1 files changed, 16 insertions, 42 deletions
diff --git a/lib/ssl/src/tls_record.erl b/lib/ssl/src/tls_record.erl
index 188ec6809d..ce7edc9dcd 100644
--- a/lib/ssl/src/tls_record.erl
+++ b/lib/ssl/src/tls_record.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2007-2017. All Rights Reserved.
+%% Copyright Ericsson AB 2007-2018. All Rights Reserved.
 %%
 %% Licensed under the Apache License, Version 2.0 (the "License");
 %% you may not use this file except in compliance with the License.
@@ -176,14 +176,15 @@ decode_cipher_text(#ssl_tls{type = Type, version = Version,
                                       BulkCipherAlgo,
 				  compression_algorithm = CompAlg}
 			  } = ReadState0} = ConnnectionStates0, _) ->
-    AAD = calc_aad(Type, Version, ReadState0),
-    case ssl_cipher:decipher_aead(BulkCipherAlgo, CipherS0, Seq, AAD, CipherFragment, Version) of
-	{PlainFragment, CipherS1} ->
+    AAD = start_additional_data(Type, Version, ReadState0),
+    CipherS1 = ssl_record:nonce_seed(BulkCipherAlgo, <<?UINT64(Seq)>>, CipherS0),
+    case ssl_record:decipher_aead(BulkCipherAlgo, CipherS1, AAD, CipherFragment, Version) of
+	{PlainFragment, CipherState} ->
 	    {Plain, CompressionS1} = ssl_record:uncompress(CompAlg,
 							   PlainFragment, CompressionS0),
 	    ConnnectionStates = ConnnectionStates0#{
 				  current_read => ReadState0#{
-                                                    cipher_state => CipherS1,
+                                                    cipher_state => CipherState,
                                                     sequence_number => Seq + 1,
                                                     compression_state => CompressionS1}},
 	    {CipherText#ssl_tls{fragment = Plain}, ConnnectionStates};
@@ -394,16 +395,6 @@ initial_connection_state(ConnectionEnd, BeastMitigation) ->
       server_verify_data => undefined
      }.
 
-assert_version(<<1:1, Length0:15, Data0:Length0/binary, _/binary>>, Versions) ->
-    case Data0 of
-        <<?BYTE(?CLIENT_HELLO), ?BYTE(Major), ?BYTE(Minor), _/binary>> ->
-            %% First check v2_hello_compatible mode is active 
-            lists:member({2,0}, Versions) andalso
-            %% andalso we want to negotiate higher version
-                lists:member({Major, Minor}, Versions -- [{2,0}]); 
-        _ ->
-            false
-    end;
 assert_version(<<?BYTE(_), ?BYTE(MajVer), ?BYTE(MinVer), _/binary>>, Versions) ->
     is_acceptable_version({MajVer, MinVer}, Versions).
                    
@@ -431,32 +422,10 @@ get_tls_records_aux(<<?BYTE(?CHANGE_CIPHER_SPEC),?BYTE(MajVer),?BYTE(MinVer),
     get_tls_records_aux(Rest, [#ssl_tls{type = ?CHANGE_CIPHER_SPEC,
 					version = {MajVer, MinVer},
 					fragment = Data} | Acc]);
-%% Matches an ssl v2 client hello message.
-%% The server must be able to receive such messages, from clients that
-%% are willing to use ssl v3 or higher, but have ssl v2 compatibility.
-get_tls_records_aux(<<1:1, Length0:15, Data0:Length0/binary, Rest/binary>>,
-		    Acc) ->
-    case Data0 of
-	<<?BYTE(?CLIENT_HELLO), ?BYTE(MajVer), ?BYTE(MinVer), _/binary>> ->
-	    Length = Length0-1,
-	    <<?BYTE(_), Data1:Length/binary>> = Data0,
-	    Data = <<?BYTE(?CLIENT_HELLO), ?UINT24(Length), Data1/binary>>,
-	    get_tls_records_aux(Rest, [#ssl_tls{type = ?HANDSHAKE,
-						version = {MajVer, MinVer},
-						fragment = Data} | Acc]);
-	_ ->
-	    ?ALERT_REC(?FATAL, ?HANDSHAKE_FAILURE)
-	    
-    end;
-
 get_tls_records_aux(<<0:1, _CT:7, ?BYTE(_MajVer), ?BYTE(_MinVer),
                       ?UINT16(Length), _/binary>>,
                     _Acc) when Length > ?MAX_CIPHER_TEXT_LENGTH ->
     ?ALERT_REC(?FATAL, ?RECORD_OVERFLOW);
-get_tls_records_aux(<<1:1, Length0:15, _/binary>>,_Acc) 
-  when Length0 > ?MAX_CIPHER_TEXT_LENGTH ->
-    ?ALERT_REC(?FATAL, ?RECORD_OVERFLOW);
-
 get_tls_records_aux(Data, Acc) ->
     case size(Data) =< ?MAX_CIPHER_TEXT_LENGTH + ?INITIAL_BYTES of
 	true ->
@@ -485,15 +454,20 @@ encode_iolist(Type, Data, Version, ConnectionStates0) ->
     {lists:reverse(EncodedMsg), ConnectionStates}.
 %%--------------------------------------------------------------------
 do_encode_plain_text(Type, Version, Data, #{compression_state := CompS0,
-					 security_parameters :=
+                                            cipher_state := CipherS0,
+                                            sequence_number := Seq,
+                                            security_parameters :=
 					     #security_parameters{
 						cipher_type = ?AEAD,
+                                                bulk_cipher_algorithm = BCAlg,
 						compression_algorithm = CompAlg}
 					} = WriteState0) ->
     {Comp, CompS1} = ssl_record:compress(CompAlg, Data, CompS0),
-    WriteState1 = WriteState0#{compression_state => CompS1},
-    AAD = calc_aad(Type, Version, WriteState1),
-    ssl_record:cipher_aead(Version, Comp, WriteState1, AAD);
+    CipherS = ssl_record:nonce_seed(BCAlg, <<?UINT64(Seq)>>, CipherS0),
+    WriteState = WriteState0#{compression_state => CompS1,
+                              cipher_state => CipherS},
+    AAD = start_additional_data(Type, Version, WriteState),
+    ssl_record:cipher_aead(Version, Comp, WriteState, AAD);
 do_encode_plain_text(Type, Version, Data, #{compression_state := CompS0,
 					 security_parameters :=
 					     #security_parameters{compression_algorithm = CompAlg}
@@ -505,7 +479,7 @@ do_encode_plain_text(Type, Version, Data, #{compression_state := CompS0,
 do_encode_plain_text(_,_,_,CS) ->
     exit({cs, CS}).
 %%--------------------------------------------------------------------
-calc_aad(Type, {MajVer, MinVer},
+start_additional_data(Type, {MajVer, MinVer},
 	 #{sequence_number := SeqNo}) ->
     <<?UINT64(SeqNo), ?BYTE(Type), ?BYTE(MajVer), ?BYTE(MinVer)>>.