mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

very basic support for public key types in cipher list string with '+'

Browse Source
This commit is contained in:
JacobBarthelmeh 2023-01-04 10:49:18 -08:00
parent adb406e1ee
commit a3e085f204
2 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/internal.c
View File

@ -24280,13 +24280,33 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
}
}
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
if (length > 1) {
const char* substr = NULL;
if (*current == '!') {
allowing = 0;
current++;
length--;
}
/* extract public key types from a string like ECDHE+AESGCM */
substr = XSTRSTR(current, "+");
if (substr != NULL) {
word32 currLen = (word32)(substr - current);
if (length > currLen) {
length = currLen;
}
/* checking for the DH substring includes ECDH / ECDHE suites */
if (XSTRSTR(substr, "DH") || XSTRSTR(substr, "RSA")) {
substr += 1; /* +1 to skip over '+' */
current = substr;
}
else {
length = (word32)(substr - current);
}
}
}
#endif
@ -24383,6 +24403,16 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
continue;
}
if (XSTRCMP(name, "ECDHE") == 0) {
if (allowing) {
haveECC = 1;
haveECDSAsig = 1;
callInitSuites = 1;
ret = 1;
}
continue;
}
if (XSTRCMP(name, "kRSA") == 0 || XSTRCMP(name, "RSA") == 0) {
haveStaticRSA = allowing;
if (allowing) {

6
tests/api.c
View File

@ -7113,6 +7113,12 @@ static int test_wolfSSL_CTX_set_cipher_list(void)
AssertIntEQ(server_args.return_code, TEST_SUCCESS);
FreeTcpReady(&ready);
/* check with cipher string that has '+' */
AssertNotNull((ctxClient = wolfSSL_CTX_new(wolfTLSv1_2_client_method())));
AssertTrue(wolfSSL_CTX_set_cipher_list(ctxClient, "ECDHE+AESGCM"));
wolfSSL_CTX_free(ctxClient);
res = TEST_RES_CHECK(1);
#endif
return res;