mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-21 15:41:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ssl server: add key_opaque_algs command line option

Browse Source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2022-04-25 12:46:22 +02:00
parent f1822febc4
commit 4ca0d72c3b
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
programs/ssl/ssl_server2.c
View File

@ -151,6 +151,7 @@ int main( void )
#define DFL_USE_SRTP 0 #define DFL_USE_SRTP 0
#define DFL_SRTP_FORCE_PROFILE 0 #define DFL_SRTP_FORCE_PROFILE 0
#define DFL_SRTP_SUPPORT_MKI 0 #define DFL_SRTP_SUPPORT_MKI 0
#define DFL_KEY_OPAQUE_ALG "none"
#define LONG_RESPONSE "<p>01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ #define LONG_RESPONSE "<p>01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
"02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
@ -455,6 +456,13 @@ int main( void )
#define USAGE_SERIALIZATION "" #define USAGE_SERIALIZATION ""
#endif #endif
#define USAGE_KEY_OPAQUE_ALGS \
" key_opaque_algs=%%s Allowed opaque key algorithms.\n" \
" coma-separated pair of values among the following:\n" \
" rsa-sign-pkcs1, rsa-sign-pss, rsa-decrypt,\n" \
" ecdsa-sign, ecdh, none (only acceptable for\n" \
" the second value).\n" \
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define USAGE_TLS1_3_KEY_EXCHANGE_MODES \ #define USAGE_TLS1_3_KEY_EXCHANGE_MODES \
" tls13_kex_modes=%%s default: all\n" \ " tls13_kex_modes=%%s default: all\n" \
@ -519,6 +527,7 @@ int main( void )
USAGE_ETM \ USAGE_ETM \
USAGE_CURVES \ USAGE_CURVES \
USAGE_SIG_ALGS \ USAGE_SIG_ALGS \
USAGE_KEY_OPAQUE_ALGS \
"\n" "\n"
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
@ -659,6 +668,8 @@ struct options
int use_srtp; /* Support SRTP */ int use_srtp; /* Support SRTP */
int force_srtp_profile; /* SRTP protection profile to use or all */ int force_srtp_profile; /* SRTP protection profile to use or all */
int support_mki; /* The dtls mki mki support */ int support_mki; /* The dtls mki mki support */
const char *key_opaque_alg1; /* Allowed opaque key alg 1 */
const char *key_opaque_alg2; /* Allowed Opaque key alg 2 */
} opt; } opt;
#include "ssl_test_common_source.c" #include "ssl_test_common_source.c"
@ -1615,6 +1626,8 @@ int main( int argc, char *argv[] )
opt.use_srtp = DFL_USE_SRTP; opt.use_srtp = DFL_USE_SRTP;
opt.force_srtp_profile = DFL_SRTP_FORCE_PROFILE; opt.force_srtp_profile = DFL_SRTP_FORCE_PROFILE;
opt.support_mki = DFL_SRTP_SUPPORT_MKI; opt.support_mki = DFL_SRTP_SUPPORT_MKI;
opt.key_opaque_alg1 = DFL_KEY_OPAQUE_ALG;
opt.key_opaque_alg2 = DFL_KEY_OPAQUE_ALG;
for( i = 1; i < argc; i++ ) for( i = 1; i < argc; i++ )
{ {
@ -2088,6 +2101,12 @@ int main( int argc, char *argv[] )
{ {
opt.support_mki = atoi( q ); opt.support_mki = atoi( q );
} }
else if( strcmp( p, "key_opaque_algs" ) == 0 )
{
if ( key_opaque_alg_parse( q, &opt.key_opaque_alg1,
&opt.key_opaque_alg2 ) != 0 )
goto usage;
}
else else
goto usage; goto usage;
} }