ssl: Add new API function suite_to_str/1

Add new API function for converting cipher suite maps
to their textual representation.

Change-Id: I43681930b38e0f3bdb4dfccbf9e8895aa2d6a281

4 files changed, 73 insertions, 4 deletions

diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index 029f29cdb3..e88407dd6d 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -1492,6 +1492,18 @@ fun(srp, Username :: string(), UserState :: term()) ->
     </func>
 
     <func>
+      <name>suite_to_str(CipherSuite) -> String</name>
+      <fsummary>Returns the string representation of a cipher suite.</fsummary>
+      <type>
+        <v>CipherSuite = erl_cipher_suite()</v>
+	<v>String = string()</v>
+      </type>
+      <desc>
+        <p>Returns the string representation of a cipher suite.</p>
+      </desc>
+    </func>
+
+    <func>
       <name>transport_accept(ListenSocket) -></name>
       <name>transport_accept(ListenSocket, Timeout) ->
 	{ok, NewSocket} | {error, Reason}</name>
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index a7b4ec2bf7..1e3b441e3c 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -55,7 +55,7 @@
          format_error/1, renegotiate/1, prf/5, negotiated_protocol/1, 
 	 connection_information/1, connection_information/2]).
 %% Misc
--export([handle_options/2, tls_version/1, new_ssl_options/3]).
+-export([handle_options/2, tls_version/1, new_ssl_options/3, suite_to_str/1]).
 
 -deprecated({ssl_accept, 1, eventually}).
 -deprecated({ssl_accept, 2, eventually}).
@@ -772,6 +772,16 @@ tls_version({3, _} = Version) ->
 tls_version({254, _} = Version) ->
     dtls_v1:corresponding_tls_version(Version).
 
+
+%%--------------------------------------------------------------------
+-spec suite_to_str(ssl_cipher:erl_cipher_suite()) -> string().
+%%
+%% Description: Return the string representation of a cipher suite.
+%%--------------------------------------------------------------------
+suite_to_str(Cipher) ->
+    ssl_cipher:suite_to_str(Cipher).
+
+
 %%%--------------------------------------------------------------
 %%% Internal functions
 %%%--------------------------------------------------------------------
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 3f8b9a8a9b..c5b5b76f05 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -43,7 +43,7 @@
          filter/3, filter_suites/1, filter_suites/2,
 	 hash_algorithm/1, sign_algorithm/1, is_acceptable_hash/2, is_fallback/1,
 	 random_bytes/1, calc_mac_hash/4,
-         is_stream_ciphersuite/1]).
+         is_stream_ciphersuite/1, suite_to_str/1]).
 
 -export_type([cipher_suite/0,
 	      erl_cipher_suite/0, old_erl_cipher_suite/0, openssl_cipher_suite/0,
@@ -1877,6 +1877,32 @@ suite(#{key_exchange := dhe_rsa,
         prf := sha256}) ->
     ?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256.
 
+
+%%--------------------------------------------------------------------
+-spec suite_to_str(erl_cipher_suite()) -> string().
+%%
+%% Description: Return the string representation of a cipher suite.
+%%--------------------------------------------------------------------
+suite_to_str(#{key_exchange := null,
+               cipher := null,
+               mac := null,
+               prf := null}) ->
+    "TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
+suite_to_str(#{key_exchange := Kex,
+               cipher := Cipher,
+               mac := aead,
+               prf := PRF}) ->
+    "TLS_" ++ string:to_upper(atom_to_list(Kex)) ++
+        "_WITH_" ++  string:to_upper(atom_to_list(Cipher)) ++
+        "_" ++ string:to_upper(atom_to_list(PRF));
+suite_to_str(#{key_exchange := Kex,
+               cipher := Cipher,
+               mac := Mac}) ->
+    "TLS_" ++ string:to_upper(atom_to_list(Kex)) ++
+        "_WITH_" ++  string:to_upper(atom_to_list(Cipher)) ++
+        "_" ++ string:to_upper(atom_to_list(Mac)).
+
+
 %%--------------------------------------------------------------------
 -spec openssl_suite(openssl_cipher_suite()) -> cipher_suite().
 %%
diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 162c63850f..e8fb25e0e4 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -108,7 +108,8 @@ basic_tests() ->
      clear_pem_cache,
      defaults,
      fallback,
-     cipher_format
+     cipher_format,
+     suite_to_str
     ].
 
 basic_tests_tls() ->
@@ -1227,7 +1228,27 @@ cipher_format(Config) when is_list(Config) ->
     ssl:close(Socket1),
     {ok, Socket2} = ssl:listen(0, [{ciphers, ssl:cipher_suites(openssl)}]),
     ssl:close(Socket2).
-   
+
+%%--------------------------------------------------------------------
+suite_to_str() ->
+    [{doc, "Test that the suite_to_str API works"}].
+suite_to_str(Config) when is_list(Config) ->
+    "TLS_EMPTY_RENEGOTIATION_INFO_SCSV" =
+        ssl:suite_to_str(#{key_exchange => null,
+                           cipher => null,
+                           mac => null,
+                           prf => null}),
+    "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" =
+        ssl:suite_to_str(#{key_exchange => ecdhe_ecdsa,
+                           cipher => aes_128_gcm,
+                           mac => aead,
+                           prf => sha256}),
+    "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256" =
+        ssl:suite_to_str(#{key_exchange => ecdh_rsa,
+                           cipher => aes_128_cbc,
+                           mac => sha256,
+                           prf => sha256}).
+
 %%--------------------------------------------------------------------
 
 peername() ->