1 files changed, 123 insertions, 7 deletions
diff --git a/lib/ssl/src/tls_v1.erl b/lib/ssl/src/tls_v1.erl
index 1bfd9a8b6d..e7218c8c8a 100644
--- a/lib/ssl/src/tls_v1.erl
+++ b/lib/ssl/src/tls_v1.erl
@@ -32,7 +32,9 @@
 -export([master_secret/4, finished/5, certificate_verify/3, mac_hash/7, hmac_hash/3,
 	 setup_keys/8, suites/1, prf/5,
 	 ecc_curves/1, ecc_curves/2, oid_to_enum/1, enum_to_oid/1, 
-	 default_signature_algs/1, signature_algs/2]).
+	 default_signature_algs/1, signature_algs/2,
+         default_signature_schemes/1, signature_schemes/2,
+         groups/1, groups/2, group_to_enum/1, enum_to_group/1]).
 
 -type named_curve() :: sect571r1 | sect571k1 | secp521r1 | brainpoolP512r1 |
                        sect409k1 | sect409r1 | brainpoolP384r1 | secp384r1 |
@@ -41,7 +43,10 @@
                        sect193r1 | sect193r2 | secp192k1 | secp192r1 | sect163k1 |
                        sect163r1 | sect163r2 | secp160k1 | secp160r1 | secp160r2.
 -type curves() :: [named_curve()].
--export_type([curves/0, named_curve/0]).
+-type group() :: secp256r1 | secp384r1 | secp521r1 | ffdhe2048 |
+                 ffdhe3072 | ffdhe4096 | ffdhe6144 | ffdhe8192.
+-type supported_groups() :: [group()].
+-export_type([curves/0, named_curve/0, group/0, supported_groups/0]).
 
 %%====================================================================
 %% Internal application API
@@ -74,7 +79,7 @@ finished(Role, Version, PrfAlgo, MasterSecret, Handshake)
     prf(?MD5SHA, MasterSecret, finished_label(Role), [MD5, SHA], 12);
 
 finished(Role, Version, PrfAlgo, MasterSecret, Handshake)
-  when Version == 3 ->
+  when Version == 3; Version == 4 ->
     %% RFC 5246 - 7.4.9. Finished
     %% struct {
     %%          opaque verify_data[12];
@@ -85,6 +90,7 @@ finished(Role, Version, PrfAlgo, MasterSecret, Handshake)
     Hash = crypto:hash(mac_algo(PrfAlgo), Handshake),
     prf(PrfAlgo, MasterSecret, finished_label(Role), Hash, 12).
 
+
 -spec certificate_verify(md5sha | sha, integer(), [binary()]) -> binary().
 
 certificate_verify(md5sha, _Version, Handshake) ->
@@ -154,7 +160,7 @@ setup_keys(Version, _PrfAlgo, MasterSecret, ServerRandom, ClientRandom, HashSize
 %% TLS v1.2
 setup_keys(Version, PrfAlgo, MasterSecret, ServerRandom, ClientRandom, HashSize,
 	   KeyMatLen, IVSize)
-  when Version == 3 ->
+  when Version == 3; Version == 4 ->
     %% RFC 5246 - 6.3. Key calculation
     %% key_block = PRF(SecurityParameters.master_secret,
     %%                      "key expansion",
@@ -192,7 +198,7 @@ mac_hash(Method, Mac_write_secret, Seq_num, Type, {Major, Minor},
 		     Fragment]),
     Mac.
 
--spec suites(1|2|3) -> [ssl_cipher_format:cipher_suite()].
+-spec suites(1|2|3|4) -> [ssl_cipher_format:cipher_suite()].
 
 suites(Minor) when Minor == 1; Minor == 2 ->
     [
@@ -244,8 +250,19 @@ suites(3) ->
      %% ?TLS_DH_DSS_WITH_AES_256_GCM_SHA384,
      %% ?TLS_DH_RSA_WITH_AES_128_GCM_SHA256,
      %% ?TLS_DH_DSS_WITH_AES_128_GCM_SHA256
-    ] ++ suites(2).
-
+    ] ++ suites(2);
+
+suites(4) ->
+    [?TLS_AES_256_GCM_SHA384,
+     ?TLS_AES_128_GCM_SHA256,
+     ?TLS_CHACHA20_POLY1305_SHA256
+     %% Not supported
+     %% ?TLS_AES_128_CCM_SHA256,
+     %% ?TLS_AES_128_CCM_8_SHA256
+    ] ++ suites(3).
+
+signature_algs({3, 4}, HashSigns) ->
+    signature_algs({3, 3}, HashSigns);
 signature_algs({3, 3}, HashSigns) ->
     CryptoSupports =  crypto:supports(),
     Hashes = proplists:get_value(hashs, CryptoSupports),
@@ -273,6 +290,8 @@ signature_algs({3, 3}, HashSigns) ->
 			    end, [], HashSigns),
     lists:reverse(Supported).
 
