1 files changed, 80 insertions, 26 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index cfcdcb8ac5..c4b8e2172a 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -34,7 +34,7 @@
 -include("tls_handshake_1_3.hrl").
 -include_lib("public_key/include/public_key.hrl").
 
--export([security_parameters/2, security_parameters/3, 
+-export([security_parameters/2, security_parameters/3, security_parameters_1_3/3,
 	 cipher_init/3, nonce_seed/2, decipher/6, cipher/5, aead_encrypt/5, aead_decrypt/6,
 	 suites/1, all_suites/1,  crypto_support_filters/0,
 	 chacha_suites/1, anonymous_suites/1, psk_suites/1, psk_suites_anon/1, 
@@ -44,7 +44,10 @@
 	 hash_algorithm/1, sign_algorithm/1, is_acceptable_hash/2, is_fallback/1,
 	 random_bytes/1, calc_mac_hash/4,
          is_stream_ciphersuite/1, signature_scheme/1,
-         scheme_to_components/1]).
+         scheme_to_components/1, hash_size/1]).
+
+%% RFC 8446 TLS 1.3
+-export([generate_client_shares/1, generate_server_share/1]).
 
 -compile(inline).
 
@@ -85,6 +88,24 @@ security_parameters(Version, CipherSuite, SecParams) ->
       prf_algorithm = prf_algorithm(PrfHashAlg, Version),
       hash_size = hash_size(Hash)}.
 
+security_parameters_1_3(SecParams, ClientRandom, CipherSuite) ->
+     #{cipher := Cipher,
+       mac := Hash,
+       prf := PrfHashAlg} = ssl_cipher_format:suite_definition(CipherSuite),
+    SecParams#security_parameters{
+      client_random = ClientRandom,
+      cipher_suite = CipherSuite,
+      bulk_cipher_algorithm = bulk_cipher_algorithm(Cipher),
+      cipher_type = type(Cipher),
+      key_size = effective_key_bits(Cipher),
+      expanded_key_material_length = expanded_key_material(Cipher),
+      key_material_length = key_material(Cipher),
+      iv_size = iv_size(Cipher),
+      mac_algorithm = mac_algorithm(Hash),
+      prf_algorithm =prf_algorithm(PrfHashAlg, {3,4}),
+      hash_size = hash_size(Hash),
+      compression_algorithm = 0}.
+
 %%--------------------------------------------------------------------
 -spec cipher_init(cipher_enum(), binary(), binary()) -> #cipher_state{}.
 %%
@@ -651,6 +672,29 @@ is_stream_ciphersuite(#{cipher := rc4_128}) ->
     true;
 is_stream_ciphersuite(_) ->
     false.
+
+-spec  hash_size(atom()) -> integer().
+hash_size(null) ->
+    0;
+%% The AEAD MAC hash size is not used in the context 
+%% of calculating the master secret. See RFC 5246 Section 6.2.3.3.
+hash_size(aead) ->
+    0;
+hash_size(md5) ->
+    16;
+hash_size(sha) ->
+    20;
+%% Uncomment when adding cipher suite that needs it
+%hash_size(sha224) ->
+%    28;
+hash_size(sha256) ->
+    32;
+hash_size(sha384) ->
+    48.
+%% Uncomment when adding cipher suite that needs it
+%hash_size(sha512) ->
+%    64.
+
 %%--------------------------------------------------------------------
 %%% Internal functions
 %%--------------------------------------------------------------------
@@ -861,29 +905,6 @@ scheme_to_components(rsa_pss_pss_sha512) -> {sha512, rsa_pss_pss, undefined};
 scheme_to_components(rsa_pkcs1_sha1) -> {sha1, rsa_pkcs1, undefined};
 scheme_to_components(ecdsa_sha1) -> {sha1, ecdsa, undefined}.
 
-
-
-hash_size(null) ->
-    0;
-%% The AEAD MAC hash size is not used in the context 
-%% of calculating the master secret. See RFC 5246 Section 6.2.3.3.
-hash_size(aead) ->
-    0;
-hash_size(md5) ->
-    16;
-hash_size(sha) ->
-    20;
-%% Uncomment when adding cipher suite that needs it
-%hash_size(sha224) ->
-%    28;
-hash_size(sha256) ->
-    32;
-hash_size(sha384) ->
-    48.
-%% Uncomment when adding cipher suite that needs it
-%hash_size(sha512) ->
-%    64.
-
 %% RFC 5246: 6.2.3.2.  CBC Block Cipher
 %%
 %%   Implementation note: Canvel et al. [CBCTIME] have demonstrated a
@@ -994,7 +1015,7 @@ filter_suites_pubkey(ec, Ciphers, _, OtpCert) ->
                                    ec_ecdhe_suites(Ciphers)),
     filter_keyuse_suites(keyAgreement, Uses, CiphersSuites, ec_ecdh_suites(Ciphers)).
 
-filter_suites_signature(rsa, Ciphers, {3, N}) when N >= 3 ->
+filter_suites_signature(_, Ciphers, {3, N}) when N >= 3 ->
      Ciphers;
 filter_suites_signature(rsa, Ciphers, Version) ->
     (Ciphers -- ecdsa_signed_suites(Ciphers, Version)) -- dsa_signed_suites(Ciphers, Version);
@@ -1188,3 +1209,36 @@ filter_keyuse_suites(Use, KeyUse, CipherSuits, Suites) ->
 	false ->
 	    CipherSuits -- Suites
     end.
+
+generate_server_share(Group) ->
+    Key = generate_key_exchange(Group),
+    #key_share_server_hello{
+       server_share = #key_share_entry{
+                         group = Group,
+                         key_exchange = Key
+                        }}.
+
+generate_client_shares([]) ->
+    #key_share_client_hello{client_shares = []};
+generate_client_shares(Groups) ->
+    generate_client_shares(Groups, []).
+%%
+generate_client_shares([], Acc) ->
+    #key_share_client_hello{client_shares = lists:reverse(Acc)};
+generate_client_shares([Group|Groups], Acc) ->
+    Key = generate_key_exchange(Group),
+    KeyShareEntry = #key_share_entry{
+                       group = Group,
+                       key_exchange = Key
+                      },
+    generate_client_shares(Groups, [KeyShareEntry|Acc]).
+
+
+generate_key_exchange(secp256r1) ->
+    public_key:generate_key({namedCurve, secp256r1});
+generate_key_exchange(secp384r1) ->
+    public_key:generate_key({namedCurve, secp384r1});
+generate_key_exchange(secp521r1) ->
+    public_key:generate_key({namedCurve, secp521r1});
+generate_key_exchange(FFDHE) ->
+    public_key:generate_key(ssl_dh_groups:dh_params(FFDHE)).