aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/ssl/src/ssl_connection.erl14
-rw-r--r--lib/ssl/src/ssl_connection.hrl4
2 files changed, 10 insertions, 8 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index e2c9423560..5510235b04 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -901,8 +901,8 @@ certify(internal, #server_hello_done{},
#state{static_env = #static_env{role = client},
session = #session{master_secret = undefined},
connection_env = #connection_env{negotiated_version = Version},
- handshake_env = #handshake_env{premaster_secret = undefined} = HsEnv,
- psk_identity = PSKIdentity,
+ handshake_env = #handshake_env{premaster_secret = undefined,
+ server_psk_identity = PSKIdentity} = HsEnv,
ssl_options = #ssl_options{user_lookup_fun = PSKLookup},
key_algorithm = Alg} = State0, Connection)
when Alg == psk ->
@@ -918,10 +918,10 @@ certify(internal, #server_hello_done{},
certify(internal, #server_hello_done{},
#state{static_env = #static_env{role = client},
connection_env = #connection_env{negotiated_version = {Major, Minor}} = Version,
- handshake_env = #handshake_env{premaster_secret = undefined} = HsEnv,
+ handshake_env = #handshake_env{premaster_secret = undefined,
+ server_psk_identity = PSKIdentity} = HsEnv,
session = #session{master_secret = undefined},
ssl_options = #ssl_options{user_lookup_fun = PSKLookup},
- psk_identity = PSKIdentity,
key_algorithm = Alg} = State0, Connection)
when Alg == rsa_psk ->
Rand = ssl_cipher:random_bytes(?NUM_OF_PREMASTERSECRET_BYTES-2),
@@ -2087,9 +2087,11 @@ calculate_secret(#server_ecdh_params{curve = ECCurve, public = ECServerPubKey},
calculate_secret(#server_psk_params{
hint = IdentityHint},
- State, Connection) ->
+ #state{handshake_env = HsEnv} = State, Connection) ->
%% store for later use
- Connection:next_event(certify, no_record, State#state{psk_identity = IdentityHint});
+ Connection:next_event(certify, no_record,
+ State#state{handshake_env =
+ HsEnv#handshake_env{server_psk_identity = IdentityHint}});
calculate_secret(#server_dhe_psk_params{
dh_params = #server_dh_params{dh_p = Prime, dh_g = Base}} = ServerKey,
diff --git a/lib/ssl/src/ssl_connection.hrl b/lib/ssl/src/ssl_connection.hrl
index d598e513fa..27d414d351 100644
--- a/lib/ssl/src/ssl_connection.hrl
+++ b/lib/ssl/src/ssl_connection.hrl
@@ -70,7 +70,8 @@
cert_hashsign_algorithm = {undefined, undefined},
%% key exchange
public_key_info :: ssl_handshake:public_key_info() | 'undefined',
- premaster_secret :: binary() | secret_printout() | 'undefined'
+ premaster_secret :: binary() | secret_printout() | 'undefined',
+ server_psk_identity :: binary() | 'undefined' % server psk identity hint
}).
-record(connection_env, {
@@ -109,7 +110,6 @@
key_algorithm :: ssl:key_algo(),
diffie_hellman_params:: #'DHParameter'{} | undefined | secret_printout(),
diffie_hellman_keys :: {PublicKey :: binary(), PrivateKey :: binary()} | #'ECPrivateKey'{} | undefined | secret_printout(),
- psk_identity :: binary() | 'undefined', % server psk identity hint
srp_params :: #srp_user{} | secret_printout() | 'undefined',
srp_keys ::{PublicKey :: binary(), PrivateKey :: binary()} | secret_printout() | 'undefined',
flight_buffer = [] :: list() | map() %% Buffer of TLS/DTLS records, used during the TLS handshake