Produce less garbage in encrypt loop

3 files changed, 90 insertions, 63 deletions

diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index cf1bec6332..2c341635a3 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -1,7 +1,7 @@
 %
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2007-2018. All Rights Reserved.
+%% Copyright Ericsson AB 2007-2019. All Rights Reserved.
 %%
 %% Licensed under the Apache License, Version 2.0 (the "License");
 %% you may not use this file except in compliance with the License.
@@ -41,7 +41,7 @@
 	 rc4_suites/1, des_suites/1, rsa_suites/1, 
          filter/3, filter_suites/1, filter_suites/2,
 	 hash_algorithm/1, sign_algorithm/1, is_acceptable_hash/2, is_fallback/1,
-	 random_bytes/1, calc_mac_hash/4,
+	 random_bytes/1, calc_mac_hash/4, calc_mac_hash/6,
          is_stream_ciphersuite/1]).
 
 -compile(inline).
@@ -633,12 +633,13 @@ random_bytes(N) ->
 calc_mac_hash(Type, Version,
 	      PlainFragment, #{sequence_number := SeqNo,
 			       mac_secret := MacSecret,
-			       security_parameters:=
-				   SecPars}) ->
+			       security_parameters :=
+				   #security_parameters{mac_algorithm = MacAlgorithm}}) ->
+    calc_mac_hash(Type, Version, PlainFragment, MacAlgorithm, MacSecret, SeqNo).
+%%
+calc_mac_hash(Type, Version, PlainFragment, MacAlgorithm, MacSecret, SeqNo) ->
     Length = erlang:iolist_size(PlainFragment),
-    mac_hash(Version, SecPars#security_parameters.mac_algorithm,
-	     MacSecret, SeqNo, Type,
-	     Length, PlainFragment).
+    mac_hash(Version, MacAlgorithm, MacSecret, SeqNo, Type, Length, PlainFragment).
 
 is_stream_ciphersuite(#{cipher := rc4_128}) ->
     true;
diff --git a/lib/ssl/src/ssl_record.erl b/lib/ssl/src/ssl_record.erl
index b9d1320ef3..a82efe2799 100644
--- a/lib/ssl/src/ssl_record.erl
+++ b/lib/ssl/src/ssl_record.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2013-2018. All Rights Reserved.
+%% Copyright Ericsson AB 2013-2019. All Rights Reserved.
 %%
 %% Licensed under the Apache License, Version 2.0 (the "License");
 %% you may not use this file except in compliance with the License.
@@ -45,7 +45,9 @@
 -export([compress/3, uncompress/3, compressions/0]).
 
 %% Payload encryption/decryption
--export([cipher/4, decipher/4, cipher_aead/4, decipher_aead/5, is_correct_mac/2, nonce_seed/3]).
+-export([cipher/4, cipher/5, decipher/4,
+         cipher_aead/4, cipher_aead/5, decipher_aead/5,
+         is_correct_mac/2, nonce_seed/3]).
 
 -export_type([ssl_version/0, ssl_atom_version/0, connection_states/0, connection_state/0]).
 
@@ -302,27 +304,49 @@ cipher(Version, Fragment,
 	     #security_parameters{bulk_cipher_algorithm =
 				      BulkCipherAlgo}
 	} = WriteState0, MacHash) ->
-    
+    %%
     {CipherFragment, CipherS1} =
 	ssl_cipher:cipher(BulkCipherAlgo, CipherS0, MacHash, Fragment, Version),
     {CipherFragment,  WriteState0#{cipher_state => CipherS1}}.
+
+%%--------------------------------------------------------------------
+-spec cipher(ssl_version(), iodata(), #cipher_state{}, MacHash::binary(), #security_parameters{}) ->
+		    {CipherFragment::binary(), #cipher_state{}}.
+%%
+%% Description: Payload encryption
+%%--------------------------------------------------------------------
+cipher(Version, Fragment, CipherS0, MacHash,
+       #security_parameters{bulk_cipher_algorithm = BulkCipherAlgo}) ->
+    %%
+    ssl_cipher:cipher(BulkCipherAlgo, CipherS0, MacHash, Fragment, Version).
+
 %%--------------------------------------------------------------------
 -spec cipher_aead(ssl_version(), iodata(), connection_state(), AAD::binary()) ->
  			 {CipherFragment::binary(), connection_state()}.
 
