#include <tls_ciphersuite.h>

Public Member Functions
bool	aead_ciphersuite () const

Auth_Method	auth_method () const

bool	cbc_ciphersuite () const

std::string	cipher_algo () const

size_t	cipher_keylen () const

uint16_t	ciphersuite_code () const

bool	ecc_ciphersuite () const

std::string	kex_algo () const

Kex_Algo	kex_method () const

std::string	mac_algo () const

size_t	mac_keylen () const

size_t	nonce_bytes_from_handshake () const

size_t	nonce_bytes_from_record (Protocol_Version version) const

Nonce_Format	nonce_format () const

bool	operator< (const Ciphersuite &o) const

bool	operator< (const uint16_t c) const

std::string	prf_algo () const

bool	psk_ciphersuite () const

std::string	sig_algo () const

bool	signature_used () const

std::string	to_string () const

bool	usable_in_version (Protocol_Version version) const

bool	valid () const

Static Public Member Functions
static const std::vector< Ciphersuite > &	all_known_ciphersuites ()

static std::optional< Ciphersuite >	by_id (uint16_t suite)

static std::optional< Ciphersuite >	from_name (std::string_view name)

static bool	is_scsv (uint16_t suite)

Detailed Description

Ciphersuite Information

Definition at line 23 of file tls_ciphersuite.h.

Member Function Documentation

◆ aead_ciphersuite()

bool Botan::TLS::Ciphersuite::aead_ciphersuite ( ) const

Returns: true if this suite uses a AEAD cipher

Definition at line 82 of file tls_ciphersuite.cpp.

                                         {
   return (mac_algo() == "AEAD");
}

References mac_algo().

◆ all_known_ciphersuites()

const std::vector< Ciphersuite > & Botan::TLS::Ciphersuite::all_known_ciphersuites ( )

static

Generate a static list of all known ciphersuites and return it.

Returns: list of all known ciphersuites

Definition at line 15 of file tls_suite_info.cpp.

