1 files changed, 69 insertions, 67 deletions

diff --git a/lib/ssl/src/tls_connection_1_3.erl b/lib/ssl/src/tls_connection_1_3.erl
index a20499972b..701a5860c2 100644
--- a/lib/ssl/src/tls_connection_1_3.erl
+++ b/lib/ssl/src/tls_connection_1_3.erl
@@ -109,82 +109,84 @@
 
 %% gen_statem helper functions
 -export([start/4,
-         negotiated/4
+         negotiated/4,
+         wait_cert/4,
+         wait_cv/4,
+         wait_finished/4
         ]).
 
-start(internal,
-      #client_hello{} = Hello,
-      #state{connection_states = _ConnectionStates0,
-	     ssl_options = #ssl_options{ciphers = _ServerCiphers,
-                                        signature_algs = _ServerSignAlgs,
-                                        signature_algs_cert = _SignatureSchemes, %% TODO: Check??
-                                        supported_groups = _ServerGroups0,
-                                        versions = _Versions} = SslOpts,
-             session = #session{own_certificate = Cert}} = State0,
-      _Module) ->
 
-    Env = #{cert => Cert},
-    case tls_handshake_1_3:handle_client_hello(Hello, SslOpts, Env) of
+start(internal, #change_cipher_spec{}, State0, _Module) ->
+    {Record, State} = tls_connection:next_record(State0),
+    tls_connection:next_event(?FUNCTION_NAME, Record, State);
+start(internal, #client_hello{} = Hello, State0, _Module) ->
+    case tls_handshake_1_3:do_start(Hello, State0) of
         #alert{} = Alert ->
             ssl_connection:handle_own_alert(Alert, {3,4}, start, State0);
-        M ->
-            %% update connection_states with cipher
-            State = update_state(State0, M),
-            {next_state, negotiated, State, [{next_event, internal, M}]}
-
-    end.
+        {State, start} ->
+            {next_state, start, State, []};
+        {State, negotiated} ->
+            {next_state, negotiated, State, [{next_event, internal, start_handshake}]}
+    end;
+start(Type, Msg, State, Connection) ->
+    ssl_connection:handle_common_event(Type, Msg, ?FUNCTION_NAME, State, Connection).
 
 
-negotiated(internal,
-           Map,
-           #state{connection_states = ConnectionStates0,
-                  session = #session{session_id = SessionId,
-                                     own_certificate = OwnCert},
-                  ssl_options = #ssl_options{} = SslOpts,
-                  key_share = KeyShare,
-                  handshake_env = #handshake_env{tls_handshake_history = HHistory0},
-                  private_key = CertPrivateKey,
-                  static_env = #static_env{
-                                  cert_db = CertDbHandle,
-                                  cert_db_ref = CertDbRef,
-                                  socket = Socket,                                  
-                                  transport_cb = Transport}} = State0, _Module) ->
-    Env = #{connection_states => ConnectionStates0,
-            session_id => SessionId,
-            own_certificate => OwnCert,
-            cert_db => CertDbHandle,
-            cert_db_ref => CertDbRef,
-            ssl_options => SslOpts,
-            key_share => KeyShare,
-            tls_handshake_history => HHistory0,
-            transport_cb => Transport,
-            socket => Socket,
-            private_key => CertPrivateKey},
-    case tls_handshake_1_3:do_negotiated(Map, Env) of
+negotiated(internal, #change_cipher_spec{}, State0, _Module) ->
+    {Record, State} = tls_connection:next_record(State0),
+    tls_connection:next_event(?FUNCTION_NAME, Record, State);
+negotiated(internal, Message, State0, _Module) ->
+    case tls_handshake_1_3:do_negotiated(Message, State0) of
         #alert{} = Alert ->
             ssl_connection:handle_own_alert(Alert, {3,4}, negotiated, State0);
-        M ->
-            %% TODO: implement update_state
-            %% State = update_state(State0, M),
-            {next_state, wait_flight2, State0, [{next_event, internal, M}]}
-
+        {State, NextState} ->
+            {next_state, NextState, State, []}
     end.
 
 
-update_state(#state{connection_states = ConnectionStates0,
-                    session = Session} = State,
-             #{cipher := Cipher,
-               key_share := KeyShare,
-               session_id := SessionId}) ->
-    #{security_parameters := SecParamsR0} = PendingRead =
-        maps:get(pending_read, ConnectionStates0),
-    #{security_parameters := SecParamsW0} = PendingWrite =
-        maps:get(pending_write, ConnectionStates0),
-    SecParamsR = ssl_cipher:security_parameters_1_3(SecParamsR0, Cipher),
-    SecParamsW = ssl_cipher:security_parameters_1_3(SecParamsW0, Cipher),
-    ConnectionStates =
-        ConnectionStates0#{pending_read => PendingRead#{security_parameters => SecParamsR},
-                           pending_write => PendingWrite#{security_parameters => SecParamsW}},
-    State#state{connection_states = ConnectionStates,
-                key_share = KeyShare,
-                session = Session#session{session_id = SessionId}}.
+wait_cert(internal, #change_cipher_spec{}, State0, _Module) ->
+    {Record, State} = tls_connection:next_record(State0),
+    tls_connection:next_event(?FUNCTION_NAME, Record, State);
+wait_cert(internal,
+          #certificate_1_3{} = Certificate, State0, _Module) ->
+    case tls_handshake_1_3:do_wait_cert(Certificate, State0) of
+        {#alert{} = Alert, State} ->
+            ssl_connection:handle_own_alert(Alert, {3,4}, wait_cert, State);
+        {State1, NextState} ->
+            {Record, State} = tls_connection:next_record(State1),
+            tls_connection:next_event(NextState, Record, State)
+    end;
+wait_cert(Type, Msg, State, Connection) ->
+    ssl_connection:handle_common_event(Type, Msg, ?FUNCTION_NAME, State, Connection).
+
+
+wait_cv(internal, #change_cipher_spec{}, State0, _Module) ->
+    {Record, State} = tls_connection:next_record(State0),
+    tls_connection:next_event(?FUNCTION_NAME, Record, State);
+wait_cv(internal,
+          #certificate_verify_1_3{} = CertificateVerify, State0, _Module) ->
+    case tls_handshake_1_3:do_wait_cv(CertificateVerify, State0) of
+        {#alert{} = Alert, State} ->
+            ssl_connection:handle_own_alert(Alert, {3,4}, wait_cv, State);
+        {State1, NextState} ->
+            {Record, State} = tls_connection:next_record(State1),
+            tls_connection:next_event(NextState, Record, State)
+    end;
+wait_cv(Type, Msg, State, Connection) ->
+    ssl_connection:handle_common_event(Type, Msg, ?FUNCTION_NAME, State, Connection).
+
+
+wait_finished(internal, #change_cipher_spec{}, State0, _Module) ->
+    {Record, State} = tls_connection:next_record(State0),
+    tls_connection:next_event(?FUNCTION_NAME, Record, State);
+wait_finished(internal,
+             #finished{} = Finished, State0, Module) ->
+    case tls_handshake_1_3:do_wait_finished(Finished, State0) of
+        #alert{} = Alert ->
+            ssl_connection:handle_own_alert(Alert, {3,4}, finished, State0);
+        State1 ->
+            {Record, State} = ssl_connection:prepare_connection(State1, Module),
+            tls_connection:next_event(connection, Record, State)
+    end;
+wait_finished(Type, Msg, State, Connection) ->
+    ssl_connection:handle_common_event(Type, Msg, ?FUNCTION_NAME, State, Connection).