uncompress/3, compressions/0]). --export([is_correct_mac/2]). +%% Payload encryption/decryption +-export([cipher/4, decipher/3, is_correct_mac/2]). %%==================================================================== %% Internal application API @@ -355,6 +356,41 @@ compressions() -> [?byte(?NULL)]. %%-------------------------------------------------------------------- +-spec cipher(tls_version(), iolist(), #connection_state{}, MacHash::binary()) -> + {CipherFragment::binary(), #connection_state{}}. +%% +%% Description: Payload encryption +%%-------------------------------------------------------------------- +cipher(Version, Fragment, + #connection_state{cipher_state = CipherS0, + security_parameters= + #security_parameters{bulk_cipher_algorithm = + BulkCipherAlgo} + } = WriteState0, MacHash) -> + + {CipherFragment, CipherS1} = + ssl_cipher:cipher(BulkCipherAlgo, CipherS0, MacHash, Fragment, Version), + {CipherFragment, WriteState0#connection_state{cipher_state = CipherS1}}. +%%-------------------------------------------------------------------- +-spec decipher(tls_version(), binary(), #connection_state{}) -> {binary(), binary(), #connection_state{}}. +%% +%% Description: Payload decryption +%%-------------------------------------------------------------------- +decipher(Version, CipherFragment, + #connection_state{security_parameters = + #security_parameters{bulk_cipher_algorithm = + BulkCipherAlgo, + hash_size = HashSz}, + cipher_state = CipherS0 + } = ReadState) -> + case ssl_cipher:decipher(BulkCipherAlgo, HashSz, CipherS0, CipherFragment, Version) of + {PlainFragment, Mac, CipherS1} -> + CS1 = ReadState#connection_state{cipher_state = CipherS1}, + {PlainFragment, Mac, CS1}; + #alert{} = Alert -> + Alert + end. +%%-------------------------------------------------------------------- %%% Internal functions %%-------------------------------------------------------------------- empty_connection_state(ConnectionEnd) -> |