#include "tlse.h"

int tls_cipher_supported(struct TLSContext *context, unsigned short cipher) {
	if (!context) {
		return 0;
	}

	switch (cipher) {
		case TLS_AES_128_GCM_SHA256:
		case TLS_AES_256_GCM_SHA384:
		case TLS_CHACHA20_POLY1305_SHA256:
			if (context->tlsver == TLS_VERSION13) {
				return 1;
			}
			return 0;
		case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
		case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
			if (context && ((context->certificates
							&& context->certificates_count
							&& context->ec_private_key)
						|| !context->is_server)) {
				return 1;
			}
			return 0;
		case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
		case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
		case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
		case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
		case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
			if (context->tlsver == TLS_VERSION12) {
				if (context && ((context->certificates
								&& context->certificates_count
								&& context->ec_private_key)
							|| !context->is_server)) {
					return 1;
				}
			}
			return 0;
		case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
		case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
		case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
		case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
		case TLS_RSA_WITH_AES_128_CBC_SHA:
		case TLS_RSA_WITH_AES_256_CBC_SHA:
			return 1;
		case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
		case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
		case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
		case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
		case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
		case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
		case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
		case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
		case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
		case TLS_RSA_WITH_AES_128_GCM_SHA256:
		case TLS_RSA_WITH_AES_128_CBC_SHA256:
		case TLS_RSA_WITH_AES_256_CBC_SHA256:
		case TLS_RSA_WITH_AES_256_GCM_SHA384:
			if (context->tlsver == TLS_VERSION12) {
				return 1;
			}
			return 0;
	}
	return 0;
}