                                                                  {
   // clang-format off
 
   // Note that this list of ciphersuites is ordered by id!
   static const std::vector<Ciphersuite> g_ciphersuite_list = {
      Ciphersuite(0x000A, "RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0x0016, "DHE_RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0x002F, "RSA_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0x0033, "DHE_RSA_WITH_AES_128_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0x0035, "RSA_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0x0039, "DHE_RSA_WITH_AES_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::DH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0x003C, "RSA_WITH_AES_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
      Ciphersuite(0x003D, "RSA_WITH_AES_256_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
      Ciphersuite(0x0067, "DHE_RSA_WITH_AES_128_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
      Ciphersuite(0x006B, "DHE_RSA_WITH_AES_256_CBC_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-256", 32, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
      Ciphersuite(0x008B, "PSK_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::PSK, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0x008C, "PSK_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0x008D, "PSK_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0x009C, "RSA_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0x009D, "RSA_WITH_AES_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0x009E, "DHE_RSA_WITH_AES_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0x009F, "DHE_RSA_WITH_AES_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0x00A8, "PSK_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0x00A9, "PSK_WITH_AES_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0x00AE, "PSK_WITH_AES_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
      Ciphersuite(0x00AF, "PSK_WITH_AES_256_CBC_SHA384", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE),
      Ciphersuite(0x1301, "AES_128_GCM_SHA256", Auth_Method::UNDEFINED, Kex_Algo::UNDEFINED, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0x1302, "AES_256_GCM_SHA384", Auth_Method::UNDEFINED, Kex_Algo::UNDEFINED, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0x1303, "CHACHA20_POLY1305_SHA256", Auth_Method::UNDEFINED, Kex_Algo::UNDEFINED, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
      Ciphersuite(0x1304, "AES_128_CCM_SHA256", Auth_Method::UNDEFINED, Kex_Algo::UNDEFINED, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0x1305, "AES_128_CCM_8_SHA256", Auth_Method::UNDEFINED, Kex_Algo::UNDEFINED, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC008, "ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::ECDSA, Kex_Algo::ECDH, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC009, "ECDHE_ECDSA_WITH_AES_128_CBC_SHA", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC00A, "ECDHE_ECDSA_WITH_AES_256_CBC_SHA", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC012, "ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", Auth_Method::RSA, Kex_Algo::ECDH, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC013, "ECDHE_RSA_WITH_AES_128_CBC_SHA", Auth_Method::RSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC014, "ECDHE_RSA_WITH_AES_256_CBC_SHA", Auth_Method::RSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC023, "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC024, "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC027, "ECDHE_RSA_WITH_AES_128_CBC_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC028, "ECDHE_RSA_WITH_AES_256_CBC_SHA384", Auth_Method::RSA, Kex_Algo::ECDH, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC02B, "ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC02C, "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC02F, "ECDHE_RSA_WITH_AES_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC030, "ECDHE_RSA_WITH_AES_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::ECDH, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC034, "ECDHE_PSK_WITH_3DES_EDE_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "3DES", 24, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC035, "ECDHE_PSK_WITH_AES_128_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-128", 16, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC036, "ECDHE_PSK_WITH_AES_256_CBC_SHA", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-256", 32, "SHA-1", 20, KDF_Algo::SHA_1, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC037, "ECDHE_PSK_WITH_AES_128_CBC_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-128", 16, "SHA-256", 32, KDF_Algo::SHA_256, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC038, "ECDHE_PSK_WITH_AES_256_CBC_SHA384", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-256", 32, "SHA-384", 48, KDF_Algo::SHA_384, Nonce_Format::CBC_MODE),
      Ciphersuite(0xC050, "RSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC051, "RSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC052, "DHE_RSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC053, "DHE_RSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC05C, "ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC05D, "ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC060, "ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC061, "ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::ECDH, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC06A, "PSK_WITH_ARIA_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "ARIA-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC06B, "PSK_WITH_ARIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::PSK, "ARIA-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC07A, "RSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC07B, "RSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC07C, "DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::DH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC07D, "DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::DH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC086, "ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC087, "ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::ECDSA, Kex_Algo::ECDH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC08A, "ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC08B, "ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::RSA, Kex_Algo::ECDH, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC08E, "PSK_WITH_CAMELLIA_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "Camellia-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC08F, "PSK_WITH_CAMELLIA_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::PSK, "Camellia-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC09C, "RSA_WITH_AES_128_CCM", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC09D, "RSA_WITH_AES_256_CCM", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256/CCM", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC09E, "DHE_RSA_WITH_AES_128_CCM", Auth_Method::RSA, Kex_Algo::DH, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC09F, "DHE_RSA_WITH_AES_256_CCM", Auth_Method::RSA, Kex_Algo::DH, "AES-256/CCM", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0A0, "RSA_WITH_AES_128_CCM_8", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0A1, "RSA_WITH_AES_256_CCM_8", Auth_Method::IMPLICIT, Kex_Algo::STATIC_RSA, "AES-256/CCM(8)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0A2, "DHE_RSA_WITH_AES_128_CCM_8", Auth_Method::RSA, Kex_Algo::DH, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0A3, "DHE_RSA_WITH_AES_256_CCM_8", Auth_Method::RSA, Kex_Algo::DH, "AES-256/CCM(8)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0A4, "PSK_WITH_AES_128_CCM", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0A5, "PSK_WITH_AES_256_CCM", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256/CCM", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0A8, "PSK_WITH_AES_128_CCM_8", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0A9, "PSK_WITH_AES_256_CCM_8", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256/CCM(8)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0AC, "ECDHE_ECDSA_WITH_AES_128_CCM", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0AD, "ECDHE_ECDSA_WITH_AES_256_CCM", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256/CCM", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0AE, "ECDHE_ECDSA_WITH_AES_128_CCM_8", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xC0AF, "ECDHE_ECDSA_WITH_AES_256_CCM_8", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256/CCM(8)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xCCA8, "ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
      Ciphersuite(0xCCA9, "ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
      Ciphersuite(0xCCAA, "DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::RSA, Kex_Algo::DH, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
      Ciphersuite(0xCCAB, "PSK_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
      Ciphersuite(0xCCAC, "ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "ChaCha20Poly1305", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
      Ciphersuite(0xD001, "ECDHE_PSK_WITH_AES_128_GCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-128/GCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xD002, "ECDHE_PSK_WITH_AES_256_GCM_SHA384", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-256/GCM", 32, "AEAD", 0, KDF_Algo::SHA_384, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xD003, "ECDHE_PSK_WITH_AES_128_CCM_8_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-128/CCM(8)", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xD005, "ECDHE_PSK_WITH_AES_128_CCM_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-128/CCM", 16, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_IMPLICIT_4),
      Ciphersuite(0xFFC3, "ECDHE_RSA_WITH_AES_256_OCB_SHA256", Auth_Method::RSA, Kex_Algo::ECDH, "AES-256/OCB(12)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
      Ciphersuite(0xFFC5, "ECDHE_ECDSA_WITH_AES_256_OCB_SHA256", Auth_Method::ECDSA, Kex_Algo::ECDH, "AES-256/OCB(12)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
      Ciphersuite(0xFFC7, "PSK_WITH_AES_256_OCB_SHA256", Auth_Method::IMPLICIT, Kex_Algo::PSK, "AES-256/OCB(12)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
      Ciphersuite(0xFFCB, "ECDHE_PSK_WITH_AES_256_OCB_SHA256", Auth_Method::IMPLICIT, Kex_Algo::ECDHE_PSK, "AES-256/OCB(12)", 32, "AEAD", 0, KDF_Algo::SHA_256, Nonce_Format::AEAD_XOR_12),
      };
 
