diff options
author | Jack Lloyd <[email protected]> | 2016-08-15 12:01:14 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2016-08-16 15:51:38 -0400 |
commit | b740f4dd6957d9beaf451854907916f1fb5f7a20 (patch) | |
tree | e6f6e51753b22e6f4159a392c6c1eae124e13bdc /src/scripts/tls_suite_info.py | |
parent | 25710f5375edb1af47699d128c04b4de0f2d0547 (diff) |
Clean up TLS ciphersuite handling
Stores ciphersuites in a sorted std::vector, then lookups are done
by binary search instead of a switch lookup.
The loop that explicitly gathered all the ciphersuites out of the switch
statement can then be removed, as can Ciphersuite::all_known_ciphersuite_ids
which only existed to make the scan loop faster by avoiding having to
call by_id on the entire 0x0000-0xFFFF range.
Precomputes the result of Ciphersuite::valid at construction time.
Diffstat (limited to 'src/scripts/tls_suite_info.py')
-rwxr-xr-x | src/scripts/tls_suite_info.py | 39 |
1 files changed, 8 insertions, 31 deletions
diff --git a/src/scripts/tls_suite_info.py b/src/scripts/tls_suite_info.py index 1f094f4b5..1d059b3f9 100755 --- a/src/scripts/tls_suite_info.py +++ b/src/scripts/tls_suite_info.py @@ -293,48 +293,25 @@ namespace Botan { namespace TLS { -std::vector<u16bit> Ciphersuite::all_known_ciphersuite_ids() +//static +const std::vector<Ciphersuite>& Ciphersuite::all_known_ciphersuites() { - return std::vector<u16bit>{ + // Note that this list of ciphersuites is ordered by id! + static const std::vector<Ciphersuite> g_ciphersuite_list = { """ - for i in sorted(suites.keys()): - suite_info += " 0x%s,\n" % (i) - - suite_info += """ }; -} - -Ciphersuite Ciphersuite::by_id(u16bit suite) - { - switch(suite) - { -""" - - """ - Ciphersuite(u16bit ciphersuite_code, - const char* sig_algo, - const char* kex_algo, - const char* cipher_algo, - size_t cipher_keylen, - size_t nonce_bytes_from_handshake, - size_t nonce_bytes_from_record, - const char* mac_algo, - size_t mac_keylen, - const char* prf_algo = ""); - """ - for code in sorted(suites.keys()): info = suites[code] assert len(info) == 11 suite_expr = 'Ciphersuite(0x%s, "%s", "%s", "%s", "%s", %d, %d, %d, "%s", %d, "%s")' % ( code, info[0], info[2], info[3], info[4], info[5], info[6], info[7], info[8], info[9], info[10]) - suite_info += " case 0x%s:\n" % (code) - suite_info += " return %s;\n\n" % (suite_expr) + suite_info += " " + suite_expr + ",\n" + - suite_info += """ } + suite_info += """ }; - return Ciphersuite(); // some unknown ciphersuite + return g_ciphersuite_list; } } |