Botan 3.5.0
Crypto and TLS for C&
Botan::TLS::Ciphersuite Class Referencefinal

#include <tls_ciphersuite.h>

Public Member Functions

bool aead_ciphersuite () const
 
Auth_Method auth_method () const
 
bool cbc_ciphersuite () const
 
std::string cipher_algo () const
 
size_t cipher_keylen () const
 
uint16_t ciphersuite_code () const
 
bool ecc_ciphersuite () const
 
std::string kex_algo () const
 
Kex_Algo kex_method () const
 
std::string mac_algo () const
 
size_t mac_keylen () const
 
size_t nonce_bytes_from_handshake () const
 
size_t nonce_bytes_from_record (Protocol_Version version) const
 
Nonce_Format nonce_format () const
 
bool operator< (const Ciphersuite &o) const
 
bool operator< (const uint16_t c) const
 
std::string prf_algo () const
 
bool psk_ciphersuite () const
 
std::string sig_algo () const
 
bool signature_used () const
 
std::string to_string () const
 
bool usable_in_version (Protocol_Version version) const
 
bool valid () const
 

Static Public Member Functions

static const std::vector< Ciphersuite > & all_known_ciphersuites ()
 
static std::optional< Ciphersuiteby_id (uint16_t suite)
 
static std::optional< Ciphersuitefrom_name (std::string_view name)
 
static bool is_scsv (uint16_t suite)
 

Detailed Description

Ciphersuite Information

Definition at line 23 of file tls_ciphersuite.h.

Member Function Documentation

◆ aead_ciphersuite()

bool Botan::TLS::Ciphersuite::aead_ciphersuite ( ) const
Returns
true if this suite uses a AEAD cipher

Definition at line 82 of file tls_ciphersuite.cpp.

82 {
83 return (mac_algo() == "AEAD");
84}
std::string mac_algo() const

References mac_algo().

◆ all_known_ciphersuites()

const std::vector< Ciphersuite > & Botan::TLS::Ciphersuite::all_known_ciphersuites ( )
static

Generate a static list of all known ciphersuites and return it.

Returns
list of all known ciphersuites

Definition at line 15 of file tls_suite_info.cpp.