 %% Description: Payload encryption
 %% %%--------------------------------------------------------------------
-cipher_aead(Version, Fragment,
+cipher_aead(_Version, Fragment,
 	    #{cipher_state := CipherS0,
 	      security_parameters :=
 		  #security_parameters{bulk_cipher_algorithm =
 					   BulkCipherAlgo}
 	     } = WriteState0, AAD) ->
     {CipherFragment, CipherS1} =
-	cipher_aead(BulkCipherAlgo, CipherS0, AAD, Fragment, Version),
+	do_cipher_aead(BulkCipherAlgo, Fragment, CipherS0, AAD),
     {CipherFragment,  WriteState0#{cipher_state => CipherS1}}.
 
 %%--------------------------------------------------------------------
+-spec cipher_aead(ssl_version(), iodata(), #cipher_state{}, AAD::binary(), #security_parameters{}) ->
+                         {CipherFragment::binary(), #cipher_state{}}.
+
+%% Description: Payload encryption
+%% %%--------------------------------------------------------------------
+cipher_aead(_Version, Fragment, CipherS, AAD,
+            #security_parameters{bulk_cipher_algorithm = BulkCipherAlgo}) ->
+    do_cipher_aead(BulkCipherAlgo, Fragment, CipherS, AAD).
+
+%%--------------------------------------------------------------------
 -spec decipher(ssl_version(), binary(), connection_state(), boolean()) ->
                       {binary(), binary(), connection_state()} | #alert{}.
 %%
@@ -427,12 +451,12 @@ initial_security_params(ConnectionEnd) ->
 				     compression_algorithm = ?NULL},
     ssl_cipher:security_parameters(?TLS_NULL_WITH_NULL_NULL, SecParams).
 
-cipher_aead(?CHACHA20_POLY1305 = Type, #cipher_state{key=Key} = CipherState, AAD0, Fragment, _Version) ->
+do_cipher_aead(?CHACHA20_POLY1305 = Type, Fragment, #cipher_state{key=Key} = CipherState, AAD0) ->
     AAD = end_additional_data(AAD0, erlang:iolist_size(Fragment)),
     Nonce = encrypt_nonce(Type, CipherState),
     {Content, CipherTag} = ssl_cipher:aead_encrypt(Type, Key, Nonce, Fragment, AAD),
     {<<Content/binary, CipherTag/binary>>, CipherState};
-cipher_aead(Type, #cipher_state{key=Key, nonce = ExplicitNonce} = CipherState, AAD0, Fragment, _Version) ->
+do_cipher_aead(Type, Fragment, #cipher_state{key=Key, nonce = ExplicitNonce} = CipherState, AAD0) ->
     AAD = end_additional_data(AAD0, erlang:iolist_size(Fragment)),
     Nonce = encrypt_nonce(Type, CipherState),
     {Content, CipherTag} = ssl_cipher:aead_encrypt(Type, Key, Nonce, Fragment, AAD),
diff --git a/lib/ssl/src/tls_record.erl b/lib/ssl/src/tls_record.erl
index 1776ec2627..3c0e93a7c9 100644
--- a/lib/ssl/src/tls_record.erl
+++ b/lib/ssl/src/tls_record.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2007-2018. All Rights Reserved.
+%% Copyright Ericsson AB 2007-2019. All Rights Reserved.
 %%
 %% Licensed under the Apache License, Version 2.0 (the "License");
 %% you may not use this file except in compliance with the License.
@@ -103,7 +103,7 @@ encode_handshake(Frag, Version,
     case iolist_size(Frag) of
 	N  when N > ?MAX_PLAIN_TEXT_LENGTH ->
 	    Data = split_bin(iolist_to_binary(Frag), Version, BCA, BeastMitigation),
-	    encode_iolist(?HANDSHAKE, Data, Version, ConnectionStates);
+	    encode_iolist(?HANDSHAKE, Version, Data, ConnectionStates);
 	_  ->
 	    encode_plain_text(?HANDSHAKE, Version, Frag, ConnectionStates)
     end.
@@ -140,7 +140,7 @@ encode_data(Frag, Version,
 				     #security_parameters{bulk_cipher_algorithm = BCA}}} =
 		ConnectionStates) ->
     Data = split_bin(Frag, Version, BCA, BeastMitigation),
-    encode_iolist(?APPLICATION_DATA, Data, Version, ConnectionStates).
+    encode_iolist(?APPLICATION_DATA, Version, Data, ConnectionStates).
 
