Context Navigation

source: rtems-libbsd/freebsd/crypto/openssl/apps/ciphers.c @ d1dac78

5

Last change on this file since d1dac78 was d1dac78, checked in by Christian Mauderer <christian.mauderer@…>, on 03/26/19 at 10:08:47
bin/openssl: Port to RTEMS.
Property mode set to `100644`
File size: 7.4 KB

Line
1	#include <machine/rtems-bsd-user-space.h>
2	#ifdef __rtems__
3	#include <machine/rtems-bsd-program.h>
4	#include "rtems-bsd-openssl-namespace.h"
5	#endif /* __rtems__ */
6
7	/*
8	* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
9	*
10	* Licensed under the OpenSSL license (the "License"). You may not use
11	* this file except in compliance with the License. You can obtain a copy
12	* in the file LICENSE in the source distribution or at
13	* https://www.openssl.org/source/license.html
14	*/
15
16	#include <stdio.h>
17	#include <stdlib.h>
18	#include <string.h>
19	#include "apps.h"
20	#include "progs.h"
21	#include <openssl/err.h>
22	#include <openssl/ssl.h>
23
24	typedef enum OPTION_choice {
25	OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
26	OPT_STDNAME,
27	OPT_CONVERT,
28	OPT_SSL3,
29	OPT_TLS1,
30	OPT_TLS1_1,
31	OPT_TLS1_2,
32	OPT_TLS1_3,
33	OPT_PSK,
34	OPT_SRP,
35	OPT_CIPHERSUITES,
36	OPT_V, OPT_UPPER_V, OPT_S
37	} OPTION_CHOICE;
38
39	const OPTIONS ciphers_options[] = {
40	{"help", OPT_HELP, '-', "Display this summary"},
41	{"v", OPT_V, '-', "Verbose listing of the SSL/TLS ciphers"},
42	{"V", OPT_UPPER_V, '-', "Even more verbose"},
43	{"s", OPT_S, '-', "Only supported ciphers"},
44	#ifndef OPENSSL_NO_SSL3
45	{"ssl3", OPT_SSL3, '-', "SSL3 mode"},
46	#endif
47	#ifndef OPENSSL_NO_TLS1
48	{"tls1", OPT_TLS1, '-', "TLS1 mode"},
49	#endif
50	#ifndef OPENSSL_NO_TLS1_1
51	{"tls1_1", OPT_TLS1_1, '-', "TLS1.1 mode"},
52	#endif
53	#ifndef OPENSSL_NO_TLS1_2
54	{"tls1_2", OPT_TLS1_2, '-', "TLS1.2 mode"},
55	#endif
56	#ifndef OPENSSL_NO_TLS1_3
57	{"tls1_3", OPT_TLS1_3, '-', "TLS1.3 mode"},
58	#endif
59	{"stdname", OPT_STDNAME, '-', "Show standard cipher names"},
60	#ifndef OPENSSL_NO_PSK
61	{"psk", OPT_PSK, '-', "include ciphersuites requiring PSK"},
62	#endif
63	#ifndef OPENSSL_NO_SRP
64	{"srp", OPT_SRP, '-', "include ciphersuites requiring SRP"},
65	#endif
66	{"convert", OPT_CONVERT, 's', "Convert standard name into OpenSSL name"},
67	{"ciphersuites", OPT_CIPHERSUITES, 's',
68	"Configure the TLSv1.3 ciphersuites to use"},
69	{NULL}
70	};
71
72	#ifndef OPENSSL_NO_PSK
73	static unsigned int dummy_psk(SSL ssl, const char hint, char *identity,
74	unsigned int max_identity_len,
75	unsigned char *psk,
76	unsigned int max_psk_len)
77	{
78	return 0;
79	}
80	#endif
81	#ifndef OPENSSL_NO_SRP
82	static char dummy_srp(SSL ssl, void *arg)
83	{
84	return "";
85	}
86	#endif
87
88	int ciphers_main(int argc, char **argv)
89	{
90	SSL_CTX *ctx = NULL;
91	SSL *ssl = NULL;
92	STACK_OF(SSL_CIPHER) *sk = NULL;
93	const SSL_METHOD *meth = TLS_server_method();
94	int ret = 1, i, verbose = 0, Verbose = 0, use_supported = 0;
95	int stdname = 0;
96	#ifndef OPENSSL_NO_PSK
97	int psk = 0;
98	#endif
99	#ifndef OPENSSL_NO_SRP
100	int srp = 0;
101	#endif
102	const char *p;
103	char ciphers = NULL, prog, convert = NULL, ciphersuites = NULL;
104	char buf[512];
105	OPTION_CHOICE o;
106	int min_version = 0, max_version = 0;
107
108	prog = opt_init(argc, argv, ciphers_options);
109	while ((o = opt_next()) != OPT_EOF) {
110	switch (o) {
111	case OPT_EOF:
112	case OPT_ERR:
113	opthelp:
114	BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
115	goto end;
116	case OPT_HELP:
117	opt_help(ciphers_options);
118	ret = 0;
119	goto end;
120	case OPT_V:
121	verbose = 1;
122	break;
123	case OPT_UPPER_V:
124	verbose = Verbose = 1;