15 {
16 // clang-format off
17
18 // Note that this list of ciphersuites is ordered by id!
19 static const std::vector<Ciphersuite> g_ciphersuite_list = {
20 Ciphersuite(0x000A, "RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
21 Ciphersuite(0x0016, "DHE_RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
22 Ciphersuite(0x002F, "RSA_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
23 Ciphersuite(0x0033, "DHE_RSA_WITH_AES_128_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
24 Ciphersuite(0x0035, "RSA_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
25 Ciphersuite(0x0039, "DHE_RSA_WITH_AES_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
26 Ciphersuite(0x003C, "RSA_WITH_AES_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
27 Ciphersuite(0x003D, "RSA_WITH_AES_256_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
28 Ciphersuite(0x0067, "DHE_RSA_WITH_AES_128_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
29 Ciphersuite(0x006B, "DHE_RSA_WITH_AES_256_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
30 Ciphersuite(0x008B, "PSK_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::PSK, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
31 Ciphersuite(0x008C, "PSK_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
32 Ciphersuite(0x008D, "PSK_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
33 Ciphersuite(0x009C, "RSA_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
34 Ciphersuite(0x009D, "RSA_WITH_AES_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
35 Ciphersuite(0x009E, "DHE_RSA_WITH_AES_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
36 Ciphersuite(0x009F, "DHE_RSA_WITH_AES_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
37 Ciphersuite(0x00A8, "PSK_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
38 Ciphersuite(0x00A9, "PSK_WITH_AES_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
39 Ciphersuite(0x00AE, "PSK_WITH_AES_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
40 Ciphersuite(0x00AF, "PSK_WITH_AES_256_CBC_SHA384", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE),
41 Ciphersuite(0x1301, "AES_128_GCM_SHA256", Auth_Method::UNDEFINED, Kex_Algo::UNDEFINED, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
42 Ciphersuite(0x1302, "AES_256_GCM_SHA384", Auth_Method::UNDEFINED, Kex_Algo::UNDEFINED, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
43 Ciphersuite(0x1303, "CHACHA20_POLY1305_SHA256", Auth_Method::UNDEFINED, Kex_Algo::UNDEFINED, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
44 Ciphersuite(0x1304, "AES_128_CCM_SHA256", Auth_Method::UNDEFINED, Kex_Algo::UNDEFINED, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
45 Ciphersuite(0x1305, "AES_128_CCM_8_SHA256", Auth_Method::UNDEFINED, Kex_Algo::UNDEFINED, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
46 Ciphersuite(0xC008, "ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::ECDSA, Kex_Algo::ECDH, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
47 Ciphersuite(0xC009, "ECDHE_ECDSA_WITH_AES_128_CBC_SHA", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
48 Ciphersuite(0xC00A, "ECDHE_ECDSA_WITH_AES_256_CBC_SHA", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
49 Ciphersuite(0xC012, "ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::RSA, Kex_Algo::ECDH, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
50 Ciphersuite(0xC013, "ECDHE_RSA_WITH_AES_128_CBC_SHA", Auth_Method::RSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
51 Ciphersuite(0xC014, "ECDHE_RSA_WITH_AES_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
52 Ciphersuite(0xC023, "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
53 Ciphersuite(0xC024, "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE),
54 Ciphersuite(0xC027, "ECDHE_RSA_WITH_AES_128_CBC_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
55 Ciphersuite(0xC028, "ECDHE_RSA_WITH_AES_256_CBC_SHA384", Auth_Method::RSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE),
56 Ciphersuite(0xC02B, "ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
57 Ciphersuite(0xC02C, "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
58 Ciphersuite(0xC02F, "ECDHE_RSA_WITH_AES_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
59 Ciphersuite(0xC030, "ECDHE_RSA_WITH_AES_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::ECDH, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
60 Ciphersuite(0xC034, "ECDHE_PSK_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
61 Ciphersuite(0xC035, "ECDHE_PSK_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
62 Ciphersuite(0xC036, "ECDHE_PSK_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
63 Ciphersuite(0xC037, "ECDHE_PSK_WITH_AES_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
64 Ciphersuite(0xC038, "ECDHE_PSK_WITH_AES_256_CBC_SHA384", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE),
65 Ciphersuite(0xC050, "RSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
66 Ciphersuite(0xC051, "RSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
67 Ciphersuite(0xC052, "DHE_RSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
68 Ciphersuite(0xC053, "DHE_RSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
69 Ciphersuite(0xC05C, "ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
70 Ciphersuite(0xC05D, "ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
71 Ciphersuite(0xC060, "ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
72 Ciphersuite(0xC061, "ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::ECDH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
73 Ciphersuite(0xC06A, "PSK_WITH_ARIA_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
74 Ciphersuite(0xC06B, "PSK_WITH_ARIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::PSK, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
75 Ciphersuite(0xC07A, "RSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
76 Ciphersuite(0xC07B, "RSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
77 Ciphersuite(0xC07C, "DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
78 Ciphersuite(0xC07D, "DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
79 Ciphersuite(0xC086, "ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
80 Ciphersuite(0xC087, "ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
81 Ciphersuite(0xC08A, "ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
82 Ciphersuite(0xC08B, "ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::ECDH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
83 Ciphersuite(0xC08E, "PSK_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
84 Ciphersuite(0xC08F, "PSK_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::PSK, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
85 Ciphersuite(0xC09C, "RSA_WITH_AES_128_CCM", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
86 Ciphersuite(0xC09D, "RSA_WITH_AES_256_CCM", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256/CCM", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
87 Ciphersuite(0xC09E, "DHE_RSA_WITH_AES_128_CCM", Auth_Method::RSA, Kex_Algo::DH, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
88 Ciphersuite(0xC09F, "DHE_RSA_WITH_AES_256_CCM", Auth_Method::RSA, Kex_Algo::DH, "AES-256/CCM", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
89 Ciphersuite(0xC0A0, "RSA_WITH_AES_128_CCM_8", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
90 Ciphersuite(0xC0A1, "RSA_WITH_AES_256_CCM_8", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256/CCM(8)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
91 Ciphersuite(0xC0A2, "DHE_RSA_WITH_AES_128_CCM_8", Auth_Method::RSA, Kex_Algo::DH, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
92 Ciphersuite(0xC0A3, "DHE_RSA_WITH_AES_256_CCM_8", Auth_Method::RSA, Kex_Algo::DH, "AES-256/CCM(8)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
93 Ciphersuite(0xC0A4, "PSK_WITH_AES_128_CCM", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
94 Ciphersuite(0xC0A5, "PSK_WITH_AES_256_CCM", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256/CCM", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
95 Ciphersuite(0xC0A8, "PSK_WITH_AES_128_CCM_8", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
96 Ciphersuite(0xC0A9, "PSK_WITH_AES_256_CCM_8", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256/CCM(8)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
97 Ciphersuite(0xC0AC, "ECDHE_ECDSA_WITH_AES_128_CCM", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
98 Ciphersuite(0xC0AD, "ECDHE_ECDSA_WITH_AES_256_CCM", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256/CCM", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
99 Ciphersuite(0xC0AE, "ECDHE_ECDSA_WITH_AES_128_CCM_8", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
100 Ciphersuite(0xC0AF, "ECDHE_ECDSA_WITH_AES_256_CCM_8", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256/CCM(8)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
101 Ciphersuite(0xCCA8, "ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
102 Ciphersuite(0xCCA9, "ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
103 Ciphersuite(0xCCAA, "DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::RSA, Kex_Algo::DH, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
104 Ciphersuite(0xCCAB, "PSK_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
105 Ciphersuite(0xCCAC, "ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
106 Ciphersuite(0xD001, "ECDHE_PSK_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
107 Ciphersuite(0xD002, "ECDHE_PSK_WITH_AES_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
108 Ciphersuite(0xD003, "ECDHE_PSK_WITH_AES_128_CCM_8_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
109 Ciphersuite(0xD005, "ECDHE_PSK_WITH_AES_128_CCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
110 Ciphersuite(0xFFC3, "ECDHE_RSA_WITH_AES_256_OCB_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "AES-256/OCB(12)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
111 Ciphersuite(0xFFC5, "ECDHE_ECDSA_WITH_AES_256_OCB_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256/OCB(12)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
112 Ciphersuite(0xFFC7, "PSK_WITH_AES_256_OCB_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256/OCB(12)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
113 Ciphersuite(0xFFCB, "ECDHE_PSK_WITH_AES_256_OCB_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-256/OCB(12)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
114 };
115
116 // clang-format on
117
118 return g_ciphersuite_list;
119}

