ssl: Implement TLS 1.3 state machine skeleton

Change-Id: I4b382a7907247cc2099951fdefa40f1511b1123e
author: Péter Dimitrov <[email protected]> 2018-10-23 09:31:12 +0200
committer: Péter Dimitrov <[email protected]> 2018-10-24 16:11:06 +0200
commit: 240dbea494958c0aa622dd2d7a336f0571470959 (patch)
tree: 087d411957e878a15bc1363feb537f74cc7c2451 /lib/ssl/src/tls_handshake_1_3.erl
parent: 1937d6b448f781264dca2a6d260446b875a4241b (diff)
download: otp-240dbea494958c0aa622dd2d7a336f0571470959.tar.gz
otp-240dbea494958c0aa622dd2d7a336f0571470959.tar.bz2
otp-240dbea494958c0aa622dd2d7a336f0571470959.zip
1 files changed, 47 insertions, 0 deletions
diff --git a/lib/ssl/src/tls_handshake_1_3.erl b/lib/ssl/src/tls_handshake_1_3.erl
index 199054b43b..b9ebf2e502 100644
--- a/lib/ssl/src/tls_handshake_1_3.erl
+++ b/lib/ssl/src/tls_handshake_1_3.erl
@@ -33,6 +33,9 @@
 %% Encode
 -export([encode_handshake/1, decode_handshake/2]).
 
+%% Handshake
+-export([handle_client_hello/5]).
+
 encode_handshake(#certificate_request_1_3{
                     certificate_request_context = Context, 
                     extensions = Exts})->
@@ -151,3 +154,47 @@ decode_extensions(Exts) ->
 
 extensions_list(HelloExtensions) ->
     [Ext || {_, Ext} <- maps:to_list(HelloExtensions)].
+
+
+handle_client_hello(Version,
+                    #client_hello{session_id = SugesstedId,
+                                  cipher_suites = CipherSuites,
+                                  compression_methods = Compressions,
+                                  random = Random,
+                                  extensions = HelloExt},
+		    #ssl_options{versions = Versions,
+				 signature_algs = SupportedHashSigns,
+				 eccs = SupportedECCs,
+				 honor_ecc_order = ECCOrder} = SslOpts,
+		    {Port, Session0, Cache, CacheCb, ConnectionStates0, Cert, _},
+                    Renegotiation) ->
+    case tls_record:is_acceptable_version(Version, Versions) of
+	true ->
+            %% Get supported_groups
+            %% SupportedGroups = maps:get(elliptic_curves, HelloExt, undefined),
+            %% Get KeyShareClientHello
+
+            %% Validate supported_groups + KeyShareClientHello
+            %% IF valid THEN
+            %%   IF supported_groups IS empty send HelloRetryRequest
+            %%   ELSE continue
+            %% ELSE
+            %%   send Alert
+            %% ClientHashSigns = maps:get(signature_algs, HelloExt, undefined),
+            %% ClientSignatureSchemes = maps:get(signature_algs_cert, HelloExt, undefined),
+
+            %% Implement session handling.
+
+            %% Select curve
+
+            %% Sessions cannot be resumed by ClientHello
+
+            %% Select cipher_suite
+            %% Select hash_sign
+
+            %% Handle extensions
+	    ok;
+	false ->
+	    ?ALERT_REC(?FATAL, ?PROTOCOL_VERSION)
+    end.
+
author	Péter Dimitrov <[email protected]>	2018-10-23 09:31:12 +0200
committer	Péter Dimitrov <[email protected]>	2018-10-24 16:11:06 +0200
commit	240dbea494958c0aa622dd2d7a336f0571470959 (patch)
tree	087d411957e878a15bc1363feb537f74cc7c2451 /lib/ssl/src/tls_handshake_1_3.erl
parent	1937d6b448f781264dca2a6d260446b875a4241b (diff)
download	otp-240dbea494958c0aa622dd2d7a336f0571470959.tar.gz otp-240dbea494958c0aa622dd2d7a336f0571470959.tar.bz2 otp-240dbea494958c0aa622dd2d7a336f0571470959.zip