Open sfackler opened 7 years ago
We'll also probably want to disable unauthenticated and anonymous suites entirely.
I'm interested in this. I took a stab at the security-framework
and schannel-rs
implementations, and the public API in https://github.com/cyang1/rust-native-tls/commit/a82bfbe245b76d0aa0d44366f157cb4d6ced3f93. I think the OpenSSL implementation would be simple as you mentioned above.
I don't think my change is necessarily production ready yet, as it's not necessarily maintainable in its current state.
In my change, the questions I still have are:
suite_supported()
function in your proposal above? (Maybe there's some underlying structure to the cipher suite constants on macOS, haven't dug too far into that.)
OpenSSL's the most flexible here, and SChannel is the least. The cross-platform solution will probably look something like an SChannel style enum of algorithms that will be unioned:
If you then call
would mean all ciphers that use RSA or DHE for key exchange, AES as a bulk cipher, and SHA256 as a hash algorithm would be enabled. That'd translate in SChannel to
and in OpenSSL to (note that we have to generate the cartesian product of key exchange, bulk cipher and hash algorithms)
and in Secure Transport to a somewhat complicated dance where we load supported ciphers and filter them through the provided algorithms:
One interesting question is what to do if no algorithm in a category is specified (e.g. just
&[Algorithm::Aes, Algorithm::Dhe]
is passed). Should that mean that no suites match and no connections will work, or that all algorithms of that type can be used?An alternative design would be to have separate enums for each algorithm type:
It would be a bit more clear, but more verbose as well.