Botan 3.7.1
Crypto and TLS for C&
tls_algos.cpp
Go to the documentation of this file.
1/*
2* (C) 2017 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#include <botan/tls_algos.h>
8
9#include <botan/ec_group.h>
10#include <botan/exceptn.h>
11#include <botan/internal/fmt.h>
12
13namespace Botan::TLS {
14
15std::string kdf_algo_to_string(KDF_Algo algo) {
16 switch(algo) {
17 case KDF_Algo::SHA_1:
18 return "SHA-1";
19 case KDF_Algo::SHA_256:
20 return "SHA-256";
21 case KDF_Algo::SHA_384:
22 return "SHA-384";
23 }
24
25 throw Invalid_State("kdf_algo_to_string unknown enum value");
26}
27
28std::string kex_method_to_string(Kex_Algo method) {
29 switch(method) {
30 case Kex_Algo::STATIC_RSA:
31 return "RSA";
32 case Kex_Algo::DH:
33 return "DH";
34 case Kex_Algo::ECDH:
35 return "ECDH";
36 case Kex_Algo::PSK:
37 return "PSK";
38 case Kex_Algo::ECDHE_PSK:
39 return "ECDHE_PSK";
40 case Kex_Algo::DHE_PSK:
41 return "DHE_PSK";
42 case Kex_Algo::KEM:
43 return "KEM";
44 case Kex_Algo::KEM_PSK:
45 return "KEM_PSK";
46 case Kex_Algo::HYBRID:
47 return "HYBRID";
48 case Kex_Algo::HYBRID_PSK:
49 return "HYBRID_PSK";
50 case Kex_Algo::UNDEFINED:
51 return "UNDEFINED";
52 }
53
54 throw Invalid_State("kex_method_to_string unknown enum value");
55}
56
57Kex_Algo kex_method_from_string(std::string_view str) {
58 if(str == "RSA") {
59 return Kex_Algo::STATIC_RSA;
60 }
61
62 if(str == "DH") {
63 return Kex_Algo::DH;
64 }
65
66 if(str == "ECDH") {
67 return Kex_Algo::ECDH;
68 }
69
70 if(str == "PSK") {
71 return Kex_Algo::PSK;
72 }
73
74 if(str == "ECDHE_PSK") {
75 return Kex_Algo::ECDHE_PSK;
76 }
77
78 if(str == "DHE_PSK") {
79 return Kex_Algo::DHE_PSK;
80 }
81
82 if(str == "KEM") {
83 return Kex_Algo::KEM;
84 }
85
86 if(str == "KEM_PSK") {
87 return Kex_Algo::KEM_PSK;
88 }
89
90 if(str == "HYBRID") {
91 return Kex_Algo::HYBRID;
92 }
93
94 if(str == "HYBRID_PSK") {
95 return Kex_Algo::HYBRID_PSK;
96 }
97
98 if(str == "UNDEFINED") {
99 return Kex_Algo::UNDEFINED;
100 }
101
102 throw Invalid_Argument(fmt("Unknown kex method '{}'", str));
103}
104
105std::string auth_method_to_string(Auth_Method method) {
106 switch(method) {
107 case Auth_Method::RSA:
108 return "RSA";
109 case Auth_Method::ECDSA:
110 return "ECDSA";
111 case Auth_Method::IMPLICIT:
112 return "IMPLICIT";
113 case Auth_Method::UNDEFINED:
114 return "UNDEFINED";
115 }
116
117 throw Invalid_State("auth_method_to_string unknown enum value");
118}
119
120Auth_Method auth_method_from_string(std::string_view str) {
121 if(str == "RSA") {
122 return Auth_Method::RSA;
123 }
124 if(str == "ECDSA") {
125 return Auth_Method::ECDSA;
126 }
127 if(str == "IMPLICIT") {
128 return Auth_Method::IMPLICIT;
129 }
130 if(str == "UNDEFINED") {
131 return Auth_Method::UNDEFINED;
132 }
133
134 throw Invalid_Argument(fmt("Unknown TLS signature method '{}'", str));
135}
136
137bool Group_Params::is_available() const {
138#if !defined(BOTAN_HAS_X25519)
139 if(is_x25519()) {
140 return false;
141 }
142 if(is_pqc_hybrid() && pqc_hybrid_ecc() == Group_Params_Code::X25519) {