References Botan::TLS::AEAD_IMPLICIT_4, Botan::TLS::AEAD_XOR_12, Botan::TLS::CBC_MODE, Botan::TLS::DH, Botan::TLS::ECDH, Botan::TLS::ECDHE_PSK, Botan::TLS::ECDSA, Botan::TLS::IMPLICIT, Botan::TLS::PSK, Botan::TLS::RSA, Botan::TLS::SHA_1, Botan::TLS::SHA_256, Botan::TLS::SHA_384, Botan::TLS::STATIC_RSA, and Botan::TLS::UNDEFINED.

Referenced by by_id(), Botan::TLS::Policy::ciphersuite_list(), and from_name().

◆ auth_method()

Auth_Method Botan::TLS::Ciphersuite::auth_method ( ) const
inline

Definition at line 96 of file tls_ciphersuite.h.

96{ return m_auth_method; }

Referenced by ecc_ciphersuite(), and signature_used().

◆ by_id()

std::optional< Ciphersuite > Botan::TLS::Ciphersuite::by_id ( uint16_t suite)
static

Convert an SSL/TLS ciphersuite to algorithm fields

Parameters
suitethe ciphersuite code number
Returns
ciphersuite object or std::nullopt if it is unknown to the library

Definition at line 90 of file tls_ciphersuite.cpp.

90 {
91 const std::vector<Ciphersuite>& all_suites = all_known_ciphersuites();
92 auto s = std::lower_bound(all_suites.begin(), all_suites.end(), suite);
93
94 if(s != all_suites.end() && s->ciphersuite_code() == suite) {
95 return *s;
96 }
97
98 return std::nullopt; // some unknown ciphersuite
99}
static const std::vector< Ciphersuite > & all_known_ciphersuites()

References all_known_ciphersuites().

Referenced by Botan::TLS::Session_Base::ciphersuite(), Botan::TLS::Client_Hello_13::retry(), Botan::TLS::Handshake_State::server_hello(), Botan::TLS::Server_Hello_12::Server_Hello_12(), Botan::TLS::Server_Hello_13::Server_Hello_13(), and Botan::TLS::Session::Session().

