diff options
author | Raimo Niskanen <[email protected]> | 2019-01-24 14:01:16 +0100 |
---|---|---|
committer | Raimo Niskanen <[email protected]> | 2019-02-13 14:03:17 +0100 |
commit | 96209481ad9b1879e1736294a9c9b5c6d853631b (patch) | |
tree | 220f531158894875a333e8f7e9d0ba98c891a2a2 /lib | |
parent | 0cc1e1c31ce6bec1bb679628ee1e4e7a095dfba6 (diff) | |
download | otp-96209481ad9b1879e1736294a9c9b5c6d853631b.tar.gz otp-96209481ad9b1879e1736294a9c9b5c6d853631b.tar.bz2 otp-96209481ad9b1879e1736294a9c9b5c6d853631b.zip |
Cache strong_random_bytes for IV
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ssl/src/ssl_cipher.erl | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index ab82b487b9..da2be0e50f 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -97,7 +97,8 @@ cipher_init(?AES_GCM, IV, Key) -> cipher_init(?CHACHA20_POLY1305, IV, Key) -> #cipher_state{iv = IV, key = Key, tag_len = 16}; cipher_init(_BCA, IV, Key) -> - #cipher_state{iv = IV, key = Key}. + %% Initialize random IV cache, not used for aead ciphers + #cipher_state{iv = IV, key = Key, state = <<>>}. nonce_seed(Seed, CipherState) -> CipherState#cipher_state{nonce = Seed}. @@ -156,14 +157,21 @@ block_cipher(Fun, BlockSz, #cipher_state{key=Key, iv=IV} = CS0, NextIV = next_iv(T, IV), {T, CS0#cipher_state{iv=NextIV}}; -block_cipher(Fun, BlockSz, #cipher_state{key=Key, iv=IV} = CS0, +block_cipher(Fun, BlockSz, #cipher_state{key=Key, iv=IV, state = IV_Cache0} = CS0, Mac, Fragment, {3, N}) when N == 2; N == 3 -> - NextIV = random_iv(IV), + IV_Size = byte_size(IV), + <<NextIV:IV_Size/binary, IV_Cache/binary>> = + case IV_Cache0 of + <<>> -> + random_bytes(IV_Size bsl 5); % 32 IVs + _ -> + IV_Cache0 + end, L0 = build_cipher_block(BlockSz, Mac, Fragment), L = [NextIV|L0], T = Fun(Key, IV, L), - {T, CS0#cipher_state{iv=NextIV}}. + {T, CS0#cipher_state{iv=NextIV, state = IV_Cache}}. %%-------------------------------------------------------------------- -spec decipher(cipher_enum(), integer(), #cipher_state{}, binary(), @@ -930,10 +938,6 @@ padding_with_len(TextLen, BlockSize) -> binary:copy(<<PadLen>>, PadLen + 1) end. -random_iv(IV) -> - IVSz = byte_size(IV), - random_bytes(IVSz). - next_iv(Bin, IV) -> BinSz = byte_size(Bin), IVSz = byte_size(IV), |