steve
/
factor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

openssl: More ciphers.

db4
Doug Coleman 2016-03-04 18:42:35 +00:00
parent 46c9143232
commit c077ee91e9
1 changed files with 37 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
basis/io/sockets/secure/openssl/openssl.factor
View File

@ -1,14 +1,13 @@
! Copyright (C) 2007, 2008, Slava Pestov, Elie CHAFTARI. ! Copyright (C) 2007, 2008, Slava Pestov, Elie CHAFTARI.
! See http://factorcode.org/license.txt for BSD license. ! See http://factorcode.org/license.txt for BSD license.
USING: accessors alien alien.c-types alien.data alien.strings USING: accessors alien alien.c-types alien.data alien.strings
assocs byte-arrays classes.struct combinators destructors fry assocs byte-arrays classes.struct combinators destructors fry io
io io.binary io.backend io.buffers io.encodings.8-bit.latin1 io.backend io.binary io.buffers io.encodings.8-bit.latin1
io.encodings.utf8 io.files io.pathnames io.ports io.sockets io.encodings.utf8 io.files io.pathnames io.ports io.sockets
io.sockets.secure io.timeouts kernel libc io.sockets.secure io.timeouts kernel libc locals math
math.functions math.order math.parser memoize namespaces openssl
locals math math.functions math.order math.parser namespaces openssl.libcrypto openssl.libssl random sequences splitting
openssl openssl.libcrypto openssl.libssl random sequences unicode.case ;
splitting unicode.case ;
IN: io.sockets.secure.openssl IN: io.sockets.secure.openssl
GENERIC: ssl-method ( symbol -- method ) GENERIC: ssl-method ( symbol -- method )
@ -16,6 +15,36 @@ M: TLSv1 ssl-method drop TLSv1_method ;
M: TLSv1.1 ssl-method drop TLSv1_1_method ; M: TLSv1.1 ssl-method drop TLSv1_1_method ;
M: TLSv1.2 ssl-method drop TLSv1_2_method ; M: TLSv1.2 ssl-method drop TLSv1_2_method ;
MEMO: make-cipher-list ( -- string )
{
"ECDHE-ECDSA-AES256-GCM-SHA384"
"ECDHE-ECDSA-AES256-SHA384"
"ECDHE-ECDSA-AES128-GCM-SHA256"
"ECDHE-ECDSA-AES128-SHA256"
"ECDHE-RSA-AES256-GCM-SHA384"
"ECDHE-RSA-AES256-SHA384"
"ECDHE-RSA-AES128-GCM-SHA256"
"ECDHE-RSA-AES128-SHA256"
"ECDHE-ECDSA-AES256-CCM8"
"ECDHE-ECDSA-AES256-CCM"
"ECDHE-ECDSA-AES128-CCM8"
"ECDHE-ECDSA-AES128-CCM"
"ECDHE-ECDSA-CAMELLIA256-SHA384"
"ECDHE-RSA-CAMELLIA256-SHA384"
"ECDHE-ECDSA-CAMELLIA128-SHA256"
"ECDHE-RSA-CAMELLIA128-SHA256"
"ECDHE-RSA-CHACHA20-POLY1305"
"ECDHE-ECDSA-CHACHA20-POLY1305"
"ECDHE-PSK-CHACHA20-POLY1305"
"AES256-SHA"
"AES128-SHA256"
"AES128-SHA"
"CAMELLIA256-SHA"
"CAMELLIA128-SHA"
"IDEA-CBC-SHA"
"DES-CBC3-SHA"
} ":" join ;
TUPLE: openssl-context < secure-context aliens sessions ; TUPLE: openssl-context < secure-context aliens sessions ;
<PRIVATE <PRIVATE
@ -170,9 +199,7 @@ SYMBOL: default-secure-context
current-secure-context sessions>> set-at ; current-secure-context sessions>> set-at ;
: set-secure-cipher-list-only ( ssl -- ssl ) : set-secure-cipher-list-only ( ssl -- ssl )
dup handle>> dup handle>> make-cipher-list SSL_set_cipher_list ssl-error ;
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:DES-CBC3-SHA:IDEA-CBC-SHA:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA:AES256-SHA:CAMELLIA256-SHA"
SSL_set_cipher_list ssl-error ;
: <ssl-handle> ( fd -- ssl ) : <ssl-handle> ( fd -- ssl )
[ [