   // clang-format on
 
   return g_ciphersuite_list;
}

References Botan::TLS::AEAD_IMPLICIT_4, Botan::TLS::AEAD_XOR_12, Botan::TLS::CBC_MODE, Botan::TLS::DH, Botan::TLS::ECDH, Botan::TLS::ECDHE_PSK, Botan::TLS::ECDSA, Botan::TLS::IMPLICIT, Botan::TLS::PSK, Botan::TLS::RSA, Botan::TLS::SHA_1, Botan::TLS::SHA_256, Botan::TLS::SHA_384, Botan::TLS::STATIC_RSA, and Botan::TLS::UNDEFINED.

Referenced by by_id(), Botan::TLS::Policy::ciphersuite_list(), and from_name().

◆ auth_method()

Auth_Method Botan::TLS::Ciphersuite::auth_method ( ) const

inline

Definition at line 96 of file tls_ciphersuite.h.

96{ return m_auth_method; }

Referenced by ecc_ciphersuite(), and signature_used().

◆ by_id()

std::optional< Ciphersuite > Botan::TLS::Ciphersuite::by_id ( uint16_t suite )

static

Convert an SSL/TLS ciphersuite to algorithm fields

Parameters

suite the ciphersuite code number

Returns: ciphersuite object or std::nullopt if it is unknown to the library

Definition at line 90 of file tls_ciphersuite.cpp.

                                                          {
   const std::vector<Ciphersuite>& all_suites = all_known_ciphersuites();
   auto s = std::lower_bound(all_suites.begin(), all_suites.end(), suite);
 
   if(s != all_suites.end() && s->ciphersuite_code() == suite) {
      return *s;
   }
 
   return std::nullopt;  // some unknown ciphersuite
}

References all_known_ciphersuites().

Referenced by Botan::TLS::Session_Base::ciphersuite(), Botan::TLS::Client_Hello_13::retry(), Botan::TLS::Handshake_State::server_hello(), Botan::TLS::Server_Hello_12::Server_Hello_12(), Botan::TLS::Server_Hello_13::Server_Hello_13(), and Botan::TLS::Session::Session().

◆ cbc_ciphersuite()

bool Botan::TLS::Ciphersuite::cbc_ciphersuite ( ) const

Returns: true if this suite uses a CBC cipher

Definition at line 78 of file tls_ciphersuite.cpp.

