1 files changed, 86 insertions, 3 deletions

diff --git a/lib/ssl/src/ssl_cipher_format.erl b/lib/ssl/src/ssl_cipher_format.erl
index 1d28e1e3b4..b592295d56 100644
--- a/lib/ssl/src/ssl_cipher_format.erl
+++ b/lib/ssl/src/ssl_cipher_format.erl
@@ -61,6 +61,12 @@ suite_to_str(#{key_exchange := null,
                mac := null,
                prf := null}) ->
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
+suite_to_str(#{key_exchange := any,
+               cipher := Cipher,
+               mac := aead,
+               prf := PRF}) ->
+    "TLS_" ++ string:to_upper(atom_to_list(Cipher)) ++
+        "_" ++ string:to_upper(atom_to_list(PRF));
 suite_to_str(#{key_exchange := Kex,
                cipher := Cipher,
                mac := aead,
@@ -801,7 +807,34 @@ suite_definition(?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) ->
     #{key_exchange => dhe_rsa, 
       cipher => chacha20_poly1305, 
       mac => aead, 
+      prf => sha256};
+%% TLS 1.3 Cipher Suites RFC8446
+suite_definition(?TLS_AES_128_GCM_SHA256) ->
+    #{key_exchange => any,
+      cipher => aes_128_gcm,
+      mac => aead,
+      prf => sha256};
+suite_definition(?TLS_AES_256_GCM_SHA384) ->
+    #{key_exchange => any,
+      cipher => aes_256_gcm,
+      mac => aead,
+      prf => sha384};
+suite_definition(?TLS_CHACHA20_POLY1305_SHA256) ->
+    #{key_exchange => any,
+      cipher => chacha20_poly1305,
+      mac => aead,
       prf => sha256}.
+%% suite_definition(?TLS_AES_128_CCM_SHA256) ->
+%%     #{key_exchange => any,
+%%       cipher => aes_128_ccm,
+%%       mac => aead,
+%%       prf => sha256};
+%% suite_definition(?TLS_AES_128_CCM_8_SHA256) ->
+%%     #{key_exchange => any,
+%%       cipher => aes_128_ccm_8,
+%%       mac => aead,
+%%       prf => sha256}.
+
 
 %%--------------------------------------------------------------------
 -spec erl_suite_definition(cipher_suite() | internal_erl_cipher_suite()) -> old_erl_cipher_suite().
@@ -1426,8 +1459,33 @@ suite(#{key_exchange := dhe_rsa,
         cipher := chacha20_poly1305,  
         mac := aead, 
         prf := sha256}) ->
-    ?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256.
-
+    ?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
+%% TLS 1.3 Cipher Suites RFC8446
+suite(#{key_exchange := any,
+        cipher := aes_128_gcm,
+        mac := aead,
+        prf := sha256}) ->
+    ?TLS_AES_128_GCM_SHA256;
+suite(#{key_exchange := any,
+      cipher := aes_256_gcm,
+      mac := aead,
+      prf := sha384}) ->
+    ?TLS_AES_256_GCM_SHA384;
+suite(#{key_exchange := any,
+      cipher := chacha20_poly1305,
+      mac := aead,
+      prf := sha256}) ->
+    ?TLS_CHACHA20_POLY1305_SHA256.
+%% suite(#{key_exchange := any,
+%%       cipher := aes_128_ccm,
+%%       mac := aead,
+%%       prf := sha256}) ->
+%%     ?TLS_AES_128_CCM_SHA256;
+%% suite(#{key_exchange := any,
+%%       cipher := aes_128_ccm_8,
+%%       mac := aead,
+%%       prf := sha256}) ->
+%%     ?TLS_AES_128_CCM_8_SHA256.
 %%--------------------------------------------------------------------
 -spec openssl_suite(openssl_cipher_suite()) -> cipher_suite().
 %%
@@ -1581,7 +1639,20 @@ openssl_suite("ECDHE-RSA-AES256-GCM-SHA384") ->
 openssl_suite("ECDH-RSA-AES128-GCM-SHA256") ->
     ?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256;
 openssl_suite("ECDH-RSA-AES256-GCM-SHA384") ->
-    ?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384.
+    ?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384;
+
+%% TLS 1.3 Cipher Suites RFC8446
+openssl_suite("TLS_AES_128_GCM_SHA256") ->
+    ?TLS_AES_128_GCM_SHA256;
+openssl_suite("TLS_AES_256_GCM_SHA384") ->
+    ?TLS_AES_256_GCM_SHA384;
+openssl_suite("TLS_CHACHA20_POLY1305_SHA256") ->
+    ?TLS_CHACHA20_POLY1305_SHA256.
+%% openssl_suite("TLS_AES_128_CCM_SHA256") ->
+%%     ?TLS_AES_128_CCM_SHA256;
+%% openssl_suite("TLS_AES_128_CCM_8_SHA256") ->
+%%     ?TLS_AES_128_CCM_8_SHA256.
+
 
 %%--------------------------------------------------------------------
 -spec openssl_suite_name(cipher_suite()) -> openssl_cipher_suite() | internal_erl_cipher_suite().
@@ -1758,6 +1829,18 @@ openssl_suite_name(?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256) ->
 openssl_suite_name(?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384) ->
     "ECDH-RSA-AES256-GCM-SHA384";
 
+%% TLS 1.3 Cipher Suites RFC8446
+openssl_suite_name(?TLS_AES_128_GCM_SHA256) ->
+    "TLS_AES_128_GCM_SHA256";
+openssl_suite_name(?TLS_AES_256_GCM_SHA384) ->
+    "TLS_AES_256_GCM_SHA384";
+openssl_suite_name(?TLS_CHACHA20_POLY1305_SHA256) ->
+    "TLS_CHACHA20_POLY1305_SHA256";
+%% openssl_suite(?TLS_AES_128_CCM_SHA256) ->
+%%     "TLS_AES_128_CCM_SHA256";
+%% openssl_suite(?TLS_AES_128_CCM_8_SHA256) ->
+%%     "TLS_AES_128_CCM_8_SHA256";
+
 %% No oppenssl name
 openssl_suite_name(Cipher) ->
     suite_definition(Cipher).