-
Notifications
You must be signed in to change notification settings - Fork 55
/
dtls_ciphers_util.c
96 lines (84 loc) · 2.68 KB
/
dtls_ciphers_util.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
/*******************************************************************************
*
* Copyright (c) 2022 Contributors to the Eclipse Foundation.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* and Eclipse Distribution License v. 1.0 which accompanies this distribution.
*
* The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
* and the Eclipse Distribution License is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
*******************************************************************************/
#include <string.h>
#include <math.h>
#include "dtls_ciphers_util.h"
struct cipher_entry {
const char* name;
const dtls_cipher_t cipher;
};
#define CIPHER_ENTRY(X) { .name = #X, .cipher = X }
#define ARRAY_LENGTH (sizeof(map)/sizeof(struct cipher_entry))
#define SEP ':'
static const struct cipher_entry map[] = {
#ifdef DTLS_PSK
CIPHER_ENTRY(TLS_PSK_WITH_AES_128_CCM),
CIPHER_ENTRY(TLS_PSK_WITH_AES_128_CCM_8),
#endif /* DTLS_PSK */
#ifdef DTLS_ECC
CIPHER_ENTRY(TLS_ECDHE_ECDSA_WITH_AES_128_CCM),
CIPHER_ENTRY(TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8),
#endif /* DTLS_ECC */
{ .name = NULL, .cipher = TLS_NULL_WITH_NULL_NULL}
};
static dtls_cipher_t ciphers_table[ARRAY_LENGTH] = { TLS_NULL_WITH_NULL_NULL };
static dtls_cipher_t find_cipher_suite(const char *arg) {
if (arg) {
size_t arg_len = strlen(arg);
for (size_t i=0; i < ARRAY_LENGTH - 1; ++i) {
size_t len = strlen(map[i].name);
if (len <= arg_len) {
if (strncmp(arg, map[i].name, len) == 0 && (arg[len] == 0 || arg[len] == SEP)) {
return map[i].cipher;
}
}
}
}
return TLS_NULL_WITH_NULL_NULL;
}
static void add_cipher_suite(dtls_cipher_t cipher) {
for (size_t i=0; i < ARRAY_LENGTH - 1; ++i) {
if (ciphers_table[i] == cipher) {
return;
}
if (ciphers_table[i] == TLS_NULL_WITH_NULL_NULL) {
ciphers_table[i] = cipher;
ciphers_table[i + 1] = TLS_NULL_WITH_NULL_NULL;
return;
}
}
}
const dtls_cipher_t*
init_cipher_suites(const char* arg) {
while (arg) {
dtls_cipher_t cipher = find_cipher_suite(arg);
if (cipher != TLS_NULL_WITH_NULL_NULL) {
add_cipher_suite(cipher);
}
arg = strchr(arg, SEP);
if (arg) {
++arg;
}
}
return ciphers_table;
}
void
cipher_suites_usage(FILE* file, const char* head) {
fprintf(file, "%s-c ciphers\tlist of cipher suites separated by ':'\n", head);
fprintf(file, "%s\t\t(default is %s", head, map[0].name);
for (int i = 1; map[i].name; ++i) {
fprintf(file, "\n%s\t\t :%s", head, map[i].name);
}
fprintf(file, ")\n");
}