                                        {
   return (mac_algo() != "AEAD");
}

References mac_algo().

Referenced by Botan::TLS::Server_Hello_12::Server_Hello_12().

◆ cipher_algo()

std::string Botan::TLS::Ciphersuite::cipher_algo ( ) const

inline

Returns: symmetric cipher algorithm used by this ciphersuite

Definition at line 101 of file tls_ciphersuite.h.

101{ return m_cipher_algo; }

Referenced by Botan::TLS::Policy::acceptable_ciphersuite(), Botan::TLS::Cipher_State::advance_with_server_hello(), Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), Botan::TLS::Cipher_State::is_compatible_with(), nonce_bytes_from_handshake(), and nonce_bytes_from_record().

◆ cipher_keylen()

size_t Botan::TLS::Ciphersuite::cipher_keylen ( ) const

inline

Returns: cipher key length used by this ciphersuite

Definition at line 113 of file tls_ciphersuite.h.

113{ return m_cipher_keylen; }

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), and Botan::TLS::Session_Keys::Session_Keys().

◆ ciphersuite_code()

uint16_t Botan::TLS::Ciphersuite::ciphersuite_code ( ) const

inline

Returns: ciphersuite number

Definition at line 60 of file tls_ciphersuite.h.

60{ return m_ciphersuite_code; }

Referenced by operator<(), and usable_in_version().

◆ ecc_ciphersuite()

bool Botan::TLS::Ciphersuite::ecc_ciphersuite ( ) const

Returns: true if this is an ECC ciphersuite

Definition at line 60 of file tls_ciphersuite.cpp.

                                        {
   return kex_method() == Kex_Algo::ECDH || kex_method() == Kex_Algo::ECDHE_PSK || auth_method() == Auth_Method::ECDSA;
}

References auth_method(), Botan::TLS::ECDH, Botan::TLS::ECDHE_PSK, Botan::TLS::ECDSA, and kex_method().

Referenced by Botan::TLS::Server_Hello_12::Server_Hello_12().

◆ from_name()

std::optional< Ciphersuite > Botan::TLS::Ciphersuite::from_name ( std::string_view name )

static

Convert an SSL/TLS ciphersuite name to algorithm fields

Parameters

name	the IANA name for the desired ciphersuite

Returns: ciphersuite object or std::nullopt if it is unknown to the library

Definition at line 101 of file tls_ciphersuite.cpp.

                                                                   {
   const std::vector<Ciphersuite>& all_suites = all_known_ciphersuites();
 
   for(auto suite : all_suites) {
      if(suite.to_string() == name) {
         return suite;
      }
   }
 
   return std::nullopt;  // some unknown ciphersuite
}

References all_known_ciphersuites(), and name.

◆ is_scsv()

bool Botan::TLS::Ciphersuite::is_scsv ( uint16_t suite )

static

Returns true iff this suite is a known SCSV

Definition at line 51 of file tls_ciphersuite.cpp.

                                        {
   // TODO: derive from IANA file in script
   return (suite == 0x00FF || suite == 0x5600);
}

◆ kex_algo()

std::string Botan::TLS::Ciphersuite::kex_algo ( ) const

inline

Returns: key exchange algorithm used by this ciphersuite

Definition at line 87 of file tls_ciphersuite.h.

87{ return kex_method_to_string(kex_method()); }

Botan::TLS::kex_method_to_string

std::string kex_method_to_string(Kex_Algo method)

Definition tls_algos.cpp:28

References Botan::TLS::kex_method_to_string().

◆ kex_method()

Kex_Algo Botan::TLS::Ciphersuite::kex_method ( ) const

inline

Definition at line 89 of file tls_ciphersuite.h.

89{ return m_kex_algo; }

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), ecc_ciphersuite(), psk_ciphersuite(), and Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

◆ mac_algo()

std::string Botan::TLS::Ciphersuite::mac_algo ( ) const

inline

Returns: message authentication algorithm used by this ciphersuite

Definition at line 106 of file tls_ciphersuite.h.

