From 85d692d1c40b5c4172a3dc0424166eff782b5474 Mon Sep 17 00:00:00 2001
From: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Date: Mon, 25 Apr 2022 12:42:55 +0200
Subject: [PATCH] ssl client/server: add parsing function for key_opaque_algs
 command line option

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
---
 programs/ssl/ssl_test_lib.c | 28 ++++++++++++++++++++++++++++
 programs/ssl/ssl_test_lib.h | 20 ++++++++++++++++++++
 2 files changed, 48 insertions(+)

diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c
index a28a47769e..cfe718302f 100644
--- a/programs/ssl/ssl_test_lib.c
+++ b/programs/ssl/ssl_test_lib.c
@@ -193,6 +193,34 @@ int rng_get( void *p_rng, unsigned char *output, size_t output_len )
 #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */
 }
 
+int key_opaque_alg_parse( const char *arg, const char **alg1, const char **alg2 )
+{
+    char* separator;
+    if( ( separator = strchr( arg, ',' ) ) == NULL )
+        return 1;
+    *separator = '\0';
+
+    *alg1 = arg;
+    *alg2 = separator + 1;
+
+    if ( strcmp( *alg1, "rsa-sign-pkcs1" ) != 0 &&
+         strcmp( *alg1, "rsa-sign-pss" ) != 0 &&
+         strcmp( *alg1, "rsa-decrypt" ) != 0 &&
+         strcmp( *alg1, "ecdsa-sign" ) != 0 &&
+         strcmp( *alg1, "ecdh" ) != 0 )
+        return 1;
+
+    if ( strcmp( *alg2, "rsa-sign-pkcs1" ) != 0 &&
+         strcmp( *alg2, "rsa-sign-pss" ) != 0 &&
+         strcmp( *alg2, "rsa-decrypt" ) != 0 &&
+         strcmp( *alg2, "ecdsa-sign" ) != 0 &&
+         strcmp( *alg2, "ecdh" ) != 0 &&
+         strcmp( *alg2, "none" ) != 0 )
+        return 1;
+
+    return 0;
+}
+
 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
 int ca_callback( void *data, mbedtls_x509_crt const *child,
                  mbedtls_x509_crt **candidates )
diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h
index a359b3fe2c..a0ca01de0f 100644
--- a/programs/ssl/ssl_test_lib.h
+++ b/programs/ssl/ssl_test_lib.h
@@ -221,6 +221,26 @@ void rng_free( rng_context_t *rng );
  */
 int rng_get( void *p_rng, unsigned char *output, size_t output_len );
 
+/** Parse command-line option: key_opaque_algs
+ *
+ *
+ * \param arg           String value of key_opaque_algs
+ *                      Coma-separated pair of values among the following:
+ *                      - "rsa-sign-pkcs1"
+ *                      - "rsa-sign-pss"
+ *                      - "rsa-decrypt"
+ *                      - "ecdsa-sign"
+ *                      - "ecdh"
+ *                      - "none" (only acceptable for the second value).
+ * \param alg1          Address of pointer to alg #1
+ * \param alg2          Address of pointer to alg #2
+ *
+ * \return              \c 0 on success.
+ * \return              \c 1 on parse failure.
+ */
+int key_opaque_alg_parse( const char *arg, const char **alg1, const char **alg2 );
+
+
 #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
 /* The test implementation of the PSA external RNG is insecure. When
  * MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, before using any PSA crypto