Skip to content

Commit

Permalink
Merge pull request #482 from h2o/kazuho/cli-aegis
Browse files Browse the repository at this point in the history
[cli] regonise aegis cipher-suites
  • Loading branch information
kazuho authored Aug 10, 2023
2 parents fe2cb6b + 62527e4 commit a130468
Showing 1 changed file with 29 additions and 22 deletions.
51 changes: 29 additions & 22 deletions t/cli.c
Original file line number Diff line number Diff line change
Expand Up @@ -386,8 +386,7 @@ static void usage(const char *cmd)
" -u update the traffic key when handshake is complete\n"
" -v verify peer using the default certificates\n"
" -V CA-root-file verify peer using the CA Root File\n"
" -y cipher-suite cipher-suite to be used, e.g., aes128gcmsha256 (default:\n"
" all)\n"
" -y cipher-suite cipher-suite to be used\n"
" -h print this help\n"
"\n"
"Supported named groups: secp256r1"
Expand All @@ -411,8 +410,15 @@ static void usage(const char *cmd)
#if PTLS_OPENSSL_HAVE_ED25519
", ed25519"
#endif
"\n\n",
"\n",
cmd);
printf("Supported cipher suites:");
for (size_t i = 0; ptls_openssl_cipher_suites_all[i] != NULL; ++i) {
if (i != 0)
printf(",");
printf(" %s", ptls_openssl_cipher_suites_all[i]->name);
}
printf("\n\n");
}

int main(int argc, char **argv)
Expand Down Expand Up @@ -547,26 +553,27 @@ int main(int argc, char **argv)
request_key_update = 1;
break;
case 'y': {
size_t i;
for (i = 0; cipher_suites[i] != NULL; ++i)
;
#define MATCH(name) \
if (cipher_suites[i] == NULL && strcasecmp(optarg, #name) == 0) \
cipher_suites[i] = &ptls_openssl_##name
MATCH(aes128gcmsha256);
MATCH(aes256gcmsha384);
#if PTLS_OPENSSL_HAVE_CHACHA20_POLY1305
MATCH(chacha20poly1305sha256);
#endif
#if PTLS_HAVE_AEGIS
MATCH(aegis128lsha256);
MATCH(aegis256sha384);
#endif
#undef MATCH
if (cipher_suites[i] == NULL) {
fprintf(stderr, "unknown cipher-suite: %s\n", optarg);
/* find the cipher suite to be added from `ptls_openssl_cipher_suites_all` */
ptls_cipher_suite_t *added = NULL;
for (size_t i = 0; ptls_openssl_cipher_suites_all[i] != NULL; ++i) {
if (strcasecmp(ptls_openssl_cipher_suites_all[i]->name, optarg) == 0) {
added = ptls_openssl_cipher_suites_all[i];
break;
}
}
if (added == NULL) {
fprintf(stderr, "unknown cipher-suite: %s, see -h for list of cipher-suites supported\n", optarg);
exit(1);
}

size_t slot;
for (slot = 0; cipher_suites[slot] != NULL; ++slot) {
if (cipher_suites[slot]->id == added->id) {
fprintf(stderr, "cipher-suite %s is already in list\n", added->name);
exit(1);
}
}
cipher_suites[slot] = added;
} break;
case 'h':
usage(argv[0]);
Expand Down Expand Up @@ -639,7 +646,7 @@ int main(int argc, char **argv)
if (cipher_suites[0] == NULL) {
size_t i;
for (i = 0; ptls_openssl_cipher_suites[i] != NULL; ++i)
cipher_suites[i] = ptls_openssl_cipher_suites_all[i];
cipher_suites[i] = ptls_openssl_cipher_suites[i];
}
if (argc != 2) {
fprintf(stderr, "missing host and port\n");
Expand Down

0 comments on commit a130468

Please sign in to comment.