ssl: Improve AEAD encode/decode

- Update calculation of nonce and additional data
- Update cipher_aead, decipher_aead
- Add test for TLS 1.3 encode/decode

Change-Id: Id0a5cc68d8746079fb42c0192c0c64405f6d7a72

1 files changed, 105 insertions, 1 deletions

diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 6d42c6f2d5..b47e753596 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -271,7 +271,8 @@ rizzo_tests() ->
 %% For testing TLS 1.3 features and possible regressions
 tls13_test_group() ->
     [tls13_enable_client_side,
-     tls13_enable_server_side].
+     tls13_enable_server_side,
+     tls_record_1_3_encode_decode].
 
 %%--------------------------------------------------------------------
 init_per_suite(Config0) ->
@@ -4534,6 +4535,109 @@ tls13_enable_server_side(Config) when is_list(Config) ->
     ServerMsg = ClientMsg = {ok, 'tlsv1.2'},
     ssl_test_lib:check_result(Server, ServerMsg, Client, ClientMsg).
 
+tls_record_1_3_encode_decode() ->
+     [{doc,"Test TLS 1.3 record encode/decode functions"}].
+
+tls_record_1_3_encode_decode(_Config) ->
+    ConnectionStates =
+        #{current_read =>
+              #{beast_mitigation => one_n_minus_one,
+                cipher_state =>
+                    {cipher_state,
+                     <<14,172,111,243,199,170,242,203,126,205,34,93,122,115,226,14,
+                       15,117,155,48,24,112,61,15,113,208,127,51,179,227,194,232>>,
+                     <<197,54,168,218,54,91,157,58,30,201,197,142,51,58,53,231,228,
+                       131,57,122,170,78,82,196,30,48,23,16,95,255,185,236>>,
+                     undefined,undefined,16},
+                client_verify_data => undefined,compression_state => undefined,
+                mac_secret => undefined,secure_renegotiation => undefined,
+                security_parameters =>
+                    {security_parameters,
+                     <<19,2>>,
+                     0,8,2,undefined,undefined,undefined,undefined,undefined,
+                     sha384,undefined,undefined,
+                     {handshake_secret,
+                      <<128,229,186,211,62,127,182,20,62,166,233,23,135,64,121,
+                        3,104,251,214,161,253,31,3,2,232,37,8,221,189,72,64,218,
+                        121,41,112,148,254,34,68,164,228,60,161,201,132,55,56,
+                        157>>},
+                     undefined,
+                     <<92,24,205,75,244,60,136,212,250,32,214,20,37,3,213,87,61,207,
+                       147,61,168,145,177,118,160,153,33,53,48,108,191,174>>,
+                     undefined},
+                sequence_number => 0,server_verify_data => undefined},
+          current_write =>
+              #{beast_mitigation => one_n_minus_one,
+                cipher_state =>
+                    {cipher_state,
+                     <<14,172,111,243,199,170,242,203,126,205,34,93,122,115,226,14,
+                       15,117,155,48,24,112,61,15,113,208,127,51,179,227,194,232>>,
+                     <<197,54,168,218,54,91,157,58,30,201,197,142,51,58,53,231,228,
+                       131,57,122,170,78,82,196,30,48,23,16,95,255,185,236>>,
+                     undefined,undefined,16},
+                client_verify_data => undefined,compression_state => undefined,
+                mac_secret => undefined,secure_renegotiation => undefined,
+                security_parameters =>
+                    {security_parameters,
+                     <<19,2>>,
+                     0,8,2,undefined,undefined,undefined,undefined,undefined,
+                     sha384,undefined,undefined,
+                     {handshake_secret,
+                      <<128,229,186,211,62,127,182,20,62,166,233,23,135,64,121,
+                        3,104,251,214,161,253,31,3,2,232,37,8,221,189,72,64,218,
+                        121,41,112,148,254,34,68,164,228,60,161,201,132,55,56,
+                        157>>},
+                     undefined,
