From f90d75a081f6d5a9a3cfe6f8d387abd7a1489aca Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Mon, 3 Sep 2018 12:07:17 +0200
Subject: ssl: Initial cipher suites adoption for TLS-1.3

This commit filters out cipher suites not to be used in TLS-1.3
We still need to add new cipher suites for TLS-1.3 and possible
add new information to the suite data structure.
---
 lib/ssl/src/ssl.erl        |  4 ++--
 lib/ssl/src/ssl_cipher.erl | 11 +++++++++--
 lib/ssl/src/tls_v1.erl     |  8 +++++---
 3 files changed, 16 insertions(+), 7 deletions(-)

(limited to 'lib')

diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index 6460a57b11..166ffac1c0 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -488,9 +488,9 @@ cipher_suites(Base, Version) ->
     [ssl_cipher_format:suite_definition(Suite) || Suite <- supported_suites(Base, Version)].
 
 %%--------------------------------------------------------------------
--spec filter_cipher_suites([ssl_cipher_format:erl_cipher_suite()], 
+-spec filter_cipher_suites([ssl_cipher_format:erl_cipher_suite()] | [ssl_cipher_format:cipher_suite()], 
                            [{key_exchange | cipher | mac | prf, fun()}] | []) -> 
-                                  [ssl_cipher_format:erl_cipher_suite()].
+                                  [ssl_cipher_format:erl_cipher_suite() ] |  [ssl_cipher_format:cipher_suite()].
 %% Description: Removes cipher suites if any of the filter functions returns false
 %% for any part of the cipher suite. This function also calls default filter functions
 %% to make sure the cipher suite are supported by crypto.
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 863e7e4b3d..00e0ff7986 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -301,8 +301,11 @@ suites({3, Minor}) ->
 suites({_, Minor}) ->
     dtls_v1:suites(Minor).
 
-all_suites({3, 4}) ->
-    all_suites({3, 3});
+all_suites({3, 4} = Version) ->
+    Default = suites(Version),
+    Rest = ssl:filter_cipher_suites(chacha_suites(Version) ++ psk_suites(Version),
+                                    tls_v1:v1_3_filters()),
+    Default ++ Rest;
 all_suites({3, _} = Version) ->
     suites(Version)
         ++ chacha_suites(Version)
@@ -340,6 +343,8 @@ anonymous_suites({3, N}) ->
     srp_suites_anon() ++ anonymous_suites(N);
 anonymous_suites({254, _} = Version) ->
     dtls_v1:anonymous_suites(Version);
+anonymous_suites(4) ->
+    []; %% Raw public key negotiation may be used instead
 anonymous_suites(N)
   when N >= 3 ->
     psk_suites_anon(N) ++
@@ -374,6 +379,8 @@ anonymous_suites(N)  when N == 0;
 %%--------------------------------------------------------------------
 psk_suites({3, N}) ->
     psk_suites(N);
+psk_suites(4) ->
+    []; %% TODO Add new PSK, PSK_(EC)DHE suites
 psk_suites(N)
   when N >= 3 ->
     [
diff --git a/lib/ssl/src/tls_v1.erl b/lib/ssl/src/tls_v1.erl
index 9bd82e4953..79d50684f1 100644
--- a/lib/ssl/src/tls_v1.erl
+++ b/lib/ssl/src/tls_v1.erl
@@ -32,7 +32,7 @@
 -export([master_secret/4, finished/5, certificate_verify/3, mac_hash/7, hmac_hash/3,
 	 setup_keys/8, suites/1, prf/5,
 	 ecc_curves/1, ecc_curves/2, oid_to_enum/1, enum_to_oid/1, 
-	 default_signature_algs/1, signature_algs/2]).
+	 default_signature_algs/1, signature_algs/2, v1_3_filters/0]).
 
 -type named_curve() :: sect571r1 | sect571k1 | secp521r1 | brainpoolP512r1 |
                        sect409k1 | sect409r1 | brainpoolP384r1 | secp384r1 |
@@ -247,10 +247,12 @@ suites(3) ->
      %% ?TLS_DH_DSS_WITH_AES_128_GCM_SHA256
     ] ++ suites(2);
 
-
 suites(4) ->
-    suites(3).
+    ssl:filter_cipher_suites(suites(3), v1_3_filters()).
 
+v1_3_filters() ->
+    [{mac, fun(aead) -> true; (_) -> false end}, 
+     {key_exchange, fun(dhe_dss) -> false;(rsa) -> false; (rsa_psk) -> false;(_) -> true end}].
 
 signature_algs({3, 4}, HashSigns) ->
     signature_algs({3, 3}, HashSigns);
-- 
cgit v1.2.3