From 2ce6be54915587d2c14f95b9f65197bd8c86554e Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Mon, 29 Jan 2018 14:37:30 +0100
Subject: ssl: Uses aead as mac value in AEAD cipher suites

Authenticated encryption (AE) and authenticated encryption with
associated data (AEAD, variant of AE) is a form of encryption which
simultaneously provides confidentiality, integrity, and authenticity
assurances on the data.

This is more logical value then null that was used, this happened to
work as the AEAD property was derived form other data, but it is confusing!
---
 lib/ssl/src/ssl.erl | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'lib/ssl/src/ssl.erl')

diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index 49634ad3a5..575b4e2e11 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -1268,9 +1268,19 @@ tuple_to_map({Kex, Cipher, Mac}) ->
 tuple_to_map({Kex, Cipher, Mac, Prf}) ->
     #{key_exchange => Kex,
       cipher => Cipher,
-      mac => Mac,
+      mac => tuple_to_map_mac(Cipher, Mac),
       prf => Prf}.
 
+%% Backwards compatible
+tuple_to_map_mac(aes_128_gcm, _) -> 
+    aead;
+tuple_to_map_mac(aes_256_gcm, _) -> 
+    aead;
+tuple_to_map_mac(chacha20_poly1305, _) ->
+    aead;
+tuple_to_map_mac(_, MAC) ->
+    MAC.
+
 handle_eccs_option(Value, Version) when is_list(Value) ->
     {_Major, Minor} = tls_version(Version),
     try tls_v1:ecc_curves(Minor, Value) of
-- 
cgit v1.2.3