◆ cbc_ciphersuite()

bool Botan::TLS::Ciphersuite::cbc_ciphersuite ( ) const
Returns
true if this suite uses a CBC cipher

Definition at line 78 of file tls_ciphersuite.cpp.

78 {
79 return (mac_algo() != "AEAD");
80}

References mac_algo().

Referenced by Botan::TLS::Server_Hello_12::Server_Hello_12().

◆ cipher_algo()

std::string Botan::TLS::Ciphersuite::cipher_algo ( ) const
inline

◆ cipher_keylen()

size_t Botan::TLS::Ciphersuite::cipher_keylen ( ) const
inline
Returns
cipher key length used by this ciphersuite

Definition at line 113 of file tls_ciphersuite.h.

113{ return m_cipher_keylen; }

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), and Botan::TLS::Session_Keys::Session_Keys().

◆ ciphersuite_code()

uint16_t Botan::TLS::Ciphersuite::ciphersuite_code ( ) const
inline
Returns
ciphersuite number

Definition at line 60 of file tls_ciphersuite.h.

60{ return m_ciphersuite_code; }

Referenced by operator<(), and usable_in_version().

◆ ecc_ciphersuite()

bool Botan::TLS::Ciphersuite::ecc_ciphersuite ( ) const
Returns
true if this is an ECC ciphersuite

Definition at line 60 of file tls_ciphersuite.cpp.

60 {
62}
Auth_Method auth_method() const
Kex_Algo kex_method() const

References auth_method(), Botan::TLS::ECDH, Botan::TLS::ECDHE_PSK, Botan::TLS::ECDSA, and kex_method().

Referenced by Botan::TLS::Server_Hello_12::Server_Hello_12().

◆ from_name()

std::optional< Ciphersuite > Botan::TLS::Ciphersuite::from_name ( std::string_view name)
static

Convert an SSL/TLS ciphersuite name to algorithm fields

Parameters
namethe IANA name for the desired ciphersuite
Returns
ciphersuite object or std::nullopt if it is unknown to the library

Definition at line 101 of file tls_ciphersuite.cpp.

101 {
102 const std::vector<Ciphersuite>& all_suites = all_known_ciphersuites();
103
104 for(auto suite : all_suites) {
105 if(suite.to_string() == name) {
106 return suite;
107 }
108 }
109
110 return std::nullopt; // some unknown ciphersuite
111}
std::string name

References all_known_ciphersuites(), and name.

◆ is_scsv()

bool Botan::TLS::Ciphersuite::is_scsv ( uint16_t suite)
static

Returns true iff this suite is a known SCSV

Definition at line 51 of file tls_ciphersuite.cpp.

51 {
52 // TODO: derive from IANA file in script
53 return (suite == 0x00FF || suite == 0x5600);
54}

◆ kex_algo()

std::string Botan::TLS::Ciphersuite::kex_algo ( ) const
inline
Returns
key exchange algorithm used by this ciphersuite

Definition at line 87 of file tls_ciphersuite.h.

std::string kex_method_to_string(Kex_Algo method)
Definition tls_algos.cpp:28

References Botan::TLS::kex_method_to_string().

◆ kex_method()

◆ mac_algo()

std::string Botan::TLS::Ciphersuite::mac_algo ( ) const
inline
Returns
message authentication algorithm used by this ciphersuite

Definition at line 106 of file tls_ciphersuite.h.

106{ return m_mac_algo; }

Referenced by Botan::TLS::Policy::acceptable_ciphersuite(), aead_ciphersuite(), cbc_ciphersuite(), and Botan::TLS::Connection_Cipher_State::Connection_Cipher_State().

◆ mac_keylen()

size_t Botan::TLS::Ciphersuite::mac_keylen ( ) const
inline

◆ nonce_bytes_from_handshake()

size_t Botan::TLS::Ciphersuite::nonce_bytes_from_handshake ( ) const

Definition at line 19 of file tls_ciphersuite.cpp.

19 {
20 switch(m_nonce_format) {
22 if(cipher_algo() == "3DES") {
23 return 8;
24 } else {
25 return 16;
26 }
27 }
29 return 4;
31 return 12;
32 }
33
34 throw Invalid_State("In Ciphersuite::nonce_bytes_from_handshake invalid enum value");
35}
std::string cipher_algo() const

References Botan::TLS::AEAD_IMPLICIT_4, Botan::TLS::AEAD_XOR_12, Botan::TLS::CBC_MODE, and cipher_algo().

