Fizz command line testing for aegis

Summary: - Update Fizz server and client command line testing to support negotiating aegis cipher Reviewed By: AjanthanAsogamoorthy, mingtaoy Differential Revision: D45495189 fbshipit-source-id: 4a5e3c81b3cc590625b179b3ad5f011650621f87
facebookincubator · May 19, 2023 · 49ac348 · 49ac348
1 parent e28fb59
commit 49ac348
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 1 deletion.
diff --git a/fizz/protocol/Factory.h b/fizz/protocol/Factory.h
@@ -8,6 +8,11 @@
 
 #pragma once
 
+#include <fizz/fizz-config.h>
+#if FIZZ_HAS_AEGIS
+#include <fizz/crypto/aead/AEGISCipher.h>
+#endif
+
 #include <fizz/crypto/RandomGenerator.h>
 #include <fizz/crypto/aead/AESGCM128.h>
 #include <fizz/crypto/aead/AESGCM256.h>
@@ -95,6 +100,12 @@ class Factory {
         return OpenSSLEVPCipher::makeCipher<AESGCM256>();
       case CipherSuite::TLS_AES_128_OCB_SHA256_EXPERIMENTAL:
         return OpenSSLEVPCipher::makeCipher<AESOCB128>();
+#if FIZZ_HAS_AEGIS
+      case CipherSuite::TLS_AEGIS_128L_SHA256_EXPERIMENTAL:
+        return AEGISCipher::make128L();
+      case CipherSuite::TLS_AEGIS_256_SHA384_EXPERIMENTAL:
+        return AEGISCipher::make256();
+#endif
       default:
         throw std::runtime_error("aead: not implemented");
     }

diff --git a/fizz/protocol/OpenSSLFactory.h b/fizz/protocol/OpenSSLFactory.h
@@ -22,8 +22,10 @@ class OpenSSLFactory : public Factory {
       case CipherSuite::TLS_CHACHA20_POLY1305_SHA256:
       case CipherSuite::TLS_AES_128_GCM_SHA256:
       case CipherSuite::TLS_AES_128_OCB_SHA256_EXPERIMENTAL:
+      case CipherSuite::TLS_AEGIS_128L_SHA256_EXPERIMENTAL:
         return KeyDerivationImpl::make<Sha256>(getHkdfPrefix());
       case CipherSuite::TLS_AES_256_GCM_SHA384:
+      case CipherSuite::TLS_AEGIS_256_SHA384_EXPERIMENTAL:
         return KeyDerivationImpl::make<Sha384>(getHkdfPrefix());
       default:
         throw std::runtime_error("ks: not implemented");
@@ -36,8 +38,10 @@ class OpenSSLFactory : public Factory {
       case CipherSuite::TLS_CHACHA20_POLY1305_SHA256:
       case CipherSuite::TLS_AES_128_GCM_SHA256:
       case CipherSuite::TLS_AES_128_OCB_SHA256_EXPERIMENTAL:
+      case CipherSuite::TLS_AEGIS_128L_SHA256_EXPERIMENTAL:
         return std::make_unique<HandshakeContextImpl<Sha256>>(getHkdfPrefix());
       case CipherSuite::TLS_AES_256_GCM_SHA384:
+      case CipherSuite::TLS_AEGIS_256_SHA384_EXPERIMENTAL:
         return std::make_unique<HandshakeContextImpl<Sha384>>(getHkdfPrefix());
       default:
         throw std::runtime_error("hs: not implemented");

diff --git a/fizz/util/Parse-inl.h b/fizz/util/Parse-inl.h
@@ -18,7 +18,11 @@ inline CipherSuite parse(folly::StringPiece s) {
       {"TLS_CHACHA20_POLY1305_SHA256",
        CipherSuite::TLS_CHACHA20_POLY1305_SHA256},
       {"TLS_AES_128_OCB_SHA256_EXPERIMENTAL",
-       CipherSuite::TLS_AES_128_OCB_SHA256_EXPERIMENTAL}};
+       CipherSuite::TLS_AES_128_OCB_SHA256_EXPERIMENTAL},
+      {"TLS_AEGIS_128L_SHA256_EXPERIMENTAL",
+       CipherSuite::TLS_AEGIS_128L_SHA256_EXPERIMENTAL},
+      {"TLS_AEGIS_256_SHA384_EXPERIMENTAL",
+       CipherSuite::TLS_AEGIS_256_SHA384_EXPERIMENTAL}};
 
   auto location = stringToCiphers.find(s);
   if (location != stringToCiphers.end()) {