aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorRaimo Niskanen <[email protected]>2019-01-24 14:01:16 +0100
committerRaimo Niskanen <[email protected]>2019-02-13 14:03:17 +0100
commit96209481ad9b1879e1736294a9c9b5c6d853631b (patch)
tree220f531158894875a333e8f7e9d0ba98c891a2a2 /lib
parent0cc1e1c31ce6bec1bb679628ee1e4e7a095dfba6 (diff)
downloadotp-96209481ad9b1879e1736294a9c9b5c6d853631b.tar.gz
otp-96209481ad9b1879e1736294a9c9b5c6d853631b.tar.bz2
otp-96209481ad9b1879e1736294a9c9b5c6d853631b.zip
Cache strong_random_bytes for IV
Diffstat (limited to 'lib')
-rw-r--r--lib/ssl/src/ssl_cipher.erl20
1 files changed, 12 insertions, 8 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index ab82b487b9..da2be0e50f 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -97,7 +97,8 @@ cipher_init(?AES_GCM, IV, Key) ->
cipher_init(?CHACHA20_POLY1305, IV, Key) ->
#cipher_state{iv = IV, key = Key, tag_len = 16};
cipher_init(_BCA, IV, Key) ->
- #cipher_state{iv = IV, key = Key}.
+ %% Initialize random IV cache, not used for aead ciphers
+ #cipher_state{iv = IV, key = Key, state = <<>>}.
nonce_seed(Seed, CipherState) ->
CipherState#cipher_state{nonce = Seed}.
@@ -156,14 +157,21 @@ block_cipher(Fun, BlockSz, #cipher_state{key=Key, iv=IV} = CS0,
NextIV = next_iv(T, IV),
{T, CS0#cipher_state{iv=NextIV}};
-block_cipher(Fun, BlockSz, #cipher_state{key=Key, iv=IV} = CS0,
+block_cipher(Fun, BlockSz, #cipher_state{key=Key, iv=IV, state = IV_Cache0} = CS0,
Mac, Fragment, {3, N})
when N == 2; N == 3 ->
- NextIV = random_iv(IV),
+ IV_Size = byte_size(IV),
+ <<NextIV:IV_Size/binary, IV_Cache/binary>> =
+ case IV_Cache0 of
+ <<>> ->
+ random_bytes(IV_Size bsl 5); % 32 IVs
+ _ ->
+ IV_Cache0
+ end,
L0 = build_cipher_block(BlockSz, Mac, Fragment),
L = [NextIV|L0],
T = Fun(Key, IV, L),
- {T, CS0#cipher_state{iv=NextIV}}.
+ {T, CS0#cipher_state{iv=NextIV, state = IV_Cache}}.
%%--------------------------------------------------------------------
-spec decipher(cipher_enum(), integer(), #cipher_state{}, binary(),
@@ -930,10 +938,6 @@ padding_with_len(TextLen, BlockSize) ->
binary:copy(<<PadLen>>, PadLen + 1)
end.
-random_iv(IV) ->
- IVSz = byte_size(IV),
- random_bytes(IVSz).
-
next_iv(Bin, IV) ->
BinSz = byte_size(Bin),
IVSz = byte_size(IV),