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), and Botan::TLS::Session_Keys::Session_Keys().

◆ nonce_bytes_from_record()

size_t Botan::TLS::Ciphersuite::nonce_bytes_from_record ( Protocol_Version version) const

Definition at line 37 of file tls_ciphersuite.cpp.

37 {
38 BOTAN_UNUSED(version);
39 switch(m_nonce_format) {
41 return cipher_algo() == "3DES" ? 8 : 16;
43 return 8;
45 return 0;
46 }
47
48 throw Invalid_State("In Ciphersuite::nonce_bytes_from_handshake invalid enum value");
49}
#define BOTAN_UNUSED
Definition assert.h:118

References Botan::TLS::AEAD_IMPLICIT_4, Botan::TLS::AEAD_XOR_12, BOTAN_UNUSED, Botan::TLS::CBC_MODE, and cipher_algo().

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State().

◆ nonce_format()

Nonce_Format Botan::TLS::Ciphersuite::nonce_format ( ) const
inline

Definition at line 119 of file tls_ciphersuite.h.

119{ return m_nonce_format; }

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State().

◆ operator<() [1/2]

bool Botan::TLS::Ciphersuite::operator< ( const Ciphersuite & o) const
inline

Definition at line 130 of file tls_ciphersuite.h.

130{ return ciphersuite_code() < o.ciphersuite_code(); }
uint16_t ciphersuite_code() const

References ciphersuite_code().

◆ operator<() [2/2]

bool Botan::TLS::Ciphersuite::operator< ( const uint16_t c) const
inline

Definition at line 132 of file tls_ciphersuite.h.

132{ return ciphersuite_code() < c; }

◆ prf_algo()

◆ psk_ciphersuite()

bool Botan::TLS::Ciphersuite::psk_ciphersuite ( ) const
Returns
true if this is a PSK ciphersuite

Definition at line 56 of file tls_ciphersuite.cpp.

56 {
58}

References Botan::TLS::ECDHE_PSK, kex_method(), and Botan::TLS::PSK.

◆ sig_algo()

std::string Botan::TLS::Ciphersuite::sig_algo ( ) const
inline
Returns
signature algorithm used by this ciphersuite

Definition at line 94 of file tls_ciphersuite.h.

std::string auth_method_to_string(Auth_Method method)

References Botan::TLS::auth_method_to_string().

◆ signature_used()

bool Botan::TLS::Ciphersuite::signature_used ( ) const

◆ to_string()

std::string Botan::TLS::Ciphersuite::to_string ( ) const
inline

Formats the ciphersuite back to an RFC-style ciphersuite string

Returns
RFC ciphersuite string identifier

Definition at line 55 of file tls_ciphersuite.h.

55{ return (!m_iana_id) ? "unknown cipher suite" : m_iana_id; }

◆ usable_in_version()

bool Botan::TLS::Ciphersuite::usable_in_version ( Protocol_Version version) const

Definition at line 64 of file tls_ciphersuite.cpp.

64 {
65 // RFC 8446 B.4.:
66 // Although TLS 1.3 uses the same cipher suite space as previous
67 // versions of TLS, TLS 1.3 cipher suites are defined differently, only
68 // specifying the symmetric ciphers, and cannot be used for TLS 1.2.
69 // Similarly, cipher suites for TLS 1.2 and lower cannot be used with
70 // TLS 1.3.
71 //
72 // Currently cipher suite codes {0x13,0x01} through {0x13,0x05} are
73 // allowed for TLS 1.3. This may change in the future.
74 const auto is_legacy_suite = (ciphersuite_code() & 0xFF00) != 0x1300;
75 return version.is_pre_tls_13() == is_legacy_suite;
76}

References ciphersuite_code(), and Botan::TLS::Protocol_Version::is_pre_tls_13().

Referenced by Botan::TLS::Cipher_State::is_compatible_with().

◆ valid()

bool Botan::TLS::Ciphersuite::valid ( ) const
inline
Returns
true if this is a valid/known ciphersuite

Definition at line 126 of file tls_ciphersuite.h.

126{ return m_usable; }

The documentation for this class was generated from the following files: