From a0bd4951be74a5db1c382a7e19432903db10e576 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 29 Jun 2012 14:48:44 +0200
Subject: ssl: Dialyzer fixes

---
 lib/ssl/src/ssl_certificate.erl    |  2 +-
 lib/ssl/src/ssl_certificate_db.erl | 14 ++++++--------
 lib/ssl/src/ssl_handshake.erl      | 33 +++++++++++++++------------------
 lib/ssl/src/ssl_manager.erl        |  4 ++--
 4 files changed, 24 insertions(+), 29 deletions(-)

diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl
index 0931b86782..605c267144 100644
--- a/lib/ssl/src/ssl_certificate.erl
+++ b/lib/ssl/src/ssl_certificate.erl
@@ -103,7 +103,7 @@ certificate_chain(OwnCert, CertDbHandle, CertsDbRef) ->
     ErlCert = public_key:pkix_decode_cert(OwnCert, otp),
     certificate_chain(ErlCert, OwnCert, CertDbHandle, CertsDbRef, [OwnCert]).
 %%--------------------------------------------------------------------
--spec file_to_certificats(string(), term()) -> [der_cert()].
+-spec file_to_certificats(binary(), term()) -> [der_cert()].
 %%
 %% Description: Return list of DER encoded certificates.
 %%--------------------------------------------------------------------
diff --git a/lib/ssl/src/ssl_certificate_db.erl b/lib/ssl/src/ssl_certificate_db.erl
index 01ddf056c9..67d00f0da7 100644
--- a/lib/ssl/src/ssl_certificate_db.erl
+++ b/lib/ssl/src/ssl_certificate_db.erl
@@ -106,7 +106,7 @@ add_trusted_certs(_Pid, File, [CertsDb, RefDb, PemChache] = Db) ->
 	    {ok, Ref};
 	[Content] ->
 	    Ref = make_ref(),
-	    insert(Ref, [], 1, RefDb),
+	    update_counter(Ref, 1, RefDb),
 	    insert(MD5, {Content, Ref}, PemChache),
 	    add_certs_from_pem(Content, Ref, CertsDb),
 	    {ok, Ref};
@@ -114,8 +114,8 @@ add_trusted_certs(_Pid, File, [CertsDb, RefDb, PemChache] = Db) ->
 	    new_trusted_cert_entry({MD5, File}, Db)
     end.
 %%--------------------------------------------------------------------
--spec cache_pem_file(string(), [db_handle()]) -> term().
--spec cache_pem_file(reference(), string(), [db_handle()]) -> term().
+-spec cache_pem_file({binary(), binary()}, [db_handle()]) -> term().
+-spec cache_pem_file(reference(), {binary(), binary()}, [db_handle()]) -> term().
 %%
 %% Description: Cache file as binary in DB
 %%--------------------------------------------------------------------
@@ -204,10 +204,8 @@ insert(Key, Data, Db) ->
 %%--------------------------------------------------------------------
 %%% Internal functions
 %%--------------------------------------------------------------------
-insert(Key, [], Count, Db) ->
-    true = ets:insert(Db, {Key, Count});
-insert(Key, Data, Count, Db) ->
-    true = ets:insert(Db, {Key, Count, Data}).
+update_counter(Key, Count, Db) ->
+    true = ets:insert(Db, {Key, Count}).
 
 remove_certs(Ref, CertsDb) ->
     ets:match_delete(CertsDb, {{Ref, '_', '_'}, '_'}).
@@ -236,7 +234,7 @@ add_certs(Cert, Ref, CertsDb) ->
 
 new_trusted_cert_entry(FileRef, [CertsDb, RefDb, _] = Db) ->
     Ref = make_ref(),
-    insert(Ref, [], 1, RefDb),
+    update_counter(Ref, 1, RefDb),
     {ok, Content} = cache_pem_file(Ref, FileRef, Db),
     add_certs_from_pem(Content, Ref, CertsDb),
     {ok, Ref}.
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 2957059b74..7edbf3d7c7 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -287,19 +287,6 @@ client_certificate_verify(OwnCert, MasterSecret, Version,
 %%
 %% Description: Checks that the certificate_verify message is valid.
 %%--------------------------------------------------------------------
-certificate_verify_rsa(Hashes, sha, Signature, PublicKey, {Major, Minor})
-  when Major == 3, Minor >= 3 ->
-    public_key:verify({digest, Hashes}, sha, Signature, PublicKey);
-certificate_verify_rsa(Hashes, HashAlgo, Signature, PublicKey, {Major, Minor})
-  when Major == 3, Minor >= 3 ->
-    public_key:verify({digest, Hashes}, HashAlgo, Signature, PublicKey);
-certificate_verify_rsa(Hashes, _HashAlgo, Signature, PublicKey, _Version) ->
-    case public_key:decrypt_public(Signature, PublicKey,
-				   [{rsa_pad, rsa_pkcs1_padding}]) of
-	Hashes -> true;
-	_      -> false
-    end.
-
 certificate_verify(Signature, {?'rsaEncryption', PublicKey, _}, Version,
 		   {HashAlgo, _SignAlgo}, MasterSecret, {_, Handshake}) ->
     Hashes = calc_certificate_verify(Version, HashAlgo, MasterSecret, Handshake),
@@ -386,7 +373,7 @@ key_exchange(server, Version, {dh, {<<?UINT32(Len), PublicKey:Len/binary>>, _},
 	    Signed = digitally_signed(Version, Hash, HashAlgo, PrivateKey),
 	    #server_key_exchange{params = ServerDHParams,
 				 signed_params = Signed,
-				 hashsign = {HashAlgo, digitally_signed_alg(PrivateKey)}}
+				 hashsign = {HashAlgo, dsa}}
     end.
 
 %%--------------------------------------------------------------------
@@ -543,7 +530,7 @@ decrypt_premaster_secret(Secret, RSAPrivateKey) ->
     end.
 
 %%--------------------------------------------------------------------
--spec server_key_exchange_hash(md5sha1 | md5 | sha | sha256 | sha384 | sha512, binary()) -> binary().
+-spec server_key_exchange_hash(md5sha | md5 | sha | sha256 | sha384 | sha512, binary()) -> binary().
 %%
 %% Description: Calculate server key exchange hash
 %%--------------------------------------------------------------------
@@ -1187,9 +1174,6 @@ digitally_signed(_Version, Hash, _HashAlgo, #'RSAPrivateKey'{} = Key) ->
     public_key:encrypt_private(Hash, Key,
 			       [{rsa_pad, rsa_pkcs1_padding}]).
 
-digitally_signed_alg(#'RSAPrivateKey'{} = _Key) -> rsa;
-digitally_signed_alg(#'DSAPrivateKey'{} = _Key) -> dsa.
-
 calc_master_secret({3,0}, _PrfAlgo, PremasterSecret, ClientRandom, ServerRandom) ->
     ssl_ssl3:master_secret(PremasterSecret, ClientRandom, ServerRandom);
 
@@ -1233,3 +1217,16 @@ apply_user_fun(Fun, OtpCert, ExtensionOrError, UserState0, SslState) ->
 	{unknown, UserState} ->
 	    {unknown, {SslState, UserState}}
     end.
+
+certificate_verify_rsa(Hashes, sha, Signature, PublicKey, {Major, Minor})
+  when Major == 3, Minor >= 3 ->
+    public_key:verify({digest, Hashes}, sha, Signature, PublicKey);
+certificate_verify_rsa(Hashes, HashAlgo, Signature, PublicKey, {Major, Minor})
+  when Major == 3, Minor >= 3 ->
+    public_key:verify({digest, Hashes}, HashAlgo, Signature, PublicKey);
+certificate_verify_rsa(Hashes, _HashAlgo, Signature, PublicKey, _Version) ->
+    case public_key:decrypt_public(Signature, PublicKey,
+				   [{rsa_pad, rsa_pkcs1_padding}]) of
+	Hashes -> true;
+	_      -> false
+    end.
diff --git a/lib/ssl/src/ssl_manager.erl b/lib/ssl/src/ssl_manager.erl
index 3e947af2c9..af2bfa394d 100644
--- a/lib/ssl/src/ssl_manager.erl
+++ b/lib/ssl/src/ssl_manager.erl
@@ -86,7 +86,7 @@ start_link_dist(Opts) ->
 
 %%--------------------------------------------------------------------
 -spec connection_init(binary()| {der, list()}, client | server) ->
-			     {ok, certdb_ref(), db_handle(), db_handle()}.
+			     {ok, certdb_ref(), db_handle(), db_handle(), db_handle(), db_handle()}.
 %%			     
 %% Description: Do necessary initializations for a new connection.
 %%--------------------------------------------------------------------
@@ -325,7 +325,7 @@ handle_info({clean_cert_db, Ref, File},
     case ssl_certificate_db:ref_count(Ref, RefDb, 0) of
 	0 ->
 	    MD5 = crypto:md5(File),
-	    case ssl_certificate_db:lookup_cached_pem(MD5, PemCache) of
+	    case ssl_certificate_db:lookup_cached_pem(PemCache, MD5) of
 		[{Content, Ref}] ->
 		    ssl_certificate_db:insert(MD5, Content, PemCache);
 		undefined ->
-- 
cgit v1.2.3