diff options
author | Ingela Anderton Andin <[email protected]> | 2012-06-28 16:02:27 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2012-08-22 14:00:44 +0200 |
commit | 7682bd59933f20cba5c32df96a58f252924478a9 (patch) | |
tree | 7a4f1fadbb0f6b6197fece51ec844c590cabf5fe /lib/ssl/src/ssl_tls1.erl | |
parent | aa9a388f9498028f7288fc2f61264cf13bec7278 (diff) | |
download | otp-7682bd59933f20cba5c32df96a58f252924478a9.tar.gz otp-7682bd59933f20cba5c32df96a58f252924478a9.tar.bz2 otp-7682bd59933f20cba5c32df96a58f252924478a9.zip |
ssl: Fix PRF logic
Diffstat (limited to 'lib/ssl/src/ssl_tls1.erl')
-rw-r--r-- | lib/ssl/src/ssl_tls1.erl | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/lib/ssl/src/ssl_tls1.erl b/lib/ssl/src/ssl_tls1.erl index d56b8ee07f..e6e55048a4 100644 --- a/lib/ssl/src/ssl_tls1.erl +++ b/lib/ssl/src/ssl_tls1.erl @@ -28,7 +28,7 @@ -include("ssl_internal.hrl"). -include("ssl_record.hrl"). --export([master_secret/4, finished/5, certificate_verify/3, mac_hash/7, +-export([master_secret/4, finished/5, certificate_verify/2, mac_hash/7, setup_keys/8, suites/1, prf/5]). %%==================================================================== @@ -73,14 +73,14 @@ finished(Role, Version, PrfAlgo, MasterSecret, Handshake) Hash = crypto:hash(mac_algo(PrfAlgo), Handshake), prf(PrfAlgo, MasterSecret, finished_label(Role), Hash, 12). --spec certificate_verify(OID::tuple(), [binary()]) -> binary(). +-spec certificate_verify(md5sha | sha, integer(), [binary()]) -> binary(). certificate_verify(?'rsaEncryption', Handshake) -> MD5 = crypto:md5(Handshake), SHA = crypto:sha(Handshake), <<MD5/binary, SHA/binary>>; -certificate_verify(?'id-dsa', Handshake) -> +certificate_verify(sha, _Version, Handshake) -> crypto:sha(Handshake). -spec setup_keys(integer(), integer(), binary(), binary(), binary(), integer(), @@ -233,7 +233,6 @@ hmac_hash(?SHA512, Key, Value) -> mac_algo(?MD5) -> md5; mac_algo(?SHA) -> sha; -mac_algo(?MD5SHA) -> sha256; %% RFC 5246 defines minimum hash for TLS 1.2 mac_algo(?SHA256) -> sha256; mac_algo(?SHA384) -> sha384; mac_algo(?SHA512) -> sha512. @@ -287,8 +286,7 @@ split_secret(BinSecret) -> <<_:Div/binary, Secret2:EvenLength/binary>> = BinSecret, {Secret1, Secret2}. -prf(MAC, Secret, Label, Seed, WantedLength) - when MAC == ?MD5SHA -> +prf(?MD5SHA, Secret, Label, Seed, WantedLength) -> %% PRF(secret, label, seed) = P_MD5(S1, label + seed) XOR %% P_SHA-1(S2, label + seed); {S1, S2} = split_secret(Secret), |