1515
1616#include <stdint.h>
1717#include <stdlib.h>
18+ #include <unistd.h>
1819
1920#include "api/s2n.h"
21+ #include "tls/policy/s2n_policy_feature.h"
2022#include "tls/s2n_security_policies.h"
21- #include "tls/s2n_security_rules.h"
22-
23- #define BOOL_STR (b ) ((b) ? "yes" : "no")
24-
25- extern const struct s2n_security_rule security_rule_definitions [S2N_SECURITY_RULES_COUNT ];
26-
27- const char * version_strs [] = {
28- [S2N_SSLv2 ] = "SSLv2" ,
29- [S2N_SSLv3 ] = "SSLv3" ,
30- [S2N_TLS10 ] = "TLS1.0" ,
31- [S2N_TLS11 ] = "TLS1.1" ,
32- [S2N_TLS12 ] = "TLS1.2" ,
33- [S2N_TLS13 ] = "TLS1.3" ,
34- };
3523
3624static int usage ()
3725{
@@ -47,72 +35,25 @@ int main(int argc, char *const *argv)
4735 exit (1 );
4836 }
4937
38+ if (s2n_init () != S2N_SUCCESS ) {
39+ fprintf (stderr , "Error: Failed to initialize s2n\n" );
40+ exit (1 );
41+ }
42+
5043 const char * policy_name = argv [1 ];
5144 const struct s2n_security_policy * policy = NULL ;
5245 if (s2n_find_security_policy_from_version (policy_name , & policy ) != S2N_SUCCESS ) {
53- usage ();
46+ fprintf (stderr , "Error: Failed to find security policy\n" );
47+ s2n_cleanup ();
5448 exit (1 );
5549 }
5650
57- printf ("name: %s\n" , policy_name );
58-
59- const char * version_str = version_strs [policy -> minimum_protocol_version ];
60- printf ("min version: %s\n" , version_str ? version_str : "None" );
61-
62- printf ("rules:\n" );
63- for (size_t i = 0 ; i < S2N_SECURITY_RULES_COUNT ; i ++ ) {
64- printf ("- %s: %s\n" , security_rule_definitions [i ].name , BOOL_STR (policy -> rules [i ]));
65- }
66-
67- printf ("cipher suites:\n" );
68- if (policy -> cipher_preferences -> allow_chacha20_boosting ) {
69- printf ("- chacha20 boosting enabled\n" );
70- }
71- for (size_t i = 0 ; i < policy -> cipher_preferences -> count ; i ++ ) {
72- printf ("- %s\n" , policy -> cipher_preferences -> suites [i ]-> iana_name );
73- }
74-
75- printf ("signature schemes:\n" );
76- for (size_t i = 0 ; i < policy -> signature_preferences -> count ; i ++ ) {
77- printf ("- %s\n" , policy -> signature_preferences -> signature_schemes [i ]-> name );
78- }
79-
80- printf ("curves:\n" );
81- for (size_t i = 0 ; i < policy -> ecc_preferences -> count ; i ++ ) {
82- printf ("- %s\n" , policy -> ecc_preferences -> ecc_curves [i ]-> name );
83- }
84-
85- if (policy -> certificate_signature_preferences ) {
86- if (policy -> certificate_preferences_apply_locally ) {
87- printf ("certificate preferences apply locally\n" );
88- }
89- printf ("certificate signature schemes:\n" );
90- for (size_t i = 0 ; i < policy -> certificate_signature_preferences -> count ; i ++ ) {
91- printf ("- %s\n" , policy -> certificate_signature_preferences -> signature_schemes [i ]-> name );
92- }
93- }
94-
95- if (policy -> certificate_key_preferences ) {
96- printf ("certificate keys:\n" );
97- for (size_t i = 0 ; i < policy -> certificate_key_preferences -> count ; i ++ ) {
98- printf ("- %s\n" , policy -> certificate_key_preferences -> certificate_keys [i ]-> name );
99- }
100- }
101-
102- if (policy -> kem_preferences && policy -> kem_preferences != & kem_preferences_null ) {
103- printf ("pq:\n" );
104- printf ("- revision: %i\n" , policy -> kem_preferences -> tls13_pq_hybrid_draft_revision );
105- if (policy -> kem_preferences -> kem_count > 0 ) {
106- printf ("- kems:\n" );
107- for (size_t i = 0 ; i < policy -> kem_preferences -> kem_count ; i ++ ) {
108- printf ("-- %s\n" , policy -> kem_preferences -> kems [i ]-> name );
109- }
110- }
111- printf ("- kem groups:\n" );
112- for (size_t i = 0 ; i < policy -> kem_preferences -> tls13_kem_group_count ; i ++ ) {
113- printf ("-- %s\n" , policy -> kem_preferences -> tls13_kem_groups [i ]-> name );
114- }
51+ uint32_t output_size = 0 ;
52+ if (s2n_security_policy_write_fd (policy , S2N_POLICY_FORMAT_DEBUG_V1 , STDOUT_FILENO , & output_size ) != S2N_SUCCESS ) {
53+ s2n_cleanup ();
54+ exit (1 );
11555 }
11656
57+ s2n_cleanup ();
11758 return 0 ;
11859}
0 commit comments