Botan  2.12.1
Crypto and TLS for C++11
tls_algos.cpp
Go to the documentation of this file.
1 /*
2 * (C) 2017 Jack Lloyd
3 *
4 * Botan is released under the Simplified BSD License (see license.txt)
5 */
6 
7 #include <botan/tls_algos.h>
8 #include <botan/exceptn.h>
9 
10 namespace Botan {
11 
12 namespace TLS {
13 
14 std::string kdf_algo_to_string(KDF_Algo algo)
15  {
16  switch(algo)
17  {
18  case KDF_Algo::SHA_1:
19  return "SHA-1";
20  case KDF_Algo::SHA_256:
21  return "SHA-256";
22  case KDF_Algo::SHA_384:
23  return "SHA-384";
24  }
25 
26  throw Invalid_State("kdf_algo_to_string unknown enum value");
27  }
28 
29 std::string kex_method_to_string(Kex_Algo method)
30  {
31  switch(method)
32  {
33  case Kex_Algo::STATIC_RSA:
34  return "RSA";
35  case Kex_Algo::DH:
36  return "DH";
37  case Kex_Algo::ECDH:
38  return "ECDH";
39  case Kex_Algo::CECPQ1:
40  return "CECPQ1";
41  case Kex_Algo::SRP_SHA:
42  return "SRP_SHA";
43  case Kex_Algo::PSK:
44  return "PSK";
45  case Kex_Algo::DHE_PSK:
46  return "DHE_PSK";
47  case Kex_Algo::ECDHE_PSK:
48  return "ECDHE_PSK";
49  }
50 
51  throw Invalid_State("kex_method_to_string unknown enum value");
52  }
53 
54 Kex_Algo kex_method_from_string(const std::string& str)
55  {
56  if(str == "RSA")
57  return Kex_Algo::STATIC_RSA;
58 
59  if(str == "DH")
60  return Kex_Algo::DH;
61 
62  if(str == "ECDH")
63  return Kex_Algo::ECDH;
64 
65  if(str == "CECPQ1")
66  return Kex_Algo::CECPQ1;
67 
68  if(str == "SRP_SHA")
69  return Kex_Algo::SRP_SHA;
70 
71  if(str == "PSK")
72  return Kex_Algo::PSK;
73 
74  if(str == "DHE_PSK")
75  return Kex_Algo::DHE_PSK;
76 
77  if(str == "ECDHE_PSK")
78  return Kex_Algo::ECDHE_PSK;
79 
80  throw Invalid_Argument("Unknown kex method " + str);
81  }
82 
83 std::string auth_method_to_string(Auth_Method method)
84  {
85  switch(method)
86  {
87  case Auth_Method::RSA:
88  return "RSA";
89  case Auth_Method::DSA:
90  return "DSA";
91  case Auth_Method::ECDSA:
92  return "ECDSA";
93  case Auth_Method::IMPLICIT:
94  return "IMPLICIT";
95  case Auth_Method::ANONYMOUS:
96  return "ANONYMOUS";
97  }
98 
99  throw Invalid_State("auth_method_to_string unknown enum value");
100  }
101 
102 Auth_Method auth_method_from_string(const std::string& str)
103  {
104  if(str == "RSA")
105  return Auth_Method::RSA;
106  if(str == "DSA")
107  return Auth_Method::DSA;
108  if(str == "ECDSA")
109  return Auth_Method::ECDSA;
110  if(str == "IMPLICIT")
111  return Auth_Method::IMPLICIT;
112  if(str == "ANONYMOUS" || str == "")
113  return Auth_Method::ANONYMOUS;
114 
115  throw Invalid_Argument("Bad signature method " + str);
116  }
117 
118 bool group_param_is_dh(Group_Params group)
119  {
120  uint16_t group_id = static_cast<uint16_t>(group);
121  return (group_id >= 256 && group_id < 512);
122  }
123 
124 Group_Params group_param_from_string(const std::string& group_name)
125  {
126  if(group_name == "secp256r1")
127  return Group_Params::SECP256R1;
128  if(group_name == "secp384r1")
129  return Group_Params::SECP384R1;
130  if(group_name == "secp521r1")
131  return Group_Params::SECP521R1;
132  if(group_name == "brainpool256r1")
133  return Group_Params::BRAINPOOL256R1;
134  if(group_name == "brainpool384r1")
135  return Group_Params::BRAINPOOL384R1;
136  if(group_name == "brainpool512r1")
137  return Group_Params::BRAINPOOL512R1;
138  if(group_name == "x25519")
139  return Group_Params::X25519;