 %%====================================================================
 %% Decoding
@@ -165,7 +165,7 @@ decode_cipher_text(#ssl_tls{type = Type, version = Version,
                                       BulkCipherAlgo,
 				  compression_algorithm = CompAlg}
 			  } = ReadState0} = ConnnectionStates0, _) ->
-    AAD = start_additional_data(Type, Version, ReadState0),
+    AAD = start_additional_data(Type, Version, Seq),
     CipherS1 = ssl_record:nonce_seed(BulkCipherAlgo, <<?UINT64(Seq)>>, CipherS0),
     case ssl_record:decipher_aead(BulkCipherAlgo, CipherS1, AAD, CipherFragment, Version) of
 	{PlainFragment, CipherState} ->
@@ -430,53 +430,55 @@ get_tls_records_aux(_, Data, Acc) ->
 	    ?ALERT_REC(?FATAL, ?UNEXPECTED_MESSAGE)
     end.
 %%--------------------------------------------------------------------
-encode_plain_text(Type, Version, Data, #{current_write := Write0} = ConnectionStates) ->
-    {CipherFragment, Write1} = do_encode_plain_text(Type, Version, Data, Write0),
-    {CipherText, Write} = encode_tls_cipher_text(Type, Version, CipherFragment, Write1),
-    {CipherText, ConnectionStates#{current_write => Write}}.
-
-encode_tls_cipher_text(Type, {MajVer, MinVer}, Fragment, #{sequence_number := Seq} = Write) ->
-    Length = erlang:iolist_size(Fragment),
-    {[<<?BYTE(Type), ?BYTE(MajVer), ?BYTE(MinVer), ?UINT16(Length)>>, Fragment],
-     Write#{sequence_number => Seq +1}}.
-
-encode_iolist(Type, Data, Version, ConnectionStates0) ->
-    {ConnectionStates, EncodedMsg} =
-        lists:foldl(fun(Text, {CS0, Encoded}) ->
-			    {Enc, CS1} =
-				encode_plain_text(Type, Version, Text, CS0),
-			    {CS1, [Enc | Encoded]}
-		    end, {ConnectionStates0, []}, Data),
-    {lists:reverse(EncodedMsg), ConnectionStates}.
-%%--------------------------------------------------------------------
-do_encode_plain_text(Type, Version, Data, #{compression_state := CompS0,
-                                            cipher_state := CipherS0,
-                                            sequence_number := Seq,
-                                            security_parameters :=
-					     #security_parameters{
-						cipher_type = ?AEAD,
-                                                bulk_cipher_algorithm = BCAlg,
-						compression_algorithm = CompAlg}
-					} = WriteState0) ->
-    {Comp, CompS1} = ssl_record:compress(CompAlg, Data, CompS0),
-    CipherS = ssl_record:nonce_seed(BCAlg, <<?UINT64(Seq)>>, CipherS0),
-    WriteState = WriteState0#{compression_state => CompS1,
-                              cipher_state => CipherS},
-    AAD = start_additional_data(Type, Version, WriteState),
-    ssl_record:cipher_aead(Version, Comp, WriteState, AAD);
-do_encode_plain_text(Type, Version, Data, #{compression_state := CompS0,
-					 security_parameters :=
-					     #security_parameters{compression_algorithm = CompAlg}
-					}= WriteState0) ->
-    {Comp, CompS1} = ssl_record:compress(CompAlg, Data, CompS0),
-    WriteState1 = WriteState0#{compression_state => CompS1},
-    MacHash = ssl_cipher:calc_mac_hash(Type, Version, Comp, WriteState1),
-    ssl_record:cipher(Version, Comp, WriteState1, MacHash);
-do_encode_plain_text(_,_,_,CS) ->
+encode_plain_text(Type, Version, Data, ConnectionStates0) ->
+    {[CipherText],ConnectionStates} = encode_iolist(Type, Version, [Data], ConnectionStates0),
