Botan 3.9.0
Crypto and TLS for C&
tls_algos.cpp
Go to the documentation of this file.
1/*
2* (C) 2017 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#include <botan/tls_algos.h>
8
9#include <botan/ec_group.h>
10#include <botan/exceptn.h>
11#include <botan/internal/fmt.h>
12
13namespace Botan::TLS {
14
15std::string kdf_algo_to_string(KDF_Algo algo) {
16 switch(algo) {
17 case KDF_Algo::SHA_1:
18 return "SHA-1";
19 case KDF_Algo::SHA_256:
20 return "SHA-256";
21 case KDF_Algo::SHA_384:
22 return "SHA-384";
23 }
24
25 throw Invalid_State("kdf_algo_to_string unknown enum value");
26}
27
28std::string kex_method_to_string(Kex_Algo method) {
29 switch(method) {
30 case Kex_Algo::STATIC_RSA:
31 return "RSA";
32 case Kex_Algo::DH:
33 return "DH";
34 case Kex_Algo::ECDH:
35 return "ECDH";
36 case Kex_Algo::PSK:
37 return "PSK";
38 case Kex_Algo::ECDHE_PSK:
39 return "ECDHE_PSK";
40 case Kex_Algo::DHE_PSK:
41 return "DHE_PSK";
42 case Kex_Algo::KEM:
43 return "KEM";
44 case Kex_Algo::KEM_PSK:
45 return "KEM_PSK";
46 case Kex_Algo::HYBRID:
47 return "HYBRID";
48 case Kex_Algo::HYBRID_PSK:
49 return "HYBRID_PSK";
50 case Kex_Algo::UNDEFINED:
51 return "UNDEFINED";
52 }
53
54 throw Invalid_State("kex_method_to_string unknown enum value");
55}
56
57Kex_Algo kex_method_from_string(std::string_view str) {
58 if(str == "RSA") {
59 return Kex_Algo::STATIC_RSA;
60 }
61
62 if(str == "DH") {
63 return Kex_Algo::DH;
64 }
65
66 if(str == "ECDH") {
67 return Kex_Algo::ECDH;
68 }
69
70 if(str == "PSK") {
71 return Kex_Algo::PSK;
72 }
73
74 if(str == "ECDHE_PSK") {
75 return Kex_Algo::ECDHE_PSK;
76 }
77
78 if(str == "DHE_PSK") {
79 return Kex_Algo::DHE_PSK;
80 }
81
82 if(str == "KEM") {
83 return Kex_Algo::KEM;
84 }
85
86 if(str == "KEM_PSK") {
87 return Kex_Algo::KEM_PSK;
88 }
89
90 if(str == "HYBRID") {
91 return Kex_Algo::HYBRID;
92 }
93
94 if(str == "HYBRID_PSK") {
95 return Kex_Algo::HYBRID_PSK;
96 }
97
98 if(str == "UNDEFINED") {
99 return Kex_Algo::UNDEFINED;
100 }
101
102 throw Invalid_Argument(fmt("Unknown kex method '{}'", str));
103}
104
105std::string auth_method_to_string(Auth_Method method) {
106 switch(method) {
107 case Auth_Method::RSA:
108 return "RSA";
109 case Auth_Method::ECDSA:
110 return "ECDSA";
111 case Auth_Method::IMPLICIT:
112 return "IMPLICIT";
113 case Auth_Method::UNDEFINED:
114 return "UNDEFINED";
115 }
116
117 throw Invalid_State("auth_method_to_string unknown enum value");
118}
119
120Auth_Method auth_method_from_string(std::string_view str) {
121 if(str == "RSA") {
122 return Auth_Method::RSA;
123 }
124 if(str == "ECDSA") {
125 return Auth_Method::ECDSA;
126 }
127 if(str == "IMPLICIT") {
128 return Auth_Method::IMPLICIT;
129 }
130 if(str == "UNDEFINED") {
131 return Auth_Method::UNDEFINED;
132 }
133
134 throw Invalid_Argument(fmt("Unknown TLS signature method '{}'", str));
135}
136
137bool Group_Params::is_available() const {
138#if !defined(BOTAN_HAS_X25519)
139 if(is_x25519()) {
140 return false;
141 }
142 if(is_pqc_hybrid() && pqc_hybrid_ecc() == Group_Params_Code::X25519) {
143 return false;
144 }
145#endif
146
