2 files changed, 37 insertions, 17 deletions

diff --git a/src/tls/tls_ciphersuite.cpp b/src/tls/tls_ciphersuite.cpp
index 9718a5b08..1dde8514e 100644
--- a/src/tls/tls_ciphersuite.cpp
+++ b/src/tls/tls_ciphersuite.cpp
@@ -56,6 +56,27 @@ Ciphersuite Ciphersuite::by_name(const std::string& name)
    return Ciphersuite(); // some unknown ciphersuite
    }
 
+Ciphersuite::Ciphersuite(u16bit ciphersuite_code,
+                         const char* sig_algo,
+                         const char* kex_algo,
+                         const char* cipher_algo,
+                         size_t cipher_keylen,
+                         size_t cipher_ivlen,
+                         const char* mac_algo,
+                         size_t mac_keylen,
+                         const char* prf_algo) :
+   m_ciphersuite_code(ciphersuite_code),
+   m_sig_algo(sig_algo),
+   m_kex_algo(kex_algo),
+   m_cipher_algo(cipher_algo),
+   m_mac_algo(mac_algo),
+   m_prf_algo(prf_algo),
+   m_cipher_keylen(cipher_keylen),
+   m_cipher_ivlen(cipher_ivlen),
+   m_mac_keylen(mac_keylen)
+   {
+   }
+
 bool Ciphersuite::psk_ciphersuite() const
    {
    return (kex_algo() == "PSK" ||
@@ -68,6 +89,16 @@ bool Ciphersuite::ecc_ciphersuite() const
    return (kex_algo() == "ECDH" || sig_algo() == "ECDSA");
    }
 
+bool Ciphersuite::valid() const
+   {
+   if(!m_cipher_keylen)
+      return false;
+
+   // fixme: check that all sub-algorithms are enabled
+
+   return true;
+   }
+
 std::string Ciphersuite::to_string() const
    {
    if(m_cipher_keylen == 0)
diff --git a/src/tls/tls_ciphersuite.h b/src/tls/tls_ciphersuite.h
index 73ca5b9e6..865e66abb 100644
--- a/src/tls/tls_ciphersuite.h
+++ b/src/tls/tls_ciphersuite.h
@@ -101,32 +101,21 @@ class BOTAN_DLL Ciphersuite
       /**
       * @return true if this is a valid/known ciphersuite
       */
-      bool valid() const { return (m_cipher_keylen > 0); }
+      bool valid() const;
 
       Ciphersuite() {}
 
    private:
 
       Ciphersuite(u16bit ciphersuite_code,
-                  const std::string& sig_algo,
-                  const std::string& kex_algo,
-                  const std::string& cipher_algo,
+                  const char* sig_algo,
+                  const char* kex_algo,
+                  const char* cipher_algo,
                   size_t cipher_keylen,
                   size_t cipher_ivlen,
-                  const std::string& mac_algo,
+                  const char* mac_algo,
                   size_t mac_keylen,
-                  const std::string& prf_algo = "") :
-         m_ciphersuite_code(ciphersuite_code),
-         m_sig_algo(sig_algo),
-         m_kex_algo(kex_algo),
-         m_cipher_algo(cipher_algo),
-         m_mac_algo(mac_algo),
-         m_prf_algo(prf_algo),
-         m_cipher_keylen(cipher_keylen),
-         m_cipher_ivlen(cipher_ivlen),
-         m_mac_keylen(mac_keylen)
-            {
-            }
+                  const char* prf_algo = "");
 
       u16bit m_ciphersuite_code = 0;