106{ return m_mac_algo; }

Referenced by Botan::TLS::Policy::acceptable_ciphersuite(), aead_ciphersuite(), cbc_ciphersuite(), and Botan::TLS::Connection_Cipher_State::Connection_Cipher_State().

◆ mac_keylen()

size_t Botan::TLS::Ciphersuite::mac_keylen ( ) const

inline

Definition at line 121 of file tls_ciphersuite.h.

121{ return m_mac_keylen; }

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), and Botan::TLS::Session_Keys::Session_Keys().

◆ nonce_bytes_from_handshake()

size_t Botan::TLS::Ciphersuite::nonce_bytes_from_handshake ( ) const

Definition at line 19 of file tls_ciphersuite.cpp.

                                                     {
   switch(m_nonce_format) {
      case Nonce_Format::CBC_MODE: {
         if(cipher_algo() == "3DES") {
            return 8;
         } else {
            return 16;
         }
      }
      case Nonce_Format::AEAD_IMPLICIT_4:
         return 4;
      case Nonce_Format::AEAD_XOR_12:
         return 12;
   }
 
   throw Invalid_State("In Ciphersuite::nonce_bytes_from_handshake invalid enum value");
}

References Botan::TLS::AEAD_IMPLICIT_4, Botan::TLS::AEAD_XOR_12, Botan::TLS::CBC_MODE, and cipher_algo().

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State(), and Botan::TLS::Session_Keys::Session_Keys().

◆ nonce_bytes_from_record()

size_t Botan::TLS::Ciphersuite::nonce_bytes_from_record ( Protocol_Version version ) const

Definition at line 37 of file tls_ciphersuite.cpp.

                                                                          {
   BOTAN_UNUSED(version);
   switch(m_nonce_format) {
      case Nonce_Format::CBC_MODE:
         return cipher_algo() == "3DES" ? 8 : 16;
      case Nonce_Format::AEAD_IMPLICIT_4:
         return 8;
      case Nonce_Format::AEAD_XOR_12:
         return 0;
   }
 
   throw Invalid_State("In Ciphersuite::nonce_bytes_from_handshake invalid enum value");
}

References Botan::TLS::AEAD_IMPLICIT_4, Botan::TLS::AEAD_XOR_12, BOTAN_UNUSED, Botan::TLS::CBC_MODE, and cipher_algo().

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State().

◆ nonce_format()

Nonce_Format Botan::TLS::Ciphersuite::nonce_format ( ) const

inline

Definition at line 119 of file tls_ciphersuite.h.

119{ return m_nonce_format; }

Referenced by Botan::TLS::Connection_Cipher_State::Connection_Cipher_State().

◆ operator<() [1/2]

bool Botan::TLS::Ciphersuite::operator< ( const Ciphersuite & o ) const

inline

Definition at line 130 of file tls_ciphersuite.h.

130{ return ciphersuite_code() < o.ciphersuite_code(); }

Botan::TLS::Ciphersuite::ciphersuite_code

uint16_t ciphersuite_code() const

Definition tls_ciphersuite.h:60

References ciphersuite_code().

◆ operator<() [2/2]

bool Botan::TLS::Ciphersuite::operator< ( const uint16_t c ) const

inline

Definition at line 132 of file tls_ciphersuite.h.

132{ return ciphersuite_code() < c; }

◆ prf_algo()

std::string Botan::TLS::Ciphersuite::prf_algo ( ) const

inline

Definition at line 108 of file tls_ciphersuite.h.

108{ return kdf_algo_to_string(m_prf_algo); }

Botan::TLS::kdf_algo_to_string

std::string kdf_algo_to_string(KDF_Algo algo)

Definition tls_algos.cpp:15

References Botan::TLS::kdf_algo_to_string().

Referenced by Botan::TLS::Cipher_State::init_with_server_hello(), Botan::TLS::Cipher_State::is_compatible_with(), Botan::TLS::Handshake_State::protocol_specific_prf(), Botan::TLS::PSK::select_offered_psk(), and Botan::TLS::Session_Keys::Session_Keys().