125	break;
126	case OPT_S:
127	use_supported = 1;
128	break;
129	case OPT_STDNAME:
130	stdname = verbose = 1;
131	break;
132	case OPT_CONVERT:
133	convert = opt_arg();
134	break;
135	case OPT_SSL3:
136	min_version = SSL3_VERSION;
137	max_version = SSL3_VERSION;
138	break;
139	case OPT_TLS1:
140	min_version = TLS1_VERSION;
141	max_version = TLS1_VERSION;
142	break;
143	case OPT_TLS1_1:
144	min_version = TLS1_1_VERSION;
145	max_version = TLS1_1_VERSION;
146	break;
147	case OPT_TLS1_2:
148	min_version = TLS1_2_VERSION;
149	max_version = TLS1_2_VERSION;
150	break;
151	case OPT_TLS1_3:
152	min_version = TLS1_3_VERSION;
153	max_version = TLS1_3_VERSION;
154	break;
155	case OPT_PSK:
156	#ifndef OPENSSL_NO_PSK
157	psk = 1;
158	#endif
159	break;
160	case OPT_SRP:
161	#ifndef OPENSSL_NO_SRP
162	srp = 1;
163	#endif
164	break;
165	case OPT_CIPHERSUITES:
166	ciphersuites = opt_arg();
167	break;
168	}
169	}
170	argv = opt_rest();
171	argc = opt_num_rest();
172
173	if (argc == 1)
174	ciphers = *argv;
175	else if (argc != 0)
176	goto opthelp;
177
178	if (convert != NULL) {
179	BIO_printf(bio_out, "OpenSSL cipher name: %s\n",
180	OPENSSL_cipher_name(convert));
181	goto end;
182	}
183
184	ctx = SSL_CTX_new(meth);
185	if (ctx == NULL)
186	goto err;
187	if (SSL_CTX_set_min_proto_version(ctx, min_version) == 0)
188	goto err;
189	if (SSL_CTX_set_max_proto_version(ctx, max_version) == 0)
190	goto err;
191
192	#ifndef OPENSSL_NO_PSK
193	if (psk)
194	SSL_CTX_set_psk_client_callback(ctx, dummy_psk);
195	#endif
196	#ifndef OPENSSL_NO_SRP
197	if (srp)
198	SSL_CTX_set_srp_client_pwd_callback(ctx, dummy_srp);
199	#endif
200
201	if (ciphersuites != NULL && !SSL_CTX_set_ciphersuites(ctx, ciphersuites)) {
202	BIO_printf(bio_err, "Error setting TLSv1.3 ciphersuites\n");
203	goto err;
204	}
205
206	if (ciphers != NULL) {
207	if (!SSL_CTX_set_cipher_list(ctx, ciphers)) {
208	BIO_printf(bio_err, "Error in cipher list\n");
209	goto err;
210	}
211	}
212	ssl = SSL_new(ctx);
213	if (ssl == NULL)
214	goto err;
215
216	if (use_supported)
217	sk = SSL_get1_supported_ciphers(ssl);
218	else
219	sk = SSL_get_ciphers(ssl);
220
221	if (!verbose) {
222	for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
223	const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, i);
224	p = SSL_CIPHER_get_name(c);
225	if (p == NULL)
226	break;
227	if (i != 0)
228	BIO_printf(bio_out, ":");
229	BIO_printf(bio_out, "%s", p);
230	}
231	BIO_printf(bio_out, "\n");
232	} else {
233
234	for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
235	const SSL_CIPHER *c;
236
237	c = sk_SSL_CIPHER_value(sk, i);
238
239	if (Verbose) {
240	unsigned long id = SSL_CIPHER_get_id(c);
241	int id0 = (int)(id >> 24);
242	int id1 = (int)((id >> 16) & 0xffL);
243	int id2 = (int)((id >> 8) & 0xffL);
244	int id3 = (int)(id & 0xffL);
245
246	if ((id & 0xff000000L) == 0x03000000L)
247	BIO_printf(bio_out, " 0x%02X,0x%02X - ", id2, id3); /* SSL3
248	* cipher */
249	else
250	BIO_printf(bio_out, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
251	}
252	if (stdname) {
253	const char *nm = SSL_CIPHER_standard_name(c);
254	if (nm == NULL)
255	nm = "UNKNOWN";
256	BIO_printf(bio_out, "%s - ", nm);
257	}
258	BIO_puts(bio_out, SSL_CIPHER_description(c, buf, sizeof(buf)));
259	}
260	}
261
262	ret = 0;
263	goto end;
264	err:
265	ERR_print_errors(bio_err);
266	end:
267	if (use_supported)
268	sk_SSL_CIPHER_free(sk);
269	SSL_CTX_free(ctx);
270	SSL_free(ssl);
271	return ret;
272	}
273	#ifdef __rtems__
274	#include "rtems-bsd-openssl-ciphers-data.h"
275	#endif /* __rtems__ */

Note: See TracBrowser for help on using the repository browser.

Download in other formats: