AuroraSupport/AuroraRuntime
2
1
Fork 0
Code Issues 29 Pull Requests Releases Wiki Activity

[+] TLS::GetDefaultCipherSuites

Browse Source 
[+] TLS::GetSupportedCipherSuites
[+] TLS::CipherSuiteFromString
[+] TLS::CipherSuiteToString
[+] internal logic for setting up the ciphersuite array
This commit is contained in:
Reece Wilson 2022-08-29 19:57:24 +01:00
parent 401cf09962
commit afa7c8f5f8
4 changed files with 86 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Include/Aurora/IO/TLS/TLSCipherSuites.hpp
View File

@ -9,5 +9,9 @@
namespace Aurora::IO::TLS
{
AUKN_SYM AuList<AuUInt16> GetSupportedCipherSuites();
AUKN_SYM const AuList<AuUInt16> &GetDefaultCipherSuites();
AUKN_SYM const AuList<AuUInt16> &GetSupportedCipherSuites();
AUKN_SYM AuUInt16 CipherSuiteFromString(const AuString &string);
AUKN_SYM AuString CipherSuiteToString(AuUInt16 uCipherSuite);
}

60
Source/IO/TLS/TLSCipherSuites.cpp
View File

@ -6,11 +6,67 @@
Author: Reece
***/
#include "TLS.hpp"
#include <mbedtls/ssl.h>
namespace Aurora::IO::TLS
{
AUKN_SYM AuList<AuUInt16> GetSupportedCipherSuites()
AUKN_SYM const AuList<AuUInt16> &GetDefaultCipherSuites()
{
return {};
static AuList<AuUInt16> gDefaultSuites {
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
};
return gDefaultSuites;
}
AUKN_SYM const AuList<AuUInt16> &GetSupportedCipherSuites()
{
static AuList<AuUInt16> gSupportedSuites;
if (gSupportedSuites.empty())
{
auto iItr = mbedtls_ssl_list_ciphersuites();
while (auto cipher = *(iItr++))
{
gSupportedSuites.push_back(cipher);
}
}
return gSupportedSuites;
}
AUKN_SYM AuUInt16 CipherSuiteFromString(const AuString &string)
{
auto pSuite = mbedtls_ssl_ciphersuite_from_string(string.c_str());
if (!pSuite)
{
SysPushErrorCrypt("Unknown ciphersuite: {}", string);
return 0;
}
return pSuite->private_id;
}
AUKN_SYM AuString CipherSuiteToString(AuUInt16 uCipherSuite)
{
auto pSuite = mbedtls_ssl_ciphersuite_from_id(uCipherSuite);
if (!pSuite)
{
SysPushErrorCrypt("Unknown ciphersuite: {} ({:02x})", uCipherSuite, uCipherSuite);
return {};
}
return pSuite->private_name;
}
}

23
Source/IO/TLS/TLSContext.cpp
View File

@ -183,7 +183,28 @@ namespace Aurora::IO::TLS
}
}
::mbedtls_ssl_set_bio(&ssl, this, TLSContextSend, TLSContextRecv, NULL);
::mbedtls_ssl_set_bio(&ssl, this, TLSContextSend, TLSContextRecv, nullptr);
if (this->meta_.cipherSuites.size())
{
this->cipherSuites_.reserve(this->meta_.cipherSuites.size());
for (const auto &cipher : this->meta_.cipherSuites)
{
this->cipherSuites_.push_back(cipher);
}
}
else
{
auto &defaultCiphers = GetDefaultCipherSuites();
this->cipherSuites_.reserve(defaultCiphers.size());
for (const auto &cipher : defaultCiphers)
{
this->cipherSuites_.push_back(cipher);
}
}
this->cipherSuites_.push_back(0);
((mbedtls_ssl_config *)ssl.private_conf/*fuck yourself*/)->private_ciphersuite_list = this->cipherSuites_.data();
}
void TLSContext::Destroy()

1
Source/IO/TLS/TLSContext.hpp
View File

@ -70,6 +70,7 @@ namespace Aurora::IO::TLS
bool CheckCertificate(const AuMemoryViewRead &read);
private:
AuList<int> cipherSuites_;
TLSMeta meta_;
AuWPtr<Net::ISocket> wpSocket_;
TLSProtocolRecv channelRecv_;