cipher: allow getting the proto of a ciphersuite

This commit adds a `rustls_supported_ciphersuite_protocol()` fn for getting the IANA registered protocol version identifier supported by a given `rustls_supported_ciphersuite`. This avoids downstream users having to use `rustls_supported_ciphersuite_get_name()` and then matching on the protocol version prefix in that identifier.
rustls · Sep 10, 2024 · 122b69b · 122b69b
1 parent 99f40a2
commit 122b69b
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -81,6 +81,10 @@ requirements.
       a `rustls_client_config_builder` with
       `rustls_client_config_builder_set_server_verifier()`.
 
+* A new `rustls_supported_ciphersuite_protocol()` function was added for getting
+  the IANA registered protocol version identifier supported by a given
+  `rustls_supported_ciphersuite`.
+
 * When using `aws-lc-rs` as the crypto provider, NIST P-521 signatures are now
   supported.
 

diff --git a/src/cipher.rs b/src/cipher.rs
@@ -100,6 +100,18 @@ pub extern "C" fn rustls_supported_ciphersuite_get_name(
     }
 }
 
+/// Returns the IANA registered protocol version identifier of the ciphersuite.
+///
+/// See also `RUSTLS_ALL_VERSIONS`.
+#[no_mangle]
+pub extern "C" fn rustls_supported_ciphersuite_protocol(
+    supported_ciphersuite: *const rustls_supported_ciphersuite,
+) -> u16 {
+    ffi_panic_boundary! {
+        u16::from(try_ref_from_ptr!(supported_ciphersuite).version().version)
+    }
+}
+
 arc_castable! {
     /// The complete chain of certificates to send during a TLS handshake,
     /// plus a private key that matches the end-entity (leaf) certificate.
@@ -1162,7 +1174,8 @@ mod tests {
             let suite = rustls_default_crypto_provider_ciphersuites_get(i);
             let name = rustls_supported_ciphersuite_get_name(suite);
             let name = unsafe { name.to_str() };
-            println!("{}: {}", i, name);
+            let proto = rustls_supported_ciphersuite_protocol(suite);
+            println!("{}: {} {}", i, name, proto);
         }
     }
 }
diff --git a/src/rustls.h b/src/rustls.h
@@ -1018,6 +1018,13 @@ uint16_t rustls_supported_ciphersuite_get_suite(const struct rustls_supported_ci
  */
 struct rustls_str rustls_supported_ciphersuite_get_name(const struct rustls_supported_ciphersuite *supported_ciphersuite);
 
+/**
+ * Returns the IANA registered protocol version identifier of the ciphersuite.
+ *
+ * See also `RUSTLS_ALL_VERSIONS`.
+ */
+uint16_t rustls_supported_ciphersuite_protocol(const struct rustls_supported_ciphersuite *supported_ciphersuite);
+
 /**
  * Build a `rustls_certified_key` from a certificate chain and a private key
  * and the default process-wide crypto provider.