ssl: Add experimental version 'tlsv1.3'

- Add 'tlsv1.3' to the available versions. It can be used to
  trigger experimental behavior while implementing TLS 1.3.

- Add dummy clauses for handling version {3,4} of TLS.

- Update ssl_logger to handle unknown versions of TLS.

Change-Id: I564ffa47dca18b59f0dc16c9809dfd7adaf2d333

6 files changed, 42 insertions, 19 deletions

diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index c7f1f36d5d..e5a6f6bb47 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -1311,7 +1311,8 @@ validate_binary_list(Opt, List) ->
         end, List).
 validate_versions([], Versions) ->
     Versions;
-validate_versions([Version | Rest], Versions) when Version == 'tlsv1.2';
+validate_versions([Version | Rest], Versions) when Version == 'tlsv1.3';
+                                                   Version == 'tlsv1.2';
                                                    Version == 'tlsv1.1';
                                                    Version == tlsv1;
                                                    Version == sslv3 ->
@@ -1324,10 +1325,11 @@ validate_versions([Ver| _], Versions) ->
 
 tls_validate_versions([], Versions) ->
     Versions;
-tls_validate_versions([Version | Rest], Versions) when Version == 'tlsv1.2';
-                                                   Version == 'tlsv1.1';
-                                                   Version == tlsv1;
-                                                   Version == sslv3 ->
+tls_validate_versions([Version | Rest], Versions) when Version == 'tlsv1.3';
+                                                       Version == 'tlsv1.2';
+                                                       Version == 'tlsv1.1';
+                                                       Version == tlsv1;
+                                                       Version == sslv3 ->
     tls_validate_versions(Rest, Versions);                  
 tls_validate_versions([Ver| _], Versions) ->
     throw({error, {options, {Ver, {versions, Versions}}}}).
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 50dadd0903..81ef491c40 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -187,7 +187,7 @@ block_cipher(Fun, BlockSz, #cipher_state{key=Key, iv=IV} = CS0,
 
 block_cipher(Fun, BlockSz, #cipher_state{key=Key, iv=IV} = CS0,
 	     Mac, Fragment, {3, N})
-  when N == 2; N == 3 ->
+  when N == 2; N == 3; N == 4 ->
     NextIV = random_iv(IV),
     L0 = build_cipher_block(BlockSz, Mac, Fragment),
     L = [NextIV|L0],
@@ -320,6 +320,8 @@ suites({3, Minor}) ->
 suites({_, Minor}) ->
     dtls_v1:suites(Minor).
 
+all_suites({3, 4}) ->
+    all_suites({3, 3});
 all_suites({3, _} = Version) ->
     suites(Version)
         ++ chacha_suites(Version)
@@ -478,11 +480,12 @@ rc4_suites({3, Minor}) ->
 rc4_suites(0) ->
     [?TLS_RSA_WITH_RC4_128_SHA,
      ?TLS_RSA_WITH_RC4_128_MD5];
-rc4_suites(N) when N =< 3 ->
+rc4_suites(N) when N =< 4 ->
     [?TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
      ?TLS_ECDHE_RSA_WITH_RC4_128_SHA,
      ?TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
      ?TLS_ECDH_RSA_WITH_RC4_128_SHA].
+
 %%--------------------------------------------------------------------
 -spec des_suites(Version::ssl_record:ssl_version()) -> [cipher_suite()].
 %%
@@ -517,13 +520,14 @@ rsa_suites(0) ->
      ?TLS_RSA_WITH_AES_128_CBC_SHA,
      ?TLS_RSA_WITH_3DES_EDE_CBC_SHA
     ];  
-rsa_suites(N) when N =< 3 ->
+rsa_suites(N) when N =< 4 ->
     [
      ?TLS_RSA_WITH_AES_256_GCM_SHA384,
      ?TLS_RSA_WITH_AES_256_CBC_SHA256,
      ?TLS_RSA_WITH_AES_128_GCM_SHA256,
      ?TLS_RSA_WITH_AES_128_CBC_SHA256
     ].
+
 %%--------------------------------------------------------------------
 -spec suite_definition(cipher_suite()) -> erl_cipher_suite().
 %%
@@ -2430,7 +2434,7 @@ mac_hash({_,_}, ?NULL, _MacSecret, _SeqNo, _Type,
 mac_hash({3, 0}, MacAlg, MacSecret, SeqNo, Type, Length, Fragment) ->
     ssl_v3:mac_hash(MacAlg, MacSecret, SeqNo, Type, Length, Fragment);
 mac_hash({3, N} = Version, MacAlg, MacSecret, SeqNo, Type, Length, Fragment)  
-  when N =:= 1; N =:= 2; N =:= 3 ->
+  when N =:= 1; N =:= 2; N =:= 3; N =:= 4 ->
     tls_v1:mac_hash(MacAlg, MacSecret, SeqNo, Type, Version,
 		      Length, Fragment).
 