143 return false;
144 }
145#endif
146
147#if !defined(BOTAN_HAS_X448)
148 if(is_x448()) {
149 return false;
150 }
151 if(is_pqc_hybrid() && pqc_hybrid_ecc() == Group_Params_Code::X448) {
152 return false;
153 }
154#endif
155
156#if !defined(BOTAN_HAS_DIFFIE_HELLMAN)
157 if(is_in_ffdhe_range()) {
158 return false;
159 }
160#endif
161
162#if !defined(BOTAN_HAS_ML_KEM)
163 if(is_pure_ml_kem() || is_pqc_hybrid_ml_kem()) {
164 return false;
165 }
166#endif
167
168#if !defined(BOTAN_HAS_FRODOKEM)
169 if(is_pure_frodokem() || is_pqc_hybrid_frodokem()) {
170 return false;
171 }
172#endif
173
174 return true;
175}
176
206
207std::optional<Group_Params> Group_Params::from_string(std::string_view group_name) {
208 if(group_name == "secp256r1") {
209 return Group_Params::SECP256R1;
210 }
211 if(group_name == "secp384r1") {
212 return Group_Params::SECP384R1;
213 }
214 if(group_name == "secp521r1") {
215 return Group_Params::SECP521R1;
216 }
217 if(group_name == "brainpool256r1") {
218 return Group_Params::BRAINPOOL256R1;
219 }
220 if(group_name == "brainpool384r1") {
221 return Group_Params::BRAINPOOL384R1;
222 }
223 if(group_name == "brainpool512r1") {
224 return Group_Params::BRAINPOOL512R1;
225 }
226 if(group_name == "x25519") {
227 return Group_Params::X25519;
228 }
229 if(group_name == "x448") {
230 return Group_Params::X448;
231 }
232
233 if(group_name == "ffdhe/ietf/2048") {
234 return Group_Params::FFDHE_2048;
235 }
236 if(group_name == "ffdhe/ietf/3072") {
237 return Group_Params::FFDHE_3072;
238 }
239 if(group_name == "ffdhe/ietf/4096") {
240 return Group_Params::FFDHE_4096;
241 }
242 if(group_name == "ffdhe/ietf/6144") {
243 return Group_Params::FFDHE_6144;
244 }
245 if(group_name == "ffdhe/ietf/8192") {
246 return Group_Params::FFDHE_8192;
247 }
248
249 if(group_name == "ML-KEM-512") {
250 return Group_Params::ML_KEM_512;
251 }
252 if(group_name == "ML-KEM-768") {
253 return Group_Params::ML_KEM_768;
254 }
255 if(group_name == "ML-KEM-1024") {
256 return Group_Params::ML_KEM_1024;
257 }
258
259 if(group_name == "eFrodoKEM-640-SHAKE") {
260 return Group_Params::eFRODOKEM_640_SHAKE_OQS;
261 }
262 if(group_name == "eFrodoKEM-976-SHAKE") {
263 return Group_Params::eFRODOKEM_976_SHAKE_OQS;
264 }
265 if(group_name == "eFrodoKEM-1344-SHAKE") {
266 return Group_Params::eFRODOKEM_1344_SHAKE_OQS;
267 }
268 if(group_name == "eFrodoKEM-640-AES") {
269 return Group_Params::eFRODOKEM_640_AES_OQS;
270 }
271 if(group_name == "eFrodoKEM-976-AES") {
272 return Group_Params::eFRODOKEM_976_AES_OQS;
273 }
274 if(group_name == "eFrodoKEM-1344-AES") {
275 return Group_Params::eFRODOKEM_1344_AES_OQS;
276 }
277
278 if(group_name == "x25519/ML-KEM-768") {
279 return Group_Params::HYBRID_X25519_ML_KEM_768;
280 }
281 if(group_name == "secp256r1/ML-KEM-768") {
282 return Group_Params::HYBRID_SECP256R1_ML_KEM_768;
283 }
284
285 if(group_name == "x25519/eFrodoKEM-640-SHAKE") {
286 return Group_Params::HYBRID_X25519_eFRODOKEM_640_SHAKE_OQS;
287 }
288 if(group_name == "x25519/eFrodoKEM-640-AES") {