◆ psk_ciphersuite()

bool Botan::TLS::Ciphersuite::psk_ciphersuite ( ) const

Returns: true if this is a PSK ciphersuite

Definition at line 56 of file tls_ciphersuite.cpp.

                                        {
   return kex_method() == Kex_Algo::PSK || kex_method() == Kex_Algo::ECDHE_PSK;
}

References Botan::TLS::ECDHE_PSK, kex_method(), and Botan::TLS::PSK.

◆ sig_algo()

std::string Botan::TLS::Ciphersuite::sig_algo ( ) const

inline

Returns: signature algorithm used by this ciphersuite

Definition at line 94 of file tls_ciphersuite.h.

94{ return auth_method_to_string(auth_method()); }

Botan::TLS::auth_method_to_string

std::string auth_method_to_string(Auth_Method method)

Definition tls_algos.cpp:105

References Botan::TLS::auth_method_to_string().

◆ signature_used()

bool Botan::TLS::Ciphersuite::signature_used ( ) const

Definition at line 86 of file tls_ciphersuite.cpp.

                                       {
   return auth_method() != Auth_Method::IMPLICIT;
}

References auth_method(), and Botan::TLS::IMPLICIT.

Referenced by Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

◆ to_string()

std::string Botan::TLS::Ciphersuite::to_string ( ) const

inline

Formats the ciphersuite back to an RFC-style ciphersuite string

Returns: RFC ciphersuite string identifier

Definition at line 55 of file tls_ciphersuite.h.

55{ return (!m_iana_id) ? "unknown cipher suite" : m_iana_id; }

◆ usable_in_version()

bool Botan::TLS::Ciphersuite::usable_in_version ( Protocol_Version version ) const

Definition at line 64 of file tls_ciphersuite.cpp.

                                                                  {
   // RFC 8446 B.4.:
   //   Although TLS 1.3 uses the same cipher suite space as previous
   //   versions of TLS, TLS 1.3 cipher suites are defined differently, only
   //   specifying the symmetric ciphers, and cannot be used for TLS 1.2.
   //   Similarly, cipher suites for TLS 1.2 and lower cannot be used with
   //   TLS 1.3.
   //
   // Currently cipher suite codes {0x13,0x01} through {0x13,0x05} are
   // allowed for TLS 1.3. This may change in the future.
   const auto is_legacy_suite = (ciphersuite_code() & 0xFF00) != 0x1300;
   return version.is_pre_tls_13() == is_legacy_suite;
}

References ciphersuite_code(), and Botan::TLS::Protocol_Version::is_pre_tls_13().

Referenced by Botan::TLS::Cipher_State::is_compatible_with().

◆ valid()

bool Botan::TLS::Ciphersuite::valid ( ) const

inline

Returns: true if this is a valid/known ciphersuite

Definition at line 126 of file tls_ciphersuite.h.

126{ return m_usable; }

The documentation for this class was generated from the following files:

src/lib/tls/tls_ciphersuite.h
src/lib/tls/tls_ciphersuite.cpp
src/lib/tls/tls_suite_info.cpp

Public Member Functions

Static Public Member Functions

Detailed Description

Member Function Documentation

◆ aead_ciphersuite()

◆ all_known_ciphersuites()

◆ auth_method()

◆ by_id()

◆ cbc_ciphersuite()

◆ cipher_algo()

◆ cipher_keylen()

◆ ciphersuite_code()

◆ ecc_ciphersuite()

◆ from_name()

◆ is_scsv()

◆ kex_algo()

◆ kex_method()

◆ mac_algo()

◆ mac_keylen()

◆ nonce_bytes_from_handshake()

◆ nonce_bytes_from_record()

◆ nonce_format()

◆ operator<() [1/2]

◆ operator<() [2/2]

◆ prf_algo()

◆ psk_ciphersuite()

◆ sig_algo()

◆ signature_used()

◆ to_string()

◆ usable_in_version()

◆ valid()