@@ -2635,7 +2639,7 @@ generic_block_cipher_from_bin({3, N}, T, IV, HashSize)
 			  next_iv = IV};
 
 generic_block_cipher_from_bin({3, N}, T, IV, HashSize)
-  when N == 2; N == 3 ->
+  when N == 2; N == 3; N == 4 ->
     Sz1 = byte_size(T) - 1,
     <<_:Sz1/binary, ?BYTE(PadLength)>> = T,
     IVLength = byte_size(IV),
diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl
index a98cbf8542..3428009573 100644
--- a/lib/ssl/src/ssl_internal.hrl
+++ b/lib/ssl/src/ssl_internal.hrl
@@ -73,9 +73,9 @@
 
 %% sslv3 is considered insecure due to lack of padding check (Poodle attack)
 %% Keep as interop with legacy software but do not support as default 
--define(ALL_AVAILABLE_VERSIONS, ['tlsv1.2', 'tlsv1.1', tlsv1, sslv3]).
+-define(ALL_AVAILABLE_VERSIONS, ['tlsv1.3', 'tlsv1.2', 'tlsv1.1', tlsv1, sslv3]).
 -define(ALL_AVAILABLE_DATAGRAM_VERSIONS, ['dtlsv1.2', dtlsv1]).
--define(ALL_SUPPORTED_VERSIONS, ['tlsv1.2', 'tlsv1.1', tlsv1]).
+-define(ALL_SUPPORTED_VERSIONS, ['tlsv1.3', 'tlsv1.2', 'tlsv1.1', tlsv1]).
 -define(MIN_SUPPORTED_VERSIONS, ['tlsv1.1', tlsv1]).
 -define(ALL_DATAGRAM_SUPPORTED_VERSIONS, ['dtlsv1.2', dtlsv1]).
 -define(MIN_DATAGRAM_SUPPORTED_VERSIONS, [dtlsv1]).
diff --git a/lib/ssl/src/ssl_logger.erl b/lib/ssl/src/ssl_logger.erl
index 23e9e096cc..35c8dcfd48 100644
--- a/lib/ssl/src/ssl_logger.erl
+++ b/lib/ssl/src/ssl_logger.erl
@@ -156,7 +156,9 @@ version({3,2}) ->
 version({3,1}) ->
     "TLS 1.0";
 version({3,0}) ->
-    "SSL 3.0".
+    "SSL 3.0";
+version({M,N}) ->
+    io_lib:format("TLS [0x0~B0~B]", [M,N]).
 
 
 header_prefix(inbound) ->
@@ -183,7 +185,6 @@ header_prefix_tls_record(outbound) ->
     "writing".
 
 
-
 tls_record_version([<<?BYTE(B),?BYTE(3),?BYTE(3),_/binary>>|_]) ->
     io_lib:format("TLS 1.2 Record Protocol, ~s", [msg_type(B)]);
 tls_record_version([<<?BYTE(B),?BYTE(3),?BYTE(2),_/binary>>|_]) ->
@@ -191,7 +192,9 @@ tls_record_version([<<?BYTE(B),?BYTE(3),?BYTE(2),_/binary>>|_]) ->
 tls_record_version([<<?BYTE(B),?BYTE(3),?BYTE(1),_/binary>>|_]) ->
     io_lib:format("TLS 1.0 Record Protocol, ~s", [msg_type(B)]);
 tls_record_version([<<?BYTE(B),?BYTE(3),?BYTE(0),_/binary>>|_]) ->
-    io_lib:format("SSL 3.0 Record Protocol, ~s", [msg_type(B)]).
+    io_lib:format("SSL 3.0 Record Protocol, ~s", [msg_type(B)]);
+tls_record_version([<<?BYTE(B),?BYTE(M),?BYTE(N),_/binary>>|_]) ->
+    io_lib:format("TLS [0x0~B0~B] Record Protocol, ~s", [M, N, msg_type(B)]).
 