140 
141  if(group_name == "ffdhe/ietf/2048")
142  return Group_Params::FFDHE_2048;
143  if(group_name == "ffdhe/ietf/3072")
144  return Group_Params::FFDHE_3072;
145  if(group_name == "ffdhe/ietf/4096")
146  return Group_Params::FFDHE_4096;
147  if(group_name == "ffdhe/ietf/6144")
148  return Group_Params::FFDHE_6144;
149  if(group_name == "ffdhe/ietf/8192")
150  return Group_Params::FFDHE_8192;
151 
152  return Group_Params::NONE; // unknown
153  }
154 
155 std::string group_param_to_string(Group_Params group)
156  {
157  switch(group)
158  {
159  case Group_Params::SECP256R1:
160  return "secp256r1";
161  case Group_Params::SECP384R1:
162  return "secp384r1";
163  case Group_Params::SECP521R1:
164  return "secp521r1";
165  case Group_Params::BRAINPOOL256R1:
166  return "brainpool256r1";
167  case Group_Params::BRAINPOOL384R1:
168  return "brainpool384r1";
169  case Group_Params::BRAINPOOL512R1:
170  return "brainpool512r1";
171  case Group_Params::X25519:
172  return "x25519";
173 
174  case Group_Params::FFDHE_2048:
175  return "ffdhe/ietf/2048";
176  case Group_Params::FFDHE_3072:
177  return "ffdhe/ietf/3072";
178  case Group_Params::FFDHE_4096:
179  return "ffdhe/ietf/4096";
180  case Group_Params::FFDHE_6144:
181  return "ffdhe/ietf/6144";
182  case Group_Params::FFDHE_8192:
183  return "ffdhe/ietf/8192";
184 
185  default:
186  return "";
187  }
188  }
189 
190 
191 std::string hash_function_of_scheme(Signature_Scheme scheme)
192  {
193  switch(scheme)
194  {
195  case Signature_Scheme::DSA_SHA1:
196  case Signature_Scheme::ECDSA_SHA1:
197  case Signature_Scheme::RSA_PKCS1_SHA1:
198  return "SHA-1";
199 
200  case Signature_Scheme::DSA_SHA256:
201  case Signature_Scheme::ECDSA_SHA256:
202  case Signature_Scheme::RSA_PKCS1_SHA256:
203  case Signature_Scheme::RSA_PSS_SHA256:
204  return "SHA-256";
205 
206  case Signature_Scheme::DSA_SHA384:
207  case Signature_Scheme::ECDSA_SHA384:
208  case Signature_Scheme::RSA_PKCS1_SHA384:
209  case Signature_Scheme::RSA_PSS_SHA384:
210  return "SHA-384";
211 
212  case Signature_Scheme::DSA_SHA512:
213  case Signature_Scheme::ECDSA_SHA512:
214  case Signature_Scheme::RSA_PKCS1_SHA512:
215  case Signature_Scheme::RSA_PSS_SHA512:
216  return "SHA-512";
217 
218  case Signature_Scheme::EDDSA_25519:
219  case Signature_Scheme::EDDSA_448:
220  return "Pure";
221 
222  case Signature_Scheme::NONE:
223  return "";
224  }
225 
226  throw Invalid_State("hash_function_of_scheme: Unknown signature algorithm enum");
227  }
228 
229 const std::vector<Signature_Scheme>& all_signature_schemes()
230  {
231  /*
232  * This is ordered in some approximate order of preference
233  */
234  static const std::vector<Signature_Scheme> all_schemes = {
235  //Signature_Scheme::EDDSA_448,
236  //Signature_Scheme::EDDSA_25519,
237 
238  Signature_Scheme::RSA_PSS_SHA384,
239  Signature_Scheme::RSA_PSS_SHA256,
240  Signature_Scheme::RSA_PSS_SHA512,
241 
242  Signature_Scheme::RSA_PKCS1_SHA384,
243  Signature_Scheme::RSA_PKCS1_SHA512,
244  Signature_Scheme::RSA_PKCS1_SHA256,
245 
246  Signature_Scheme::ECDSA_SHA384,
247  Signature_Scheme::ECDSA_SHA512,
248  Signature_Scheme::ECDSA_SHA256,
249 
250  Signature_Scheme::DSA_SHA384,
251  Signature_Scheme::DSA_SHA512,
252  Signature_Scheme::DSA_SHA256,
253 
254  Signature_Scheme::RSA_PKCS1_SHA1,
255  Signature_Scheme::ECDSA_SHA1,
256  Signature_Scheme::DSA_SHA1,
257  };
258 
259  return all_schemes;
260  }
261 
262 bool signature_scheme_is_known(Signature_Scheme scheme)
263  {
264  switch(scheme)
265  {
266  case Signature_Scheme::RSA_PKCS1_SHA1:
267  case Signature_Scheme::RSA_PKCS1_SHA256:
268  case Signature_Scheme::RSA_PKCS1_SHA384:
269  case Signature_Scheme::RSA_PKCS1_SHA512:
270  case Signature_Scheme::RSA_PSS_SHA256:
271  case Signature_Scheme::RSA_PSS_SHA384:
272  case Signature_Scheme::RSA_PSS_SHA512:
273 
274  case Signature_Scheme::DSA_SHA1:
275  case Signature_Scheme::DSA_SHA256:
276  case Signature_Scheme::DSA_SHA384:
277  case Signature_Scheme::DSA_SHA512:
278 
279  case Signature_Scheme::ECDSA_SHA1:
280  case Signature_Scheme::ECDSA_SHA256:
281  case Signature_Scheme::ECDSA_SHA384:
282  case Signature_Scheme::ECDSA_SHA512:
283  return true;
284 
285  default:
286  return false;
287  }
288 
289  }
290 
291 std::string signature_algorithm_of_scheme(Signature_Scheme scheme)
292  {
293  switch(scheme)
294  {
295  case Signature_Scheme::RSA_PKCS1_SHA1:
296  case Signature_Scheme::RSA_PKCS1_SHA256:
297  case Signature_Scheme::RSA_PKCS1_SHA384:
298  case Signature_Scheme::RSA_PKCS1_SHA512:
299  case Signature_Scheme::RSA_PSS_SHA256:
300  case Signature_Scheme::RSA_PSS_SHA384:
301  case Signature_Scheme::RSA_PSS_SHA512:
302  return "RSA";
303 
304  case Signature_Scheme::DSA_SHA1:
305  case Signature_Scheme::DSA_SHA256:
306  case Signature_Scheme::DSA_SHA384:
307  case Signature_Scheme::DSA_SHA512:
308  return "DSA";
309 
310  case Signature_Scheme::ECDSA_SHA1:
311  case Signature_Scheme::ECDSA_SHA256:
312  case Signature_Scheme::ECDSA_SHA384:
313  case Signature_Scheme::ECDSA_SHA512:
314  return "ECDSA";
315 
316  case Signature_Scheme::EDDSA_25519:
317  return "Ed25519";
318 
319  case Signature_Scheme::EDDSA_448:
320  return "Ed448";
321 
322  case Signature_Scheme::NONE:
323  return "";
324  }
325 
326  throw Invalid_State("signature_algorithm_of_scheme: Unknown signature algorithm enum");
327  }
328 
329 std::string sig_scheme_to_string(Signature_Scheme scheme)
330  {
331  switch(scheme)
332  {
333  case Signature_Scheme::RSA_PKCS1_SHA1:
334  return "RSA_PKCS1_SHA1";
335  case Signature_Scheme::RSA_PKCS1_SHA256:
336  return "RSA_PKCS1_SHA256";
337  case Signature_Scheme::RSA_PKCS1_SHA384:
338  return "RSA_PKCS1_SHA384";
339  case Signature_Scheme::RSA_PKCS1_SHA512:
340  return "RSA_PKCS1_SHA512";
341 
342  case Signature_Scheme::DSA_SHA1:
343  return "DSA_SHA1";
344  case Signature_Scheme::DSA_SHA256:
345  return "DSA_SHA256";
346  case Signature_Scheme::DSA_SHA384:
347  return "DSA_SHA384";
348  case Signature_Scheme::DSA_SHA512:
349  return "DSA_SHA512";
350 
351  case Signature_Scheme::ECDSA_SHA1:
352  return "ECDSA_SHA1";
353  case Signature_Scheme::ECDSA_SHA256:
354  return "ECDSA_SHA256";
355  case Signature_Scheme::ECDSA_SHA384:
356  return "ECDSA_SHA384";
357  case Signature_Scheme::ECDSA_SHA512:
358  return "ECDSA_SHA512";
359 
360  case Signature_Scheme::RSA_PSS_SHA256:
361  return "RSA_PSS_SHA256";
362  case Signature_Scheme::RSA_PSS_SHA384:
363  return "RSA_PSS_SHA384";
364  case Signature_Scheme::RSA_PSS_SHA512:
365  return "RSA_PSS_SHA512";
366 
367  case Signature_Scheme::EDDSA_25519:
368  return "EDDSA_25519";
369  case Signature_Scheme::EDDSA_448:
370  return "EDDSA_448";
371 
372  case Signature_Scheme::NONE:
373  return "";
374  }
375 
376  throw Invalid_State("sig_scheme_to_string: Unknown signature algorithm enum");
377  }
378 
379 std::string padding_string_for_scheme(Signature_Scheme scheme)
380  {
381  switch(scheme)
382  {
383  case Signature_Scheme::RSA_PKCS1_SHA1:
384  return "EMSA_PKCS1(SHA-1)";
385  case Signature_Scheme::RSA_PKCS1_SHA256:
386  return "EMSA_PKCS1(SHA-256)";
387  case Signature_Scheme::RSA_PKCS1_SHA384:
388  return "EMSA_PKCS1(SHA-384)";
389  case Signature_Scheme::RSA_PKCS1_SHA512:
390  return "EMSA_PKCS1(SHA-512)";
391 
392  case Signature_Scheme::DSA_SHA1:
393  case Signature_Scheme::ECDSA_SHA1:
394  return "EMSA1(SHA-1)";
395  case Signature_Scheme::DSA_SHA256:
396  case Signature_Scheme::ECDSA_SHA256:
397  return "EMSA1(SHA-256)";
398  case Signature_Scheme::DSA_SHA384:
399  case Signature_Scheme::ECDSA_SHA384:
400  return "EMSA1(SHA-384)";
401  case Signature_Scheme::DSA_SHA512:
402  case Signature_Scheme::ECDSA_SHA512:
403  return "EMSA1(SHA-512)";
404 
405  case Signature_Scheme::RSA_PSS_SHA256:
406  return "PSSR(SHA-256,MGF1,32)";
407  case Signature_Scheme::RSA_PSS_SHA384:
408  return "PSSR(SHA-384,MGF1,48)";
409  case Signature_Scheme::RSA_PSS_SHA512:
410  return "PSSR(SHA-512,MGF1,64)";
411 
412  case Signature_Scheme::EDDSA_25519:
413  return "Pure";
414  case Signature_Scheme::EDDSA_448:
415  return "Pure";
416 
417  case Signature_Scheme::NONE:
418  return "";
419  }
420 
421  throw Invalid_State("padding_string_for_scheme: Unknown signature algorithm enum");
422  }
423 
424 }
425 
426 }
Botan::TLS::auth_method_from_string
Auth_Method auth_method_from_string(const std::string &str)
Definition: tls_algos.cpp:102
Botan::Invalid_Argument
Definition: exceptn.h:134
Botan::TLS::sig_scheme_to_string
std::string sig_scheme_to_string(Signature_Scheme scheme)
Definition: tls_algos.cpp:329
Botan::TLS::group_param_is_dh
bool group_param_is_dh(Group_Params group)
Definition: tls_algos.cpp:118
Botan::TLS::hash_function_of_scheme
std::string hash_function_of_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:191
Botan::TLS::Signature_Scheme
Signature_Scheme
Definition: tls_algos.h:86
Botan::TLS::group_param_to_string
std::string group_param_to_string(Group_Params group)
Definition: tls_algos.cpp:155
Botan::TLS::kex_method_to_string
std::string kex_method_to_string(Kex_Algo method)
Definition: tls_algos.cpp:29
Botan::TLS::padding_string_for_scheme
std::string padding_string_for_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:379
Botan::TLS::signature_scheme_is_known
bool signature_scheme_is_known(Signature_Scheme scheme)
Definition: tls_algos.cpp:262
Botan
Definition: alg_id.cpp:13
Botan::TLS::all_signature_schemes
const std::vector< Signature_Scheme > & all_signature_schemes()
Definition: tls_algos.cpp:229
Botan::TLS::auth_method_to_string
std::string auth_method_to_string(Auth_Method method)
Definition: tls_algos.cpp:83
Botan::TLS::signature_algorithm_of_scheme
std::string signature_algorithm_of_scheme(Signature_Scheme scheme)
Definition: tls_algos.cpp:291
Botan::TLS::kdf_algo_to_string
std::string kdf_algo_to_string(KDF_Algo algo)
Definition: tls_algos.cpp:14
Botan::Invalid_State
Definition: exceptn.h:213
Botan::TLS::group_param_from_string
Group_Params group_param_from_string(const std::string &group_name)
Definition: tls_algos.cpp:124
Botan::TLS::kex_method_from_string
Kex_Algo kex_method_from_string(const std::string &str)
Definition: tls_algos.cpp:54
Generated by   doxygen 1.8.14