Merge branch 'peterdmv/ssl/tls13_ciphers'

* peterdmv/ssl/tls13_ciphers: ssl: Fix cipher suite handling ssl: Add TLS 1.3 cipher suites Change-Id: I6b306d29642ba38639157ed1afea8b8df38af30e
author: Péter Dimitrov <[email protected]> 2018-09-11 15:49:11 +0200
committer: Péter Dimitrov <[email protected]> 2018-09-11 15:49:11 +0200
commit: a33920ef4e0669006b1c07ac7eda599ebd9583fb (patch)
tree: cf54012d8649d59223c9cca41edb47d1c2e4a1c7
parent: 7b1109fbf4fcddc53ea8d43761cae90382f45264 (diff)
parent: 69b54f6d2ef7462dedad3fa3be7e558ab4b00523 (diff)
download: otp-a33920ef4e0669006b1c07ac7eda599ebd9583fb.tar.gz
otp-a33920ef4e0669006b1c07ac7eda599ebd9583fb.tar.bz2
otp-a33920ef4e0669006b1c07ac7eda599ebd9583fb.zip
4 files changed, 119 insertions, 15 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 799f240659..9bb2beaebd 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -303,11 +303,6 @@ suites({3, Minor}) ->
 suites({_, Minor}) ->
     dtls_v1:suites(Minor).
 
-all_suites({3, 4} = Version) ->
-    Default = suites(Version),
-    Rest = ssl:filter_cipher_suites(chacha_suites(Version) ++ psk_suites(Version),
-                                    tls_v1:v1_3_filters()),
-    Default ++ Rest;
 all_suites({3, _} = Version) ->
     suites(Version)
         ++ chacha_suites(Version)
diff --git a/lib/ssl/src/ssl_cipher.hrl b/lib/ssl/src/ssl_cipher.hrl
index ba6a98b92a..1febc52e43 100644
--- a/lib/ssl/src/ssl_cipher.hrl
+++ b/lib/ssl/src/ssl_cipher.hrl
@@ -610,4 +610,21 @@
 %%      TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256     = {0xcc, 0x15}
 -define(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, <<?BYTE(16#CC), ?BYTE(16#15)>>).
 
