/*** Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved. File: TLSCipherSuites.cpp Date: 2022-8-27 Author: Reece ***/ #include "TLS.hpp" #include namespace Aurora::IO::TLS { AUKN_SYM const AuList &GetDefaultCipherSuites() { static AuList gDefaultSuites { #if defined(MBEDTLS_SSL_PROTO_TLS1_3) MBEDTLS_TLS1_3_AES_128_GCM_SHA256, MBEDTLS_TLS1_3_AES_256_GCM_SHA384, MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, MBEDTLS_TLS1_3_AES_128_CCM_SHA256, MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, #endif MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 }; return gDefaultSuites; } AUKN_SYM const AuList &GetSupportedCipherSuites() { static AuList gSupportedSuites; if (gSupportedSuites.empty()) { auto iItr = ::mbedtls_ssl_list_ciphersuites(); while (auto cipher = *(iItr++)) { gSupportedSuites.push_back(cipher); } } return gSupportedSuites; } AUKN_SYM AuUInt16 CipherSuiteFromString(const AuString &string) { auto pSuite = ::mbedtls_ssl_ciphersuite_from_string(string.c_str()); if (!pSuite) { SysPushErrorCrypt("Unknown ciphersuite: {}", string); return 0; } return pSuite->private_id; } AUKN_SYM AuString CipherSuiteToString(AuUInt16 uCipherSuite) { auto pSuite = ::mbedtls_ssl_ciphersuite_from_id(uCipherSuite); if (!pSuite) { SysPushErrorCrypt("Unknown ciphersuite: {} ({:02x})", uCipherSuite, uCipherSuite); return {}; } return pSuite->private_name; } }