File 4923-ssl-Remove-legacy-record-filed-for-SSL-3.0.patch of Package erlang
From 5b551010c2bfd5aca33d2d86e5f3eede608c9c95 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Wed, 8 Nov 2023 12:02:53 +0100
Subject: [PATCH 3/3] ssl: Remove legacy record filed for SSL-3.0
SSL-3.0 is no lnoger supported
---
lib/ssl/src/ssl_cipher.erl | 20 --------------------
lib/ssl/src/ssl_connection.hrl | 1 -
lib/ssl/src/ssl_handshake.erl | 7 +++----
lib/ssl/src/ssl_record.hrl | 1 -
lib/ssl/test/ssl_session_SUITE.erl | 1 -
5 files changed, 3 insertions(+), 27 deletions(-)
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 107f8b2d56..6926a324de 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -107,7 +107,6 @@ security_parameters(Version, CipherSuite, SecParams) ->
cipher_suite = CipherSuite,
bulk_cipher_algorithm = bulk_cipher_algorithm(Cipher),
cipher_type = type(Cipher),
- expanded_key_material_length = expanded_key_material(Cipher),
key_material_length = key_material(Cipher),
iv_size = iv_size(Cipher),
mac_algorithm = mac_algorithm(Hash),
@@ -744,25 +743,6 @@ key_material(aes_256_ccm) ->
key_material(chacha20_poly1305) ->
32.
-expanded_key_material(null) ->
- 0;
-expanded_key_material(rc4_128) ->
- 16;
-expanded_key_material(Cipher) when Cipher == des_cbc ->
- 8;
-expanded_key_material('3des_ede_cbc') ->
- 24;
-expanded_key_material(Cipher) when Cipher == aes_128_cbc;
- Cipher == aes_256_cbc;
- Cipher == aes_128_gcm;
- Cipher == aes_256_gcm;
- Cipher == aes_128_ccm;
- Cipher == aes_256_ccm;
- Cipher == aes_128_ccm_8;
- Cipher == aes_256_ccm_8;
- Cipher == chacha20_poly1305 ->
- unknown.
-
iv_size(Cipher) when Cipher == null;
Cipher == rc4_128 ->
0;
diff --git a/lib/ssl/src/ssl_connection.hrl b/lib/ssl/src/ssl_connection.hrl
index 5316c93b0d..a1dad0e9c4 100644
--- a/lib/ssl/src/ssl_connection.hrl
+++ b/lib/ssl/src/ssl_connection.hrl
@@ -185,7 +185,6 @@
%% cipher_type - TLS 1.3 uses only AEAD ciphers
%% iv_size - not used
%% key_material_length - not used
-%% expanded_key_material_length - used in SSL 3.0
%% mac_algorithm - not used
%% prf_algorithm - not used
%% hash_size - not used
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 7e5501c79f..d44ed05e85 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -2346,13 +2346,12 @@ master_secret(Version, MasterSecret,
hash_size = HashSize,
prf_algorithm = PrfAlgo,
key_material_length = KML,
- expanded_key_material_length = EKML,
iv_size = IVS},
ConnectionStates, Role) ->
{ClientWriteMacSecret, ServerWriteMacSecret, ClientWriteKey,
ServerWriteKey, ClientIV, ServerIV} =
setup_keys(Version, PrfAlgo, MasterSecret, ServerRandom,
- ClientRandom, HashSize, KML, EKML, IVS),
+ ClientRandom, HashSize, KML, IVS),
ConnStates1 = ssl_record:set_master_secret(MasterSecret, ConnectionStates),
ConnStates2 =
@@ -2365,9 +2364,9 @@ master_secret(Version, MasterSecret,
ssl_record:set_pending_cipher_state(ConnStates2, ClientCipherState,
ServerCipherState, Role)}.
setup_keys({3,N}, PrfAlgo, MasterSecret,
- ServerRandom, ClientRandom, HashSize, KML, _EKML, IVS) ->
+ ServerRandom, ClientRandom, HashSize, KML, IVS) ->
tls_v1:setup_keys(N, PrfAlgo, MasterSecret, ServerRandom, ClientRandom, HashSize,
- KML, IVS).
+ KML, IVS).
calc_master_secret({3,_}, PrfAlgo, PremasterSecret, ClientRandom, ServerRandom) ->
tls_v1:master_secret(PrfAlgo, PremasterSecret, ClientRandom, ServerRandom).
diff --git a/lib/ssl/src/ssl_record.hrl b/lib/ssl/src/ssl_record.hrl
index 1e7496640d..1d85e225ae 100644
--- a/lib/ssl/src/ssl_record.hrl
+++ b/lib/ssl/src/ssl_record.hrl
@@ -59,7 +59,6 @@
cipher_type,
iv_size,
key_material_length, % unit 8
- expanded_key_material_length, % unit 8
mac_algorithm, % unit 8
prf_algorithm, % unit 8
hash_size, % unit 8
diff --git a/lib/ssl/test/ssl_session_SUITE.erl b/lib/ssl/test/ssl_session_SUITE.erl
index 070354b28d..549939fad6 100644
--- a/lib/ssl/test/ssl_session_SUITE.erl
+++ b/lib/ssl/test/ssl_session_SUITE.erl
@@ -772,7 +772,6 @@ connection_states(Random) ->
cipher_type = 0,
iv_size = 0,
key_material_length = 0,
- expanded_key_material_length = 0,
mac_algorithm = 0,
prf_algorithm = 0,
hash_size = 0,
--
2.35.3