 
 msg_type(20) -> "change_cipher_spec";
diff --git a/lib/ssl/src/tls_record.erl b/lib/ssl/src/tls_record.erl
index 278d471fdb..444759aafa 100644
--- a/lib/ssl/src/tls_record.erl
+++ b/lib/ssl/src/tls_record.erl
@@ -230,6 +230,8 @@ decode_cipher_text(#ssl_tls{type = Type, version = Version,
 %% Description: Creates a protocol version record from a version atom
 %% or vice versa.
 %%--------------------------------------------------------------------
+protocol_version('tlsv1.3') ->
+    {3, 4};
 protocol_version('tlsv1.2') ->
     {3, 3};
 protocol_version('tlsv1.1') ->
@@ -240,6 +242,8 @@ protocol_version(sslv3) ->
     {3, 0};
 protocol_version(sslv2) -> %% Backwards compatibility
     {2, 0};
+protocol_version({3, 4}) ->
+    'tlsv1.3';
 protocol_version({3, 3}) ->
     'tlsv1.2';
 protocol_version({3, 2}) ->
diff --git a/lib/ssl/src/tls_v1.erl b/lib/ssl/src/tls_v1.erl
index d6b500748e..6ef6040761 100644
--- a/lib/ssl/src/tls_v1.erl
+++ b/lib/ssl/src/tls_v1.erl
@@ -74,7 +74,7 @@ finished(Role, Version, PrfAlgo, MasterSecret, Handshake)
     prf(?MD5SHA, MasterSecret, finished_label(Role), [MD5, SHA], 12);
 
 finished(Role, Version, PrfAlgo, MasterSecret, Handshake)
-  when Version == 3 ->
+  when Version == 3; Version == 4 ->
     %% RFC 5246 - 7.4.9. Finished
     %% struct {
     %%          opaque verify_data[12];
@@ -85,6 +85,7 @@ finished(Role, Version, PrfAlgo, MasterSecret, Handshake)
     Hash = crypto:hash(mac_algo(PrfAlgo), Handshake),
     prf(PrfAlgo, MasterSecret, finished_label(Role), Hash, 12).
 
+
 -spec certificate_verify(md5sha | sha, integer(), [binary()]) -> binary().
 
 certificate_verify(md5sha, _Version, Handshake) ->
@@ -154,7 +155,7 @@ setup_keys(Version, _PrfAlgo, MasterSecret, ServerRandom, ClientRandom, HashSize
 %% TLS v1.2
 setup_keys(Version, PrfAlgo, MasterSecret, ServerRandom, ClientRandom, HashSize,
 	   KeyMatLen, IVSize)
-  when Version == 3 ->
+  when Version == 3; Version == 4 ->
     %% RFC 5246 - 6.3. Key calculation
     %% key_block = PRF(SecurityParameters.master_secret,
     %%                      "key expansion",
@@ -192,7 +193,7 @@ mac_hash(Method, Mac_write_secret, Seq_num, Type, {Major, Minor},
 		     Fragment]),
     Mac.
 
--spec suites(1|2|3) -> [ssl_cipher:cipher_suite()].
+-spec suites(1|2|3|4) -> [ssl_cipher:cipher_suite()].
 
 suites(Minor) when Minor == 1; Minor == 2 ->
     [
@@ -244,8 +245,15 @@ suites(3) ->
      %% ?TLS_DH_DSS_WITH_AES_256_GCM_SHA384,
      %% ?TLS_DH_RSA_WITH_AES_128_GCM_SHA256,
      %% ?TLS_DH_DSS_WITH_AES_128_GCM_SHA256
-    ] ++ suites(2).
+    ] ++ suites(2);
+
+
+suites(4) ->
+    suites(3).
+
 
+signature_algs({3, 4}, HashSigns) ->
+    signature_algs({3, 3}, HashSigns);
 signature_algs({3, 3}, HashSigns) ->
     CryptoSupports =  crypto:supports(),
     Hashes = proplists:get_value(hashs, CryptoSupports),
@@ -273,6 +281,8 @@ signature_algs({3, 3}, HashSigns) ->
 			    end, [], HashSigns),
     lists:reverse(Supported).
 
+default_signature_algs({3, 4}) ->
+    default_signature_algs({3, 3});
 default_signature_algs({3, 3} = Version) ->
     Default = [%% SHA2
 	       {sha512, ecdsa},