From 754685293582e9998e23c7cd6010941ce690eae7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A9ter=20Dimitrov?= <peterdmv@erlang.org>
Date: Mon, 3 Dec 2018 15:24:07 +0100
Subject: ssl: Fix encoding/decoding of the SRP extension

The encoded value of the SRP extension length was bigger than the
actual length of the extension. This could cause interoperability
problems with third party SSL implementations.

This commit corrects the encoding and decoding of the SRP extension
length.

Change-Id: I78d118faab7f5d02b755a7d1e2e8561b86f5a15c
---
 lib/ssl/test/ssl_handshake_SUITE.erl | 29 ++++++++++++++++++++++++++++-
 1 file changed, 28 insertions(+), 1 deletion(-)

(limited to 'lib/ssl/test/ssl_handshake_SUITE.erl')

diff --git a/lib/ssl/test/ssl_handshake_SUITE.erl b/lib/ssl/test/ssl_handshake_SUITE.erl
index b8b9989d30..1fa6029963 100644
--- a/lib/ssl/test/ssl_handshake_SUITE.erl
+++ b/lib/ssl/test/ssl_handshake_SUITE.erl
@@ -25,6 +25,7 @@
 -compile(export_all).
 
 -include_lib("common_test/include/ct.hrl").
+-include("ssl_handshake.hrl").
 -include("ssl_internal.hrl").
 -include("tls_handshake.hrl").
 -include_lib("public_key/include/public_key.hrl").
@@ -41,7 +42,8 @@ all() -> [decode_hello_handshake,
 	  decode_empty_server_sni_correctly,
 	  select_proper_tls_1_2_rsa_default_hashsign,
 	  ignore_hassign_extension_pre_tls_1_2,
-          unorded_chain].
+	  unorded_chain,
+	  encode_decode_srp].
 
 %%--------------------------------------------------------------------
 init_per_suite(Config) ->
@@ -192,6 +194,31 @@ unorded_chain(Config) when is_list(Config) ->
     {ok, _, OrderedChain} = 
         ssl_certificate:certificate_chain(PeerCert, ets:new(foo, []), ExtractedCerts, UnordedChain).
 
+encode_decode_srp(_Config) ->
+    Exts = #hello_extensions{
+              srp = #srp{username = <<"foo">>},
+              sni = #sni{hostname = "bar"},
+              renegotiation_info = undefined,
+              signature_algs = undefined,
+              alpn = undefined,
+              next_protocol_negotiation = undefined,
+              ec_point_formats = undefined,
+              elliptic_curves = undefined
+             },
+    EncodedExts = <<0,20,          % Length
+                    0,0,           % SNI extension
+                    0,8,           % Length
+                    0,6,           % ServerNameLength
+                    0,             % NameType (host_name)
+                    0,3,           % HostNameLength
+                    98,97,114,     % hostname = "bar"
+                    0,12,          % SRP extension
+                    0,4,           % Length
+                    3,             % srp_I length
+                    102,111,111>>, % username = "foo"
+    EncodedExts = ssl_handshake:encode_hello_extensions(Exts),
+    Exts = ssl_handshake:decode_hello_extensions({client, EncodedExts}).
+
 
 %%--------------------------------------------------------------------
 %% Internal functions ------------------------------------------------
-- 
cgit v1.2.3