+    {CipherText,ConnectionStates}.
+%%--------------------------------------------------------------------
+encode_iolist(Type, Version, Data,
+              #{current_write := #{compression_state := CompS,
+                                   cipher_state := CipherS,
+                                   sequence_number := Seq}} = ConnectionStates) ->
+    encode_iolist(Type, Version, Data, ConnectionStates, CompS, CipherS, Seq, []).
+%%
+encode_iolist(_Type, _Version, [], #{current_write := WriteS} = CS,
+              CompS, CipherS, Seq, CipherFragments) ->
+    {lists:reverse(CipherFragments),
+     CS#{current_write := WriteS#{compression_state := CompS,
+                                  cipher_state := CipherS,
+                                  sequence_number := Seq}}};
+encode_iolist(Type, Version, [Text|Data],
+              #{current_write := #{security_parameters :=
+                                       #security_parameters{cipher_type = ?AEAD,
+                                                            bulk_cipher_algorithm = BCAlg,
+                                                            compression_algorithm = CompAlg} = SecPars}} = CS,
+              CompS0, CipherS0, Seq, CipherFragments) ->
+    {CompText, CompS} = ssl_record:compress(CompAlg, Text, CompS0),
+    CipherS1 = ssl_record:nonce_seed(BCAlg, <<?UINT64(Seq)>>, CipherS0),
+    AAD = start_additional_data(Type, Version, Seq),
+    {CipherFragment,CipherS} = ssl_record:cipher_aead(Version, CompText, CipherS1, AAD, SecPars),
+    CipherHeader = cipher_header(Type, Version, CipherFragment),
+    encode_iolist(Type, Version, Data, CS, CompS, CipherS, Seq + 1,
+                  [[CipherHeader, CipherFragment] | CipherFragments]);
+encode_iolist(Type, Version, [Text|Data],
+              #{current_write := #{security_parameters :=
+                                       #security_parameters{compression_algorithm = CompAlg,
+                                                            mac_algorithm = MacAlgorithm} = SecPars,
+                                   mac_secret := MacSecret}} = CS,
+              CompS0, CipherS0, Seq, CipherFragments) ->
+    {CompText, CompS} = ssl_record:compress(CompAlg, Text, CompS0),
+    MacHash = ssl_cipher:calc_mac_hash(Type, Version, CompText, MacAlgorithm, MacSecret, Seq),
+    {CipherFragment,CipherS} = ssl_record:cipher(Version, CompText, CipherS0, MacHash, SecPars),
+    CipherHeader = cipher_header(Type, Version, CipherFragment),
+    encode_iolist(Type, Version, Data, CS, CompS, CipherS, Seq + 1,
+                  [[CipherHeader, CipherFragment] | CipherFragments]);
+encode_iolist(_Type, _Version, _Data, CS, _CompS, _CipherS, _Seq, _CipherFragments) ->
     exit({cs, CS}).
 %%--------------------------------------------------------------------
-start_additional_data(Type, {MajVer, MinVer},
-	 #{sequence_number := SeqNo}) ->
+cipher_header(Type, {MajVer, MinVer}, CipherFragment) ->
+    Length = erlang:iolist_size(CipherFragment),
+    <<?BYTE(Type), ?BYTE(MajVer), ?BYTE(MinVer), ?UINT16(Length)>>.
+
+start_additional_data(Type, {MajVer, MinVer}, SeqNo) ->
     <<?UINT64(SeqNo), ?BYTE(Type), ?BYTE(MajVer), ?BYTE(MinVer)>>.
 
 %% 1/n-1 splitting countermeasure Rizzo/Duong-Beast, RC4 chiphers are