const cipher_kt_t *
stream_get_cipher_type(int method)
{
if (method <= TABLE || method >= STREAM_CIPHER_NUM) {
LOGE("stream_get_cipher_type(): Illegal method");
return NULL;
}
if (method == RC4_MD5) {
method = RC4;
}
if (method >= SALSA20) {
return NULL;
}
const char *ciphername = supported_stream_ciphers[method];
const char *mbedtlsname = supported_stream_ciphers_mbedtls[method];
if (strcmp(mbedtlsname, CIPHER_UNSUPPORTED) == 0) {
LOGE("Cipher %s currently is not supported by mbed TLS library",
ciphername);
return NULL;
}
return mbedtls_cipher_info_from_string(mbedtlsname);
}
const mbedtls_cipher_info_t *
cipher_kt_get(const char *ciphername)
{
const mbedtls_cipher_info_t *cipher = NULL;
ASSERT(ciphername);
cipher = mbedtls_cipher_info_from_string(ciphername);
if (NULL == cipher)
{
msg(D_LOW, "Cipher algorithm '%s' not found", ciphername);
return NULL;
}
if (cipher->key_bitlen/8 > MAX_CIPHER_KEY_LENGTH)
{
msg(D_LOW, "Cipher algorithm '%s' uses a default key size (%d bytes) "
"which is larger than " PACKAGE_NAME "'s current maximum key size "
"(%d bytes)", ciphername, cipher->key_bitlen/8, MAX_CIPHER_KEY_LENGTH);
return NULL;
}
return cipher;
}
cipher_initer()
{
int32_t i, j, k;
for (i = 0; i < PROVIDER_COUNT; i++)
for (j = 0; j < SIZE_COUNT; j++)
if (s_sizes[i][j].name)
for (k = 1; k < MODE_COUNT; k++) {
exlib::string name = s_sizes[i][j].name;
name.append(s_modes[k]);
s_sizes[i][j].cis[k] = mbedtls_cipher_info_from_string(name.c_str());
if (s_sizes[i][j].cis[k])
s_sizes[i][j].size = s_sizes[i][j].cis[k]->key_bitlen;
}
}
int cipherInfo(State & state){
Stack * stack = state.stack;
CipherInfo * interfaceCipherInfo = OBJECT_IFACE(CipherInfo);
mbedtls_cipher_info_t * info = nullptr;
if (stack->is<LUA_TNUMBER>(1)){
mbedtls_cipher_type_t type = static_cast<mbedtls_cipher_type_t>(stack->to<int>(1));
info = const_cast<mbedtls_cipher_info_t*>(mbedtls_cipher_info_from_type(type));
}
else if (stack->is<LUA_TSTRING>(1)){
const std::string name = stack->to<const std::string>(1);
info = const_cast<mbedtls_cipher_info_t*>(mbedtls_cipher_info_from_string(name.c_str()));
}
if (info){
interfaceCipherInfo->push(info);
return 1;
}
else{
return 0;
}
}
/*
* get basic cipher info structure
* it's a wrapper offered by crypto library
*/
const cipher_kt_t *
aead_get_cipher_type(int method)
{
if (method < AES128GCM || method >= AEAD_CIPHER_NUM) {
LOGE("aead_get_cipher_type(): Illegal method");
return NULL;
}
/* cipher that don't use mbed TLS, just return */
if (method >= CHACHA20POLY1305IETF) {
return NULL;
}
const char *ciphername = supported_aead_ciphers[method];
const char *mbedtlsname = supported_aead_ciphers_mbedtls[method];
if (strcmp(mbedtlsname, CIPHER_UNSUPPORTED) == 0) {
LOGE("Cipher %s currently is not supported by mbed TLS library",
ciphername);
return NULL;
}
return mbedtls_cipher_info_from_string(mbedtlsname);
}
const cipher_kt_t *
get_cipher_type(int method)
{
if (method <= TABLE || method >= CIPHER_NUM) {
LOGE("get_cipher_type(): Illegal method");
return NULL;
}
if (method == RC4_MD5) {
method = RC4;
}
if (method >= SALSA20) {
return NULL;
}
const char *ciphername = supported_ciphers[method];
#if defined(USE_CRYPTO_OPENSSL)
return EVP_get_cipherbyname(ciphername);
#elif defined(USE_CRYPTO_POLARSSL)
const char *polarname = supported_ciphers_polarssl[method];
if (strcmp(polarname, CIPHER_UNSUPPORTED) == 0) {
LOGE("Cipher %s currently is not supported by PolarSSL library",
ciphername);
return NULL;
}
return cipher_info_from_string(polarname);
#elif defined(USE_CRYPTO_MBEDTLS)
const char *mbedtlsname = supported_ciphers_mbedtls[method];
if (strcmp(mbedtlsname, CIPHER_UNSUPPORTED) == 0) {
LOGE("Cipher %s currently is not supported by mbed TLS library",
ciphername);
return NULL;
}
return mbedtls_cipher_info_from_string(mbedtlsname);
#endif
}
