From 170527e70e80bf4bf3c0e2358bdd0115991e24b6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A9ter=20Dimitrov?= <peterdmv@erlang.org>
Date: Fri, 7 Sep 2018 10:37:31 +0200
Subject: ssl: Add TLS 1.3 cipher suites

TLS_AES_128_GCM_SHA256       = {0x13,0x01}
TLS_AES_256_GCM_SHA384       = {0x13,0x02}
TLS_CHACHA20_POLY1305_SHA256 = {0x13,0x03}

Change-Id: I3406aaedac812fc43519ff31e5f00d26e375c5d5
---
 lib/ssl/src/ssl_cipher.hrl        | 17 +++++++
 lib/ssl/src/ssl_cipher_format.erl | 98 +++++++++++++++++++++++++++++++++++++--
 2 files changed, 111 insertions(+), 4 deletions(-)

diff --git a/lib/ssl/src/ssl_cipher.hrl b/lib/ssl/src/ssl_cipher.hrl
index ba6a98b92a..1febc52e43 100644
--- a/lib/ssl/src/ssl_cipher.hrl
+++ b/lib/ssl/src/ssl_cipher.hrl
@@ -610,4 +610,21 @@
 %%      TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256     = {0xcc, 0x15}
 -define(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, <<?BYTE(16#CC), ?BYTE(16#15)>>).
 
+%%% TLS 1.3 cipher suites RFC8446
+
+%% TLS_AES_128_GCM_SHA256       = {0x13,0x01}
+-define(TLS_AES_128_GCM_SHA256, <<?BYTE(16#13), ?BYTE(16#01)>>).
+
+%% TLS_AES_256_GCM_SHA384       = {0x13,0x02}
+-define(TLS_AES_256_GCM_SHA384, <<?BYTE(16#13),?BYTE(16#02)>>).
+
+%% TLS_CHACHA20_POLY1305_SHA256 = {0x13,0x03}
+-define(TLS_CHACHA20_POLY1305_SHA256, <<?BYTE(16#13),?BYTE(16#03)>>).
+
+%% %% TLS_AES_128_CCM_SHA256       = {0x13,0x04}
+%% -define(TLS_AES_128_CCM_SHA256, <<?BYTE(16#13), ?BYTE(16#04)>>).
+
+%% %%  TLS_AES_128_CCM_8_SHA256    = {0x13,0x05}
+%% -define(TLS_AES_128_CCM_8_SHA256, <<?BYTE(16#13),?BYTE(16#05)>>).
+
 -endif. % -ifdef(ssl_cipher).
diff --git a/lib/ssl/src/ssl_cipher_format.erl b/lib/ssl/src/ssl_cipher_format.erl
index c311c0d097..6e480eef45 100644
--- a/lib/ssl/src/ssl_cipher_format.erl
+++ b/lib/ssl/src/ssl_cipher_format.erl
@@ -36,7 +36,14 @@
 -type cipher()            :: null |rc4_128 | des_cbc | '3des_ede_cbc' | aes_128_cbc |  aes_256_cbc | aes_128_gcm | aes_256_gcm | chacha20_poly1305.
 -type hash()              :: null | md5 | sha | sha224 | sha256 | sha384 | sha512.
 -type sign_algo()         :: rsa | dsa | ecdsa.
--type key_algo()          :: null | rsa | dhe_rsa | dhe_dss | ecdhe_ecdsa| ecdh_ecdsa | ecdh_rsa| srp_rsa| srp_dss | psk | dhe_psk | rsa_psk | dh_anon | ecdh_anon | srp_anon.
+-type key_algo()          :: null |
+                             rsa |
+                             dhe_rsa | dhe_dss |
+                             ecdhe_ecdsa | ecdh_ecdsa | ecdh_rsa |
+                             srp_rsa| srp_dss |
+                             psk | dhe_psk | rsa_psk |
+                             dh_anon | ecdh_anon | srp_anon |
+                             any. %% TLS 1.3
 -type erl_cipher_suite()  :: #{key_exchange := key_algo(),
                                cipher := cipher(),
                                mac    := hash() | aead,
@@ -62,6 +69,12 @@ suite_to_str(#{key_exchange := null,
                mac := null,
                prf := null}) ->
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
+suite_to_str(#{key_exchange := any,
+               cipher := Cipher,
+               mac := aead,
+               prf := PRF}) ->
+    "TLS_" ++ string:to_upper(atom_to_list(Cipher)) ++
+        "_" ++ string:to_upper(atom_to_list(PRF));
 suite_to_str(#{key_exchange := Kex,
                cipher := Cipher,
                mac := aead,
@@ -802,7 +815,34 @@ suite_definition(?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) ->
     #{key_exchange => dhe_rsa, 
       cipher => chacha20_poly1305, 
       mac => aead, 
+      prf => sha256};
+%% TLS 1.3 Cipher Suites RFC8446
+suite_definition(?TLS_AES_128_GCM_SHA256) ->
+    #{key_exchange => any,
+      cipher => aes_128_gcm,
+      mac => aead,
+      prf => sha256};
+suite_definition(?TLS_AES_256_GCM_SHA384) ->
+    #{key_exchange => any,
+      cipher => aes_256_gcm,
+      mac => aead,
+      prf => sha384};
+suite_definition(?TLS_CHACHA20_POLY1305_SHA256) ->
+    #{key_exchange => any,
+      cipher => chacha20_poly1305,
+      mac => aead,
       prf => sha256}.
+%% suite_definition(?TLS_AES_128_CCM_SHA256) ->
+%%     #{key_exchange => any,
+%%       cipher => aes_128_ccm,
+%%       mac => aead,
+%%       prf => sha256};
+%% suite_definition(?TLS_AES_128_CCM_8_SHA256) ->
+%%     #{key_exchange => any,
+%%       cipher => aes_128_ccm_8,
+%%       mac => aead,
+%%       prf => sha256}.
+
 