+default_signature_algs({3, 4}) ->
+    default_signature_algs({3, 3});
 default_signature_algs({3, 3} = Version) ->
     Default = [%% SHA2
 	       {sha512, ecdsa},
@@ -291,6 +310,64 @@ default_signature_algs({3, 3} = Version) ->
 default_signature_algs(_) ->
     undefined.
 
+
+signature_schemes(Version, SignatureSchemes) when is_tuple(Version)
+                                                  andalso Version >= {3, 3} ->
+    CryptoSupports =  crypto:supports(),
+    Hashes = proplists:get_value(hashs, CryptoSupports),
+    PubKeys = proplists:get_value(public_keys, CryptoSupports),
+    Curves = proplists:get_value(curves, CryptoSupports),
+    Fun = fun (Scheme, Acc) ->
+                  {Hash0, Sign0, Curve} =
+                      ssl_cipher:scheme_to_components(Scheme),
+                  Sign = case Sign0 of
+                             rsa_pkcs1 -> rsa;
+                             S -> S
+                         end,
+                  Hash = case Hash0 of
+                             sha1 -> sha;
+                             H -> H
+                         end,
+                  case proplists:get_bool(Sign, PubKeys)
+                      andalso proplists:get_bool(Hash, Hashes)
+                      andalso (Curve =:= undefined orelse
+                               proplists:get_bool(Curve, Curves))
+                      andalso is_pair(Hash, Sign, Hashes)
+                  of
+                      true ->
+                          [Scheme | Acc];
+                      false ->
+                          Acc
+                  end
+          end,
+    Supported = lists:foldl(Fun, [], SignatureSchemes),
+    lists:reverse(Supported);
+signature_schemes(_, _) ->
+    [].
+
+
+default_signature_schemes(Version) ->
+    Default = [
+               rsa_pkcs1_sha256,
+               rsa_pkcs1_sha384,
+               rsa_pkcs1_sha512,
+               ecdsa_secp256r1_sha256,
+               ecdsa_secp384r1_sha384,
+               ecdsa_secp521r1_sha512,
+               rsa_pss_rsae_sha256,
+               rsa_pss_rsae_sha384,
+               rsa_pss_rsae_sha512,
+               %% ed25519,
+               %% ed448,
+               rsa_pss_pss_sha256,
+               rsa_pss_pss_sha384,
+               rsa_pss_pss_sha512,
+               rsa_pkcs1_sha1,
+               ecdsa_sha1
+              ],
+    signature_schemes(Version, Default).
+
+
 %%--------------------------------------------------------------------
 %%% Internal functions
 %%--------------------------------------------------------------------
@@ -395,6 +472,7 @@ ecc_curves(all) ->
      sect239k1,sect233k1,sect233r1,secp224k1,secp224r1,
      sect193r1,sect193r2,secp192k1,secp192r1,sect163k1,
      sect163r1,sect163r2,secp160k1,secp160r1,secp160r2];
+
 ecc_curves(Minor) ->
     TLSCurves = ecc_curves(all),
     ecc_curves(Minor, TLSCurves).
@@ -409,6 +487,44 @@ ecc_curves(_Minor, TLSCurves) ->
 			end
 		end, [], TLSCurves).
 
+-spec groups(4 | all) -> [group()].
+groups(all) ->
+    [secp256r1,
+     secp384r1,
+     secp521r1,
+     ffdhe2048,
+     ffdhe3072,
+     ffdhe4096,
+     ffdhe6144,
+     ffdhe8192];
+groups(Minor) ->
+    TLSGroups = groups(all),
+    groups(Minor, TLSGroups).
+%%
+-spec groups(4, [group()]) -> [group()].
+groups(_Minor, TLSGroups) ->
+    %% TODO: Adding FFDHE groups to crypto?
+    CryptoGroups = crypto:ec_curves() ++ [ffdhe2048,ffdhe3072,ffdhe4096,ffdhe6144,ffdhe8192],
+    lists:filter(fun(Group) -> proplists:get_bool(Group, CryptoGroups) end, TLSGroups).
+
+group_to_enum(secp256r1) -> 23;
+group_to_enum(secp384r1) -> 24;
+group_to_enum(secp521r1) -> 25;
+group_to_enum(ffdhe2048) -> 256;
+group_to_enum(ffdhe3072) -> 257;
+group_to_enum(ffdhe4096) -> 258;
+group_to_enum(ffdhe6144) -> 259;
+group_to_enum(ffdhe8192) -> 260.
+
+enum_to_group(23) -> secp256r1;
+enum_to_group(24) -> secp384r1;
+enum_to_group(25) -> secp521r1;
+enum_to_group(256) -> ffdhe2048;
+enum_to_group(257) -> ffdhe3072;
+enum_to_group(258) -> ffdhe4096;
+enum_to_group(259) -> ffdhe6144;
+enum_to_group(260) -> ffdhe8192;
+enum_to_group(_) -> undefined.
 
 %% ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005)
 oid_to_enum(?sect163k1) -> 1;