aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2019-03-21 10:47:45 +0100
committerIngela Anderton Andin <[email protected]>2019-03-21 10:47:45 +0100
commitc102b3fd3fe486c2de1357dc0f04251560defcf4 (patch)
tree4bb3821ba348f311164100bc139c79d632f8af20 /lib
parentd19f68f99cdc723b942acf1e62178b820da5c12d (diff)
downloadotp-c102b3fd3fe486c2de1357dc0f04251560defcf4.tar.gz
otp-c102b3fd3fe486c2de1357dc0f04251560defcf4.tar.bz2
otp-c102b3fd3fe486c2de1357dc0f04251560defcf4.zip
Revert "ssl: Correct handling of crypto exception handling."
This reverts commit 884503bc69157d2a3c6bd72389b4e2a800f97fb6.
Diffstat (limited to 'lib')
-rw-r--r--lib/ssl/src/ssl_record.erl7
-rw-r--r--lib/ssl/src/tls_record_1_3.erl7
2 files changed, 12 insertions, 2 deletions
diff --git a/lib/ssl/src/ssl_record.erl b/lib/ssl/src/ssl_record.erl
index 669626aefb..91f1876980 100644
--- a/lib/ssl/src/ssl_record.erl
+++ b/lib/ssl/src/ssl_record.erl
@@ -395,7 +395,12 @@ decipher_aead(Type, #cipher_state{key = Key} = CipherState, AAD0, CipherFragment
try
Nonce = decrypt_nonce(Type, CipherState, CipherFragment),
{AAD, CipherText, CipherTag} = aead_ciphertext_split(Type, CipherState, CipherFragment, AAD0),
- ssl_cipher:aead_decrypt(Type, Key, Nonce, CipherText, CipherTag, AAD)
+ case ssl_cipher:aead_decrypt(Type, Key, Nonce, CipherText, CipherTag, AAD) of
+ Content when is_binary(Content) ->
+ Content;
+ _ ->
+ ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC, decryption_failed)
+ end
catch
_:_ ->
?ALERT_REC(?FATAL, ?BAD_RECORD_MAC, decryption_failed)
diff --git a/lib/ssl/src/tls_record_1_3.erl b/lib/ssl/src/tls_record_1_3.erl
index 5f1c64eae6..97331e1510 100644
--- a/lib/ssl/src/tls_record_1_3.erl
+++ b/lib/ssl/src/tls_record_1_3.erl
@@ -267,7 +267,12 @@ decipher_aead(CipherFragment, BulkCipherAlgo, Key, Seq, IV, TagLen) ->
AAD = additional_data(erlang:iolist_size(CipherFragment)),
Nonce = nonce(Seq, IV),
{CipherText, CipherTag} = aead_ciphertext_split(CipherFragment, TagLen),
- ssl_cipher:aead_decrypt(BulkCipherAlgo, Key, Nonce, CipherText, CipherTag, AAD)
+ case ssl_cipher:aead_decrypt(BulkCipherAlgo, Key, Nonce, CipherText, CipherTag, AAD) of
+ Content when is_binary(Content) ->
+ Content;
+ _ ->
+ ?ALERT_REC(?FATAL, ?BAD_RECORD_MAC, decryption_failed)
+ end
catch
_:_ ->
?ALERT_REC(?FATAL, ?BAD_RECORD_MAC, decryption_failed)