 %%--------------------------------------------------------------------
 -spec erl_suite_definition(cipher_suite() | erl_cipher_suite()) -> old_erl_cipher_suite().
@@ -1427,8 +1467,33 @@ suite(#{key_exchange := dhe_rsa,
         cipher := chacha20_poly1305,  
         mac := aead, 
         prf := sha256}) ->
-    ?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256.
-
+    ?TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
+%% TLS 1.3 Cipher Suites RFC8446
+suite(#{key_exchange := any,
+        cipher := aes_128_gcm,
+        mac := aead,
+        prf := sha256}) ->
+    ?TLS_AES_128_GCM_SHA256;
+suite(#{key_exchange := any,
+      cipher := aes_256_gcm,
+      mac := aead,
+      prf := sha384}) ->
+    ?TLS_AES_256_GCM_SHA384;
+suite(#{key_exchange := any,
+      cipher := chacha20_poly1305,
+      mac := aead,
+      prf := sha256}) ->
+    ?TLS_CHACHA20_POLY1305_SHA256.
+%% suite(#{key_exchange := any,
+%%       cipher := aes_128_ccm,
+%%       mac := aead,
+%%       prf := sha256}) ->
+%%     ?TLS_AES_128_CCM_SHA256;
+%% suite(#{key_exchange := any,
+%%       cipher := aes_128_ccm_8,
+%%       mac := aead,
+%%       prf := sha256}) ->
+%%     ?TLS_AES_128_CCM_8_SHA256.
 %%--------------------------------------------------------------------
 -spec openssl_suite(openssl_cipher_suite()) -> cipher_suite().
 %%
@@ -1582,7 +1647,20 @@ openssl_suite("ECDHE-RSA-AES256-GCM-SHA384") ->
 openssl_suite("ECDH-RSA-AES128-GCM-SHA256") ->
     ?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256;
 openssl_suite("ECDH-RSA-AES256-GCM-SHA384") ->
-    ?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384.
+    ?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384;
+
+%% TLS 1.3 Cipher Suites RFC8446
+openssl_suite("TLS_AES_128_GCM_SHA256") ->
+    ?TLS_AES_128_GCM_SHA256;
+openssl_suite("TLS_AES_256_GCM_SHA384") ->
+    ?TLS_AES_256_GCM_SHA384;
+openssl_suite("TLS_CHACHA20_POLY1305_SHA256") ->
+    ?TLS_CHACHA20_POLY1305_SHA256.
+%% openssl_suite("TLS_AES_128_CCM_SHA256") ->
+%%     ?TLS_AES_128_CCM_SHA256;
+%% openssl_suite("TLS_AES_128_CCM_8_SHA256") ->
+%%     ?TLS_AES_128_CCM_8_SHA256.
+
 
 %%--------------------------------------------------------------------
 -spec openssl_suite_name(cipher_suite()) -> openssl_cipher_suite() | erl_cipher_suite().
@@ -1759,6 +1837,18 @@ openssl_suite_name(?TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256) ->
 openssl_suite_name(?TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384) ->
     "ECDH-RSA-AES256-GCM-SHA384";
 
+%% TLS 1.3 Cipher Suites RFC8446
+openssl_suite_name(?TLS_AES_128_GCM_SHA256) ->
+    "TLS_AES_128_GCM_SHA256";
+openssl_suite_name(?TLS_AES_256_GCM_SHA384) ->
+    "TLS_AES_256_GCM_SHA384";
+openssl_suite_name(?TLS_CHACHA20_POLY1305_SHA256) ->
+    "TLS_CHACHA20_POLY1305_SHA256";
+%% openssl_suite(?TLS_AES_128_CCM_SHA256) ->
+%%     "TLS_AES_128_CCM_SHA256";
+%% openssl_suite(?TLS_AES_128_CCM_8_SHA256) ->
+%%     "TLS_AES_128_CCM_8_SHA256";
+
 %% No oppenssl name
 openssl_suite_name(Cipher) ->
     suite_definition(Cipher).
-- 
cgit v1.2.3