147#if !defined(BOTAN_HAS_X448)
148 if(is_x448()) {
149 return false;
150 }
151 if(is_pqc_hybrid() && pqc_hybrid_ecc() == Group_Params_Code::X448) {
152 return false;
153 }
154#endif
155
156#if !defined(BOTAN_HAS_DIFFIE_HELLMAN)
157 if(is_in_ffdhe_range()) {
158 return false;
159 }
160#endif
161
162#if !defined(BOTAN_HAS_ML_KEM)
163 if(is_pure_ml_kem() || is_pqc_hybrid_ml_kem()) {
164 return false;
165 }
166#endif
167
168#if !defined(BOTAN_HAS_FRODOKEM)
169 if(is_pure_frodokem() || is_pqc_hybrid_frodokem()) {
170 return false;
171 }
172#endif
173
174 return true;
175}
176
207
208std::optional<Group_Params> Group_Params::from_string(std::string_view group_name) {
209 if(group_name == "secp256r1") {
210 return Group_Params::SECP256R1;
211 }
212 if(group_name == "secp384r1") {
213 return Group_Params::SECP384R1;
214 }
215 if(group_name == "secp521r1") {
216 return Group_Params::SECP521R1;
217 }
218 if(group_name == "brainpool256r1") {
219 return Group_Params::BRAINPOOL256R1;
220 }
221 if(group_name == "brainpool384r1") {
222 return Group_Params::BRAINPOOL384R1;
223 }
224 if(group_name == "brainpool512r1") {
225 return Group_Params::BRAINPOOL512R1;
226 }
227 if(group_name == "x25519") {
228 return Group_Params::X25519;
229 }
230 if(group_name == "x448") {
231 return Group_Params::X448;
232 }
233
234 if(group_name == "ffdhe/ietf/2048") {
235 return Group_Params::FFDHE_2048;
236 }
237 if(group_name == "ffdhe/ietf/3072") {
238 return Group_Params::FFDHE_3072;
239 }
240 if(group_name == "ffdhe/ietf/4096") {
241 return Group_Params::FFDHE_4096;
242 }
243 if(group_name == "ffdhe/ietf/6144") {
244 return Group_Params::FFDHE_6144;
245 }
246 if(group_name == "ffdhe/ietf/8192") {
247 return Group_Params::FFDHE_8192;
248 }
249
250 if(group_name == "ML-KEM-512") {
251 return Group_Params::ML_KEM_512;
252 }
253 if(group_name == "ML-KEM-768") {
254 return Group_Params::ML_KEM_768;
255 }
256 if(group_name == "ML-KEM-1024") {
257 return Group_Params::ML_KEM_1024;
258 }
259
260 if(group_name == "eFrodoKEM-640-SHAKE") {
261 return Group_Params::eFRODOKEM_640_SHAKE_OQS;
262 }
263 if(group_name == "eFrodoKEM-976-SHAKE") {
264 return Group_Params::eFRODOKEM_976_SHAKE_OQS;
265 }
266 if(group_name == "eFrodoKEM-1344-SHAKE") {
267 return Group_Params::eFRODOKEM_1344_SHAKE_OQS;
268 }
269 if(group_name == "eFrodoKEM-640-AES") {
270 return Group_Params::eFRODOKEM_640_AES_OQS;
271 }
272 if(group_name == "eFrodoKEM-976-AES") {
273 return Group_Params::eFRODOKEM_976_AES_OQS;
274 }
275 if(group_name == "eFrodoKEM-1344-AES") {
276 return Group_Params::eFRODOKEM_1344_AES_OQS;
277 }
278
279 if(group_name == "x25519/ML-KEM-768") {
280 return Group_Params::HYBRID_X25519_ML_KEM_768;
281 }
282 if(group_name == "secp256r1/ML-KEM-768") {
283 return Group_Params::HYBRID_SECP256R1_ML_KEM_768;
284 }
285 if(group_name == "secp384r1/ML-KEM-1024") {
286 return Group_Params::HYBRID_SECP384R1_ML_KEM_1024;
287 }
288
289 if(group_name == "x25519/eFrodoKEM-640-SHAKE") {
290 return Group_Params::HYBRID_X25519_eFRODOKEM_640_SHAKE_OQS;
291 }
292 if(group_name == "x25519/eFrodoKEM-640-AES") {
293 return Group_Params::HYBRID_X25519_eFRODOKEM_640_AES_OQS;
294 }
295 if(group_name == "x448/eFrodoKEM-976-SHAKE") {
296 return Group_Params::HYBRID_X448_eFRODOKEM_976_SHAKE_OQS;
297 }
298 if(group_name == "x448/eFrodoKEM-976-AES") {
299 return Group_Params::HYBRID_X448_eFRODOKEM_976_AES_OQS;
300 }
301
302 if(group_name == "secp256r1/eFrodoKEM-640-SHAKE") {
303 return Group_Params::HYBRID_SECP256R1_eFRODOKEM_640_SHAKE_OQS;
304 }
305 if(group_name == "secp256r1/eFrodoKEM-640-AES") {
306 return Group_Params::HYBRID_SECP256R1_eFRODOKEM_640_AES_OQS;
307 }
308
309 if(group_name == "secp384r1/eFrodoKEM-976-SHAKE") {
310 return Group_Params::HYBRID_SECP384R1_eFRODOKEM_976_SHAKE_OQS;
311 }
312 if(group_name == "secp384r1/eFrodoKEM-976-AES") {
313 return Group_Params::HYBRID_SECP384R1_eFRODOKEM_976_AES_OQS;
314 }
315
316 if(group_name == "secp521r1/eFrodoKEM-1344-SHAKE") {
317 return Group_Params::HYBRID_SECP521R1_eFRODOKEM_1344_SHAKE_OQS;
318 }
319 if(group_name == "secp521r1/eFrodoKEM-1344-AES") {
320 return Group_Params::HYBRID_SECP521R1_eFRODOKEM_1344_AES_OQS;
321 }
322
323 return std::nullopt;
324}
325
326std::optional<std::string> Group_Params::to_string() const {
327 switch(m_code) {
328 case Group_Params::SECP256R1:
329 return "secp256r1";
330 case Group_Params::SECP384R1:
331 return "secp384r1";
332 case Group_Params::SECP521R1:
333 return "secp521r1";
334 case Group_Params::BRAINPOOL256R1:
335 return "brainpool256r1";
336 case Group_Params::BRAINPOOL384R1:
337 return "brainpool384r1";
338 case Group_Params::BRAINPOOL512R1:
339 return "brainpool512r1";
340 case Group_Params::X25519:
341 return "x25519";
342 case Group_Params::X448:
343 return "x448";
344
345 case Group_Params::FFDHE_2048:
346 return "ffdhe/ietf/2048";
347 case Group_Params::FFDHE_3072:
348 return "ffdhe/ietf/3072";
349 case Group_Params::FFDHE_4096:
350 return "ffdhe/ietf/4096";
351 case Group_Params::FFDHE_6144:
352 return "ffdhe/ietf/6144";
353 case Group_Params::FFDHE_8192:
354 return "ffdhe/ietf/8192";
355
356 case Group_Params::ML_KEM_512:
357 return "ML-KEM-512";
358 case Group_Params::ML_KEM_768:
359 return "ML-KEM-768";
360 case Group_Params::ML_KEM_1024:
361 return "ML-KEM-1024";
362
363 case Group_Params::eFRODOKEM_640_SHAKE_OQS:
364 return "eFrodoKEM-640-SHAKE";
365 case Group_Params::eFRODOKEM_976_SHAKE_OQS:
366 return "eFrodoKEM-976-SHAKE";
367 case Group_Params::eFRODOKEM_1344_SHAKE_OQS:
368 return "eFrodoKEM-1344-SHAKE";
369 case Group_Params::eFRODOKEM_640_AES_OQS:
370 return "eFrodoKEM-640-AES";
371 case Group_Params::eFRODOKEM_976_AES_OQS:
372 return "eFrodoKEM-976-AES";
373 case Group_Params::eFRODOKEM_1344_AES_OQS:
374 return "eFrodoKEM-1344-AES";
375
376 case Group_Params::HYBRID_X25519_eFRODOKEM_640_SHAKE_OQS:
377 return "x25519/eFrodoKEM-640-SHAKE";
378 case Group_Params::HYBRID_X25519_eFRODOKEM_640_AES_OQS:
379 return "x25519/eFrodoKEM-640-AES";
380 case Group_Params::HYBRID_X448_eFRODOKEM_976_SHAKE_OQS:
381 return "x448/eFrodoKEM-976-SHAKE";
382 case Group_Params::HYBRID_X448_eFRODOKEM_976_AES_OQS:
383 return "x448/eFrodoKEM-976-AES";
384 case Group_Params::HYBRID_SECP256R1_eFRODOKEM_640_SHAKE_OQS:
385 return "secp256r1/eFrodoKEM-640-SHAKE";
386 case Group_Params::HYBRID_SECP256R1_eFRODOKEM_640_AES_OQS:
387 return "secp256r1/eFrodoKEM-640-AES";
388 case Group_Params::HYBRID_SECP384R1_eFRODOKEM_976_SHAKE_OQS:
389 return "secp384r1/eFrodoKEM-976-SHAKE";
390 case Group_Params::HYBRID_SECP384R1_eFRODOKEM_976_AES_OQS:
391 return "secp384r1/eFrodoKEM-976-AES";
392 case Group_Params::HYBRID_SECP521R1_eFRODOKEM_1344_SHAKE_OQS:
393 return "secp521r1/eFrodoKEM-1344-SHAKE";
394 case Group_Params::HYBRID_SECP521R1_eFRODOKEM_1344_AES_OQS:
395 return "secp521r1/eFrodoKEM-1344-AES";
396
397 case Group_Params::HYBRID_X25519_ML_KEM_768:
398 return "x25519/ML-KEM-768";
399 case Group_Params::HYBRID_SECP256R1_ML_KEM_768:
400 return "secp256r1/ML-KEM-768";
401 case Group_Params::HYBRID_SECP384R1_ML_KEM_1024:
402 return "secp384r1/ML-KEM-1024";
403
404 default:
405 return std::nullopt;
406 }
407}
408
409} // namespace Botan::TLS
Botan::Invalid_Argument
Definition exceptn.h:131
Botan::Invalid_State
Definition exceptn.h:206
Botan::TLS::Group_Params::is_in_ffdhe_range
constexpr bool is_in_ffdhe_range() const
Definition tls_algos.h:182
Botan::TLS::Group_Params::is_available
bool is_available() const
Definition tls_algos.cpp:137
Botan::TLS::Group_Params::is_pqc_hybrid
constexpr bool is_pqc_hybrid() const
Definition tls_algos.h:237
Botan::TLS::Group_Params::is_pure_frodokem
constexpr bool is_pure_frodokem() const
Definition tls_algos.h:198
Botan::TLS::Group_Params::pqc_hybrid_ecc
std::optional< Group_Params_Code > pqc_hybrid_ecc() const
Definition tls_algos.cpp:177
Botan::TLS::Group_Params::to_string
std::optional< std::string > to_string() const
Definition tls_algos.cpp:326
Botan::TLS::Group_Params::from_string
static std::optional< Group_Params > from_string(std::string_view group_name)
Definition tls_algos.cpp:208
Botan::TLS::Group_Params::is_pqc_hybrid_frodokem
constexpr bool is_pqc_hybrid_frodokem() const
Definition tls_algos.h:224
Botan::TLS::Group_Params::is_pure_ml_kem
constexpr bool is_pure_ml_kem() const
Definition tls_algos.h:193
Botan::TLS::Group_Params::is_pqc_hybrid_ml_kem
constexpr bool is_pqc_hybrid_ml_kem() const
Definition tls_algos.h:218
Botan::TLS::Group_Params::is_x448
constexpr bool is_x448() const
Definition tls_algos.h:174
Botan::TLS::Group_Params::is_x25519
constexpr bool is_x25519() const
Definition tls_algos.h:172
Botan::TLS::kex_method_from_string
Kex_Algo kex_method_from_string(std::string_view str)
Definition tls_algos.cpp:57
Botan::TLS::auth_method_from_string
Auth_Method auth_method_from_string(std::string_view str)
Definition tls_algos.cpp:120
Botan::TLS::kdf_algo_to_string
std::string kdf_algo_to_string(KDF_Algo algo)
Definition tls_algos.cpp:15
Botan::TLS::kex_method_to_string
std::string kex_method_to_string(Kex_Algo method)
Definition tls_algos.cpp:28
Botan::TLS::auth_method_to_string
std::string auth_method_to_string(Auth_Method method)
Definition tls_algos.cpp:105
Botan::fmt
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53
Generated by doxygen 1.14.0