289 return Group_Params::HYBRID_X25519_eFRODOKEM_640_AES_OQS;
290 }
291 if(group_name == "x448/eFrodoKEM-976-SHAKE") {
292 return Group_Params::HYBRID_X448_eFRODOKEM_976_SHAKE_OQS;
293 }
294 if(group_name == "x448/eFrodoKEM-976-AES") {
295 return Group_Params::HYBRID_X448_eFRODOKEM_976_AES_OQS;
296 }
297
298 if(group_name == "secp256r1/eFrodoKEM-640-SHAKE") {
299 return Group_Params::HYBRID_SECP256R1_eFRODOKEM_640_SHAKE_OQS;
300 }
301 if(group_name == "secp256r1/eFrodoKEM-640-AES") {
302 return Group_Params::HYBRID_SECP256R1_eFRODOKEM_640_AES_OQS;
303 }
304
305 if(group_name == "secp384r1/eFrodoKEM-976-SHAKE") {
306 return Group_Params::HYBRID_SECP384R1_eFRODOKEM_976_SHAKE_OQS;
307 }
308 if(group_name == "secp384r1/eFrodoKEM-976-AES") {
309 return Group_Params::HYBRID_SECP384R1_eFRODOKEM_976_AES_OQS;
310 }
311
312 if(group_name == "secp521r1/eFrodoKEM-1344-SHAKE") {
313 return Group_Params::HYBRID_SECP521R1_eFRODOKEM_1344_SHAKE_OQS;
314 }
315 if(group_name == "secp521r1/eFrodoKEM-1344-AES") {
316 return Group_Params::HYBRID_SECP521R1_eFRODOKEM_1344_AES_OQS;
317 }
318
319 return std::nullopt;
320}
321
322std::optional<std::string> Group_Params::to_string() const {
323 switch(m_code) {
324 case Group_Params::SECP256R1:
325 return "secp256r1";
326 case Group_Params::SECP384R1:
327 return "secp384r1";
328 case Group_Params::SECP521R1:
329 return "secp521r1";
330 case Group_Params::BRAINPOOL256R1:
331 return "brainpool256r1";
332 case Group_Params::BRAINPOOL384R1:
333 return "brainpool384r1";
334 case Group_Params::BRAINPOOL512R1:
335 return "brainpool512r1";
336 case Group_Params::X25519:
337 return "x25519";
338 case Group_Params::X448:
339 return "x448";
340
341 case Group_Params::FFDHE_2048:
342 return "ffdhe/ietf/2048";
343 case Group_Params::FFDHE_3072:
344 return "ffdhe/ietf/3072";
345 case Group_Params::FFDHE_4096:
346 return "ffdhe/ietf/4096";
347 case Group_Params::FFDHE_6144:
348 return "ffdhe/ietf/6144";
349 case Group_Params::FFDHE_8192:
350 return "ffdhe/ietf/8192";
351
352 case Group_Params::ML_KEM_512:
353 return "ML-KEM-512";
354 case Group_Params::ML_KEM_768:
355 return "ML-KEM-768";
356 case Group_Params::ML_KEM_1024:
357 return "ML-KEM-1024";
358
359 case Group_Params::eFRODOKEM_640_SHAKE_OQS:
360 return "eFrodoKEM-640-SHAKE";
361 case Group_Params::eFRODOKEM_976_SHAKE_OQS:
362 return "eFrodoKEM-976-SHAKE";
363 case Group_Params::eFRODOKEM_1344_SHAKE_OQS:
364 return "eFrodoKEM-1344-SHAKE";
365 case Group_Params::eFRODOKEM_640_AES_OQS:
366 return "eFrodoKEM-640-AES";
367 case Group_Params::eFRODOKEM_976_AES_OQS:
368 return "eFrodoKEM-976-AES";
369 case Group_Params::eFRODOKEM_1344_AES_OQS:
370 return "eFrodoKEM-1344-AES";
371
372 case Group_Params::HYBRID_X25519_eFRODOKEM_640_SHAKE_OQS:
373 return "x25519/eFrodoKEM-640-SHAKE";
374 case Group_Params::HYBRID_X25519_eFRODOKEM_640_AES_OQS:
375 return "x25519/eFrodoKEM-640-AES";
376 case Group_Params::HYBRID_X448_eFRODOKEM_976_SHAKE_OQS:
377 return "x448/eFrodoKEM-976-SHAKE";
378 case Group_Params::HYBRID_X448_eFRODOKEM_976_AES_OQS:
379 return "x448/eFrodoKEM-976-AES";
380 case Group_Params::HYBRID_SECP256R1_eFRODOKEM_640_SHAKE_OQS:
381 return "secp256r1/eFrodoKEM-640-SHAKE";
382 case Group_Params::HYBRID_SECP256R1_eFRODOKEM_640_AES_OQS:
383 return "secp256r1/eFrodoKEM-640-AES";
384 case Group_Params::HYBRID_SECP384R1_eFRODOKEM_976_SHAKE_OQS:
385 return "secp384r1/eFrodoKEM-976-SHAKE";
386 case Group_Params::HYBRID_SECP384R1_eFRODOKEM_976_AES_OQS:
387 return "secp384r1/eFrodoKEM-976-AES";
388 case Group_Params::HYBRID_SECP521R1_eFRODOKEM_1344_SHAKE_OQS:
389 return "secp521r1/eFrodoKEM-1344-SHAKE";
390 case Group_Params::HYBRID_SECP521R1_eFRODOKEM_1344_AES_OQS:
391 return "secp521r1/eFrodoKEM-1344-AES";
392
393 case Group_Params::HYBRID_X25519_ML_KEM_768:
394 return "x25519/ML-KEM-768";
395 case Group_Params::HYBRID_SECP256R1_ML_KEM_768:
396 return "secp256r1/ML-KEM-768";
397
398 default:
399 return std::nullopt;
400 }
401}
402
403} // namespace Botan::TLS
Botan::Invalid_Argument
Definition exceptn.h:131
Botan::Invalid_State
Definition exceptn.h:206
Botan::TLS::Group_Params::is_in_ffdhe_range
constexpr bool is_in_ffdhe_range() const
Definition tls_algos.h:176
Botan::TLS::Group_Params::is_available
bool is_available() const
Definition tls_algos.cpp:137
Botan::TLS::Group_Params::is_pqc_hybrid
constexpr bool is_pqc_hybrid() const
Definition tls_algos.h:230
Botan::TLS::Group_Params::is_pure_frodokem
constexpr bool is_pure_frodokem() const
Definition tls_algos.h:192
Botan::TLS::Group_Params::pqc_hybrid_ecc
std::optional< Group_Params_Code > pqc_hybrid_ecc() const
Definition tls_algos.cpp:177
Botan::TLS::Group_Params::to_string
std::optional< std::string > to_string() const
Definition tls_algos.cpp:322
Botan::TLS::Group_Params::from_string
static std::optional< Group_Params > from_string(std::string_view group_name)
Definition tls_algos.cpp:207
Botan::TLS::Group_Params::is_pqc_hybrid_frodokem
constexpr bool is_pqc_hybrid_frodokem() const
Definition tls_algos.h:217
Botan::TLS::Group_Params::is_pure_ml_kem
constexpr bool is_pure_ml_kem() const
Definition tls_algos.h:187
Botan::TLS::Group_Params::is_pqc_hybrid_ml_kem
constexpr bool is_pqc_hybrid_ml_kem() const
Definition tls_algos.h:212
Botan::TLS::Group_Params::is_x448
constexpr bool is_x448() const
Definition tls_algos.h:168
Botan::TLS::Group_Params::is_x25519
constexpr bool is_x25519() const
Definition tls_algos.h:166
Botan::TLS::kex_method_from_string
Kex_Algo kex_method_from_string(std::string_view str)
Definition tls_algos.cpp:57
Botan::TLS::auth_method_from_string
Auth_Method auth_method_from_string(std::string_view str)
Definition tls_algos.cpp:120
Botan::TLS::kdf_algo_to_string
std::string kdf_algo_to_string(KDF_Algo algo)
Definition tls_algos.cpp:15
Botan::TLS::kex_method_to_string
std::string kex_method_to_string(Kex_Algo method)
Definition tls_algos.cpp:28
Botan::TLS::auth_method_to_string
std::string auth_method_to_string(Auth_Method method)
Definition tls_algos.cpp:105
Botan::fmt
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53
Generated by doxygen 1.12.0