Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[cli] regonise aegis cipher-suites #482

Merged
merged 3 commits into from
Aug 10, 2023
Merged

[cli] regonise aegis cipher-suites #482

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b0bbfa7
[cli] we are copying from `ptls_openssl_cipher_suites`
kazuho Aug 9, 2023
8d0d798
[cli] regonize aegis in `-y` option; the option now recognizes RFC844…
kazuho Aug 9, 2023
62527e4
in help, display the list of cipher-suites supported
kazuho Aug 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 29 additions & 22 deletions t/cli.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -386,8 +386,7 @@ static void usage(const char *cmd)
" -u update the traffic key when handshake is complete\n"
" -v verify peer using the default certificates\n"
" -V CA-root-file verify peer using the CA Root File\n"
" -y cipher-suite cipher-suite to be used, e.g., aes128gcmsha256 (default:\n"
" all)\n"
" -y cipher-suite cipher-suite to be used\n"
" -h print this help\n"
"\n"
"Supported named groups: secp256r1"
Expand All @@ -411,8 +410,15 @@ static void usage(const char *cmd)
#if PTLS_OPENSSL_HAVE_ED25519
", ed25519"
#endif
"\n\n",
"\n",
cmd);
printf("Supported cipher suites:");
for (size_t i = 0; ptls_openssl_cipher_suites_all[i] != NULL; ++i) {
if (i != 0)
printf(",");
printf(" %s", ptls_openssl_cipher_suites_all[i]->name);
}
printf("\n\n");
}

int main(int argc, char **argv)
Expand Down Expand Up @@ -547,26 +553,27 @@ int main(int argc, char **argv)
request_key_update = 1;
break;
case 'y': {
size_t i;
for (i = 0; cipher_suites[i] != NULL; ++i)
;
#define MATCH(name) \
if (cipher_suites[i] == NULL && strcasecmp(optarg, #name) == 0) \
cipher_suites[i] = &ptls_openssl_##name
MATCH(aes128gcmsha256);
MATCH(aes256gcmsha384);
#if PTLS_OPENSSL_HAVE_CHACHA20_POLY1305
MATCH(chacha20poly1305sha256);
#endif
#if PTLS_HAVE_AEGIS
MATCH(aegis128lsha256);
MATCH(aegis256sha384);
#endif
#undef MATCH
if (cipher_suites[i] == NULL) {
fprintf(stderr, "unknown cipher-suite: %s\n", optarg);
/* find the cipher suite to be added from `ptls_openssl_cipher_suites_all` */
ptls_cipher_suite_t *added = NULL;
for (size_t i = 0; ptls_openssl_cipher_suites_all[i] != NULL; ++i) {
if (strcasecmp(ptls_openssl_cipher_suites_all[i]->name, optarg) == 0) {
added = ptls_openssl_cipher_suites_all[i];
break;
}
}
if (added == NULL) {
fprintf(stderr, "unknown cipher-suite: %s, see -h for list of cipher-suites supported\n", optarg);
exit(1);
}

size_t slot;
for (slot = 0; cipher_suites[slot] != NULL; ++slot) {
if (cipher_suites[slot]->id == added->id) {
fprintf(stderr, "cipher-suite %s is already in list\n", added->name);
exit(1);
}
}
cipher_suites[slot] = added;
} break;
case 'h':
usage(argv[0]);
Expand Down Expand Up @@ -639,7 +646,7 @@ int main(int argc, char **argv)
if (cipher_suites[0] == NULL) {
size_t i;
for (i = 0; ptls_openssl_cipher_suites[i] != NULL; ++i)
cipher_suites[i] = ptls_openssl_cipher_suites_all[i];
cipher_suites[i] = ptls_openssl_cipher_suites[i];
}
if (argc != 2) {
fprintf(stderr, "missing host and port\n");
Expand Down
Loading