1%%
2%% %CopyrightBegin%
3%%
4%% Copyright Ericsson AB 2013-2020. All Rights Reserved.
5%%
6%% Licensed under the Apache License, Version 2.0 (the "License");
7%% you may not use this file except in compliance with the License.
8%% You may obtain a copy of the License at
9%%
10%%     http://www.apache.org/licenses/LICENSE-2.0
11%%
12%% Unless required by applicable law or agreed to in writing, software
13%% distributed under the License is distributed on an "AS IS" BASIS,
14%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15%% See the License for the specific language governing permissions and
16%% limitations under the License.
17%%
18%% %CopyrightEnd%
19%%
20-module(dtls_v1).
21
22-include("ssl_cipher.hrl").
23
24-export([suites/1,
25         all_suites/1,
26         anonymous_suites/1,
27         exclusive_suites/1,
28         exclusive_anonymous_suites/1,
29         hmac_hash/3,
30         ecc_curves/1,
31         corresponding_tls_version/1,
32         corresponding_dtls_version/1,
33         cookie_secret/0,
34         cookie_timeout/0]).
35
36-define(COOKIE_BASE_TIMEOUT, 30000).
37
38-spec suites(Minor:: 253|255) -> [ssl_cipher_format:cipher_suite()].
39
40suites(Minor) ->
41    lists:filter(fun(Cipher) ->
42                         is_acceptable_cipher(ssl_cipher_format:suite_bin_to_map(Cipher))
43                 end,
44                 tls_v1:suites(corresponding_minor_tls_version(Minor))).
45all_suites(Version) ->
46    lists:filter(fun(Cipher) ->
47                         is_acceptable_cipher(ssl_cipher_format:suite_bin_to_map(Cipher))
48                 end,
49                 ssl_cipher:all_suites(corresponding_tls_version(Version))).
50
51anonymous_suites(Version) ->
52    lists:filter(fun(Cipher) ->
53                         is_acceptable_cipher(ssl_cipher_format:suite_bin_to_map(Cipher))
54                 end,
55                 ssl_cipher:anonymous_suites(corresponding_tls_version(Version))).
56
57exclusive_suites(Minor) ->
58    lists:filter(fun(Cipher) ->
59                         is_acceptable_cipher(ssl_cipher_format:suite_bin_to_map(Cipher))
60                 end,
61                 tls_v1:exclusive_suites(corresponding_minor_tls_version(Minor))).
62
63exclusive_anonymous_suites(Minor) ->
64    lists:filter(fun(Cipher) ->
65                         is_acceptable_cipher(ssl_cipher_format:suite_bin_to_map(Cipher))
66                 end,
67                 tls_v1:exclusive_anonymous_suites(corresponding_minor_tls_version(Minor))).
68
69
70hmac_hash(MacAlg, MacSecret, Value) ->
71    tls_v1:hmac_hash(MacAlg, MacSecret, Value).
72
73ecc_curves({_Major, Minor}) ->
74    tls_v1:ecc_curves(corresponding_minor_tls_version(Minor)).
75
76corresponding_tls_version({254, Minor}) ->
77    {3, corresponding_minor_tls_version(Minor)}.
78
79cookie_secret() ->
80    crypto:strong_rand_bytes(32).
81
82cookie_timeout() ->
83    %% Cookie will live for two timeouts periods
84    round(rand:uniform() * ?COOKIE_BASE_TIMEOUT/2).
85
86corresponding_minor_tls_version(255) ->
87    2;
88corresponding_minor_tls_version(253) ->
89    3.
90
91corresponding_dtls_version({3, Minor}) ->
92    {254, corresponding_minor_dtls_version(Minor)}.
93
94corresponding_minor_dtls_version(2) ->
95    255;
96corresponding_minor_dtls_version(3) ->
97    253.
98is_acceptable_cipher(Suite) ->
99    not ssl_cipher:is_stream_ciphersuite(Suite).
100