min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add standard ciphername support

This commit is contained in:
Steven Fackler 2019-02-22 10:33:12 -07:00
parent 7eee39f1ec
commit 70afbb8393
3 changed files with 56 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openssl-sys/src/ssl.rs
View File

@ -876,6 +876,10 @@ extern "C" {
#[cfg(ossl111)] #[cfg(ossl111)]
pub fn SSL_CIPHER_get_handshake_digest(cipher: *const ::SSL_CIPHER) -> *const ::EVP_MD; pub fn SSL_CIPHER_get_handshake_digest(cipher: *const ::SSL_CIPHER) -> *const ::EVP_MD;
pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char; pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char;
#[cfg(ossl111)]
pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char;
#[cfg(ossl111)]
pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char;
pub fn SSL_pending(ssl: *const SSL) -> c_int; pub fn SSL_pending(ssl: *const SSL) -> c_int;
pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO); pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO);

47
openssl/src/ssl/mod.rs
View File

@ -113,6 +113,28 @@ mod error;
#[cfg(test)] #[cfg(test)]
mod test; mod test;
/// Returns the OpenSSL name of a cipher corresponding to an RFC-standard cipher name.
///
/// Requires OpenSSL 1.1.1 or newer.
///
/// This corresponds to [`OPENSSL_cipher_name`]
///
/// [`OPENSSL_cipher_name`]: https://www.openssl.org/docs/manmaster/man3/SSL_CIPHER_get_name.html
#[cfg(ossl111)]
pub fn cipher_name(std_name: &str) -> Option<&'static str> {
unsafe {
ffi::init();
let s = CString::new(std_name).unwrap();
let ptr = ffi::OPENSSL_cipher_name(s.as_ptr());
if ptr.is_null() {
None
} else {
Some(CStr::from_ptr(ptr).to_str().unwrap())
}
}
}
bitflags! { bitflags! {
/// Options controlling the behavior of an `SslContext`. /// Options controlling the behavior of an `SslContext`.
pub struct SslOptions: c_ulong { pub struct SslOptions: c_ulong {
@ -1880,12 +1902,29 @@ impl SslCipherRef {
/// ///
/// [`SSL_CIPHER_get_name`]: https://www.openssl.org/docs/manmaster/man3/SSL_CIPHER_get_name.html /// [`SSL_CIPHER_get_name`]: https://www.openssl.org/docs/manmaster/man3/SSL_CIPHER_get_name.html
pub fn name(&self) -> &'static str { pub fn name(&self) -> &'static str {
let name = unsafe { unsafe {
let ptr = ffi::SSL_CIPHER_get_name(self.as_ptr()); let ptr = ffi::SSL_CIPHER_get_name(self.as_ptr());
CStr::from_ptr(ptr as *const _) CStr::from_ptr(ptr).to_str().unwrap()
}; }
}
str::from_utf8(name.to_bytes()).unwrap() /// Returns the RFC-standard name of the cipher, if one exists.
///
/// Requires OpenSSL 1.1.1 or newer.
///
/// This corresponds to [`SSL_CIPHER_standard_name`].
///
/// [`SSL_CIPHER_standard_name`]: https://www.openssl.org/docs/manmaster/man3/SSL_CIPHER_get_name.html
#[cfg(ossl111)]
pub fn standard_name(&self) -> Option<&'static str> {
unsafe {
let ptr = ffi::SSL_CIPHER_standard_name(self.as_ptr());
if ptr.is_null() {
None
} else {
Some(CStr::from_ptr(ptr).to_str().unwrap())
}
}
} }
/// Returns the SSL/TLS protocol version that first defined the cipher. /// Returns the SSL/TLS protocol version that first defined the cipher.

9
openssl/src/ssl/test.rs
View File

@ -1838,3 +1838,12 @@ fn client_hello() {
guard.join().unwrap(); guard.join().unwrap();
} }
#[test]
#[cfg(ossl111)]
fn openssl_cipher_name() {
assert_eq!(
super::cipher_name("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"),
Some("ECDHE-RSA-AES256-SHA384")
);
}