+%%% TLS 1.3 cipher suites RFC8446
+
+%% TLS_AES_128_GCM_SHA256       = {0x13,0x01}
+-define(TLS_AES_128_GCM_SHA256, <<?BYTE(16#13), ?BYTE(16#01)>>).
+
+%% TLS_AES_256_GCM_SHA384       = {0x13,0x02}
+-define(TLS_AES_256_GCM_SHA384, <<?BYTE(16#13),?BYTE(16#02)>>).
+
+%% TLS_CHACHA20_POLY1305_SHA256 = {0x13,0x03}
+-define(TLS_CHACHA20_POLY1305_SHA256, <<?BYTE(16#13),?BYTE(16#03)>>).
+
+%% %% TLS_AES_128_CCM_SHA256       = {0x13,0x04}
+%% -define(TLS_AES_128_CCM_SHA256, <<?BYTE(16#13), ?BYTE(16#04)>>).
+
+%% %%  TLS_AES_128_CCM_8_SHA256    = {0x13,0x05}
+%% -define(TLS_AES_128_CCM_8_SHA256, <<?BYTE(16#13),?BYTE(16#05)>>).
+
 -endif. % -ifdef(ssl_cipher).
diff --git a/lib/ssl/src/ssl_cipher_format.erl b/lib/ssl/src/ssl_cipher_format.erl
index c311c0d097..6e480eef45 100644
--- a/lib/ssl/src/ssl_cipher_format.erl
+++ b/lib/ssl/src/ssl_cipher_format.erl
@@ -36,7 +36,14 @@
 -type cipher()            :: null |rc4_128 | des_cbc | '3des_ede_cbc' | aes_128_cbc |  aes_256_cbc | aes_128_gcm | aes_256_gcm | chacha20_poly1305.
 -type hash()              :: null | md5 | sha | sha224 | sha256 | sha384 | sha512.
 -type sign_algo()         :: rsa | dsa | ecdsa.
--type key_algo()          :: null | rsa | dhe_rsa | dhe_dss | ecdhe_ecdsa| ecdh_ecdsa | ecdh_rsa| srp_rsa| srp_dss | psk | dhe_psk | rsa_psk | dh_anon | ecdh_anon | srp_anon.
+-type key_algo()          :: null |
+                             rsa |
+                             dhe_rsa | dhe_dss |
+                             ecdhe_ecdsa | ecdh_ecdsa | ecdh_rsa |
+                             srp_rsa| srp_dss |
+                             psk | dhe_psk | rsa_psk |
+                             dh_anon | ecdh_anon | srp_anon |
+                             any. %% TLS 1.3
 -type erl_cipher_suite()  :: #{key_exchange := key_algo(),
                                cipher := cipher(),
                                mac    := hash() | aead,
@@ -62,6 +69,12 @@ suite_to_str(#{key_exchange := null,
                mac := null,
                prf := null}) ->
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
+suite_to_str(#{key_exchange := any,
+               cipher := Cipher,
+               mac := aead,
+               prf := PRF}) ->
+    "TLS_" ++ string:to_upper(atom_to_list(Cipher)) ++
+        "_" ++ string:to_upper(atom_to_list(PRF));
 suite_to_str(#{key_exchange := Kex,
                cipher := Cipher,
                mac := aead,
@@ -802,7 +815,34 @@ suite_definition(?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) ->
     #{key_exchange => dhe_rsa, 
       cipher => chacha20_poly1305, 
       mac => aead, 
+      prf => sha256};
+%% TLS 1.3 Cipher Suites RFC8446
+suite_definition(?TLS_AES_128_GCM_SHA256) ->
+    #{key_exchange => any,
+      cipher => aes_128_gcm,
+      mac => aead,
+      prf => sha256};
+suite_definition(?TLS_AES_256_GCM_SHA384) ->
+    #{key_exchange => any,
+      cipher => aes_256_gcm,
+      mac => aead,
+      prf => sha384};
+suite_definition(?TLS_CHACHA20_POLY1305_SHA256) ->
+    #{key_exchange => any,
+      cipher => chacha20_poly1305,
+      mac => aead,
       prf => sha256}.
+%% suite_definition(?TLS_AES_128_CCM_SHA256) ->
+%%     #{key_exchange => any,
+%%       cipher => aes_128_ccm,
+%%       mac => aead,
+%%       prf => sha256};
+%% suite_definition(?TLS_AES_128_CCM_8_SHA256) ->
+%%     #{key_exchange => any,
+%%       cipher => aes_128_ccm_8,
+%%       mac => aead,
+%%       prf => sha256}.
+
 
 %%--------------------------------------------------------------------
 -spec erl_suite_definition(cipher_suite() | erl_cipher_suite()) -> old_erl_cipher_suite().
@@ -1427,8 +1467,33 @@ suite(#{key_exchange := dhe_rsa,
         cipher := chacha20_poly1305,  
         mac := aead, 
         prf := sha256}) ->
-    ?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256.
-
+    ?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
+%% TLS 1.3 Cipher Suites RFC8446
+suite(#{key_exchange := any,
+        cipher := aes_128_gcm,
+        mac := aead,
+        prf := sha256}) ->
+    ?TLS_AES_128_GCM_SHA256;
+suite(#{key_exchange := any,
+      cipher := aes_256_gcm,
+      mac := aead,
+      prf := sha384}) ->
+    ?TLS_AES_256_GCM_SHA384;
+suite(#{key_exchange := any,
+      cipher := chacha20_poly1305,
+      mac := aead,
+      prf := sha256}) ->
+    ?TLS_CHACHA20_POLY1305_SHA256.
+%% suite(#{key_exchange := any,
+%%       cipher := aes_128_ccm,
+%%       mac := aead,
+%%       prf := sha256}) ->
+%%     ?TLS_AES_128_CCM_SHA256;
+%% suite(#{key_exchange := any,
+%%       cipher := aes_128_ccm_8,
+%%       mac := aead,
+%%       prf := sha256}) ->
+%%     ?TLS_AES_128_CCM_8_SHA256.
 %%--------------------------------------------------------------------
 -spec openssl_suite(openssl_cipher_suite()) -> cipher_suite().
 %%
@@ -1582,7 +1647,20 @@ openssl_suite("ECDHE-RSA-AES256-GCM-SHA384") ->
 openssl_suite("ECDH-RSA-AES128-GCM-SHA256") ->
     ?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256;
 openssl_suite("ECDH-RSA-AES256-GCM-SHA384") ->
-    ?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384.
+    ?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384;
+
+%% TLS 1.3 Cipher Suites RFC8446
+openssl_suite("TLS_AES_128_GCM_SHA256") ->
+    ?TLS_AES_128_GCM_SHA256;
+openssl_suite("TLS_AES_256_GCM_SHA384") ->
+    ?TLS_AES_256_GCM_SHA384;
+openssl_suite("TLS_CHACHA20_POLY1305_SHA256") ->
+    ?TLS_CHACHA20_POLY1305_SHA256.
+%% openssl_suite("TLS_AES_128_CCM_SHA256") ->
+%%     ?TLS_AES_128_CCM_SHA256;
+%% openssl_suite("TLS_AES_128_CCM_8_SHA256") ->
+%%     ?TLS_AES_128_CCM_8_SHA256.
+
 