+                     <<92,24,205,75,244,60,136,212,250,32,214,20,37,3,213,87,61,207,
+                       147,61,168,145,177,118,160,153,33,53,48,108,191,174>>,
+                     undefined},
+                sequence_number => 0,server_verify_data => undefined}},
+
+    PlainText = [11,
+                 <<0,2,175>>,
+                 <<0,0,2,171,0,2,166,48,130,2,162,48,130,1,138,2,9,0,186,57,220,137,88,255,
+                   191,235,48,13,6,9,42,134,72,134,247,13,1,1,11,5,0,48,18,49,16,48,14,6,3,85,
+                   4,3,12,7,84,101,115,116,32,67,65,48,30,23,13,49,56,48,53,48,52,49,52,49,50,
+                   51,56,90,23,13,50,56,48,50,48,52,49,52,49,50,51,56,90,48,20,49,18,48,16,6,
+                   3,85,4,3,12,9,108,111,99,97,108,104,111,115,116,48,130,1,34,48,13,6,9,42,
+                   134,72,134,247,13,1,1,1,5,0,3,130,1,15,0,48,130,1,10,2,130,1,1,0,169,40,
+                   144,176,121,63,134,97,144,126,243,183,225,157,37,131,183,225,87,243,23,88,
+                   230,70,9,134,32,147,7,27,167,98,51,81,224,75,199,12,229,251,195,207,75,179,
+                   181,78,128,3,255,44,58,39,43,172,142,45,186,58,51,65,187,199,154,153,245,
+                   70,133,137,1,27,87,42,116,65,251,129,109,145,233,97,171,71,54,213,185,74,
+                   209,166,11,218,189,119,206,86,170,60,212,213,85,189,30,50,215,23,185,53,
+                   132,238,132,176,198,250,139,251,198,221,225,128,109,113,23,220,39,143,71,
+                   30,59,189,51,244,61,158,214,146,180,196,103,169,189,221,136,78,129,216,148,
+                   2,9,8,65,37,224,215,233,13,209,21,235,20,143,33,74,59,53,208,90,152,94,251,
+                   54,114,171,39,88,230,227,158,211,135,37,182,67,205,161,59,20,138,58,253,15,
+                   53,48,8,157,9,95,197,9,177,116,21,54,9,125,78,109,182,83,20,16,234,223,116,
+                   41,155,123,87,77,17,120,153,246,239,124,130,105,219,166,146,242,151,66,198,
+                   75,72,63,28,246,86,16,244,223,22,36,50,15,247,222,98,6,152,136,154,72,150,
+                   73,127,2,3,1,0,1,48,13,6,9,42,134,72,134,247,13,1,1,11,5,0,3,130,1,1,0,76,
+                   33,54,160,229,219,219,193,150,116,245,252,18,39,235,145,86,12,167,171,52,
+                   117,166,30,83,5,216,245,177,217,247,95,1,136,94,246,212,108,248,230,111,
+                   225,202,189,6,129,8,70,128,245,18,204,215,87,82,129,253,227,122,66,182,184,
+                   189,30,193,169,144,218,216,109,105,110,215,144,60,104,162,178,101,164,218,
+                   122,60,37,41,143,57,150,52,59,51,112,238,113,239,168,114,69,183,143,154,73,
+                   61,58,80,247,172,95,251,55,28,186,28,200,206,230,118,243,92,202,189,49,76,
+                   124,252,76,0,247,112,85,194,69,59,222,163,228,103,49,110,104,109,251,155,
+                   138,9,37,167,49,189,48,134,52,158,185,129,24,96,153,196,251,90,206,76,239,
+                   175,119,174,165,133,108,222,125,237,125,187,149,152,83,190,16,202,94,202,
+                   201,40,218,22,254,63,189,41,174,97,140,203,70,18,196,118,237,175,134,79,78,
+                   246,2,61,54,77,186,112,32,17,193,192,188,217,252,215,200,7,245,180,179,132,
+                   183,212,229,155,15,152,206,135,56,81,88,3,123,244,149,110,182,72,109,70,62,
+                   146,152,146,151,107,126,216,210,9,93,0,0>>],
+
+    {[_Header|Encoded], _} = tls_record_1_3:encode_plain_text(22, PlainText, ConnectionStates),
+    CipherText = #ssl_tls{type = 23, version = {3,3}, fragment = Encoded},
+
+    {#ssl_tls{type = 22, version = {3,4}, fragment = DecodedText}, _} =
+        tls_record_1_3:decode_cipher_text(CipherText, ConnectionStates),
+
+    DecodedText = iolist_to_binary(PlainText),
+    ct:log("Decoded: ~p ~n", [DecodedText]),
+    ok.
+
 
 %%--------------------------------------------------------------------
 %% Internal functions ------------------------------------------------