From bd4e8ac71490beecb1f9fa912a39a0618cca4d28 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Thu, 28 Apr 2016 22:45:54 -0600 Subject: [PATCH] cipher name string format --- src/internal.c | 40 ++++++++++++++++++++++++++++++++++++++++ src/ssl.c | 6 ++++++ wolfssl/internal.h | 1 + wolfssl/openssl/ssl.h | 10 ++++++---- wolfssl/ssl.h | 1 + 5 files changed, 54 insertions(+), 4 deletions(-) diff --git a/src/internal.c b/src/internal.c index 3eff4849f..f9ba832af 100755 --- a/src/internal.c +++ b/src/internal.c @@ -11121,6 +11121,46 @@ int GetCipherNamesSize(void) return (int)(sizeof(cipher_names) / sizeof(char*)); } +/* gets cipher name in the format DHE-RSA-... rather then TLS_DHE... */ +const char* wolfSSL_get_cipher_name_internal(WOLFSSL* ssl) +{ + const char* fullName; + const char* first; + WOLFSSL_CIPHER* cipher; + word32 i; + + if (ssl == NULL) { + WOLFSSL_MSG("Bad argument"); + return NULL; + } + + cipher = wolfSSL_get_current_cipher(ssl); + fullName = wolfSSL_CIPHER_get_name(cipher); + if (fullName) { + first = (XSTRSTR(fullName, "CHACHA")) ? "CHACHA" + : (XSTRSTR(fullName, "EC")) ? "EC" + : (XSTRSTR(fullName, "CCM")) ? "CCM" + : NULL; /* normal */ + + for (i = 0; i < sizeof(cipher_name_idx); i++) { + if (cipher_name_idx[i] == ssl->options.cipherSuite) { + const char* nameFound = cipher_names[i]; + + /* if first is null then not any */ + if (first == NULL && !XSTRSTR(nameFound, "CHACHA") && + !XSTRSTR(nameFound, "EC") && !XSTRSTR(nameFound, "CCM")) { + return cipher_names[i]; + } + else if (XSTRSTR(nameFound, first)) { + return cipher_names[i]; + } + } + } + } + + return NULL; /* error or not found */ +} + /** Set the enabled cipher suites. diff --git a/src/ssl.c b/src/ssl.c index 0a16cf123..ab0a958b1 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -11272,6 +11272,12 @@ const char* wolfSSL_get_cipher(WOLFSSL* ssl) return wolfSSL_CIPHER_get_name(wolfSSL_get_current_cipher(ssl)); } +/* gets cipher name in the format DHE-RSA-... rather then TLS_DHE... */ +const char* wolfSSL_get_cipher_name(WOLFSSL* ssl) +{ + /* get access to cipher_name_idx in internal.c */ + return wolfSSL_get_cipher_name_internal(ssl); +} #ifdef OPENSSL_EXTRA diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 77a070a0e..20791338b 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -3064,6 +3064,7 @@ WOLFSSL_LOCAL void c32to24(word32 in, word24 out); WOLFSSL_LOCAL const char* const* GetCipherNames(void); WOLFSSL_LOCAL int GetCipherNamesSize(void); +WOLFSSL_LOCAL const char* wolfSSL_get_cipher_name_internal(WOLFSSL* ssl); enum encrypt_side { diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index ce6865909..c4672ef0b 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -185,12 +185,14 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX; #define SSL_SESSION_free wolfSSL_SESSION_free #define SSL_is_init_finished wolfSSL_is_init_finished -#define SSL_get_version wolfSSL_get_version +#define SSL_get_version wolfSSL_get_version #define SSL_get_current_cipher wolfSSL_get_current_cipher -#define SSL_get_cipher wolfSSL_get_cipher + +/* use wolfSSL_get_cipher_name for its return format */ +#define SSL_get_cipher wolfSSL_get_cipher_name #define SSL_CIPHER_description wolfSSL_CIPHER_description -#define SSL_CIPHER_get_name wolfSSL_CIPHER_get_name -#define SSL_get1_session wolfSSL_get1_session +#define SSL_CIPHER_get_name wolfSSL_CIPHER_get_name +#define SSL_get1_session wolfSSL_get1_session #define SSL_get_keyblock_size wolfSSL_get_keyblock_size #define SSL_get_keys wolfSSL_get_keys diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index ee45e6224..54ab02125 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -267,6 +267,7 @@ WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*); WOLFSSL_API int wolfSSL_set_fd (WOLFSSL*, int); WOLFSSL_API char* wolfSSL_get_cipher_list(int priority); WOLFSSL_API int wolfSSL_get_ciphers(char*, int); +WOLFSSL_API const char* wolfSSL_get_cipher_name(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_get_fd(const WOLFSSL*); WOLFSSL_API void wolfSSL_set_using_nonblock(WOLFSSL*, int); WOLFSSL_API int wolfSSL_get_using_nonblock(WOLFSSL*);