 %%--------------------------------------------------------------------
 -spec openssl_suite_name(cipher_suite()) -> openssl_cipher_suite() | erl_cipher_suite().
@@ -1759,6 +1837,18 @@ openssl_suite_name(?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256) ->
 openssl_suite_name(?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384) ->
     "ECDH-RSA-AES256-GCM-SHA384";
 
+%% TLS 1.3 Cipher Suites RFC8446
+openssl_suite_name(?TLS_AES_128_GCM_SHA256) ->
+    "TLS_AES_128_GCM_SHA256";
+openssl_suite_name(?TLS_AES_256_GCM_SHA384) ->
+    "TLS_AES_256_GCM_SHA384";
+openssl_suite_name(?TLS_CHACHA20_POLY1305_SHA256) ->
+    "TLS_CHACHA20_POLY1305_SHA256";
+%% openssl_suite(?TLS_AES_128_CCM_SHA256) ->
+%%     "TLS_AES_128_CCM_SHA256";
+%% openssl_suite(?TLS_AES_128_CCM_8_SHA256) ->
+%%     "TLS_AES_128_CCM_8_SHA256";
+
 %% No oppenssl name
 openssl_suite_name(Cipher) ->
     suite_definition(Cipher).
diff --git a/lib/ssl/src/tls_v1.erl b/lib/ssl/src/tls_v1.erl
index e6be574916..7d28962d2d 100644
--- a/lib/ssl/src/tls_v1.erl
+++ b/lib/ssl/src/tls_v1.erl
@@ -32,7 +32,7 @@
 -export([master_secret/4, finished/5, certificate_verify/3, mac_hash/7, hmac_hash/3,
 	 setup_keys/8, suites/1, prf/5,
 	 ecc_curves/1, ecc_curves/2, oid_to_enum/1, enum_to_oid/1, 
-	 default_signature_algs/1, signature_algs/2, v1_3_filters/0,
+	 default_signature_algs/1, signature_algs/2,
          default_signature_schemes/1, signature_schemes/2]).
 
 -type named_curve() :: sect571r1 | sect571k1 | secp521r1 | brainpoolP512r1 |
@@ -249,11 +249,13 @@ suites(3) ->
     ] ++ suites(2);
 
 suites(4) ->
-    ssl:filter_cipher_suites(suites(3), v1_3_filters()).
-
-v1_3_filters() ->
-    [{mac, fun(aead) -> true; (_) -> false end}, 
-     {key_exchange, fun(dhe_dss) -> false;(rsa) -> false; (rsa_psk) -> false;(_) -> true end}].
+    [?TLS_AES_256_GCM_SHA384,
+     ?TLS_AES_128_GCM_SHA256,
+     ?TLS_CHACHA20_POLY1305_SHA256
+     %% Not supported
+     %% ?TLS_AES_128_CCM_SHA256,
+     %% ?TLS_AES_128_CCM_8_SHA256
+    ] ++ suites(3).
 
 signature_algs({3, 4}, HashSigns) ->
     signature_algs({3, 3}, HashSigns);
author	Péter Dimitrov <[email protected]>	2018-09-11 15:49:11 +0200
committer	Péter Dimitrov <[email protected]>	2018-09-11 15:49:11 +0200
commit	a33920ef4e0669006b1c07ac7eda599ebd9583fb (patch)
tree	cf54012d8649d59223c9cca41edb47d1c2e4a1c7
parent	7b1109fbf4fcddc53ea8d43761cae90382f45264 (diff)
parent	69b54f6d2ef7462dedad3fa3be7e558ab4b00523 (diff)
download	otp-a33920ef4e0669006b1c07ac7eda599ebd9583fb.tar.gz otp-a33920ef4e0669006b1c07ac7eda599ebd9583fb.tar.bz2 otp-a33920ef4e0669006b1c07ac7eda599ebd9583fb.zip